nwcdlabs / container-mirror Goto Github PK

View Code? Open in Web Editor NEW

97.0 97.0 84.0 1.81 MB

容器镜像，存放在AWS宁夏区域的ECR中，EKS可直接使用

Shell 100.00%

container-mirror's People

Contributors

Stargazers

Watchers

Forkers

walkley huahuayufeng mmichael-s anniegaosuzhen liangruibupt pahud stevensu1977 guoxun19 superyhee nonelse1101 laolongju ixora netmesh-cn snowolf zxkane nowfox yuan00yuan amarkfox yuantianchi pcliangoz leeeboo offcode dailiupup eagleye1115 kennycsh xipan79 zxh326 comdaze neusovo jansony1 guliujian syzcch cyancow jerryjin2018 wangyu7988 xffss spaceooooo math-tsai duanshiqiang sishuiliunian kae-siew wchengyen jerry123je bbo268 daming66 fredricfoo ywyt738 nolanzgy zorrofox sesame437 shenleijs hegwout augusyin hlmiao jessie-pang eph6666 stzu zenorewn loneizhao yuhuishi-convect june3ningxu albertmingxu xchan hjue panlm successzy barbarum tyyzqmf tingxin hoshibara kk137 dawnelixir felixlx bruce-lu674 simonliumagnumwm jiqun9393 i321065 henry-zhang hpp222 lpwm yubingjiaocn magakireimu jowhee327

container-mirror's Issues

Add images to mirror

could you please add the following images to the mirror:

quay.io/digital_ecosystems/kubernetes-agent:1.3.0
quay.io/digital_ecosystems/mendix-operator:1.4.0
quay.io/digital_ecosystems/mx-m2ee-sidecar:1.3.0
quay.io/digital_ecosystems/mx-m2ee-metrics:1.1.0
quay.io/digital_ecosystems/image-builder:ingvar-rhel

非latest对应的tag没有被更新，指向了老版本的镜像，同上游repo不一致

例如 golang的1.14-alpine

docker pull 048912060910.dkr.ecr.cn-northwest-1.amazonaws.com.cn/dockerhub/golang:1.14-alpine
1.14-alpine: Pulling from dockerhub/golang
Digest: sha256:b0678825431fd5e27a211e0d7581d5f24cede6b4d25ac1411416fa8044fa6c51
Status: Downloaded newer image for 048912060910.dkr.ecr.cn-northwest-1.amazonaws.com.cn/dockerhub/golang:1.14-alpine
048912060910.dkr.ecr.cn-northwest-1.amazonaws.com.cn/dockerhub/golang:1.14-alpine

这个image的digest对应的其实是golang:1.14.2-alpine，

在版本1.14.2之后，golang又有发布1.14.3, 1.14.4，在docker hub，1.14-alpine已经被更新到指向到当前最新的版本1.14.4-alpine。

kustomize sample

需要提供一個kustomize範例，例如

apiVersion: apps/v1
kind: Deployment
metadata:
  name: my-nginx
spec:
  selector:
    matchLabels:
      run: my-nginx
  replicas: 2
  template:
    metadata:
      labels:
        run: my-nginx
    spec:
      containers:
      - name: my-nginx
        image: nginx:alpine
        ports:
        - containerPort: 80

如何透過kubectl kustomize生成指向新的image路徑的yaml

ingress-nginx related images broken

$ docker pull 048912060910.dkr.ecr.cn-northwest-1.amazonaws.com.cn/gcr/google_containers/ingress-nginx/controller:v1.2.1@sha256:5516d103a9c2ecc4f026efbd4b40662ce22dc1f824fb129ed121460aaa5c47f8
048912060910.dkr.ecr.cn-northwest-1.amazonaws.com.cn/gcr/google_containers/ingress-nginx/controller@sha256:5516d103a9c2ecc4f026efbd4b40662ce22dc1f824fb129ed121460aaa5c47f8: Pulling from gcr/google_containers/ingress-nginx/controller
455c02918c45: Pulling fs layer
def20be812d2: Pulling fs layer
ce5661884629: Pulling fs layer
678e424763a4: Waiting
7ead3e106685: Waiting
cd244451095b: Waiting
4f4fb700ef54: Waiting
f6ea01d28a17: Waiting
d3be42a364a9: Waiting
041e9420e258: Waiting
4bc068c20ea4: Waiting
b97555290c31: Waiting
8e7e86f147ef: Waiting
58079bced8cb: Waiting
6d2419008fa9: Waiting
error pulling image configuration: download failed after attempts=1: unknown blob

Kops集群需要的VM AMI镜像在AWS全球有，但在AWS **北京和宁夏都没有

kubernetes 1.16, 1.17, 1.18 使用kops更新的时候需要对应的AMI列表：

    - name: kope.io/k8s-1.16-debian-stretch-amd64-hvm-ebs-2020-07-20
      providerID: aws
      kubernetesVersion: ">=1.16.0 <1.17.0"
    - name: kope.io/k8s-1.17-debian-stretch-amd64-hvm-ebs-2020-07-20
      providerID: aws
      kubernetesVersion: ">=1.17.0 <1.18.0"
    - name: 099720109477/ubuntu/images/hvm-ssd/ubuntu-focal-20.04-amd64-server-20200907
      providerID: aws
      kubernetesVersion: ">=1.18.0"

