zen-gc: Enhancing Garbage Collection for Kubernetes

zen-gc is an innovative Kubernetes controller designed to provide automatic, declarative garbage collection for a variety of Kubernetes resources based on time-to-live (TTL) policies. This means once cleanup policies are defined, zen-gc takes care of the rest, removing the need for custom controllers or manual cleanup scripts.

Key Observations

Kubernetes natively supports TTL only for Jobs, leaving users to manage cleanup for other resources like ConfigMaps, Secrets, Pods, and Custom Resource Definitions (CRDs) on their own. zen-gc addresses this limitation by offering a straightforward and Kubernetes-native solution that streamlines the cleanup process.

Why Choose zen-gc?

• Comprehensive Coverage: Supports all resource types including ConfigMaps, Secrets, Pods, Jobs, and CRDs.
• Effortless Configuration: Cleanup policies can be expressed as standard Kubernetes resources, eliminating reliance on external tools or complicated setups.
• Production-Ready Features: Comes with built-in rate limiting, metrics integration, and observability tools.
• Customizable: Allows complex conditions with flexible selectors and custom TTL calculations, empowering users to tailor policies to their specific needs.
• User-Friendly: Offers simple YAML-based policies without the need for programming skills.
• Full Visibility: Integrates with Prometheus for metrics and generates Kubernetes events for transparent monitoring.

Powerful TTL System

The versatility of zen-gc is predominantly showcased in its robust TTL management, which features four distinct modes:

1. Fixed TTL: A straightforward approach for time-based cleanup. For instance, resources can be deleted after a set period:

   ttl:
     secondsAfterCreation: 604800  # 7 days
   

2. Field-Based TTL: This mode allows resources to determine their own lifespan based on specific fields:

   ttl:
     fieldPath: "spec.ttlSeconds"  # Resource controls its own TTL
   

3. Mapped TTL: Define timeframes based on resource attributes—ideal for severity-based retention policies:

   ttl:
     fieldPath: "spec.severity"
     mappings:
       CRITICAL: 1814400  # 3 weeks
       HIGH: 1209600      # 2 weeks
       MEDIUM: 604800     # 1 week
       LOW: 259200        # 3 days
     default: 604800
   

4. Relative TTL: Configures cleanup times relative to another resource's timestamp:

   ttl:
     relativeTo: "status.lastProcessedAt"
     secondsAfter: 86400  # 1 day after last activity
   

This flexible architecture allows zen-gc to mold its functionality to the diverse requirements of different use cases.

Quick Implementation

While installation instructions are not included here, users can easily install zen-gc and create cleanup policies through Helm or kubectl. For example, a policy to cleanup temporary ConfigMaps after an hour could look like this:

apiVersion: gc.kube-zen.io/v1alpha1
kind: GarbageCollectionPolicy
metadata:
  name: cleanup-temp-configmaps
spec:
  targetResource:
    apiVersion: v1
    kind: ConfigMap
    labelSelector:
      matchLabels:
        temporary: "true"
  ttl:
    secondsAfterCreation: 3600  # 1 hour
  behavior:
    maxDeletionsPerSecond: 10

Use Cases

zen-gc can be applied across a wide array of scenarios including:

• Automatically cleaning up completed Jobs after a specified duration.
• Deleting outdated ConfigMaps or Secrets generated during CI/CD processes.
• Efficiently removing evicted Pods and orphaned ReplicaSets.
• Managing PersistentVolumeClaims to enhance resource allocation.
• Establishing cleanup policies for various tenants to ensure resource isolation.

Documentation and Resources

Comprehensive documentation is available, including:

• Detailed KEP Document
• API Reference
• User and Operator Guides for policy creation and maintenance.

With its versatile features and user-friendly design, zen-gc stands as a production-ready solution highly suitable for Kubernetes operators seeking to enhance resource management and automation.