OCPBUGS-76450: reduce MCO image size by cheesesashimi · Pull Request #5644 · openshift/machine-config-operator

cheesesashimi · 2026-02-10T14:56:42Z

- What I did

This ensures that the DNF package cache is clear after installing packages to reduce overall image size. This also reduces the overall image size when layer squashing is not used by eliminating the tarball extraction in the final image in favor of directly copying the files into place. Building the image locally using Podman, this yields a ~500 MB size reduction with the images output by the CI system being reduced by ~1.5 GB.

- How to verify it

To verify that the image size is reduced, one can build the image before and after this PR and compare the sizes. That said, there should not be any effect upon the MCO behavior itself. Therefore, a clean CI run should suffice for verification.

- Description for the changelog
Reduce MCO image size

openshift-ci-robot · 2026-02-10T14:56:52Z

@cheesesashimi: This pull request references Jira Issue OCPBUGS-76450, which is valid. The bug has been moved to the POST state.

3 validation(s) were run on this bug

bug is open, matching expected state (open)
bug target version (4.22.0) matches configured target version for branch (4.22.0)
bug is in the state New, which is one of the valid states (NEW, ASSIGNED, POST)

Requesting review from QA contact:
/cc @sergiordlr

The bug has been updated to refer to the pull request using the external bug tracker.

Details

In response to this:

- What I did

Adds dnf clean all && rm -rf /var/cache/dnf/* to our Containerfiles to reduce image size.

- How to verify it

This should not affect MCO behavior in any way. However, we should at least verify that the image size is smaller than it was before:

Check out the main branch of this repo and build an image: podman build -t localhost/machine-config-operator:before .

Check out this PR locally and build an image podman build -t localhost/machine-config-operator:after .

- Description for the changelog
Clear dnf cache to reduce image size

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

openshift-ci · 2026-02-10T14:56:52Z

Skipping CI for Draft Pull Request.
If you want CI signal for your change, please convert it to an actual PR.
You can still manually trigger a test run with /test all

cheesesashimi · 2026-02-10T15:00:08Z

/test images

cheesesashimi · 2026-02-10T16:52:40Z

/test images

openshift-ci-robot · 2026-02-10T19:27:45Z

@cheesesashimi: This pull request references Jira Issue OCPBUGS-76450, which is valid.

3 validation(s) were run on this bug

bug is open, matching expected state (open)
bug target version (4.22.0) matches configured target version for branch (4.22.0)
bug is in the state POST, which is one of the valid states (NEW, ASSIGNED, POST)

Requesting review from QA contact:
/cc @sergiordlr

The bug has been updated to refer to the pull request using the external bug tracker.

Details

In response to this:

- What I did

This ensures that the DNF package cache is clear after installing packages to reduce overall image size. This also reduces the overall image size when layer squashing is not used by eliminating the tarball extraction in the final image in favor of directly copying the files into place. Building the image locally using Podman, this yields a ~500 MB size reduction with the images output by the CI system being reduced by ~1.5 GB.

- How to verify it

To verify that the image size is reduced, one can build the image before and after this PR and compare the sizes. That said, there should not be any effect upon the MCO behavior itself. Therefore, a clean CI run should suffice for verification.

- Description for the changelog
Reduce MCO image size

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

Dockerfile.rhel7

In lieu of mounting package caches at build-time, we should clear them after package installation. Because the DNF wrapper sets the repo configuration differently in local vs. CI builds, this will only yield a ~44 MB reduction for local builds. However, it will yield a ~1.2 GB reduction for images built by CI.

Early versions of Buildah and/or OpenShift Image Builder presumably did not support path globbing for COPY directives, which required us to create a tarball and copy it into the final image. Although the tarball is deleted immediately after extraction, it still persists as an image layer when building an image locally due to the COPY directive. This unnecessary layer increases overall image size by ~480 MB. This is only the case for local image builds since OpenShift CI is configured to squash the final image layers, which makes this a non-issue for release images.

pablintino · 2026-02-11T16:29:29Z

/lgtm
Makes sense

umohnani8 · 2026-02-11T16:37:42Z

Great work!
/lgtm

openshift-ci · 2026-02-11T16:39:02Z

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: cheesesashimi, pablintino, umohnani8

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Details

Needs approval from an approver in each of these files:

~~OWNERS~~ [cheesesashimi,pablintino,umohnani8]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

umohnani8 · 2026-02-11T21:33:52Z

/verified bypass

verified by passing ocl test

openshift-ci-robot · 2026-02-11T21:34:05Z

@umohnani8: The verified label has been added.

Details

In response to this:

/verified bypass

verified by passing ocl test

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

pablintino · 2026-02-12T10:17:04Z

/retest-required

openshift-ci · 2026-02-12T16:27:04Z

@cheesesashimi: all tests passed!

