Docker is an amazing tool, but sometimes you
might find out that it isn’t super-careful towards your HD space.
If you used Docker extensively you might
have noticed that sometimes this tool consumes
a lot of disk space, usually because you either
have too many dead containers with persistent storages
attached or similar gotchas.
I usually use three life-savers when I am running
out of space on my machine.
Remove dead containers
~ ᐅ docker rm $(docker ps -a -q)
Error response from daemon: Conflict, You cannot remove a running container. Stop the container before attempting removal or use -f
FATA Error: failed to remove one or more containers
This will try to remove all containers, even the
running ones (don’t worry, as you see from the snippet
above Docker will prevent running containers to be killed)
so that you can get rid of some dead stuff.
Remove untagged images
Sometimes you will notice that there are some
docker images that are just the result of intermediate
containers running. These images will show up as <none>
and are the so-called “untagged images”:
~ ᐅ docker images | grep none
<none> <none> 40008f2b8e22 6 hours ago 412.6 MB
<none> <none> 08b8be934a53 6 hours ago 412.6 MB
<none> <none> ed1b3d292f74 6 hours ago 412.6 MB
<none> <none> bc472bb30fb6 7 hours ago 412.6 MB
<none> <none> b3cd05e59b91 7 hours ago 412.6 MB
<none> <none> 69e508db0285 7 hours ago 412.6 MB
<none> <none> 0ca87c90be73 7 hours ago 412.6 MB
<none> <none> 2ee3e785cd28 7 hours ago 412.6 MB
<none> <none> 76696adc7a00 7 hours ago 412.6 MB
<none> <none> 6bf0028f0b01 7 hours ago 412.6 MB
<none> <none> 8a6da7bae442 7 hours ago 412.6 MB
Jeez! Luckily, removing those layers it’s a matters
of knocking on awk’s door:
If you are still low on free disk-space and realize that
Docker is still taking a big chunk of your HD there is a
very simple python script I found around
that does a great job at removing dangling volumes.
Just download it, run pip install docker-py (a dependency
needed by the script) and launch it:
I wish there would be one way of doing this
instead of having to tackle the issue from different perspectives
(remove containers, remove untagged images, remove dangling volumes),
but I believe there’s gotta be something better out there, so feel
free to reach out to suggest the best way of getting this done.
At the same time, the Docker ecosystem is evolving at a very fast pace
so I’m sure the guys are going to come up with a simple, official
solution that will make us forget about all of these bash voodoo very shortly.
It contains 160+ pages of content dedicated to securing web applications and improving your security awareness when building
web apps, with chapters ranging from explaining how to secure HTTP cookies with the right flags to understanding why it is
important to consider joining a bug bounty program.