-
Notifications
You must be signed in to change notification settings - Fork 1.5k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Migrate away from google.com gcp project kubebuilder #3230
Comments
I can start looking into this. |
HI @yashsingh74, Thank you for looking into that. But this one is not a good first issue to work on. We will need @rpkatz help to know how to use the new infra and how to promote the assets. You might able to help us out when we have those built, and then we can start to change the docs and scaffolds to use them. |
/assign @rikatz |
Hi there. I wrote something about it on a huge thread, and copy/pasted to https://docs.google.com/document/d/18EKmym3YJ0Ey3LOrQOeWh6RbnSO-odfKuMNVlHPHDmE/edit?usp=sharing (SORRY!!) @yashsingh74 we have some subtasks here, as:
We are going to need to tweak some minor stuff on build script, like pushing to the right repository, etc, using proper substitutions on cloudbuild, etc. @camilamacedo86 If you and @varshaprasad96 I would like to do the "image replication" work here, mostly getting the images from old repo and pushing to new staging one, so we won't start the manifest file promotion from scratch :) |
I wanted to document the most recent status:
From the current outlook, it seems unlikely that we will be able to avoid using GCP, unless there's a proposal to change the aforementioned binaries. |
On kube-rbac-proxy feature, @sbueringer implemented kubernetes-sigs/controller-runtime#2407 on latest controller-runtime. I didnt had a chance to look at it yet but have seen some talks about krp not being required anymore with this feature :) Maybe once kubebuilder supports the new runtime, there's no need to build krp anymore and simply migrate the old images. |
Ah sorry just saw your latest Pr To bump controller-runtime :))) great! So disregard my comment, but maybe we can not promote krp anymore in favor of the new feature :) |
@rikatz There's a lot of related information in this lengthy Slack thread: https://kubernetes.slack.com/archives/CAR30FCJZ/p1693377335373059 |
The latest update of this one is:
Further info: https://kubernetes.slack.com/archives/CCK68P2Q2/p1711913605487359 |
If there are any images other than kube-rbac-proxy that are not just being phased out, they need to be moved to registry.k8s.io sooner than later, there are docs at https://registry.k8s.io, specifically https://github.com/kubernetes/k8s.io/tree/main/registry.k8s.io#managing-kubernetes-container-registries (We should just move them, rather than migrating to AR in a google.com internal project, we have plans in motion to migrate ~everything in Kubernetes to be solely on community controlled infra by EOY and GCR requires action by early next year anyhow. While technically we could move GCR to AR ~in-place, it makes more sense to switch to community controlled resources while we're at it) |
Conclusion and Latest StatusThe GCP project must be active until March 18, 2025. After that date then theoretically Kubebuilder GCP project can be shotdown, Google has announced that images under Therefore, we must keep it running for as long as possible, until these older projects have fully migrated away. However, the goal of this issue was ensure that we migrate away from GCP project and from our side, everything has been done to discontinue the GCP usage. Below are the details of what was done and the current status:
Therefore, from our side, everything is ready. We just need to give projects enough time to migrate before we fully discontinue the GCP usage and I am closing this one. |
What do you want to happen?
Description
Today we use GCP and have a project, kubebuilder. We need to move this infrastructure as described in this task: kubernetes/k8s.io#2647. Currently, the GCP infra is used to build some artefacts.
kube-rbac-proxy images
These images are used to build a sidecar for the manager, see:
kubebuilder/testdata/project-v2/config/default/manager_auth_proxy_patch.yaml
Lines 11 to 13 in 3044376
To know how they are built, you can check it here.
kubebuilder-tools
The kubebuilder tools ship the required binaries to test the projects using EnvTest. We scaffold a target to download them in the projects as well:
kubebuilder/testdata/project-v4/Makefile
Lines 57 to 59 in 3044376
To know how they are built, you can check it here
Goal
This task aims to migrate the infrastructure used to build and provide them from the new location.
Motivation
To know more about see: https://kubernetes.io/blog/2020/05/27/an-introduction-to-the-k8s-infrastructure-working-group/
Impact
The projects built so far will still need to work on the images scaffold
It is a breaking change and can indeed break the workloads running on the cluster (in the case of the proxy image).
So, we will need to work on providing those from the new places, see if we can also make a copy from all artefacts built and provide so for to the new place, and communicate asap.
IMPORTANT: We should not stop building in the old/current infrastructure until we stop using it. Therefore, that means we need to build in both for a time. I would also suggest that you build these artefacts in the new infrastructure.
What do we need to do
References
kubernetes/k8s.io#2647
kubernetes/k8s.io#4586
Extra Labels
No response
The text was updated successfully, but these errors were encountered: