From 222809747375d6a492a75df9a6fe14625d5b5b94 Mon Sep 17 00:00:00 2001 From: Ruslan Aliev Date: Mon, 30 Jun 2025 12:59:52 -0500 Subject: [PATCH] Add kubernetes-registry image Change-Id: I1253d87055f54b154b44a3a661419230f2dda51e Signed-off-by: Ruslan Aliev --- Makefile | 32 ++++-- examples/containerd/Docker.yaml | 2 +- .../Dockerfile.ubuntu_jammy | 43 +++++++ images/kubernetes-registry/assets/config.yml | 28 +++++ images/kubernetes-registry/setup.sh | 107 ++++++++++++++++++ tools/zuul/playbooks/docker-image-build.yaml | 7 ++ 6 files changed, 210 insertions(+), 9 deletions(-) create mode 100644 images/kubernetes-registry/Dockerfile.ubuntu_jammy create mode 100644 images/kubernetes-registry/assets/config.yml create mode 100755 images/kubernetes-registry/setup.sh diff --git a/Makefile b/Makefile index f78789ee..ac588f74 100644 --- a/Makefile +++ b/Makefile @@ -16,7 +16,7 @@ BUILD_DIR := $(shell mktemp -d) DOCKER_REGISTRY ?= quay.io HELM := $(BUILD_DIR)/helm IMAGE_PREFIX ?= airshipit -IMAGE_NAME ?= promenade +IMAGE_NAME ?= kubernetes-registry promenade IMAGE_TAG ?= latest PROXY ?= http://proxy.foo.com:8000 NO_PROXY ?= localhost,127.0.0.1,.svc.cluster.local @@ -85,7 +85,22 @@ helm-lint-%: helm-install helm-init-% $(HELM) dep up charts/$* $(HELM) lint charts/$* -images: check-docker build_promenade +# Build all docker images for this project +images: check-docker build_images + +build_images: build_kubernetes_registry build_promenade + +#Build all images in list +build_kubernetes_registry: + @echo + @echo "===== Processing [kubernetes-registry] image =====" + ./images/kubernetes-registry/setup.sh + @make build IMAGE=${DOCKER_REGISTRY}/${IMAGE_PREFIX}/kubernetes-registry:${IMAGE_TAG}-${DISTRO} IMAGE_NAME=kubernetes-registry + +build_promenade: + @echo + @echo "===== Processing [promenade] image =====" + @make build IMAGE=${DOCKER_REGISTRY}/${IMAGE_PREFIX}/promenade:${IMAGE_TAG}-${DISTRO} IMAGE_NAME=promenade check-docker: @if [ -z $$(which docker) ]; then \ @@ -104,13 +119,13 @@ $(CHARTS): $(addprefix dry-run-,$(CHARTS)) chartbanner _BASE_IMAGE_ARG := $(if $(BASE_IMAGE),--build-arg FROM="${BASE_IMAGE}" ,) -build_promenade: +build: ifeq ($(USE_PROXY), true) docker build --network host -t $(IMAGE) --label $(LABEL) \ --label "org.opencontainers.image.revision=$(COMMIT)" \ --label "org.opencontainers.image.created=$(shell date --rfc-3339=seconds --utc)" \ --label "org.opencontainers.image.title=$(IMAGE_NAME)" \ - -f images/promenade/Dockerfile.${DISTRO} \ + -f images/$(IMAGE_NAME)/Dockerfile.${DISTRO} \ $(_BASE_IMAGE_ARG) \ --build-arg http_proxy=$(PROXY) \ --build-arg https_proxy=$(PROXY) \ @@ -123,7 +138,7 @@ else --label "org.opencontainers.image.revision=$(COMMIT)" \ --label "org.opencontainers.image.created=$(shell date --rfc-3339=seconds --utc)" \ --label "org.opencontainers.image.title=$(IMAGE_NAME)" \ - -f images/promenade/Dockerfile.${DISTRO} \ + -f images/$(IMAGE_NAME)/Dockerfile.