Clean docker environment: devicemapper

docker device-mapper

86,589

Solution 1

Don't use a devicemapper loop file for anything serious! Docker has big warnings about this.

The /var/lib/docker/devicemapper/devicemapper directory contains the sparse loop files that contain all the data that docker mounts. So you would need to use lvm tools to trawl around them and do things. Have a read though the remove issues with devicemapper, they are kinda sorta resolved but maybe not.

I would move away from devicemapper where possible or use LVM thin pools on anything RHEL based. If you can't change storage drivers, the same procedure will at least clear up any allocated sparse space you can't reclaim.

Changing the docker storage driver

Changing storage driver will require dumping your /var/lib/docker directories which contains all your docker data. There are ways to save portions of it but that involves messing around with Docker internals. Better to commit and export any containers or volumes you want to keep and import them after the change. Otherwise you will have a fresh, blank Docker install!

Export data
Stop Docker
Remove /var/lib/docker
Modify your docker startup to use the new storage driver. Set --storage-driver=<name> in /lib/systemd/system/docker.service or /etc/systemd/system/docker.service or /etc/default/docker or /etc/sysconfig/docker
Start Docker
Import Data

AUFS

AUFS is not in the mainline kernel (and never will be) which means distro's have to actively include it somehow. For Ubuntu it's in the linux-image-extra packages.

apt-get install linux-image-extra-$(uname -r) linux-image-extra-virtual

Then change the storage driver option to --storage-driver=aufs

OverlayFS

OverlayFS is already available in Ubuntu, just change the storage driver to --storage-driver=overlay2 or --storage-driver=overlay if you are still using a 3.x kernel

~~I'm not sure how good an idea this is right now. It can't be much worse than the loop file but~~ The overlay2 driver is pretty solid for dev use but isn't considered production ready yet (e.g. Docker Enterprise don't provide support) but it is being pushed to become the standard driver due to the AUFS/Kernel issues.

Direct LVM Thin Pool

Instead of the devicemapper loop file you can use an LVM thin pool directly. RHEL makes this easy with a docker-storage-setup utility that distributed with their EPEL docker package. Docker have detailed steps for setting up the volumes manually.

--storage-driver=devicemapper \
--storage-opt=dm.thinpooldev=/dev/mapper/docker-thinpool \
--storage-opt dm.use_deferred_removal=true

Docker 17.06+ supports managing simple direct-lvm block device setups for you.

Just don't run out of space in the LVM volume, ever. You end up with an unresponsive Docker daemon that needs to be killed and then LVM resources that are still in use that are hard to clean up.

Solution 2

A periodic docker system prune -a works for me on systems where I use devicemapper and not the LVM thinpool. The pattern I use is:

I label any containers, images, etc with label "protected" if I want them to be exempt from cleanup
I then periodically run docker system prune -a --filter=label!=protected (either manually or on cron with -f)

Labeling examples:

docker run --label protected ...
docker create --label=protected=true ...
For images, Dockerfile's LABEL, eg LABEL protected=true
To add a label to an existing image that I cannot easily rebuild, I make a 2 line Dockerfile with the above, build a new image, then switch the new image for the old one (tag).

General Docker label documentation

Solution 3

First, what is devicemapper (official documentation)

Device Mapper has been included in the mainline Linux kernel since version 2.6.9 [in 2005]. It is a core part of RHEL family of Linux distributions.

The devicemapper driver stores every image and container on its own virtual device. These devices are thin-provisioned copy-on-write snapshot devices.

Device Mapper technology works at the block level rather than the file level. This means that devicemapper storage driver's thin provisioning and copy-on-write operations work with blocks rather than entire files.

The devicemapper is the default Docker storage driver on some Linux distributions.

Docker hosts running the devicemapper storage driver default to a configuration mode known as loop-lvm. This mode uses sparse files to build the thin pool used by image and container snapshots

Docker 1.10 [from 2016] and later no longer matches image layer IDs with directory names in /var/lib/docker.

However, there are two key directories.

The /var/lib/docker/devicemapper/mnt directory contains the mount points for image and container layers.

The /var/lib/docker/devicemapper/metadatadirectory contains one file for every image layer and container snapshot.

If your docker info does show your Storage Driver is devicemapper (and not aufs), proceed with caution with those folders.

See for instance issue 18867.

Solution 4

I faced the same issue where in my /var/lib/docker/devicemapper/devicemapper/data file has reached ~91% of root volume(~45G of 50G). I tried removing all the unwanted images, deleted volumes, nothing helped in reducing this file.

