mirror docker images #2105
mirror docker images #2105
Conversation
Kind is publishing the official in dockerhub, however, since the docker decision to rate limit the images, this causes issues with CIs. Switching completely the images is complicated, and can be very disruptive. Meanwhile we don't have a final decision we can mirror the images to different public registries.
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: aojea The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
k8s-ci-robot
added
approved
|
/hold
|
k8s-ci-robot
added
the
do-not-merge/hold
| on: | ||
| schedule: | ||
| - cron: '0 0 * * *' | ||
| release: |
There was a problem hiding this comment.
this runs when a release is created
| steps: | ||
| - name: Mirror docker images to Github Registry | ||
| run: | | ||
| skopeo sync --src docker --dest docker docker.io/kindest/node ghcr.io/kind-ci |
There was a problem hiding this comment.
not familiar with the feature but if it handles the sync ala rsync that seems exactly what we need
|
@aojea: The following tests failed, say
Full PR test history. Your PR dashboard. Please help us cut down on flakes by linking to an open issue when you hit one in your PR. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here. |
|
The authentication information can be completed through the configuration of Docker Inc. provides support for open source projects, we can consider using it. https://www.docker.com/community/open-source/application |
| steps: | ||
| - name: Mirror docker images to Github Registry | ||
| run: | | ||
| skopeo sync --src docker --dest docker docker.io/kindest/node ghcr.io/kind-ci |
There was a problem hiding this comment.
End users will want this mirrored image as well 👍, so maybe -ci suffix can be omitted.
There was a problem hiding this comment.
kind-ci is a github org we own.
Why are we not publishing to this repo?
There was a problem hiding this comment.
I'm NACK on mirroring to random registries here without deciding on the solution over in the issue.
Any mirroring we run from here is "official" and should be decided and supported. Also because dockerd has poor support for mirrors we should really just pick 1-2 registries to use going forward (maybe k8s official GCR and something else for china, unless we can pick one alternative for both), and mirroring solutions should be done in discussion with wg-k8s-infra.
| steps: | ||
| - name: Mirror docker images to Github Registry | ||
| run: | | ||
| skopeo sync --src docker --dest docker docker.io/kindest/node ghcr.io/kind-ci |
There was a problem hiding this comment.
kind-ci is a github org we own.
Why are we not publishing to this repo?
|
|
||
| - name: Mirror docker images to quay.io | ||
| run: | | ||
| skopeo sync --src docker --dest docker docker.io/kindest/node quay.io/kind |
There was a problem hiding this comment.
I made up the names, the pr is to discuss if this make sense.
If affirmative fill the gaps with whatever we decide
|
[thanks for the PR, let's continue discussion elsewhere, closing to minimize issues from #2120 / thundering CI on open PRs with ok-to-test] [also received contact from docker today about kindest, need to follow up with them] |
Kind is publishing the official in dockerhub, however, since
the docker decision to rate limit the images, this causes issues
with CIs.
Switching completely the images is complicated, and can be very
disruptive.
Meanwhile we don't have a final decision we can mirror the images
to different public registries.
Fixes: #1895