-
Notifications
You must be signed in to change notification settings - Fork 3.3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
CRI: remove deprecated config properties (auths
, configs
, mirrors
)
#9766
base: main
Are you sure you want to change the base?
CRI: remove deprecated config properties (auths
, configs
, mirrors
)
#9766
Conversation
ac75d67
to
0ec8de1
Compare
Remove the following config properties in `/etc/containerd/config.toml`: | Property Group | Property | Deprecation release | Target release for removal | Recommendation | |-------------------------------------------------|------------|---------------------|----------------------------|------------------------| |`[plugins."io.containerd.grpc.v1.cri".registry]` | `auths` | containerd v1.3 | containerd v2.0 ✅ | Use `ImagePullSecrets` | |`[plugins."io.containerd.grpc.v1.cri".registry]` | `configs` | containerd v1.5 | containerd v2.0 ✅ | Use `config_path` | |`[plugins."io.containerd.grpc.v1.cri".registry]` | `mirrors` | containerd v1.5 | containerd v2.0 ✅ | Use `config_path` | The toml properties are still kept for printing human-readable errors, but the properties will be completely removed in v2.1. Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
0ec8de1
to
8313a1c
Compare
@AkihiroSuda: The following test failed, say
Full PR test history. Your PR dashboard. Please help us cut down on flakes by linking to an open issue when you hit one in your PR. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here. |
|
if useConfigPath { | ||
return warnings, errors.New("`mirrors` cannot be set when `config_path` is provided") | ||
} | ||
warnings = append(warnings, deprecation.CRIRegistryMirrors) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Can you remove deprecation.CRIRegistryMirrors
?
} | ||
|
||
if len(c.Registry.Configs) != 0 { | ||
warnings = append(warnings, deprecation.CRIRegistryConfigs) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Can you remove deprecation.CRIRegistryConfigs
?
config.Auth = &auth | ||
c.Registry.Configs[endpoint] = config | ||
} | ||
warnings = append(warnings, deprecation.CRIRegistryAuths) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Can you remove deprecation.CRIRegistryAuths
?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
don't have a replacement for cri auth yet..
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
see #7526 (comment)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks like we have to postpone removal of legacy config, although we may disable it by default and require an env var like CONTAINERD_DEPRECATED_ENABLE_CONTAINERD14_CONFIG
We'll need the prowjob to be updated to remove its use of |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
registry mirrors needs to be updated at following places
https://github.com/kubernetes/test-infra/blob/master/jobs/e2e_node/containerd/config.toml#L31
https://github.com/containerd/containerd/blob/main/contrib/gce/configure.sh#L226
PR needs rebase. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
I guess we should postpone this to v2.1 |
This PR is stale because it has been open 90 days with no activity. This PR will be closed in 7 days unless new comments are made or the stale label is removed. |
Note
The removal is likely going to be postponed to v2.1
Remove the following config properties in
/etc/containerd/config.toml
:[plugins."io.containerd.grpc.v1.cri".registry]
auths
ImagePullSecrets
. See also #8228.[plugins."io.containerd.grpc.v1.cri".registry]
configs
config_path
[plugins."io.containerd.grpc.v1.cri".registry]
mirrors
config_path
The toml properties are still kept for printing human-readable errors, but the properties will be completely removed in v2.1.
Depends on:
jobs/e2e_node/containerd
: Migrate deprecated[plugins."io.containerd.grpc.v1.cri".registry.mirrors]
toconfig_path
kubernetes/test-infra#31851