Merge pull request #12578 from AliyunContainerService/aliyun-mirror

Initial support for adding Aliyun mirror for preload images and K8s release binaries
pull/12791/head
Medya Ghazizadeh 2021-10-26 13:22:30 -07:00 committed by GitHub
commit 6f72fc9a25
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
13 changed files with 251 additions and 21 deletions

36
.github/workflows/sync-minikube.yml vendored Normal file
View File

@ -0,0 +1,36 @@
name: Sync docker images of minikube to Alibaba Cloud
on:
workflow_dispatch:
schedule:
# every day at 7am & 7pm pacific
- cron: "0 2,14 * * *"
jobs:
sync-images:
runs-on: ubuntu-latest
defaults:
run:
working-directory: ./image-syncer
steps:
- uses: actions/checkout@v2
with:
repository: denverdino/image-syncer
path: ./image-syncer
- name: Set up Go
uses: actions/setup-go@v2
with:
go-version: 1.17
- name: Build
run: make
- name: Synchronize images to Alibaba Cloud Container Registry Service
env:
ACR_USER: ${{ secrets.ALIBABA_CLOUD_ACR_USER }}
ACR_PASSWORD: ${{ secrets.ALIBABA_CLOUD_ACR_PASSWORD }}
DOCKER_HUB_USER: ${{ secrets.DOCKER_HUB_USER }}
DOCKER_HUB_PASSWORD: ${{ secrets.DOCKER_HUB_PASSWORD }}
run: ./image-syncer --auth=auth.json --images=images.json --days=2 --proc=2

View File

@ -379,6 +379,10 @@ func getRepository(cmd *cobra.Command, k8sVersion string) string {
repository = autoSelectedRepository
}
if repository == "registry.cn-hangzhou.aliyuncs.com/google_containers" {
download.SetAliyunMirror()
}
if cmd.Flags().Changed(imageRepository) || cmd.Flags().Changed(imageMirrorCountry) {
out.Styled(style.Success, "Using image repository {{.name}}", out.V{"name": repository})
}

