Public image "jessie-dnsutils" have no update for years

[guessi]

What would you like to be added?

Public image registry.k8s.io/e2e-test-images/jessie-dnsutils:1.3 have no update for years, and it's packed with legacy CoreDNS 1.5.0 inside the docker image.

ref:

• https://kubernetes.io/docs/tasks/administer-cluster/dns-debugging-resolution/
• https://github.com/kubernetes/kubernetes/blob/master/test/images/jessie-dnsutils/Dockerfile
• https://github.com/kubernetes/kubernetes/commits/master/test/images/jessie-dnsutils (last update was years ago)

Why is this needed?

jessie-dnsutils commonly used for DNS troubleshooting, and it's based on EOL jessie image.

• https://www.debian.org/releases/jessie/
• https://wiki.debian.org/LTS

[k8s-ci-robot]

This issue is currently awaiting triage.

If a SIG or subproject determines this is a relevant issue, they will accept it by applying the triage/accepted label and provide further guidance.

The triage/accepted label can be added by org members by writing /triage accepted in a comment.

Instructions for interacting with me using PR comments are available [here](https://git.k8s.io/community/contributors/guide/pull-requests.md). If you have questions or suggestions related to my behavior, please file an issue against the [kubernetes-sigs/prow](https://github.com/kubernetes-sigs/prow/issues/new?title=Prow%20issue:) repository.

[kannon92]

/sig testing /sig network

cc @aojea

[thockin]

This is not really a supported image for use beyond testing. We need to find a better answer for general use. We do have a k/k/test/images/... dire for it, but obviously Jessies is old.

[BenTheElder]

Wherever possible in the tests we've been moving to the single agnhost utility image, registry.k8s.io/e2e-test-images/agnhost, source at https://github.com/kubernetes/kubernetes/blob/master/test/images/agnhost/README.md

It is actively maintained and supports multi-arch + windows.

While developed for testing, it has already been used in a few of the docs now as a util image for debugging.

For the specific case of:

• https://kubernetes.io/docs/tasks/administer-cluster/dns-debugging-resolution/

I confirmed this works just as well with registry.k8s.io/e2e-test-images/agnhost:2.39 as a drop in replacement for the image in that pod.

As a meta point, we should consider if the docs can centrally pick a version so we can easily bump docs references to the latest available tag, since registry.k8s.io doesn't support mutable tags, but we avoid breaking changes in this image.

That is more of a question for https://github.com/kubernetes/website though

[BenTheElder]

I would suggest that we replace references to this image with agnhost, at least as a stopgap.

We should consider if we want to maintain and host an image specifically designed for debugging and what that would look like, but I suspect it winds up being essentially duplicate effort with agnhost anyhow (... though perhaps with a clearer, less "clever" name :-))

[thockin]

https://github.com/kubernetes/website/pull/47735

@aojea The reason we still have jessie for this is https://github.com/kubernetes/kubernetes/issues/10161 - do you think it's safe now to remove that? :)

[aojea]

@aojea The reason we still have jessie for this is #10161 - do you think it's safe now to remove that? :)

OMG, please remove this :)

/assign @thockin

[guessi]

@thockin thanks for update, it's my first time to hear agnhost.

Checked the PR and source code of agnhost, I think the sample commands should update as well? I can see nslookup is used for the guidance.

Besides, I can see the base image for agnhost is also EOL, should be addressed in another PR as well,

• https://github.com/kubernetes/kubernetes/blob/master/test/images/agnhost/BASEIMAGE

The base image for Windows is even older

• https://github.com/kubernetes/kubernetes/blob/master/test/images/agnhost/Dockerfile#L15-L16
• https://github.com/kubernetes/kubernetes/blob/master/test/images/agnhost/Dockerfile_windows#L19-L20