${DISTRO} \ $(_BASE_IMAGE_ARG) . endif ifeq ($(PUSH_IMAGE), true) @@ -136,6 +151,7 @@ helm-toolkit: helm-install clean: rm -rf doc/build + rm -rf images/kubernetes-registry/assets/registry* rm -f charts/*.tgz rm -f charts/*/requirements.lock rm -rf charts/*/charts @@ -145,7 +161,7 @@ clean: helm-install: tools/helm_install.sh $(HELM) -.PHONY: $(CHARTS) all build_promenade charts check-docker clean docs \ - dry-run dry-run-% external-deps gate-lint gate-lint-deps helm-init \ - helm-init-% helm-install helm-lint helm-lint-% helm-toolkit images \ +.PHONY: $(CHARTS) all build_images build_promenade build_kubernetes_registry charts \ + clean docs check-docker dry-run dry-run-% external-deps gate-lint gate-lint-deps \ + helm-init helm-init-% helm-install helm-lint helm-lint-% helm-toolkit images \ lint tests tests-pep8 tests-security tests-unit diff --git a/examples/containerd/Docker.yaml b/examples/containerd/Docker.yaml index 9463e9f9..e05e870f 100644 --- a/examples/containerd/Docker.yaml +++ b/examples/containerd/Docker.yaml @@ -13,6 +13,6 @@ data: - registry:5000 live-restore: true max-concurrent-downloads: 10 - oom-score-adjust: -999 +# oom-score-adjust: -999 storage-driver: overlay2 ... diff --git a/images/kubernetes-registry/Dockerfile.ubuntu_jammy b/images/kubernetes-registry/Dockerfile.ubuntu_jammy new file mode 100644 index 00000000..ccf1cfbe --- /dev/null +++ b/images/kubernetes-registry/Dockerfile.ubuntu_jammy @@ -0,0 +1,43 @@ +# Copyright 2025 AT&T Intellectual Property. All other rights reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +ARG FROM=quay.io/airshipit/ubuntu:jammy +FROM ${FROM} + +LABEL org.opencontainers.image.authors='airship-discuss@lists.airshipit.org, irc://#airshipit@freenode' \ + org.opencontainers.image.url='https://airshipit.org' \ + org.opencontainers.image.documentation='https://airship-promenade.readthedocs.org' \ + org.opencontainers.image.source='https://opendev.org/airship/promenade' \ + org.opencontainers.image.vendor='The Airship Authors' \ + org.opencontainers.image.licenses='Apache-2.0' + +RUN set -ex \ + && apt update -qq \ + && apt upgrade -y \ + && apt-get install --no-install-recommends -y \ + ca-certificates \ + && apt-get autoremove -yqq --purge \ + && apt-get clean \ + && rm -rf /var/lib/apt/lists/* + +COPY images/kubernetes-registry/assets/config.yml /etc/distribution/config.yml +COPY images/kubernetes-registry/assets/registry /bin/registry + +VOLUME ["/var/lib/registry"] +COPY images/kubernetes-registry/assets/registry_dir/ /var/lib/registry/ + +EXPOSE 5000 + +ENTRYPOINT ["registry"] +CMD ["serve", "/etc/distribution/config.yml"] diff --git a/images/kubernetes-registry/assets/config.yml b/images/kubernetes-registry/assets/config.yml new file mode 100644 index 00000000..deaca955 --- /dev/null +++ b/images/kubernetes-registry/assets/config.yml @@ -0,0 +1,28 @@ +version: 0.1 +log: + level: debug + fields: + service: registry + environment: development +storage: + delete: + enabled: true + cache: + blobdescriptor: inmemory + filesystem: + rootdirectory: /var/lib/registry + tag: + concurrencylimit: 5 +http: + addr: :5000 + debug: + addr: :5001 + prometheus: + enabled: true + path: /metrics +health: + storagedriver: + enabled: true + interval: 10s + threshold: 3 + diff --git a/images/kubernetes-registry/setup.sh b/images/kubernetes-registry/setup.sh new file mode 100755 index 00000000..cce98b26 --- /dev/null +++ b/images/kubernetes-registry/setup.sh @@ -0,0 +1,107 @@ +#!