View File

@ -0,0 +1,102 @@
{
"kubernetesui/dashboard": "registry.cn-hangzhou.aliyuncs.com/google_containers/dashboard",
"kubernetesui/metrics-scraper": "registry.cn-hangzhou.aliyuncs.com/google_containers/metrics-scraper",
"gcr.io/k8s-minikube/auto-pause-hook": "registry.cn-hangzhou.aliyuncs.com/google_containers/auto-pause-hook",
"quay.io/operator-framework/olm": "registry.cn-hangzhou.aliyuncs.com/google_containers/olm",
"quay.io/operator-framework/upstream-community-operators": "registry.cn-hangzhou.aliyuncs.com/google_containers/upstream-community-operators",
"k8s.gcr.io/kube-registry-proxy": "registry.cn-hangzhou.aliyuncs.com/google_containers/kube-registry-proxy",
"upmcenterprises/registry-creds": "registry.cn-hangzhou.aliyuncs.com/google_containers/registry-creds",
"quay.io/rhdevelopers/core-dns-patcher": "registry.cn-hangzhou.aliyuncs.com/google_containers/core-dns-patcher",
"nvidia/k8s-device-plugin": "registry.cn-hangzhou.aliyuncs.com/google_containers/k8s-device-plugin",
"ivans3/minikube-log-viewer": "registry.cn-hangzhou.aliyuncs.com/google_containers/minikube-log-viewer",
"cryptexlabs/minikube-ingress-dns": "registry.cn-hangzhou.aliyuncs.com/google_containers/minikube-ingress-dns",
"quay.io/datawire/ambassador-operator": "registry.cn-hangzhou.aliyuncs.com/google_containers/ambassador-operator",
"jettech/kube-webhook-certgen": "registry.cn-hangzhou.aliyuncs.com/google_containers/kube-webhook-certgen",
"gcr.io/k8s-minikube/gcp-auth-webhook": "registry.cn-hangzhou.aliyuncs.com/google_containers/gcp-auth-webhook",
"k8s.gcr.io/sig-storage/snapshot-controller": "registry.cn-hangzhou.aliyuncs.com/google_containers/snapshot-controller",
"k8s.gcr.io/sig-storage/csi-attacher": "registry.cn-hangzhou.aliyuncs.com/google_containers/csi-attacher",
"k8s.gcr.io/sig-storage/csi-external-health-monitor-agent": "registry.cn-hangzhou.aliyuncs.com/google_containers/csi-external-health-monitor-agent",
"k8s.gcr.io/sig-storage/csi-external-health-monitor-controller": "registry.cn-hangzhou.aliyuncs.com/google_containers/csi-external-health-monitor-controller",
"k8s.gcr.io/sig-storage/csi-node-driver-registrar": "registry.cn-hangzhou.aliyuncs.com/google_containers/csi-node-driver-registrar",
"k8s.gcr.io/sig-storage/hostpathplugin": "registry.cn-hangzhou.aliyuncs.com/google_containers/hostpathplugin",
"k8s.gcr.io/sig-storage/livenessprobe": "registry.cn-hangzhou.aliyuncs.com/google_containers/livenessprobe",
"k8s.gcr.io/sig-storage/csi-resizer": "registry.cn-hangzhou.aliyuncs.com/google_containers/csi-resizer",
"k8s.gcr.io/sig-storage/csi-snapshotter": "registry.cn-hangzhou.aliyuncs.com/google_containers/csi-snapshotter",
"k8s.gcr.io/sig-storage/csi-provisioner": "registry.cn-hangzhou.aliyuncs.com/google_containers/csi-provisioner",
"registry": "registry.cn-hangzhou.aliyuncs.com/google_containers/registry",
"quay.io/nixpanic/glusterfs-server": "registry.cn-hangzhou.aliyuncs.com/google_containers/glusterfs-server",
"heketi/heketi": "registry.cn-hangzhou.aliyuncs.com/google_containers/heketi",
"coredns/coredns": "registry.cn-hangzhou.aliyuncs.com/google_containers/coredns",
"kindest/kindnetd": "registry.cn-hangzhou.aliyuncs.com/google_containers/kindnetd",
"k8s.gcr.io/ingress-nginx/controller": "registry.cn-hangzhou.aliyuncs.com/google_containers/nginx-ingress-controller",
"gcr.io/cloud-builders/gcs-fetcher": "registry.cn-hangzhou.aliyuncs.com/cloud-builders/gcs-fetcher",
"gcr.io/google-samples/freshpod": "registry.cn-hangzhou.aliyuncs.com/google_containers/freshpod",
"gcr.io/k8s-minikube/gvisor-addon": "registry.cn-hangzhou.aliyuncs.com/google_containers/gvisor-addon",
"gcr.io/k8s-minikube/kicbase": "registry.cn-hangzhou.aliyuncs.com/google_containers/kicbase",
"gcr.io/k8s-minikube/storage-provisioner": "registry.cn-hangzhou.aliyuncs.com/google_containers/storage-provisioner",
"gcr.io/kubernetes-helm/tiller": "registry.cn-hangzhou.aliyuncs.com/google_containers/tiller",
"k8s.gcr.io/addon-resizer": "registry.cn-hangzhou.aliyuncs.com/google_containers/addon-resizer",
"k8s.gcr.io/busybox": "registry.cn-hangzhou.aliyuncs.com/google_containers/busybox",
"k8s.gcr.io/cluster-autoscaler": "registry.cn-hangzhou.aliyuncs.com/google_containers/cluster-autoscaler",
"k8s.gcr.io/coredns/coredns": "registry.cn-hangzhou.aliyuncs.com/google_containers/coredns",
"k8s.gcr.io/defaultbackend": "registry.cn-hangzhou.aliyuncs.com/google_containers/defaultbackend",
"k8s.gcr.io/echoserver": "registry.cn-hangzhou.aliyuncs.com/google_containers/echoserver",
"k8s.gcr.io/elasticsearch": "registry.cn-hangzhou.aliyuncs.com/google_containers/elasticsearch",
"k8s.gcr.io/etcd": "registry.cn-hangzhou.aliyuncs.com/google_containers/etcd",
"k8s.gcr.io/etcd-amd64": "registry.cn-hangzhou.aliyuncs.com/google_containers/etcd-amd64",
"k8s.gcr.io/exechealthz-amd64": "registry.cn-hangzhou.aliyuncs.com/google_containers/exechealthz-amd64",
"k8s.gcr.io/flannel-amd64": "registry.cn-hangzhou.aliyuncs.com/google_containers/flannel-amd64",
"k8s.gcr.io/fluentd-elasticsearch": "registry.cn-hangzhou.aliyuncs.com/google_containers/fluentd-elasticsearch",
"k8s.gcr.io/heapster": "registry.cn-hangzhou.aliyuncs.com/google_containers/heapster",
"k8s.gcr.io/heapster_grafana": "registry.cn-hangzhou.aliyuncs.com/google_containers/heapster_grafana",
"k8s.gcr.io/heapster_influxdb": "registry.cn-hangzhou.aliyuncs.com/google_containers/heapster_influxdb",
