I've been trying to figure out how to make persistent storage "safe".
In the current model I track a timestamp for when an image was last seen by docker-gc. These timestamps are updated when:
- On startup, we scan all images (e.g.
docker image --all)
- As events mention an image.
- Just prior to deleting old images, all container images are added.
The startup rule causes problems when persisting the state:
- If we reset all timestamps on startup, then there is no advantage to persisting. All images have their timestamp reset.
- If we don't, then events could have happened while
docker-gc wasn't running and it could decide to remove things that are being used.
If we add cleaning of stopped containers (#3) then this gets even more tricky.
Another concern is removing items that aren't in docker anymore (e.g. images that have been docker rmi'd).
I've been trying to figure out how to make persistent storage "safe".
In the current model I track a timestamp for when an image was last seen by
docker-gc. These timestamps are updated when:docker image --all)The startup rule causes problems when persisting the state:
docker-gcwasn't running and it could decide to remove things that are being used.If we add cleaning of stopped containers (#3) then this gets even more tricky.
Another concern is removing items that aren't in docker anymore (e.g. images that have been
docker rmi'd).