-
Notifications
You must be signed in to change notification settings - Fork 511
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
During kubelet prestart, skip pause image pull if image exist #2587
During kubelet prestart, skip pause image pull if image exist #2587
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks good! Thanks for the great detail on testing in the PR description.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
nice
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
👏🏼 👏🏼 👏🏼
@@ -148,9 +155,15 @@ func App() *cli.App { | |||
Usage: "path to image registry configuration", | |||
Destination: ®istryConfig, | |||
}, | |||
&cli.BoolFlag{ | |||
Name: "skip-if-image-exist", |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
nit: maybe "skip-if-image-exists"
@@ -495,16 +508,15 @@ func pullImageOnly(containerdSocket string, namespace string, source string, reg | |||
|
|||
// Parse the source ref if it looks like an ECR ref. | |||
isECRImage := ecrRegex.MatchString(source) | |||
ref := source |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Why make this change?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This change makes sense to me: ref
is a copy of the source
string which is redundant. Instead, the change to just use source
seems more simple without introducing an additional variable.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yeah, this is a vestige of some preprocessing I did with the ECR image source to convert it to a ECR resolver compatible image reference. Now it's redundant to make a copy of the variable.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Lemme capture this in a separate commit, the comment there is also inaccurate now
// fetchImage returns a `containerd.Image` given an image source. | ||
func fetchImage(ctx context.Context, source string, client *containerd.Client, registryConfigPath string, fetchCachedImageIfExist bool) (containerd.Image, error) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
nit: it might be better to reuse the useCachedImage
parameter name everywhere.
it could be a bit confusing to see that skipIfExist = true
(implying that any action would be skipped) and then see "Image exists, fetching cached image from image store" get logged (implying that something was fetched).
46c12d4
to
069280a
Compare
Pushes above addresses @bcressey 's comments:
Repeated testing and the results are the same as described in the PR description. |
Woops, i mixed up one of the commits. fixing |
This adds a new flag to both `run` and `pull-image` subcommands to skip image pull and the associated registry authentications if a local cached copy of the image exists.
This makes it so that if the pause container image already exists in containerd's image store, host-ctr won't try to authenticate and pull the pause image and let kubelet use the cached image copy.
This removes a redundant copy of the image source and rewords the comment above matching the image against the ECR image source regex.
069280a
to
4ca408f
Compare
Push above has no changes, just moves changes to their appropriate commits. |
Issue number:
Resolves #2567
Description of changes:
Testing done:
Testing locally:
Pull image when it doesn't exist locally
After, pulling the same image with
--skip-if-image-exist=true
Testing on aws-k8s-1.22 built from this branch:
Launched with
settings.kubernetes.standalone-mode=true
, kubelet is running fine initally:Then I removed network egress from the instance's security group. Restarted kubelet and it comes up fine:
Then I manually tried pulling the pause container image and it skips the image pull as expected.
Testing
host-ctr run --use-cached-image
and it works as expected. If the image is already there, start the host-container task without pulling the image again:Terms of contribution:
By submitting this pull request, I agree that this contribution is dual-licensed under the terms of both the Apache License, version 2.0, and the MIT license.