Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Changes Kubelet container image publishing #749

Merged
merged 1 commit into from
May 31, 2020
Merged

Changes Kubelet container image publishing #749

merged 1 commit into from
May 31, 2020

Conversation

dghubble
Copy link
Member

@dghubble dghubble commented May 28, 2020
edited
Loading

  • Build Kubelet container images internally and publish to Quay and Dockerhub (new) as an alternative in case of registry outage or breach
  • Use our infra to build single and multi-arch (default) Kublet images for possible future use
  • Docs: Show how to use alternative Kubelet images via snippets and a systemd dropin (builds on Set Kubelet image via kubelet.service KUBELET_IMAGE #737)

Changes:

  • Update docs with changes to Kubelet image building
  • If you prefer to trust images built by Quay/Dockerhub, automated image builds are still available with unique tags (albeit with some limitations):
    • Quay automated builds are tagged build-{short_sha} (limit: only amd64)
    • Dockerhub automated builts are tagged build-{tag} and build-master (limit: only amd64, no shas)

Links:

Related: #735

@dghubble dghubble force-pushed the kubelet-image-changes branch from b744750 to aabe955 Compare May 31, 2020 06:22
@dghubble dghubble changed the title Add docs on changes to Kubelet container images Document changes to Kubelet container images May 31, 2020
@dghubble dghubble force-pushed the kubelet-image-changes branch from aabe955 to 4861270 Compare May 31, 2020 06:28
@dghubble dghubble mentioned this pull request May 31, 2020
Closed
2 tasks
@dghubble
Change Kubelet container image publishing
20bfd69 
* Build Kubelet container images internally and publish
to Quay and Dockerhub (new) as an alternative in case of
registry outage or breach
* Use our infra to provide single and multi-arch (default)
Kublet images for possible future use
* Docs: Show how to use alternative Kubelet images via
snippets and a systemd dropin (builds on #737)

Changes:

* Update docs with changes to Kubelet image building
* If you prefer to trust images built by Quay/Dockerhub,
automated image builds are still available with unique
tags (albeit with some limitations):
  * Quay automated builds are tagged `build-{short_sha}`
  (limit: only amd64)
  * Dockerhub automated builts are tagged `build-{tag}`
  and `build-master` (limit: only amd64, no shas)

Links:

* Kubelet: https://github.com/poseidon/kubelet
* Docs: https://typhoon.psdn.io/topics/security/#container-images
* Registries:
  * quay.io/poseidon/kubelet
  * docker.io/psdn/kubelet
@dghubble dghubble force-pushed the kubelet-image-changes branch from 4861270 to 20bfd69 Compare May 31, 2020 06:35
@dghubble dghubble changed the title Document changes to Kubelet container images Changes Kubelet container image publishing May 31, 2020
@dghubble dghubble merged commit 20bfd69 into master May 31, 2020
@dghubble dghubble deleted the kubelet-image-changes branch June 5, 2020 08:05
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@dghubble