"k8s.gcr.io/heapster-amd64": "registry.cn-hangzhou.aliyuncs.com/google_containers/heapster-amd64",
"k8s.gcr.io/heapster-grafana-amd64": "registry.cn-hangzhou.aliyuncs.com/google_containers/heapster-grafana-amd64",
"k8s.gcr.io/heapster-influxdb-amd64": "registry.cn-hangzhou.aliyuncs.com/google_containers/heapster-influxdb-amd64",
"k8s.gcr.io/k8s-dns-dnsmasq-nanny-amd64": "registry.cn-hangzhou.aliyuncs.com/google_containers/k8s-dns-dnsmasq-nanny-amd64",
"k8s.gcr.io/k8s-dns-kube-dns-amd64": "registry.cn-hangzhou.aliyuncs.com/google_containers/k8s-dns-kube-dns-amd64",
"k8s.gcr.io/k8s-dns-node-cache": "registry.cn-hangzhou.aliyuncs.com/google_containers/k8s-dns-node-cache",
"k8s.gcr.io/k8s-dns-sidecar-amd64": "registry.cn-hangzhou.aliyuncs.com/google_containers/k8s-dns-sidecar-amd64",
"k8s.gcr.io/kube-addon-manager": "registry.cn-hangzhou.aliyuncs.com/google_containers/kube-addon-manager",
"k8s.gcr.io/kube-addon-manager-amd64": "registry.cn-hangzhou.aliyuncs.com/google_containers/kube-addon-manager-amd64",
"k8s.gcr.io/kube-apiserver": "registry.cn-hangzhou.aliyuncs.com/google_containers/kube-apiserver",
"k8s.gcr.io/kube-apiserver-amd64": "registry.cn-hangzhou.aliyuncs.com/google_containers/kube-apiserver-amd64",
"k8s.gcr.io/kube-controller-manager": "registry.cn-hangzhou.aliyuncs.com/google_containers/kube-controller-manager",
"k8s.gcr.io/kube-controller-manager-amd64": "registry.cn-hangzhou.aliyuncs.com/google_containers/kube-controller-manager-amd64",
"k8s.gcr.io/kube-cross": "registry.cn-hangzhou.aliyuncs.com/google_containers/kube-cross",
"k8s.gcr.io/kube-dnsmasq-amd64": "registry.cn-hangzhou.aliyuncs.com/google_containers/kube-dnsmasq-amd64",
"k8s.gcr.io/kube-proxy": "registry.cn-hangzhou.aliyuncs.com/google_containers/kube-proxy",
"k8s.gcr.io/kube-proxy-amd64": "registry.cn-hangzhou.aliyuncs.com/google_containers/kube-proxy-amd64",
"k8s.gcr.io/kube-scheduler": "registry.cn-hangzhou.aliyuncs.com/google_containers/kube-scheduler",
"k8s.gcr.io/kube-scheduler-amd64": "registry.cn-hangzhou.aliyuncs.com/google_containers/kube-scheduler-amd64",
"k8s.gcr.io/kube-state-metrics": "registry.cn-hangzhou.aliyuncs.com/google_containers/kube-state-metrics",
"k8s.gcr.io/kubedns-amd64": "registry.cn-hangzhou.aliyuncs.com/google_containers/kubedns-amd64",
"k8s.gcr.io/kubernetes-dashboard-amd64": "registry.cn-hangzhou.aliyuncs.com/google_containers/kubernetes-dashboard-amd64",
"k8s.gcr.io/metrics-server-amd64": "registry.cn-hangzhou.aliyuncs.com/google_containers/metrics-server-amd64",
"k8s.gcr.io/minikube-nvidia-driver-installer": "registry.cn-hangzhou.aliyuncs.com/google_containers/minikube-nvidia-driver-installer",
"k8s.gcr.io/mongodb-install": "registry.cn-hangzhou.aliyuncs.com/google_containers/mongodb-install",
"k8s.gcr.io/nginx-slim": "registry.cn-hangzhou.aliyuncs.com/google_containers/nginx-slim",
"k8s.gcr.io/nvidia-gpu-device-plugin": "registry.cn-hangzhou.aliyuncs.com/google_containers/nvidia-gpu-device-plugin",
"k8s.gcr.io/pause": "registry.cn-hangzhou.aliyuncs.com/google_containers/pause",
"k8s.gcr.io/pause-amd64": "registry.cn-hangzhou.aliyuncs.com/google_containers/pause-amd64",
"k8s.gcr.io/spark": "registry.cn-hangzhou.aliyuncs.com/google_containers/spark",
"k8s.gcr.io/spartakus-amd64": "registry.cn-hangzhou.aliyuncs.com/google_containers/spartakus-amd64",
"k8s.gcr.io/zeppelin": "registry.cn-hangzhou.aliyuncs.com/google_containers/zeppelin",
"quay.io/coreos/configmap-reload": "registry.cn-hangzhou.aliyuncs.com/coreos_containers/configmap-reload",
"quay.io/coreos/grafana-watcher": "registry.cn-hangzhou.aliyuncs.com/coreos_containers/grafana-watcher",
"quay.io/coreos/hyperkube": "registry.cn-hangzhou.aliyuncs.com/coreos_containers/hyperkube",
"quay.io/coreos/kube-rbac-proxy": "registry.cn-hangzhou.aliyuncs.com/coreos_containers/kube-rbac-proxy",
"quay.io/coreos/kube-state-metrics": "registry.cn-hangzhou.aliyuncs.com/coreos_containers/kube-state-metrics",
"quay.io/coreos/monitoring-grafana": "registry.cn-hangzhou.aliyuncs.com/coreos_containers/monitoring-grafana",
"quay.io/coreos/prometheus-config-reloader": "registry.cn-hangzhou.aliyuncs.com/coreos_containers/prometheus-config-reloader",
"quay.io/coreos/prometheus-operator": "registry.cn-hangzhou.aliyuncs.com/coreos_containers/prometheus-operator",
"quay.io/kubernetes-ingress-controller/nginx-ingress-controller": "registry.cn-hangzhou.aliyuncs.com/google_containers/nginx-ingress-controller",
"quay.io/kubernetes-service-catalog/service-catalog": "registry.cn-hangzhou.aliyuncs.com/kubernetes-service-catalog/service-catalog",
"quay.io/prometheus/alertmanager": "registry.cn-hangzhou.aliyuncs.com/google_containers/alertmanager",
"quay.io/prometheus/prometheus": "registry.cn-hangzhou.aliyuncs.com/google_containers/prometheus",
"k8s.gcr.io/ingress-nginx/kube-webhook-certgen": "registry.cn-hangzhou.aliyuncs.com/google_containers/kube-webhook-certgen",
"gcr.io/k8s-minikube/minikube-ingress-dns": "registry.cn-hangzhou.aliyuncs.com/google_containers/minikube-ingress-dns",
"gcr.io/google_containers/pause": "registry.cn-hangzhou.aliyuncs.com/google_containers/pause",
"k8s.gcr.io/metrics-server/metrics-server": "registry.cn-hangzhou.aliyuncs.com/google_containers/metrics-server",
"gcr.io/google_containers/kube-registry-proxy": "registry.cn-hangzhou.aliyuncs.com/google_containers/kube-registry-proxy"
}