相关链接：
https://github.com/kubernetes/kops/blob/master/channels/stable#L47-L49
镜像AMI在aws 全球个region的id：
https://wiki.debian.org/Cloud/AmazonEC2Image/Stretch

Add fluent/fluentd-kubernetes-daemonset:v1.1-debian-elasticsearch

We have a fluentd deamonset as log scraper to push our log entries into an ElasticSearch cluster.
For this purpose we use the following specialized/pre-configured docker image:
fluent/fluentd-kubernetes-daemonset:v1.1-debian-elasticsearch

Let us add this docker image to the mirrored images.

mirror gcr.io/google-containers ?

gcr.io google-containers裡面有481個public container images，每個image有各自不同數量的tags，如果可以全部mirror回來應該可以節省很多後面遇到的問題。

我想先開一個issue，大家可以討論看看是否有這個需求，使用場景是什麼，歡迎comments

https://console.cloud.google.com/gcr/images/google-containers/GLOBAL

simplify the deployment of Amazon EKS with customized mutation webhook

Background

我們需要最大程度簡化onboarding這套solution的體驗，用戶需求場景可能有：

無既有的EKS集群，希望起集群的時候自帶mutation webhook集成並且盡可能減少手動配置
已經有一個既有的EKS集群可能是console/eksctl/terraform/CDK等工具provision起來的，但不具有mutation webhook能力，需要單獨起一個mutation webhook跟這個集群對接

Solutions to Explore

One-Click SAR button

這部分 @walkley 的上游repo已經有了，我們需要在這個repo裡面寫一個簡單的中文walkthrough 指導怎麼操作，但這只能解決已有EKS集群的需求（上面第二點）

AWS CDK deployment

分成兩個場景:

CDK一次起EKS+mutation webhook
CDK指定既有的EKS cluster，單獨起mutation webhook

CDK的實作這部分參考 #26

镜像地址

请问新拉取的镜像，下面的地址正确吗？
048912060910.dkr.ecr.cn-northwest-1.amazonaws.com.cn/gcr/arrikto/jupyter-kale:v0.5.0-47-g2427cc9
048912060910.dkr.ecr.cn-northwest-1.amazonaws.com.cn/gcr/arrikto/rok-tools:l0-release-v1.0-rc6

No cvallance/mongo-k8s-sidecar mirror

hope to add cvallance/mongo-k8s-sidecar mirror

Warning Failed 13m (x6 over 14m) kubelet, ip-10-20-193-142.cn-northwest-1.compute.internal Error: ImagePullBackOff
Normal Pulling 13m (x4 over 14m) kubelet, ip-10-20-193-142.cn-northwest-1.compute.internal Pulling image "048912060910.dkr.ecr.cn-northwest-1.amazonaws.com.cn/dockerhub/cvallance/mongo-k8s-sidecar"

麻烦支持 v1.19.0

Image: k8s.gcr.io/autoscaling/cluster-autoscaler:v1.19.0

pull image error - docker login required

When I try to pull the image follow the example from EC2 in ZHY, it fails.
image: k8s.gcr.io/coredns:1.3.1

error message as blow.
6m9s Warning Failed pod/test-dcf996db6-5f855 Failed to pull image "048912060910.dkr.ecr.cn-northwest-1.amazonaws.com.cn/google-containers/coredns:1.3.1": rpc error: code = Unknown desc = Error response from daemon: pull access denied for 048912060910.dkr.ecr.cn-northwest-1.amazonaws.com.cn/google-containers/coredns, repository does not exist or may require 'docker login'

Deploy mutation webhook+API Gateway with CDK

需求背景

更方便地部署mutation webhook with AWS CDK，參考 #31

CDK to deploy mutation webhook integration with a new Amazon EKS cluster
CDK to deploy mutation webhook integration with any existing Amazon EKS cluster

Please add quay.io/bitnami/sealed-secrets-controller in mirrored container

we have to use sealed secrets in our project in TSP Cloud at AWS China.
This is the link to the Helm Chart for further information, just in case:
https://github.com/helm/charts/tree/master/stable/sealed-secrets

The image is not mirrored yet and the Pod failed in ImagePullBackOff state:

 Warning  Failed     16m (x4 over 17m)     kubelet, ip-<SUPPRESSED>.cn-north-1.compute.internal  Failed to pull image "048912060910.dkr.ecr.cn-northwest-1.amazonaws.com.cn/quay/bitnami/sealed-secrets-controller:v0.12.4": rpc error: code = Unknown desc = Error response from daemon: manifest for 048912060910.dkr.ecr.cn-northwest-1.amazonaws.com.cn/quay/bitnami/sealed-secrets-controller:v0.12.4 not found: manifest unknown: Requested image not found

Thank you in advance for a quick action

缺少ebs driver v1.4.0镜像，无法完成安装

缺少csi-resizer:v1.1.0和aws-ebs-csi-driver:v1.4.0
由于要测试eks升级，必须这个版本的ebs driver。麻烦将csi-resizer:v1.1.0和aws-ebs-csi-driver:v1.4.0同步到048912060910.dkr.ecr.cn-northwest-1.amazonaws.com.cn