Add kubernetes-registry image

Change-Id: I1253d87055f54b154b44a3a661419230f2dda51e
Signed-off-by: Ruslan Aliev <raliev@mirantis.com>

Makefile

@@ -16,7 +16,7 @@ BUILD_DIR         := $(shell mktemp -d)
 DOCKER_REGISTRY   ?= quay.io
 HELM              := $(BUILD_DIR)/helm
 IMAGE_PREFIX      ?= airshipit
-IMAGE_NAME        ?= promenade
+IMAGE_NAME        ?= kubernetes-registry promenade
 IMAGE_TAG         ?= latest
 PROXY             ?= http://proxy.foo.com:8000
 NO_PROXY          ?= localhost,127.0.0.1,.svc.cluster.local
@@ -85,7 +85,22 @@ helm-lint-%: helm-install helm-init-%
 	$(HELM) dep up charts/$*
 	$(HELM) lint charts/$*
 
-images: check-docker build_promenade
+# Build all docker images for this project
+images: check-docker build_images
+
+build_images: build_kubernetes_registry build_promenade
+
+#Build all images in list
+build_kubernetes_registry:
+	@echo
+	@echo "===== Processing [kubernetes-registry] image ====="
+	./images/kubernetes-registry/setup.sh
+	@make build IMAGE=${DOCKER_REGISTRY}/${IMAGE_PREFIX}/kubernetes-registry:${IMAGE_TAG}-${DISTRO} IMAGE_NAME=kubernetes-registry
+
+build_promenade:
+	@echo
+	@echo "===== Processing [promenade] image ====="
+	@make build IMAGE=${DOCKER_REGISTRY}/${IMAGE_PREFIX}/promenade:${IMAGE_TAG}-${DISTRO} IMAGE_NAME=promenade
 
 check-docker:
 	@if [ -z $$(which docker) ]; then \
@@ -104,13 +119,13 @@ $(CHARTS): $(addprefix dry-run-,$(CHARTS)) chartbanner
 
 _BASE_IMAGE_ARG := $(if $(BASE_IMAGE),--build-arg FROM="${BASE_IMAGE}" ,)
 
-build_promenade:
+build:
 ifeq ($(USE_PROXY), true)
 	docker build --network host -t $(IMAGE) --label $(LABEL) \
 		--label "org.opencontainers.image.revision=$(COMMIT)" \
 		--label "org.opencontainers.image.created=$(shell date --rfc-3339=seconds --utc)" \
 		--label "org.opencontainers.image.title=$(IMAGE_NAME)" \
-	        -f images/promenade/Dockerfile.${DISTRO} \
+	        -f images/$(IMAGE_NAME)/Dockerfile.${DISTRO} \
                 $(_BASE_IMAGE_ARG) \
 		--build-arg http_proxy=$(PROXY) \
 		--build-arg https_proxy=$(PROXY) \
@@ -123,7 +138,7 @@ else
 		--label "org.opencontainers.image.revision=$(COMMIT)" \
 		--label "org.opencontainers.image.created=$(shell date --rfc-3339=seconds --utc)" \
 		--label "org.opencontainers.image.title=$(IMAGE_NAME)" \
-	        -f images/promenade/Dockerfile.${DISTRO} \
+	        -f images/$(IMAGE_NAME)/Dockerfile.${DISTRO} \
 		$(_BASE_IMAGE_ARG) .
 endif
 ifeq ($(PUSH_IMAGE), true)
@@ -136,6 +151,7 @@ helm-toolkit: helm-install
 
 clean:
 	rm -rf doc/build
+	rm -rf images/kubernetes-registry/assets/registry*
 	rm -f charts/*.tgz
 	rm -f charts/*/requirements.lock
 	rm -rf charts/*/charts
@@ -145,7 +161,7 @@ clean:
 helm-install:
 	tools/helm_install.sh $(HELM)
 
