Skip to content

feat: use containerd gc for image-fetcher cleanup#8065

Open
awesomenix wants to merge 1 commit intomainfrom
image-fetcher-gc-cleanup
Open

feat: use containerd gc for image-fetcher cleanup#8065
awesomenix wants to merge 1 commit intomainfrom
image-fetcher-gc-cleanup

Conversation

@awesomenix
Copy link
Contributor

@awesomenix awesomenix commented Mar 10, 2026

Summary

  • use containerd's native GC label filtering for the image-fetcher pull path instead of scanning all images
  • add an image-fetcher GC trigger entrypoint and invoke it once after the VHD preload batch completes
  • enable discard of unpacked pulled layers during VHD image preloading while preserving fetch-only image blobs

Validation

  • gofmt -w image-fetcher/main.go
  • cd image-fetcher && go build ./...
  • bash -n vhdbuilder/packer/install-dependencies.sh

Copilot AI review requested due to automatic review settings March 10, 2026 23:06
@awesomenix awesomenix changed the title Use containerd GC for image-fetcher cleanup feat: use containerd gc for image-fetcher cleanup Mar 10, 2026
Copilot AI reviewed Mar 10, 2026
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR updates the VHD image preloading flow to rely on containerd’s native GC mechanics (via GC label filtering) rather than scanning images for cleanup, and adds an explicit GC trigger once the preload batch completes.

Changes:

  • Add an --gc mode to image-fetcher that triggers containerd GC via lease create/delete.
  • Update the image-fetcher pull path to apply containerd GC child-label filtering for layer blobs.
  • Invoke image-fetcher --gc once after all parallel image pulls complete during VHD build.

Reviewed changes

Copilot reviewed 2 out of 2 changed files in this pull request and generated 1 comment.

File Description
vhdbuilder/packer/install-dependencies.sh Runs a single post-batch image-fetcher --gc after the image preload jobs finish.
image-fetcher/main.go Adds --gc entrypoint and applies WithChildLabelMap(images.ChildGCLabelsFilterLayers) for the pull/unpack path.

vhdbuilder/packer/install-dependencies.sh
@@ -699,6 +699,7 @@ while IFS= read -r imageToBePulled; do
done <<< "$ContainerImages"
echo "Waiting for container image pulls to finish. PID: ${image_pids[@]}"
wait ${image_pids[@]}
Copy link

Copilot AI Mar 10, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

wait ${image_pids[@]} only returns the exit status of the last PID waited for, so failures in earlier background pulls can be missed (and with set -e the script would still proceed to run image-fetcher --gc). Consider iterating over PIDs (or looping wait -n until all jobs finish) and tracking any non-zero exit status so the build fails reliably before triggering GC.

Suggested change
wait ${image_pids[@]}
overall_status=0
for pid in "${image_pids[@]}"; do
if ! wait "$pid"; then
status=$?
echo "Container image pull job with PID $pid failed with exit code $status" >&2
overall_status=$status
fi
done
if [ "$overall_status" -ne 0 ]; then
echo "One or more container image pulls failed; skipping image-fetcher GC and exiting with code $overall_status" >&2
exit "$overall_status"
fi

Copilot uses AI. Check for mistakes.
@awesomenix
Use containerd GC for image-fetcher cleanup
87a653f 
Mark unpacked pulled layers as GC-eligible during VHD image preloading and trigger a single synchronous containerd GC after the preload batch. This avoids scanning all images per pull while preserving fetch-only image blobs.

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
@awesomenix awesomenix force-pushed the image-fetcher-gc-cleanup branch from 632f382 to 87a653f Compare March 11, 2026 00:07
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@juan-lee juan-lee Awaiting requested review from juan-lee juan-lee is a code owner

@cameronmeissner cameronmeissner Awaiting requested review from cameronmeissner cameronmeissner is a code owner

@ganeshkumarashok ganeshkumarashok Awaiting requested review from ganeshkumarashok ganeshkumarashok is a code owner

@Devinwong Devinwong Awaiting requested review from Devinwong Devinwong is a code owner

@lilypan26 lilypan26 Awaiting requested review from lilypan26 lilypan26 is a code owner

@AbelHu AbelHu Awaiting requested review from AbelHu AbelHu is a code owner

@junjiezhang1997 junjiezhang1997 Awaiting requested review from junjiezhang1997 junjiezhang1997 is a code owner

@djsly djsly Awaiting requested review from djsly djsly is a code owner

@phealy phealy Awaiting requested review from phealy phealy is a code owner

@r2k1 r2k1 Awaiting requested review from r2k1 r2k1 is a code owner

@timmy-wright timmy-wright Awaiting requested review from timmy-wright timmy-wright is a code owner

@zachary-bailey zachary-bailey Awaiting requested review from zachary-bailey zachary-bailey is a code owner

@mxj220 mxj220 Awaiting requested review from mxj220 mxj220 is a code owner

@pdamianov-dev pdamianov-dev Awaiting requested review from pdamianov-dev pdamianov-dev is a code owner

@calvin197 calvin197 Awaiting requested review from calvin197 calvin197 is a code owner

@sulixu sulixu Awaiting requested review from sulixu sulixu is a code owner

@surajssd surajssd Awaiting requested review from surajssd surajssd is a code owner

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@awesomenix