Full PR test history. Your PR dashboard.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here.

openshift-ci-robot · 2026-02-12T16:32:14Z

@cheesesashimi: Jira Issue Verification Checks: Jira Issue OCPBUGS-76450
✔️ This pull request was pre-merge verified.
✔️ All associated pull requests have merged.
✔️ All associated, merged pull requests were pre-merge verified.

Jira Issue OCPBUGS-76450 has been moved to the MODIFIED state and will move to the VERIFIED state when the change is available in an accepted nightly payload. 🕓

Details

In response to this:

- What I did

This ensures that the DNF package cache is clear after installing packages to reduce overall image size. This also reduces the overall image size when layer squashing is not used by eliminating the tarball extraction in the final image in favor of directly copying the files into place. Building the image locally using Podman, this yields a ~500 MB size reduction with the images output by the CI system being reduced by ~1.5 GB.

- How to verify it

To verify that the image size is reduced, one can build the image before and after this PR and compare the sizes. That said, there should not be any effect upon the MCO behavior itself. Therefore, a clean CI run should suffice for verification.

- Description for the changelog
Reduce MCO image size

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

cheesesashimi · 2026-02-12T20:31:55Z

/cherry-pick release-4.21

openshift-cherrypick-robot · 2026-02-12T20:32:47Z

@cheesesashimi: new pull request created: #5657

Details

In response to this:

/cherry-pick release-4.21

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

openshift-ci bot added the do-not-merge/work-in-progress Indicates that a PR should not merge because it is a work in progress. label Feb 10, 2026

openshift-ci-robot added jira/valid-reference Indicates that this PR references a valid Jira ticket of any type. jira/valid-bug Indicates that a referenced Jira bug is valid for the branch this PR is targeting. labels Feb 10, 2026

openshift-ci bot requested a review from sergiordlr February 10, 2026 14:56

openshift-ci bot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label Feb 10, 2026

cheesesashimi mentioned this pull request Feb 10, 2026

OCPBUGS-76450: re-add caching directives to Dockerfile #5645

Closed

cheesesashimi force-pushed the zzlotnik/remove-dnf-cache branch from 2de5fcd to e7a1728 Compare February 10, 2026 19:18

cheesesashimi changed the title ~~OCPBUGS-76450: clear dnf cache to reduce image size~~ OCPBUGS-76450: reduce MCO image size Feb 10, 2026

cheesesashimi marked this pull request as ready for review February 10, 2026 19:28

openshift-ci bot removed the do-not-merge/work-in-progress Indicates that a PR should not merge because it is a work in progress. label Feb 10, 2026

openshift-ci bot requested review from isabella-janssen and umohnani8 February 10, 2026 19:28

zaneb reviewed Feb 10, 2026

View reviewed changes

Dockerfile.rhel7 Show resolved Hide resolved

cheesesashimi added 2 commits February 11, 2026 09:06

cheesesashimi force-pushed the zzlotnik/remove-dnf-cache branch from e7a1728 to 84eedc3 Compare February 11, 2026 14:20

openshift-ci bot assigned pablintino Feb 11, 2026

openshift-ci bot added the lgtm Indicates that a PR is ready to be merged. label Feb 11, 2026

openshift-ci bot assigned umohnani8 Feb 11, 2026

openshift-ci-robot added the verified Signifies that the PR passed pre-merge verification criteria label Feb 11, 2026

openshift-merge-bot bot merged commit 1c680d8 into openshift:main Feb 12, 2026
15 checks passed

openshift-cherrypick-robot mentioned this pull request Feb 12, 2026

[release-4.21] OCPBUGS-76823: reduce MCO image size #5657

Open

Conversation

cheesesashimi commented Feb 10, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

openshift-ci-robot commented Feb 10, 2026

Uh oh!

openshift-ci bot commented Feb 10, 2026

Uh oh!

cheesesashimi commented Feb 10, 2026

Uh oh!

cheesesashimi commented Feb 10, 2026

Uh oh!

openshift-ci-robot commented Feb 10, 2026

Uh oh!

Uh oh!

pablintino commented Feb 11, 2026

Uh oh!

umohnani8 commented Feb 11, 2026

Uh oh!

openshift-ci bot commented Feb 11, 2026

Uh oh!

umohnani8 commented Feb 11, 2026

Uh oh!

openshift-ci-robot commented Feb 11, 2026

Uh oh!

pablintino commented Feb 12, 2026

Uh oh!

openshift-ci bot commented Feb 12, 2026

Uh oh!

Uh oh!

openshift-ci-robot commented Feb 12, 2026

Uh oh!

cheesesashimi commented Feb 12, 2026

Uh oh!

openshift-cherrypick-robot commented Feb 12, 2026

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

6 participants

cheesesashimi commented Feb 10, 2026 •

edited

Loading