Python/Go binary to bulk replace images in kustomization.yaml files (was Port use_gcr_for_all_images.sh to work with kustomize) #3210
Comments
|
Issue-Label Bot is automatically applying the label Links: app homepage, dashboard and code for this bot. |
jlewi
changed the title
|
I might suggest rewriting this as a go program and baking it into kfctl. It might be nice if the tool supported some flexible way to match and replace images; e.g. using regexes. This way we could easily replace all images hosted in quay.io with another registry. This would go a long way to making it easy to mirror all the required images to a different registry and then pull the images from it. |
|
/help-wanted |
|
Yeah, we're slated for 0.7 but this hasn't been picked yet |
|
To backup your point @jlewi I think we should start with only supporting internal registries that have the same repo structure that we propose, otherwise users need to update image urls manually. |
jlewi
changed the title
|
If someone wants to pick this up; I think a great first step would just be to modify To replace the If we wanted to be a bit more forward looking we could rewrite that bash script as a go program but still shell out to kustomize and hard code the list of images to replace. |
|
I'll take a stab at this if noone else is doing that already! |
|
Thanks @xaniasd ! After #4222 is merged can we update the docs on kubeflow/website before we close this issue? A follow on issue would be to provide tooling to mirror of the Kubeflow images to a different repository. I think one way we might be able to do that in a generic way would be to spit out a Tekton workflow that would pull the images from one repo, retag them and push them. (I'm hoping that's doable with Tekton). @xaniasd Any interest in tackling that next (after the docs?)? |
|
@jlewi I can add the documentation (I'll look into the setup and make a PR), no worries. About the follow-up; sure thing. I'm not familiar with Tekton and how we want to use it in this case, if you could give some background information I can give it a try. That said, a simple way to do this would be to just implement it in kfctl and fork |
|
@xaniasd I actually have a small PR ready for exactly this thing, spitting out a changelist in stdout. |
|
There's a couple reasons why on GCP we'd like to leverage Google Cloud Build or possibly Tekton to replicate the images
We have a sample jsonnet workflow here. I think for GCP what we'd want is a command or separate go binary to traverse the kustomize directory and generate a YAML spec for the workflow to replicate all images. I think this should be separate from the The code should look at kustomization.yaml to get the old image name and tag and the new image name and tag. Generating a Tekton workflow would be a cloud neutral solution to this. |
|
This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions. |
|
/lifecycle frozen It looks like kustomize supports composition; see kubernetes-sigs/kustomize#171 So if we define a kustomize manifest that composes all of the individual applications in Kubeflow (i.e. lists each kubeflow application as a base); then we should just be able to override all the images by writing a kustomization.yaml file in that package that specifies the image we want to replace and the new image. Related: Get rid of kustomize magic in kfctl kubeflow/manifests#774 |
|
@kunmingg what is the remaining work to close out this issue? It looks like we need to update the documentation page; e.g https://www.kubeflow.org/docs/gke/private-clusters/#deploy-kubeflow-with-private-gke to describe how to use the new functionality. Is there anything else that needs to be done? |
|
@kunmingg thoughts? Any more immediate work to be done? |
|
@kunmingg ping? |
* Add instructions for mirroring docker images to private repositories * Fix kubeflow/kubeflow#3210 * Delete instructions under private GKE and just link to the doc issue kubeflow#1705 * The instructions are outdated. Since managed certificates are used there should be no reason to need to update iap-ingress.yaml anymore. * Fix kubeflow#1811 * Most of the other instructions under the private GKE section are also very obsolete.
* Private GKE: Document image mirroring * Add instructions for mirroring docker images to private repositories * Fix kubeflow/kubeflow#3210 * Delete instructions under private GKE and just link to the doc issue #1705 * The instructions are outdated. Since managed certificates are used there should be no reason to need to update iap-ingress.yaml anymore. * Fix #1811 * Most of the other instructions under the private GKE section are also very obsolete. * Fix indentation. * Fix indetation. * Fix indentation. * Fix alert. * More formatting fixes. * Add comment about Tekton.
Port https://github.com/kubeflow/kubeflow/blob/master/scripts/gke/use_gcr_for_all_images.sh
to kustomize.
This script is used for switching the images to a private registry. We will need to update the script
to work with the new kustomize manifests.
The text was updated successfully, but these errors were encountered: