search

jupyterhub / zero-to-jupyterhub-k8s

Helm Chart & Documentation for deploying JupyterHub on Kubernetes
https://zero-to-jupyterhub.readthedocs.io
Other
1.53k stars 792 forks source link

image-puller assumes that /bin/sh is present #3205

Open mattijsjonker opened 1 year ago

mattijsjonker commented 1 year ago

https://github.com/jupyterhub/zero-to-jupyterhub-k8s/blob/1c9a12cd94eed6842eee985d97126b8ed99e68ce/jupyterhub/templates/image-puller/_helpers-daemonset.tpl#L118-L123

It appears that the image puller assumes that /bin/sh is always available. In my setup this is causing an issue because one of the configured singleuser.extraContainers images is scratch-based, resulting in CrashLookBackoffs on the continuous-image-puller pods:

  image-pull-singleuser-init-and-extra-containers-0:
    Container ID:  containerd://<id>
    Image:         minio/sidekick:v3.0.4
    Image ID:      docker.io/minio/sidekick@sha256:<hash>
    Port:          <none>
    Host Port:     <none>
    Command:
      /bin/sh
      -c
      echo "Pulling complete"
    State:          Waiting
      Reason:       CrashLoopBackOff
    Last State:     Terminated
      Reason:       StartError
      Message:      failed to create containerd task: failed to create shim task: OCI runtime create failed: runc create failed: unable to start container process: exec: "/bin/sh": stat /bin/sh: no such file or directory: unknown
      Exit Code:    128
      Started:      Thu, 01 Jan 1970 00:00:00 +0000
      Finished:     Thu, 17 Aug 2023 10:33:10 +0000
    Ready:          False
    Restart Count:  1
    Environment:  <none>
    Mounts:       <none>

The image in question (https://github.com/minio/sidekick/blob/master/Dockerfile).

I remedied this by creating a custom image that does include /bin/sh, but I wonder if a more elegant solution is possible (e.g., a configurable check).

welcome[bot] commented 1 year ago

Thank you for opening your first issue in this project! Engagement like this is essential for open source projects! :hugs:
If you haven't done so already, check out Jupyter's Code of Conduct. Also, please try to follow the issue template as it helps other other community members to contribute more effectively. welcome You can meet the other Jovyans by joining our Discourse forum. There is also an intro thread there where you can stop by and say Hi! :wave:
Welcome to the Jupyter community! :tada:

yuvipanda commented 10 months ago

Good question. We must have a command here, and one that essentially does nothing (rather than start the default cmd for the image). /bin/sh was chosen as the most common thing to exist here. I'm not sure we can do something else - scratch based containers by definition are unique and usually don't have anything else in them.

Perhaps what we need is to document this requirement?