Scarf Proposal

[davidnoyes]

A proposal to use Scarf as a gateway for binary and container image downloads.

[jetstack-bot]

Adding the "do-not-merge/release-note-label-needed" label because no release-note block was detected, please follow our release note process to remove it.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

[inteon]

Extra improvement: Additional to removing the jetstack name, we will also remove the quay.io name and switch to a more neutral domain (eg. cert-manager.io).

[inteon]

👍 LGTM

[maelvls]

After reading the document, my takeways are:

• The vendor neutrality required by the CNCF (proof, link?) requires the cert-manager project to "mask" any vendor mentions such as Jetstack or Venafi in things like image names and Helm chart repo URLs.
• The official cert-manager images contain the word "jetstack", such as quay.io/jetstack/cert-manager-controller, and Scarf would allow us to change that to something like img.cert-manager.io/cert-manager-controller.
• Scarf wouldn't host or deal with the high network traffic due to the image pulls since the images would stay in quay.io.
• The canonical images would still be quay.io/jetstack/cert-manager-controller and such.
• On top of fixing this vendor-neutrality problem, the cert-manager project would also be useful to the maintainer team in two aspects:
  • As a marketing tool, maintainers would be able to communicate on how many image pulls are done every month. We haven't been able to do that with Quay since pulling the download logs crashes their servers, and we have been stuck with "approximately 1 million pulls per day" in all of our project updates...
  • As a decision tool, maintainers would be able to know the rate of adoption of the new releases and decide whether the release frequency matches the adoption rate, or whether a majority of users lags behind.

I have a few questions:

• An easy solution to the original problem could be to relocate (or rather duplicate) images to quay.io/cert-manager-org/cert-manager (the cert-manager is apparently taken). Has this been explored? Is there any other alternative to Scarf?
• Who will pay for this, is the CNCF going to pay?
• Has any other CNCF project adopted this tool, what do they think about adopting this tool?
• If Scarf is free, what's their business model, are they somehow reselling some acquired data to third parties?
• What about Helm charts? The name "jetstack" appears too when adding the repo:

  helm repo add jetstack https://charts.jetstack.io
  

• How exactly does the "path" problem affect us? Would it prevent us from removing the /jetstack path from the image names?
• I'd like to know what the new image names would look like. Would it be something like:

  img.cert-manager.io/cert-manager-controller
  

[davidnoyes]

• Extra improvement: Additional to removing the jetstack name, we will also remove the quay.io name and switch to a more neutral domain (eg. cert-manager.io).
  • Addressed in e7f3ff6
• An easy solution to the original problem could be to relocate (or rather duplicate) images to quay.io/cert-manager-org/cert-manager (the cert-manager is apparently taken). Has this been explored? Is there any other alternative to Scarf?
  • This does not fully solve the problem as it leaves a dependency upon the quay.io service
  • Further detail added in ad2e24d
• Who will pay for this, is the CNCF going to pay?
  • A free tier account for OSS projects will be created (clarified in e7f3ff6). The free tier will address the goals listed in the proposal (further discussion to be had around the "path" problem).
  • Higher tiered (basic/premium) accounts are available at cost, pricing based on the number of monthly tracked companies and the number of seats for access. For transparency, Venafi may contribute towards this cost later but has yet to commit to doing so at the moment of writing.
• Has any other CNCF project adopted this tool, what do they think about adopting this tool?
  • Apache Superset
  • Apache SkyWalking
  • Apache DevLake
  • Apache DolphinScheduler
  • Rocket.Chat
  • Buoyant (Linkerd)
• If Scarf is free, what's their business model, are they somehow reselling some acquired data to third parties?
  • "Basic" & "Premium" tiers are available at cost, providing more significant insights, support and SLAs. See Scarf's pricing model. Scarf will generate revenue from these account types.
• What about Helm charts?
  • These should also be addressed, and Scarf may be an appropriate solution; however, Helm chart hosting is currently out of the scope of this proposal.
  • Default container image locations should be updated within existing Helm charts to reflect the newly chosen location.
• How exactly does the "path" problem affect us? Would it prevent us from removing the /jetstack path from the image names?
  • The cert-manager images are currently located at quay.io/jetstack/cert-manager-controller. Current Scarf functionality allows for domain changes to a custom domain such as img.cert-manager.io (using @maelvls example). This would result in the new location being img.cert-manager.io/jetstack/cert-manager-controller, which continues to use "jetstack" in the path.
  • As described in the proposal, a workaround is being investigated by Scarf to allow for a custom path. There is also an alternative approach with the use of an additional hosting location such as ghcr.io/cert-manager/cert-manager-controller
• I'd like to know what the new image names would look like
  • The chosen custom domain and image hosting location are topics to be discussed by the maintainers, and discussion from the community would also be welcome.

