-
Notifications
You must be signed in to change notification settings - Fork 54
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
helm: existing image same tag different sha256 #322
Comments
I would prefer 1 over 2. However, we can tackle this problem together with another one: if we rebuild say REANA 0.6.0 two moths after release, the produced docker images are not the same anymore, because we are using relax version constraints like: $ grep tablib setup.py
'tablib>=0.12.1,<0.13', which can produce images once with tablib 0.12.3, once with 0.12.8, based on which version is available. This is not good for reproducibility 😉 and we are loosing a lot of time hunting dependencies. Hence proposal:
WDYT? |
For illustration, here is a list of things to do for a cluster package such as
|
Pins all dependencies via pip-compile and amends installation procedures to used pinned packages. The pagkage varsions will be updated from time to time via dedicated upgrade campaigns. Addresses reanahub/reana#322. Signed-off-by: Tibor Šimko <tibor.simko@cern.ch>
Pins all dependencies via pip-compile and amends installation procedure to used pinned packages. The package versions will be updated from time to time via dedicated upgrade campaigns. Addresses reanahub/reana#322. Signed-off-by: Tibor Šimko <tibor.simko@cern.ch>
Pins all dependencies via pip-compile and amends installation procedure to used pinned packages. The package versions will be updated from time to time via dedicated upgrade campaigns. Addresses reanahub/reana#322. Signed-off-by: Tibor Šimko <tibor.simko@cern.ch>
Pins all dependencies via pip-compile and amends installation procedures to used pinned packages. The pagkage varsions will be updated from time to time via dedicated upgrade campaigns. Addresses reanahub/reana#322. Signed-off-by: Tibor Šimko <tibor.simko@cern.ch>
Pins all dependencies via pip-compile and amends installation procedure to used pinned packages. The package versions will be updated from time to time via dedicated upgrade campaigns. Addresses reanahub/reana#322. Signed-off-by: Tibor Šimko <tibor.simko@cern.ch>
Pins all dependencies via pip-compile and amends installation procedure to used pinned packages. The package versions will be updated from time to time via dedicated upgrade campaigns. Addresses reanahub/reana#322. Signed-off-by: Tibor Šimko <tibor.simko@cern.ch>
Pins all dependencies via pip-compile and amends installation procedure to used pinned packages. The package versions will be updated from time to time via dedicated upgrade campaigns. Addresses reanahub/reana#322. Signed-off-by: Tibor Šimko <tibor.simko@cern.ch>
Pins all dependencies via pip-compile and amends installation procedure to used pinned packages. The package versions will be updated from time to time via dedicated upgrade campaigns. Addresses reanahub/reana#322. Signed-off-by: Tibor Šimko <tibor.simko@cern.ch>
Pins all dependencies via pip-compile and amends installation procedure to used pinned packages. The package versions will be updated from time to time via dedicated upgrade campaigns. Addresses reanahub/reana#322. Signed-off-by: Tibor Šimko <tibor.simko@cern.ch>
Pins all dependencies via pip-compile and amends installation procedure to used pinned packages. The package versions will be updated from time to time via dedicated upgrade campaigns. Addresses reanahub/reana#322. Signed-off-by: Tibor Šimko <tibor.simko@cern.ch>
Pins all dependencies via pip-compile and amends installation procedures to used pinned packages. The pagkage varsions will be updated from time to time via dedicated upgrade campaigns. Addresses reanahub/reana#322. Signed-off-by: Tibor Šimko <tibor.simko@cern.ch>
Pins all dependencies via pip-compile and amends installation procedure to used pinned packages. The package versions will be updated from time to time via dedicated upgrade campaigns. Addresses reanahub/reana#322. Signed-off-by: Tibor Šimko <tibor.simko@cern.ch>
Pins all dependencies via pip-compile and amends installation procedure to used pinned packages. The package versions will be updated from time to time via dedicated upgrade campaigns. Addresses reanahub/reana#322. Signed-off-by: Tibor Šimko <tibor.simko@cern.ch>
Pins all dependencies via pip-compile and amends installation procedure to used pinned packages. The package versions will be updated from time to time via dedicated upgrade campaigns. Addresses reanahub/reana#322. Signed-off-by: Tibor Šimko <tibor.simko@cern.ch>
Pins all dependencies via pip-compile and amends installation procedure to used pinned packages. The package versions will be updated from time to time via dedicated upgrade campaigns. Addresses reanahub/reana#322. Signed-off-by: Tibor Šimko <tibor.simko@cern.ch>
Pins all dependencies via pip-compile and amends installation procedure to used pinned packages. The package versions will be updated from time to time via dedicated upgrade campaigns. Addresses reanahub/reana#322. Signed-off-by: Tibor Šimko <tibor.simko@cern.ch>
All REANA cluster components have been moved to use the new pip-compile based freezing. All REANA client and shared components will remain non-freezed so that users can install them on a variety of existing systems, perhaps into their existing environments. This issue can therefore be closed. |
Because of re-pushing an image with the same tag, the following problem has happened in a QA deployment (the re-push happens if one follows our current docs and our current practices):
Let us illustrate it with two deployments
DEP1
andDEP2
:DEP1
(execution ofhelm install/upgrade
)DEP2
reana-0.7.0-dev20200420
reanahub/reana-workflow-controller:0.6.0-36-gb702986
with sha256aaabbb
reana-db==0.7.0.dev20200427
DEP2
(execution ofhelm install/upgrade
)DEP1
reana-0.7.0-dev20200527
reanahub/reana-workflow-controller:0.6.0-36-gb702986
with sha256cccddd
reana-db==0.7.0.dev20200520
0.6.0-36-gb702986
) but a new version ofreana-db
was fetched while re-building and re-pushing images producing a new image with sha256cccddd
This will cause
DEP2
to not work because:reanahub/reana-workflow-controller:0.6.0-36-gb702986
(sha256aaabbb
) present so a re-pull will never be triggered (we use the defaultImagePullPolicy: IfNotPresent
)reanahub/reana-workflow-controller
image that will be used will beaaabbb
instead ofcccddd
which is the onereana-0.7.0-dev20200527
expects with the correctreana-db
versionSolutions
reana-db
,reana-commons
etc..), therefore the tag will change (in our example from0.6.0-36-gb702986
to0.6.0-37-gc16d3332
).aaabbb
is used in production and a re-location of the pod from one node to another one triggers a new docker pull, causing production to run all of a suddenbbbccc
which might break it.ImagePullPolicy: Always
for infrastructure pods.Note: Even though closely related to #248 this issue is different since it deals with infrastructure pods (RS, RWC) rather than with runtime pods.
The text was updated successfully, but these errors were encountered: