New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Create drop in file for ContainerRuntimeSearchRegistries #2276
Conversation
Q: does this need an update to https://github.com/openshift/machine-config-operator/blob/master/docs/ContainerRuntimeConfigDesign.md at all? |
@kikisdeliveryservice no it does not, that doc is only for the ctrcfg CRD. This change is for the images.config.openshift.io CRD, which lives in openshift/api and the ctrcfg controller watches it for changes. |
/assign @mtrmac |
/retest |
LGTM, chances we could get an e2e test? (I'm not sure what tests already exist for registires.conf) |
We have the mock tests for this, which I have updated for this new option. Will work on adding an e2e for the Image CRD in a follow up PR |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
ACK to the little extent I understand MCO.
And to demonstrate how little I understand it: Why is this fully Go code and not just one of the file templates generated by pkg/controller/template? Is it undesirable to change the user-visible ControllerConfigSpec
object, is the extra step generating that object undesirable, is it just that this is by far less code, or some other reason?
The users want to be able to overwrite the We renamed the user facing option to be |
Sure.
Why not? It seems to work for things like Or alternatively, why do things like I’m not at all saying this PR is wrong (it’s certainly the lower-risk approach, given all the existing infrastructure accessing all the relevant CRDs, and given the past pain dealing with the bootstrap process and render differences during that time), I just don’t understand the difference in approach. |
… which makes me unqualified to be reviewing PRs here; just to be very explicit, this is not a request to reimplement. |
SBT, you came up as suggested by bots |
/retest |
@yuqi-zhang @sinnykumari would appreciate a review here when you have a few please |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Mostly LGTM, 1 concern regarding failure reporting
A new option, containerRuntimeSearchRegistries, has been added to the images.config.openshift.io CRD. Implement this new option in the ctrcfg controller so that when users set this in the cluster wide Image CR, we create a drop-in file at /etc/containers/registries.conf.d that sets unqualified-search-registries to the given list. This overwrites the unqualified-search-registries list in registries.conf and lets the user decide specify which registries to check when using short names for an image. Signed-off-by: Urvashi Mohnani <umohnani@redhat.com>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
/lgtm
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: haircommander, kikisdeliveryservice, umohnani8, yuqi-zhang The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
/retest |
/retest Please review the full test history for this PR and help us cut down flakes. |
/test e2e-aws-serial |
@umohnani8: The following test failed, say
Full PR test history. Your PR dashboard. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here. |
/test e2e-aws-serial |
/skip |
Signed-off-by: Urvashi Mohnani umohnani@redhat.com
- What I did
A new option, containerRuntimeSearchRegistries, has been added
to the images.config.openshift.io CRD. Implement this new option
in the ctrcfg controller so that when users set this in the cluster
wide Image CR, we create a drop-in file at /etc/containers/registries.conf.d
that sets unqualified-search-registries to the given list. This overwrites
the unqualified-search-registries list in registries.conf and lets the user
decide specify which registries to check when using short names for an image.
This PR is for the UnqualifiedSearchRegistries support epic.
- How to verify it
Start a 4.7 cluster and add the
containerRuntimeSearchRegistries
field to the cluster wide Image CR. Once that deploys, you should see a drop-in file at/etc/containers/registries.conf.d
with theunqualified-search-registries
field set to the list from the CR. When you try to pull an image using short name, it should only try to pull from the registries specified in that list.- Description for the changelog
Create drop in file for ContainerRuntimeSearchRegistries option when set in the cluster wide Image CR