-.PHONY: $(CHARTS) all build_promenade charts check-docker clean docs \
-  dry-run dry-run-% external-deps gate-lint gate-lint-deps helm-init \
-  helm-init-% helm-install helm-lint helm-lint-% helm-toolkit images \
+.PHONY: $(CHARTS) all build_images build_promenade build_kubernetes_registry charts \
+  clean docs check-docker dry-run dry-run-% external-deps gate-lint gate-lint-deps \
+  helm-init helm-init-% helm-install helm-lint helm-lint-% helm-toolkit images \
   lint tests tests-pep8 tests-security tests-unit

examples/containerd/Docker.yaml

@@ -13,6 +13,6 @@ data:
       - registry:5000
     live-restore: true
     max-concurrent-downloads: 10
-    oom-score-adjust: -999
+#    oom-score-adjust: -999
     storage-driver: overlay2
 ...

images/kubernetes-registry/Dockerfile.ubuntu_jammy

@@ -0,0 +1,43 @@
+# Copyright 2025 AT&T Intellectual Property.  All other rights reserved.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+ARG FROM=quay.io/airshipit/ubuntu:jammy
+FROM ${FROM}
+
+LABEL org.opencontainers.image.authors='airship-discuss@lists.airshipit.org, irc://#airshipit@freenode' \
+      org.opencontainers.image.url='https://airshipit.org' \
+      org.opencontainers.image.documentation='https://airship-promenade.readthedocs.org' \
+      org.opencontainers.image.source='https://opendev.org/airship/promenade' \
+      org.opencontainers.image.vendor='The Airship Authors' \
+      org.opencontainers.image.licenses='Apache-2.0'
+
+RUN set -ex \
+    && apt update -qq \
+    && apt upgrade -y \
+    && apt-get install --no-install-recommends -y \
+        ca-certificates \
+    && apt-get autoremove -yqq --purge \
+    && apt-get clean \
+    && rm -rf /var/lib/apt/lists/*
+
+COPY images/kubernetes-registry/assets/config.yml /etc/distribution/config.yml
+COPY images/kubernetes-registry/assets/registry /bin/registry
+
+VOLUME ["/var/lib/registry"]
+COPY images/kubernetes-registry/assets/registry_dir/ /var/lib/registry/
+
+EXPOSE 5000
+
+ENTRYPOINT ["registry"]
+CMD ["serve", "/etc/distribution/config.yml"]

images/kubernetes-registry/assets/config.yml

@@ -0,0 +1,28 @@
+version: 0.1
+log:
+  level: debug
+  fields:
+    service: registry
+    environment: development
+storage:
+    delete:
+      enabled: true
+    cache:
+        blobdescriptor: inmemory
+    filesystem:
+        rootdirectory: /var/lib/registry
+    tag:
+      concurrencylimit: 5
+http:
+    addr: :5000
+    debug:
+        addr: :5001
+        prometheus:
+            enabled: true
+            path: /metrics
+health:
+  storagedriver:
+    enabled: true
+    interval: 10s
+    threshold: 3
+

