-
Bug
-
Resolution: Unresolved
-
Undefined
-
None
-
None
-
None
-
False
-
None
-
False
-
-
I use the pull-through proxy feature in Quay v3.12.0 (installed by mirror-registry v2.0.0) to cache the OpenShift installation images. The respective OpenShift install-config.yaml file looks as follows:
... imageDigestSources: - source: quay.io/openshift-release-dev/ocp-release mirrors: - registry.lab.example.com:5002/proxy-quay-io/openshift-release-dev/ocp-release - source: quay.io/openshift-release-dev/ocp-v4.0-art-dev mirrors: - registry.lab.example.com:5002/proxy-quay-io/openshift-release-dev/ocp-v4.0-art-dev ...
After installing several different versions of OpenShift, the organization quota in Quay configured for the pull-through proxy eventually fills up. At this point, I expect that Quay evicts the least recently used (LRU) images in the organization to free up some space.
Currently, Quay doesn't seem to be able to evict images that were pulled by digest, though. After the quota fills up, trying to pull another image that is not yet in cache fails with the message Quota has been exceeded on namespace:
$ podman pull registry.lab.example.com:5002/proxy-quay-io/openshift-release-dev/ocp-v4.0-art-dev@sha256:1f516ed4e9fc
020777cdbb44a3b4cd55f4d35b25d858fb792627b211b541aec9
Trying to pull registry.lab.example.com:5002/proxy-quay-io/openshift-release-dev/ocp-v4.0-art-dev@sha256:1f516ed4e9fc020777cdbb44a3b4cd55f4d35b25d858fb792627b2
11b541aec9...
Error: initializing source docker://registry.lab.example.com:5002/proxy-quay-io/openshift-release-dev/ocp-v4.0-art-dev@sha256:1f516ed4e9fc020777cdbb44a3b4cd55f
4d35b25d858fb792627b211b541aec9: reading manifest sha256:1f516ed4e9fc020777cdbb44a3b4cd55f4d35b25d858fb792627b211b541aec9 in registry.lab.example.com:5002/prox
y-quay-io/openshift-release-dev/ocp-v4.0-art-dev: denied: Quota has been exceeded on namespace
To work around the issue, I connect to the Quay's database and execute:
update tag set hidden = 0
This makes the images pulled by digest visible in the Web UI which is really nice. More importantly, it makes these images subject for eviction when the organization quota fills up. See also the query that is selecting the images to evict.
