Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[WINDOWS] updated busybox image & registry image #3636

Draft
wants to merge 1 commit into
base: main
Choose a base branch
from
Draft

[WINDOWS] updated busybox image & registry image #3636

wants to merge 1 commit into from

Conversation

apostasie
Copy link
Contributor

No description provided.

@apostasie apostasie force-pushed the series-15 branch 10 times, most recently from 739e2c4 to 75ae59c Compare November 2, 2024 20:15
@apostasie apostasie changed the title [Experimental] windows registry image [Experimental] windows registry image and custom busybox Nov 2, 2024
@apostasie apostasie force-pushed the series-15 branch 4 times, most recently from ccae35d to a0d8655 Compare November 2, 2024 20:41
@apostasie apostasie mentioned this pull request Nov 2, 2024
Merged
@apostasie apostasie force-pushed the series-15 branch 14 times, most recently from d8e0b91 to d0b00af Compare November 3, 2024 17:30
@apostasie apostasie force-pushed the series-15 branch 2 times, most recently from 02830b1 to c43a038 Compare November 3, 2024 18:07
@apostasie apostasie changed the title [Experimental] windows registry image and custom busybox [WINDOWS] updated busybox image & registry image Nov 3, 2024
@apostasie
Copy link
Contributor Author

apostasie commented Dec 3, 2024
edited
Loading

@AkihiroSuda @djdongjin @fahedouch et al: would like team opinion on this.

Problems:

  1. we currently do not have a registry image for windows, so, we cannot test anything related to login, push or pull on that platform
  2. the busybox image for windows we are currently using is ancient (we fetch it from an old kube e2e repo, with no idea how they produced it). Specifically, it predates busybox supporting sleep Infinity (discussed earlier somewhere else)

This PR is doing two things:

  1. build a Windows Registry image, so that we can unlock (some) image ops testing on windows
  2. build a recent busybox image for windows that we do understand, control and can update

PR #3579 (WIP) uses both of these test images as a sanity check.

Before I put more work in this, I would like to know:

a. is this a direction we want to pursue?
b. should we have this stuff here, and push the images when the CI runs on main, from inside ghcr-image-build-and-publish.yml?

Thanks.

@apostasie
Copy link
Contributor Author

TODO/missing:

  • need curl inside the busybox image

@apostasie apostasie force-pushed the series-15 branch 2 times, most recently from a7812f6 to e4025f8 Compare December 3, 2024 01:41
@AkihiroSuda
Copy link
Member

a. is this a direction we want to pursue?

👍

b. should we have this stuff here, and push the images when the CI runs on main, from inside ghcr-image-build-and-publish.yml?

👍

But this CI job does not need to run for every main commit.
Probably workflow_dispatch is enough?

@apostasie
Copy link
Contributor Author

Thanks for the feedback.

But this CI job does not need to run for every main commit. Probably workflow_dispatch is enough?

For sure.

Let me get this in shape and will ping again when it is ready for review.

@apostasie apostasie force-pushed the series-15 branch 7 times, most recently from 0e382d7 to cfc7036 Compare December 5, 2024 02:26
@apostasie
Copy link
Contributor Author

apostasie commented Dec 5, 2024
edited
Loading

Windows nerds, questions for you (tagging the usual suspects @sondavidb and @jsturtevant ) (is @yankay a windows nerd?)

  1. It seems that mcr.microsoft.com/windows/nanoserver:ltsc2022 by default runs as ContainerUser, and not ContainerAdministrator.

Either this is a change compared to previous versions of nanoserver, or the windows busybox image we had previously was forcing USER ContainerAdministrator.

Currently, I am going for compatibility, meaning I am forcing admin in https://github.com/containerd/nerdctl/pull/3636/files#diff-0a09737c4052666fccb706d792f24be6f876a77dcf12eeb7b9ccaacc249a5bf1R138

Is this the right approach? Or should we instead go with nanoserver default and adapt the tests instead?

2. What should be the entrypoint and default command for our busybox image?
Right now, I am going with:
https://github.com/containerd/nerdctl/pull/3636/files#diff-0a09737c4052666fccb706d792f24be6f876a77dcf12eeb7b9ccaacc249a5bf1R139-R140

Is this the right thing to do?

@apostasie apostasie mentioned this pull request Dec 5, 2024
Open
@apostasie apostasie force-pushed the series-15 branch 6 times, most recently from 62344d5 to aa1cfcf Compare December 5, 2024 23:20
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@apostasie @AkihiroSuda