What is a dangling image and what is an unused image?
In the docker documentation of docker image prune it is possible to use the -a flag to
Remove all unused images, not just dangling ones
and later
Remove all dangling images. If -a is specified, will also remove all images not referenced by any container.
Can someone explain to me what dangling images are and what's the difference between dangling and unused images?
An unused image means that it has not been assigned or used in a container. For example, when running docker ps -a - it will list all of your exited and currently running containers. Any images shown being used inside any of containers are a "used image".
On the other hand, a dangling image just means that you've created the new build of the image, but it wasn't given a new name. So the old images you have becomes the "dangling image". Those old image are the ones that are untagged and displays "<none>" on its name when you run docker images.
When running docker system prune -a, it will remove both unused and dangling images. Therefore any images being used in a container, whether they have been exited or currently running, will NOT be affected.
Safest and Easiest way to cleanup Dangling Images
docker images --quiet --filter=dangling=true | xargs --no-run-if-empty docker rmi
Docker images consist of multiple layers. Dangling images, are layers that have no relationship to any tagged images. They no longer serve a purpose and consume disk space.
Note: I recommend not to use
prunein production, becausedocker system prune -awill remove all the images which are not referenced by the container, by which we can't roll back to the previous release.
To list dangling images by adding the filter flag, -f with a value of dangling=true to the docker images.
List Dangling images
docker images -f dangling=true
Remove Dangling Images
docker rmi $(docker images -f dangling=true -q)
OR
docker images --quiet --filter=dangling=true | xargs --no-run-if-empty docker rmi
When we run any cron jobs to delete tha dangling stuff use the above to make sure the job runs successfully. Like in Jenkins if we run a free style job with beloow commad job will never fail even if no dangling stuff exists in the machine.
This is the safest and easiest way to cleanup dangling images and get back our disk space back for use.
Images in docker are referenced by a sha256 digest, often referred to as the image id. That digest is all you need for the image to exist on the docker host. Typically, you will have tags that point to these digests, e.g. the tag busybox:latest current points to image id c30178c523... on my system. Multiple tags can point to the same image, and any tag can be changed to point to a different id, e.g. when you pull a new copy of busybox:latest or build a new version of your application image.
Dangling images are images which do not have a tag, and do not have a child image (e.g. an old image that used a different version of FROM busybox:latest), pointing to them. They may have had a tag pointing to them before and that tag later changed. Or they may have never had a tag (e.g. the output of a docker build without including the tag option). These are typically safe to remove as long as no containers are still running that reference the old image id. The main reason to keep them around is for build caching purposes.
In addition, you may have downloaded images that you are not currently used by containers (including stopped containers). These are entirely different from dangling images and may be safe to remove as long as you don't plan to use them in the future or don't mind downloading another copy when you do need them.
Dangling images are layers that have no relationship to any tagged images. They no longer serve a purpose and consume disk space.
An unused image is an image that has not been assigned or used in a container.
List Dangling images
docker images -f dangling=true