From 29feb03907a07cd5c5c6f92e5a770ee3fcc0e9d0 Mon Sep 17 00:00:00 2001 From: Benjamin Schimke Date: Thu, 21 Nov 2024 08:45:06 +0100 Subject: [PATCH] Remove obsolete sync-images scripts (#818) We now use the our own Rocks everywhere, so syncing is not required anymore. --- .github/workflows/sync-images.yaml | 26 --------------------- build-scripts/hack/sync-images.sh | 11 --------- build-scripts/hack/sync-images.yaml | 31 -------------------------- docs/src/snap/howto/install/offline.md | 29 ++++++++++++++---------- 4 files changed, 17 insertions(+), 80 deletions(-) delete mode 100644 .github/workflows/sync-images.yaml delete mode 100755 build-scripts/hack/sync-images.sh delete mode 100644 build-scripts/hack/sync-images.yaml diff --git a/.github/workflows/sync-images.yaml b/.github/workflows/sync-images.yaml deleted file mode 100644 index 2b3247844..000000000 --- a/.github/workflows/sync-images.yaml +++ /dev/null @@ -1,26 +0,0 @@ -name: Sync upstream images to ghcr.io - -on: - workflow_dispatch: - -permissions: - contents: read - -jobs: - publish: - runs-on: ubuntu-latest - steps: - - name: Checkout repository - uses: actions/checkout@v4 - - - name: Install Go - uses: actions/setup-go@v5 - with: - go-version: "1.22" - - - name: Sync images - env: - USERNAME: ${{ github.actor }} - PASSWORD: ${{ secrets.GITHUB_TOKEN }} - run: | - ./build-scripts/hack/sync-images.sh diff --git a/build-scripts/hack/sync-images.sh b/build-scripts/hack/sync-images.sh deleted file mode 100755 index 5ff80f959..000000000 --- a/build-scripts/hack/sync-images.sh +++ /dev/null @@ -1,11 +0,0 @@ -#!/bin/bash - -# Description: -# Sync images from upstream repositories under ghcr.io/canonical. -# -# Usage: -# $ USERNAME="$username" PASSWORD="$password" ./sync-images.sh - -DIR="$(realpath "$(dirname "${0}")")" - -"${DIR}/../../src/k8s/tools/regsync.sh" once -c "${DIR}/upstream-images.yaml" diff --git a/build-scripts/hack/sync-images.yaml b/build-scripts/hack/sync-images.yaml deleted file mode 100644 index d3a5245f8..000000000 --- a/build-scripts/hack/sync-images.yaml +++ /dev/null @@ -1,31 +0,0 @@ -sync: - - source: ghcr.io/canonical/k8s-snap/pause:3.10 - target: '{{ env "MIRROR" }}/canonical/k8s-snap/pause:3.10' - type: image - - source: ghcr.io/canonical/cilium-operator-generic:1.16.3-ck0 - target: '{{ env "MIRROR" }}/canonical/cilium-operator-generic:1.16.3-ck0' - type: image - - source: ghcr.io/canonical/cilium:1.16.3-ck0 - target: '{{ env "MIRROR" }}/canonical/cilium:1.16.3-ck0' - type: image - - source: ghcr.io/canonical/coredns:1.11.3 - target: '{{ env "MIRROR" }}/canonical/coredns:1.11.3-ck0' - type: image - - source: ghcr.io/canonical/k8s-snap/sig-storage/csi-node-driver-registrar:v2.10.1 - target: '{{ env "MIRROR" }}/canonical/k8s-snap/sig-storage/csi-node-driver-registrar:v2.10.1' - type: image - - source: ghcr.io/canonical/k8s-snap/sig-storage/csi-provisioner:v5.0.1 - target: '{{ env "MIRROR" }}/canonical/k8s-snap/sig-storage/csi-provisioner:v5.0.1' - type: image - - source: ghcr.io/canonical/k8s-snap/sig-storage/csi-resizer:v1.11.1 - target: '{{ env "MIRROR" }}/canonical/k8s-snap/sig-storage/csi-resizer:v1.11.1' - type: image - - source: ghcr.io/canonical/k8s-snap/sig-storage/csi-snapshotter:v8.0.1 - target: '{{ env "MIRROR" }}/canonical/k8s-snap/sig-storage/csi-snapshotter:v8.0.1' - type: image - - source: ghcr.io/canonical/metrics-server:0.7.0-ck2 - target: '{{ env "MIRROR" }}/canonical/metrics-server:0.7.0-ck2' - type: image - - source: ghcr.io/canonical/rawfile-localpv:0.8.0-ck4 - target: '{{ env "MIRROR" }}/canonical/rawfile-localpv:0.8.0-ck4' - type: image diff --git a/docs/src/snap/howto/install/offline.md b/docs/src/snap/howto/install/offline.md index e522efa50..28776effc 100644 --- a/docs/src/snap/howto/install/offline.md +++ b/docs/src/snap/howto/install/offline.md @@ -61,13 +61,13 @@ add a dummy default route on the `eth0` interface using the following command: ip route add default dev eth0 ``` -```{note} +```{note} Ensure that `eth0` is the name of the default network interface used for pod-to-pod communication. ``` -The dummy gateway will only be used by the Kubernetes services to -know which interface to use, actual connectivity to the internet is not +The dummy gateway will only be used by the Kubernetes services to +know which interface to use, actual connectivity to the internet is not required. Ensure that the dummy gateway rule survives a node reboot. #### Ensure proxy access @@ -94,7 +94,7 @@ For {{product}}, it is also necessary to fetch the images used by its features (network, DNS, etc.) as well as any images that are needed to run specific workloads. -```{note} +```{note} The image options are presented in the order of increasing complexity of implementation. It may be helpful to combine these options for different scenarios. @@ -167,12 +167,18 @@ any upstream registries (e.g. `docker.io`) and the private mirror. ##### Load images with regsync We recommend using [regsync][regsync] to copy images from the upstream registry -to your private registry. Refer to the [sync-images.yaml][sync-images-yaml] -file that contains the configuration for syncing images from the upstream -registry to the private registry. Using the output from `k8s list-images` -update the images in the [sync-images.yaml][sync-images-yaml] file if -necessary. Update the file with the appropriate mirror, and specify a mirror -for ghcr.io that points to the registry. +to your private registry. +For that, create a `sync-images.yaml` file that maps the output from +`k8s list-images` to the private registry mirror and specify a mirror for +ghcr.io that points to the registry. + +``` +sync: + - source: ghcr.io/canonical/k8s-snap/pause:3.10 + target: '{{ env "MIRROR" }}/canonical/k8s-snap/pause:3.10' + type: image + ... +``` After creating the `sync-images.yaml` file, use [regsync][regsync] to sync the images. Assuming your registry mirror is at http://10.10.10.10:5050, run: @@ -264,7 +270,7 @@ capabilities = ["pull", "resolve"] HTTPS requires the additionally specification of the registry CA certificate. Copy the certificate to `/var/snap/k8s/common/etc/containerd/hosts.d/ghcr.io/ca.crt`. -Then add the configuration in +Then add the configuration in `/var/snap/k8s/common/etc/containerd/hosts.d/ghcr.io/hosts.toml`: ``` @@ -300,7 +306,6 @@ After a while, confirm that all the cluster nodes show up in the output of the [Core20]: https://canonical.com/blog/ubuntu-core-20-secures-linux-for-iot [proxy]: ../networking/proxy.md -[sync-images-yaml]: https://github.com/canonical/k8s-snap/blob/main/build-scripts/hack/sync-images.yaml [regsync]: https://github.com/regclient/regclient/blob/main/docs/regsync.md [regctl]: https://github.com/regclient/regclient/blob/main/docs/regctl.md [regctl.sh]: https://github.com/canonical/k8s-snap/blob/main/src/k8s/tools/regctl.sh