search

Azure / container-upstream

This project captures work in progress, and completed work for the Azure Core Container Upstream team
MIT License
53 stars 26 forks source link

[k8s] Write a KEP for Pullimage support for Multi-Arch/OS #1

Closed craiglpeters closed 1 month ago

craiglpeters commented 5 years ago

As an Application Operator, I need to specify the operating system and architecture of the images I pull from a registry so that I am sure the right images are going to the right machines Note: the Application Operator is specified as a new persona as identified in the Snowball working group

craiglpeters commented 5 years ago

Email from Justin Terry

Hey Patrick/Pengfei,

We have run into a sort of hiccup with Kubernetes support of LCOW. Today when we do an ImagePull for Kubernetes we are basically hacking a custom label through the PodSandboxConfig that specifies “platform: linux/amd64” to know what variant of the image you want. As we try to align more with the public API of CRI I am not sure how to accomplish this. I had thought that the RuntimeHandlers would solve this but unfortunately the RuntimeHandlers are not passed to any portion of the ImageService and thus are not useful.

Here is how it stands today

Current version of the CRI API: https://github.com/kubernetes/kubernetes/blob/master/pkg/kubelet/apis/cri/runtime/v1alpha2/api.proto

For PullImage:

// ImageSpec is an internal representation of an image. Currently, it wraps the // value of a Container's Image field (e.g. imageID or imageDigest), but in the // future it will include more detailed information about the different image types. message ImageSpec { string image = 1; }

PullImage message PullImageRequest { // Spec of the image. ImageSpec image = 1; // Authentication configuration for pulling the image. AuthConfig auth = 2; // Config of the PodSandbox, which is used to pull image in PodSandbox context. PodSandboxConfig sandbox_config = 3; }

Unfortunately this is just a string.

What we need

In order for us to truly know what image you are trying to pull we need ImageSpec to look more like this:

// ImageSpec is an internal representation of an image. Currently, it wraps the // value of a Container's Image field (e.g. imageID or imageDigest), but in the // future it will include more detailed information about the different image types. message ImageSpec { string image = 1; // os specifies the operating system, for example linux or windows. string os = 2; // architecture specifies the CPU architecture, for example amd64 or // arm. string architecture 3; // variant is an optional field specifying a variant of the CPU, for // example v7 to specify ARMv7 when architecture is arm. string variant 4; }

And with changes to crictl.exe pull we could do something like:

crict.exe pull --os linux --architecture amd64 docker.io/library/alpine:latest

craiglpeters commented 5 years ago

There is a https://github.com/estesp/manifest-tool which allows for multiple architectures as defined in https://github.com/docker/distribution/blob/master/docs/spec/manifest-v2-2.md

craiglpeters commented 5 years ago

@lachie83 has drafted the KEP https://github.com/lachie83/enhancements/commit/e689e8b7f7070406bb975a7101b9519ee073e559