New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
fix kubectl create deployment image name #86636
fix kubectl create deployment image name #86636
Conversation
/test pull-kubernetes-e2e-gce |
Hi! This is a start, but I don't think it is sufficient. It gets more complicated - you can't simply escape characters. E.g. if I turned Also I am not 100% confident that those are the only 2 such characters that we need to handle. Maybe, but I'd like to see a comment citing a spec or something authoritative. To do this "properly" you need to look at the complete set of container images and their sanitized-generated names. If none of them collide, no problem. If any of them collide either a) throw an error and fail (see below) or b) further randomize them by adding a unique suffix (see below). Option a is terrible because the user has no recourse. If that is ACTUALLY what they want to do, they simply can't. To fix this, we'd need a way for them to manually remap container names, which actually sounds OK to me. For example Option b) is terrible because you need to stay less than max-length, so you end up potentially eating the last few characters to replace them with suffix, which demands further conflict checking. |
Assigning to myself just so I see notifications |
Thanks for your reply. But by far i haven't thought out solutions, but the image naming rules are referred by https://github.com/moby/moby/blob/be97c66708c24727836a22247319ff2943d91a03/daemon/names/names.go |
Revisiting. What about normalizing the names and then uniquifiying? That should be such a corner-case it won't matter. E.g.
Where sanitize() converts anything not supported into '-' and uniquify() truncates the input and adds a counter to the end. For example inputs of [ "foo_bar", "foo-bar" ] produce [ "foo-bar", "foo-bar-2" ]. Very long names will bump against the limit so "a-very-long-name" might become "a-very-long-na-2". Adding a 5-character hash of the image string might be simpler, still has to truncate. Last corner case is what to do when the sanitized name is exactly colliding with a natural name, as above: inputs of [ "foo_bar", "foo-bar" ] produce [ "foo-bar", "foo-bar-2" ], but it might be better to produce [ "foo-bar-2", "foo-bar" ]. Probably not worth the hassle. |
The root cause of this is the different naming rules with docker and k8s. And actually this barely happens(naming images names with "_" or "." ), I just think add two more functions like |
Well, look. We have a problem. `kubectl run` works fine, but is
deprecated in favor of `kubectl create` We have container images that are
perfectly valid names which are being rejected by `kubectl create`. Ergo,
we can never remove `run` until we fix `create`.
The job of Kubernetes is to adapt between humans and container runtimes.
`pod.spec.containers[].name` is *NOT* intended to be the image name. It's
a human-friendly name. Kubectl is the one deciding to set that value, so
it carries the responsibility for doing it correctly.
The proposed fix is just an idea, but frankly, I have a hard time imagining
a simpler solution that maintains the "correctness" property. The input
string must be reduced in its character set, aka escaping.
If you want a simpler escape, convert all "_" and "." to "--", and convert
all original "--" to "----" but you STILL have a length problem, so you
need to truncate, and then you still have a uniqueness problem.
We have user-facing documentation which uses `run` and CAN NOT change to
`create` until this is fixed.
…On Tue, Feb 18, 2020 at 2:30 AM zhouya0 ***@***.***> wrote:
The root cause of this is the different naming rules with docker and k8s.
And actually this barely happens(naming images names with "_" or "." ), I
just think add two more functions like sanitize and uniquify in this
special case is not a good idea.
—
You are receiving this because you were assigned.
Reply to this email directly, view it on GitHub
<#86636?email_source=notifications&email_token=ABKWAVEHUI52DXV5I3FPGQTRDO2DRA5CNFSM4J7IZJD2YY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOEMBOABY#issuecomment-587390983>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/ABKWAVD2XB6YDI3OPCLHZYTRDO2DRANCNFSM4J7IZJDQ>
.
|
@zhouya0 how fast can you address Tim's comment, which is valid and I'd love to see happen asap, since this is something that will need to be fixed in other generators as well. |
Ok, I'll try to do it. |
@thockin I opened a new PR #88403.
|
@zhouya0 pls don't open new PRs, but apply the necessary fixes here. Also that other PR only addressed the sanitization part, but did not cover uniqueness Tim mentioned before. Please follow the advices given from reviewers. |
cc09f94
to
00d2cdb
Compare
00d2cdb
to
5db45e1
Compare
/test pull-kubernetes-e2e-kind |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
/lgtm
/approve
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: soltysh, zhouya0 The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
/kind bug |
…eployment_image_name fix kubectl create deployment image name Kubernetes-commit: c7d7cf7
What type of PR is this?
What this PR does / why we need it:
Kubectl create deployment
command will use image's name as container's name. When image's name have "_" or "."(which is valide in docker), it will be failed because the name doesn't meet the DNS1123 rules. So it PR will delete these two symbol.Which issue(s) this PR fixes:
Fixes #kubernetes/kubectl#789
Special notes for your reviewer:
Does this PR introduce a user-facing change?: