Jared Short in devops 1 minute to read

Cleaning up old Docker images from ECR, the easy way

We have several clients at Trek10 using the Amazon ECR (EC2 Container Registry) as their Docker registry for storing and shipping images to ECS and other systems.

Some of our clients have run into the 500 image limit on ECR several times, and it becomes a very boring game of Cookie Clicker to delete old images.

We built a Serverless based ECR cleanup script that attempts to cleanup an ECR repository with a basic set of rules.

  • Only delete images older than some threshold of days
  • Check ECS task definitions, if an image is listed in any active task definition, do not remove it

That’s it, simple, sweet and to the point. We also built in a dry run functionality so you don’t blow away stuff you actually did need on accident without getting a preview first.

Grab it on GitHub.

Current Limitations

There are some limitations in the current implementation, each instance of the ECR Cleaner can only run against one ECR Repository, and only checks one region for active ECS task definitions. These should be fairly straightforward to overcome, and we accept PRs 😉.