/bin/bash +# Copyright 2025 AT&T Intellectual Property. All other rights reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +set -euxo pipefail + +# Inbound variables +KUBERNETES_VERSION=${KUBERNETES_VERSION:-"v1.33.3"} +KUBERNETES_REGISTRY="registry.k8s.io" +CONSTANTS_URL="https://raw.githubusercontent.com/kubernetes/kubernetes/refs/tags/${KUBERNETES_VERSION}/cmd/kubeadm/app/constants/constants.go" + +USE_PROXY=${USE_PROXY:-"false"} +GITHUB_PROXY=${GITHUB_PROXY:-""} + +REGISTRY_IMAGE=${REGISTRY_IMAGE:-"registry:latest"} +REGISTRY_PORT=${REGISTRY_PORT:-"$(shuf -i 5050-5099 -n 1)"} +REGISTRY_VERSION=${REGISTRY_VERSION:-"3.0.0"} +REGISTRY_DOWNLOAD_URL="https://github.com/distribution/distribution/releases/download/v${REGISTRY_VERSION}/registry_${REGISTRY_VERSION}_linux_amd64.tar.gz" +DOCKER_REGISTRY_URL="localhost:$REGISTRY_PORT" +REGISTRY_DIR="$(dirname "$0")/assets/registry_dir" +REGISTRY_CID="" + +declare -a CONTROL_PLANE_IMAGES=( + "kube-apiserver" + "kube-controller-manager" + "kube-scheduler" + "kube-proxy" + "pause" + "etcd" + "coredns/coredns" +) + +CLEANUP_REPO=false +CLEANUP_IMAGES="" + +cleanup() { + if [ "$CLEANUP_REPO" = true ]; then + rm -rf "$REGISTRY_DIR" + fi + if [ -n "$REGISTRY_CID" ]; then + docker stop "$REGISTRY_CID" || true + docker rm "$REGISTRY_CID" || true + fi + for img in $CLEANUP_IMAGES; do + docker rmi -f "$img" || true + done +} +trap 'cleanup' EXIT + +ensure_docker() { + if which docker; then + return + fi + apt-get install -y docker.io +} + +curl() { + if [[ $USE_PROXY == true ]]; then + $(which curl) -x "http://$GITHUB_PROXY" "$@" + else + $(which curl) "$@" + fi +} + +ensure_docker +mkdir -p "$REGISTRY_DIR" +REGISTRY_CID=$(docker run -d -p "$REGISTRY_PORT":5000 -v "$REGISTRY_DIR:/var/lib/registry:rw" "$REGISTRY_IMAGE") + +PAUSE_VERSION=$(curl -k -sL "${CONSTANTS_URL}" | grep "PauseVersion =" | awk -F' = ' '{gsub(/"/, "", $2); print $2}') +ETCD_VERSION=$(curl -k -sL "${CONSTANTS_URL}" | grep "DefaultEtcdVersion =" | awk -F'=' '{gsub(/"/, "", $2); gsub(/^[ \t]+/, "", $2); print $2}') +COREDNS_VERSION=$(curl -k -sL "${CONSTANTS_URL}" | grep "CoreDNSVersion =" | awk -F'=' '{gsub(/"/, "", $2); gsub(/^[ \t]+/, "", $2); print $2}') + +for image in "${CONTROL_PLANE_IMAGES[@]}"; do + tag="$KUBERNETES_VERSION" + case "$image" in + pause) + tag="$PAUSE_VERSION" + ;; + etcd) + tag="$ETCD_VERSION" + ;; + coredns*) + tag="$COREDNS_VERSION" + ;; + esac + + echo "... Processing $image, tag $tag ..." + docker pull "$KUBERNETES_REGISTRY/$image:$tag" + docker tag "$KUBERNETES_REGISTRY/$image:$tag" "$DOCKER_REGISTRY_URL/$image:$tag" + docker push "$DOCKER_REGISTRY_URL/$image:$tag" + + CLEANUP_IMAGES+="$KUBERNETES_REGISTRY/$image:$tag $DOCKER_REGISTRY_URL/$image:$tag " + sleep 1 +done + +curl -sL "$REGISTRY_DOWNLOAD_URL" | tar -zC "$(dirname "$0")/assets" -x "registry" diff --git a/tools/zuul/playbooks/docker-image-build.yaml b/tools/zuul/playbooks/docker-image-build.yaml index 61d7c411..2bdf1252 100644 --- a/tools/zuul/playbooks/docker-image-build.yaml +++ b/tools/zuul/playbooks/docker-image-build.yaml @@ -42,6 +42,13 @@ executable: pip3 become: True + - name: Install pyyaml + block: + - pip: + name: pyyaml + executable: pip3 + become: True + - name: Make images - verbosive when: not publish shell: |