Did a few googling and understood that the "data" files is loopback-mounted sparse files and docker uses it to store the mount locations and other files we would have stored inside the containers.

Finally I removed all the images which were run before and stopped

Warning: Deletes all docker containers

docker rm $(docker ps -aq)

The reduced the devicemapper file significantly. Hope this may help you .

View more solutions

86,589

DenCowboy

Updated on February 12, 2021

Comments

DenCowboy over 3 years
I have a docker environment with 2 containers (Jenkins and Nexus, both with their own named volume). I have a daily cron-job which deletes unused containers and images. This is working fine. But the problem is inside my devicemapper:
```
du -sh /var/lib/docker/
30G docker/
```
I can each folder in my docker folder: Volumes (big, but that's normal in my case):
```
/var/lib/docker# du -sh volumes/
14G volumes/
```
Containers:
```
/var/lib/docker# du -sh containers/
3.2M    containers/
```
Images:
```
/var/lib/docker# du -sh image/
5.8M    image/
```
Devicemapper:
```
/var/lib/docker# du -sh devicemapper/
  16G   devicemapper/
```
/var/lib/docker/devicemapper/mnt is 7.3G /var/lib/docker/devicemapper/devicemapper is 8.1G

Docker info:
```
Storage Driver: devicemapper
 Pool Name: docker-202:1-xxx-pool
 Pool Blocksize: 65.54 kB
 Base Device Size: 10.74 GB
 Backing Filesystem: ext4
 Data file: /dev/loop0
 Metadata file: /dev/loop1
 Data Space Used: 5.377 GB
 Data Space Total: 107.4 GB
 Data Space Available: 28.8 GB
 Metadata Space Used: 6.148 MB
 Metadata Space Total: 2.147 GB
 Metadata Space Available: 2.141 GB
 Udev Sync Supported: true
```
What is this space and am I able to clean this without breaking stuff?
- Matt about 8 years
  
  what rhel and docker version are you on?
- DenCowboy about 8 years
  
  I'm using Ubuntu 14.04 with docker version 1.11.1. Why it using devicemapper which is (rhel/centos) based
- Matt about 8 years
  
  Ubuntu 14.04 doesn't have AUFS in the standard kernel. you need the linux-image-extra kernel. You shouldn't use a loopback devicemapper in any case. I'll do an answer...
- DenCowboy about 8 years
  
  @Matt thanks for your information. But what for people which are using RHEL's? Is it possible to your devicemapper in a 'good' way?
- Matt about 8 years
  
  Yes, see direct lvm thin pool in the answer
- Matt about 8 years
  
  ...I should have said "you need the linux-image-extra package" earlier too
- jww over 6 years
  
  Stack Overflow is a site for programming and development questions. This question appears to be off-topic because it is not about programming or development. See What topics can I ask about here in the Help Center. Perhaps Super User or Unix & Linux Stack Exchange would be a better place to ask.
DenCowboy about 8 years

There is no clear way to reduce the size of your devicemapper without losing something of my existing containers?
Matt about 8 years

There are some old bugs regarding trimming sparse files after removes: github.com/docker/docker/issues/3182. It's meant to be fixed but people still report issues.
DenCowboy about 8 years

thanks. Great explanation. One little detail to improve your answer. I had to edit /etc/default/docker and add DOCKER_OPTS="--storage-driver=aufs" (probably dependent on your OS)
Matt about 8 years

I've added that ubu path and a rhel one too. Thanks
Josh about 8 years

Just curious what happens when you run out of space / how you can resolve issues arising from that?
Matt about 8 years

The Docker daemon becomes unresponsive and stops working. The quickest fix is to delete any volumes and /var/lib/docker and start again. If you have to kill docker you can end up with devicemapper resources remaining open and making everything difficult.
lvthillo almost 8 years

@Matt In which package is it for CentOS7?
Matt almost 8 years

@lorenzvth7 Do you mean for AUFS on centos7? I don't believe there is an official kernel. You could build your own or use something like github.com/bnied/kernel-ml-aufs
lvthillo almost 8 years

@Matt Hi Matt, you are right. So I used another storage option (lvm thin pool).
Lee Meador about 5 years

This did not change the size of my devicemapper file. Before: 19G, After: 19G
vinyll about 4 years

docker rm $(docker ps -aq) would remove all existing containers. Not sure why one would do that.
Ken Bellows about 3 years

Looks like the blog link in the opening sentence is dead now, here's a web archive link: web.archive.org/web/20200111135825/http://www.projectatomic.‌io/…
Abdennour TOUMI over 2 years

what about Dind ( docker-in-docker) while node is RHEL 7