[arjundevarajan]

Hi, just wanted to leave a quick note here as well are just pointing out a couple of other CNCF projects that are utilizing Scarf:

• Add lightweight analytics pixel to dapr website dapr/docs#3025
• Updated litmus component images with scarf litmuschaos/litmus#4298, Updated litmus component images with scarf litmuschaos/litmus#4298

Also, that Scarf is building a formal partnership with the Linux Foundation (and all of its subsidiary organizations, like the CNCF), and is now listed on this list of partners here: https://www.linuxfoundation.org/projects/partnerships

[inteon]

We discussed this proposal during the bi-weekly development meeting: https://docs.google.com/document/d/1Tc5t6ylY9dhXAan1OjOoldeaoys1Yh4Ir710ATfBa5U/edit#bookmark=id.cn5lnyf8y3oh

I think that the PR can be merged based on that conversation.
/approve
/lgtm

[jetstack-bot]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: inteon

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

• OWNERS [inteon]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[wallrj]

scarf.sh also seems to have had several outages during 2023

But there's no record of these on their uptime history page AFAICS:

• https://status.scarf.sh/history

[melanie-stewart-22]

Hi @wallrj , just chiming in here, the Scarf team is working to backfill those incidents and they should be up shortly. We will comment again to update when finished.

[wallrj]

Thanks Melanie. I should also have linked to this issue:

• Missing incident history on status.scarf.sh scarf-sh/gateway#26

[hollyos]

@wallrj scarf-sh/gateway#26 has been updated. We've officially switched over our status page provider and backfilled the incident reports for the Gateway.

[wallrj]

Are there any limitations to the analytic data provided by Scarf?
For example, their documentation says that data export is only available if you are on a paid plan:

• https://docs.scarf.sh/data-export/#prerequisites

[melanie-stewart-22]

Currently, the ability to export data is only available in Scarf's paid subscriptions. Otherwise, you will have access to software downloads by location, operating system, version, cloud provider, container runtimes, and referral source. As well as, documentation views by company, location, and pages that are most visited using our super lightweight pixel that has no cookies or javascript.

[wallrj]

Risks

Some risks which we should consider.

• Outages of the gateway service:

  • [helm] Unauthorized to pull images from ghcr.keptn.sh keptn/lifecycle-toolkit#1431 (comment)

• Ad Blocking software blocking the scarf proxy (and vanity domains that use the scarf CNAME)

  • Migrate from cr.hotio.dev to ghcr.io GhostWriters/DockSTARTer#1715
  • Tracker pixels: scarf.sh easylist/easylist#18395
  • https://discourse.pi-hole.net/t/apply-pi-hole-blocking-to-cnames/25445

[wallrj]

Scarf.sh does not solve this problem, as explained in the "known issues/limitations" section below.

Currently, the Scarf service only allows for custom domains and doesn't include custom paths.

The word Jetstack is in the path, not the domain: quay.io/jetstack/cert-manager-controller.

The simplest solution to this problem is to publish the images to quay.io/cert-manager/cert-manager-controller,
which we now have the ability to do.

[maelvls]

I agree. The design reads like the number one benefit is to "become vendor neutral", but we have established that Scarf isn't required for that. I suggest that we don't mention this benefit in the design document at all.

The number one benefit that would justify Scarf's adoption, to me, being able for maintainers to know each version's adoption... and also being able to show a daily number of downloads at events like KubeCon.