Closed craiglpeters closed 1 month ago
Email from Justin Terry
Hey Patrick/Pengfei,
We have run into a sort of hiccup with Kubernetes support of LCOW. Today when we do an ImagePull for Kubernetes we are basically hacking a custom label through the PodSandboxConfig that specifies “platform: linux/amd64” to know what variant of the image you want. As we try to align more with the public API of CRI I am not sure how to accomplish this. I had thought that the RuntimeHandlers would solve this but unfortunately the RuntimeHandlers are not passed to any portion of the ImageService and thus are not useful.
Here is how it stands today
Current version of the CRI API: https://github.com/kubernetes/kubernetes/blob/master/pkg/kubelet/apis/cri/runtime/v1alpha2/api.proto
For PullImage:
// ImageSpec is an internal representation of an image. Currently, it wraps the // value of a Container's Image field (e.g. imageID or imageDigest), but in the // future it will include more detailed information about the different image types. message ImageSpec { string image = 1; }
PullImage message PullImageRequest { // Spec of the image. ImageSpec image = 1; // Authentication configuration for pulling the image. AuthConfig auth = 2; // Config of the PodSandbox, which is used to pull image in PodSandbox context. PodSandboxConfig sandbox_config = 3; }
Unfortunately this is just a string.
What we need
In order for us to truly know what image you are trying to pull we need ImageSpec to look more like this:
// ImageSpec is an internal representation of an image. Currently, it wraps the
// value of a Container's Image field (e.g. imageID or imageDigest), but in the
// future it will include more detailed information about the different image types.
message ImageSpec {
string image = 1;
// os specifies the operating system, for example linux
or windows
.
string os = 2;
// architecture specifies the CPU architecture, for example amd64
or
// arm
.
string architecture 3;
// variant is an optional field specifying a variant of the CPU, for
// example v7
to specify ARMv7 when architecture is arm
.
string variant 4;
}
And with changes to crictl.exe pull we could do something like:
crict.exe pull --os linux --architecture amd64 docker.io/library/alpine:latest
There is a https://github.com/estesp/manifest-tool which allows for multiple architectures as defined in https://github.com/docker/distribution/blob/master/docs/spec/manifest-v2-2.md
@lachie83 has drafted the KEP https://github.com/lachie83/enhancements/commit/e689e8b7f7070406bb975a7101b9519ee073e559
As an Application Operator, I need to specify the operating system and architecture of the images I pull from a registry so that I am sure the right images are going to the right machines Note: the Application Operator is specified as a new persona as identified in the Snowball working group