Inferensys

Glossary

Retention Policy

A user-defined rule set that automatically removes container images from a registry based on criteria like tag count, age, or vulnerability severity to manage storage quotas.
Knowledge engineer constructing knowledge base on laptop, document hierarchy visible, casual office setup.
LIFECYCLE MANAGEMENT

What is a Retention Policy?

A retention policy is a user-defined rule set that automatically removes container images from a registry based on criteria like tag count, age, or vulnerability severity to manage storage quotas.

A retention policy is an automated lifecycle management rule that systematically purges container images from a private registry to enforce storage quotas and maintain operational hygiene. The policy engine evaluates immutable criteria—such as the number of historical tags per repository, the age of an image since its last pull, or the severity of known vulnerabilities identified during scanning—and executes deletion of matching artifacts without manual intervention.

In a sovereign AI infrastructure context, retention policies are critical for preventing storage exhaustion on air-gapped or on-premises registries where capacity is finite and costly. By coupling retention rules with image promotion workflows, organizations ensure that only production-hardened, signed images persist, while ephemeral development builds and critically vulnerable artifacts are automatically garbage collected to maintain a tamper-proof, auditable artifact repository.

AUTOMATED LIFECYCLE MANAGEMENT

Key Features of Retention Policies

Retention policies are the automated rule sets that prevent unbounded storage growth and enforce security hygiene by systematically removing obsolete or vulnerable container images from a private registry.

01

Tag-Based Retention Rules

Automatically prune images based on the number of tags within a repository. This prevents clutter from ephemeral development builds.

  • Keep Last N Tags: Retain only the 10 most recently pushed images per repository.
  • Untagged Image Removal: Automatically delete images that no longer have a tag reference, reclaiming orphaned storage.
  • Semantic Version Filtering: Exclude images matching a regex like v[0-9]+\.[0-9]+\.[0-9]+ to protect release builds while cleaning feature branches.
02

Age-Based Expiration

Define a Time-To-Live (TTL) for images to ensure no artifact persists indefinitely. This is critical for enforcing data residency and storage quotas.

  • Absolute Expiry: Delete any image older than 90 days.
  • Last Pull Time: Remove images that haven't been pulled for 30 days, indicating they are no longer actively used in deployments.
  • Build Timestamp Filtering: Use the OCI image creation timestamp, not the push time, to determine age for accurate lifecycle tracking.
03

Vulnerability Severity Triggers

Integrate with scanning tools like Trivy to create policies that quarantine or delete images based on their security posture. This enforces a 'clean registry' mandate.

  • Critical CVE Block: Immediately delete any image with a critical vulnerability and a CVSS score above 9.0.
  • Grace Period for Fixes: Allow a 7-day window to patch a high-severity vulnerability before the retention policy automatically purges the image.
  • Deny-Listed Packages: Automatically remove any image containing a specific library version known to be end-of-life or internally banned.
04

Immutability and Locking Exceptions

Protect specific artifacts from automated deletion to ensure production stability and compliance with SLSA provenance requirements.

  • Pinned Digest Locking: Mark images by their SHA256 digest as immutable, preventing deletion regardless of tag count or age.
  • Production Namespace Exclusion: Exclude repositories in a production/ namespace from all automatic retention policies.
  • Signed Image Preservation: Retain images that have a valid Cosign signature, ensuring only verified artifacts bypass the garbage collection process.
05

Storage Quota Enforcement

Use retention policies as a proactive mechanism to stay within the allocated storage limits of a private registry, preventing denial-of-service conditions.

  • Repository-Level Caps: Set a hard limit of 500 GiB per project; when exceeded, the policy automatically purges the oldest untagged images first.
  • Layer Deduplication Awareness: Policies should account for shared layers; deleting an image manifest only reclaims space when the last reference to a blob is removed.
  • Warning Thresholds: Trigger alerts at 80% quota utilization before the policy executes destructive deletions, giving teams time to archive critical data.
06

Policy Execution and Auditing

Retention policies run on a defined schedule and must produce immutable logs for compliance and debugging.

  • Dry-Run Mode: Simulate a policy execution to generate a report of which images would be deleted without actually removing them, allowing for safe policy tuning.
  • Cron-Based Scheduling: Execute retention jobs during low-traffic windows (e.g., 03:00 UTC) to minimize performance impact on the registry.
  • Immutable Audit Trail: Log every deletion event with the image digest, tag, policy rule triggered, and timestamp to an external syslog server for SIEM integration.
RETENTION POLICY

Frequently Asked Questions

Clear answers to common questions about configuring and enforcing automated image lifecycle management in private container registries.

A retention policy is a user-defined, automated rule set that governs the lifecycle of container images within a registry by systematically deleting artifacts based on specific criteria. These rules execute against the registry's metadata to determine which image tags or manifests to remove, directly managing storage consumption and curating the artifact repository. The policy engine evaluates conditions such as tag count, image age, vulnerability severity, or deployment status to decide what to keep and what to purge. For example, a policy might state: 'Retain only the 10 most recently pushed images per repository and delete any image older than 90 days.' This automation replaces manual cleanup, preventing a registry from becoming a chaotic, storage-bloated dumping ground for ephemeral CI/CD artifacts. In private registries like Harbor, retention policies are often combined with garbage collection to reclaim the storage space occupied by the deleted image layers and orphaned blobs, ensuring the underlying filesystem doesn't run out of capacity.

Prasad Kumkar

About the author

Prasad Kumkar

CEO & MD, Inference Systems

Prasad Kumkar is the CEO & MD of Inference Systems and writes about AI systems architecture, LLM infrastructure, model serving, evaluation, and production deployment. Over 5+ years, he has worked across computer vision models, L5 autonomous vehicle systems, and LLM research, with a focus on taking complex AI ideas into real-world engineering systems.

His work and writing cover AI systems, large language models, AI agents, multimodal systems, autonomous systems, inference optimization, RAG, evaluation, and production AI engineering.