images/kubernetes-registry/setup.sh

@@ -0,0 +1,107 @@
+#!/bin/bash
+# Copyright 2025 AT&T Intellectual Property.  All other rights reserved.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+set -euxo pipefail
+
+# Inbound variables
+KUBERNETES_VERSION=${KUBERNETES_VERSION:-"v1.33.3"}
+KUBERNETES_REGISTRY="registry.k8s.io"
+CONSTANTS_URL="https://raw.githubusercontent.com/kubernetes/kubernetes/refs/tags/${KUBERNETES_VERSION}/cmd/kubeadm/app/constants/constants.go"
+
+USE_PROXY=${USE_PROXY:-"false"}
+GITHUB_PROXY=${GITHUB_PROXY:-""}
+
+REGISTRY_IMAGE=${REGISTRY_IMAGE:-"registry:latest"}
+REGISTRY_PORT=${REGISTRY_PORT:-"$(shuf -i 5050-5099 -n 1)"}
+REGISTRY_VERSION=${REGISTRY_VERSION:-"3.0.0"}
+REGISTRY_DOWNLOAD_URL="https://github.com/distribution/distribution/releases/download/v${REGISTRY_VERSION}/registry_${REGISTRY_VERSION}_linux_amd64.tar.gz"
+DOCKER_REGISTRY_URL="localhost:$REGISTRY_PORT"
+REGISTRY_DIR="$(dirname "$0")/assets/registry_dir"
+REGISTRY_CID=""
+
+declare -a CONTROL_PLANE_IMAGES=(
+  "kube-apiserver"
+  "kube-controller-manager"
+  "kube-scheduler"
+  "kube-proxy"
+  "pause"
+  "etcd"
+  "coredns/coredns"
+)
+
+CLEANUP_REPO=false
+CLEANUP_IMAGES=""
+
+cleanup() {
+  if [ "$CLEANUP_REPO" = true ]; then
+    rm -rf "$REGISTRY_DIR"
+  fi
+  if [ -n "$REGISTRY_CID" ]; then
+    docker stop "$REGISTRY_CID" || true
+    docker rm "$REGISTRY_CID" || true
+  fi
+  for img in $CLEANUP_IMAGES; do
+    docker rmi -f "$img" || true
+  done
+}
+trap 'cleanup' EXIT
+
+ensure_docker() {
+  if which docker; then
+    return
+  fi
+  apt-get install -y docker.io
+}
+
+curl() {
+  if [[ $USE_PROXY == true ]]; then
+    $(which curl) -x "http://$GITHUB_PROXY" "$@"
+  else
+    $(which curl) "$@"
+  fi
+}
+
+ensure_docker
+mkdir -p "$REGISTRY_DIR"
+REGISTRY_CID=$(docker run -d -p "$REGISTRY_PORT":5000 -v "$REGISTRY_DIR:/var/lib/registry:rw" "$REGISTRY_IMAGE")
+
+PAUSE_VERSION=$(curl -k -sL "${CONSTANTS_URL}" | grep "PauseVersion =" | awk -F' = ' '{gsub(/"/, "", $2); print $2}')
+ETCD_VERSION=$(curl -k -sL "${CONSTANTS_URL}" | grep "DefaultEtcdVersion =" | awk -F'=' '{gsub(/"/, "", $2); gsub(/^[ \t]+/, "", $2);  print $2}')
+COREDNS_VERSION=$(curl -k -sL "${CONSTANTS_URL}" | grep "CoreDNSVersion =" | awk -F'=' '{gsub(/"/, "", $2); gsub(/^[ \t]+/, "", $2);  print $2}')
+
+for image in "${CONTROL_PLANE_IMAGES[@]}"; do
+    tag="$KUBERNETES_VERSION"
+    case "$image" in
+        pause)
+            tag="$PAUSE_VERSION"
+            ;;
+        etcd)
+            tag="$ETCD_VERSION"
+            ;;
+        coredns*)
+            tag="$COREDNS_VERSION"
+            ;;
+    esac
+
+    echo "... Processing $image, tag $tag ..."
+    docker pull "$KUBERNETES_REGISTRY/$image:$tag"
+    docker tag "$KUBERNETES_REGISTRY/$image:$tag" "$DOCKER_REGISTRY_URL/$image:$tag"
+    docker push "$DOCKER_REGISTRY_URL/$image:$tag"
+
+    CLEANUP_IMAGES+="$KUBERNETES_REGISTRY/$image:$tag $DOCKER_REGISTRY_URL/$image:$tag "
+    sleep 1
+done
+
+curl -sL "$REGISTRY_DOWNLOAD_URL" | tar -zC "$(dirname "$0")/assets" -x "registry"

tools/zuul/playbooks/docker-image-build.yaml

@@ -42,6 +42,13 @@
             executable: pip3
       become: True
 
+    - name: Install pyyaml
+      block:
+        - pip:
+            name: pyyaml
+            executable: pip3
+      become: True
+
     - name: Make images - verbosive
       when: not publish
       shell: |