View File

@ -135,4 +135,8 @@ var (
// PortainerAssets assets for portainer addon
//go:embed portainer/portainer.yaml.tmpl
PortainerAssets embed.FS
// AliyunMirror assets for aliyun_mirror.json
//go:embed aliyun_mirror.json
AliyunMirror embed.FS
)

View File

@ -185,6 +185,10 @@ func EnableOrDisableAddon(cc *config.ClusterConfig, name string, val string) err
exit.Error(reason.HostSaveProfile, "Failed to persist images", err)
}
if cc.KubernetesConfig.ImageRepository == "registry.cn-hangzhou.aliyuncs.com/google_containers" {
images, customRegistries = assets.FixAddonImagesAndRegistries(addon, images, customRegistries)
}
mName := config.MachineName(*cc, cp)
host, err := machine.LoadHost(api, mName)
if err != nil || !machine.IsRunning(api, mName) {

View File

@ -723,7 +723,7 @@ func overrideDefaults(defaultMap, overrideMap map[string]string) map[string]stri
// SelectAndPersistImages selects which images to use based on addon default images, previously persisted images, and newly requested images - which are then persisted for future enables.
func SelectAndPersistImages(addon *Addon, cc *config.ClusterConfig) (images, customRegistries map[string]string, err error) {
addonDefaultImages := fixAddonImages(cc.KubernetesConfig.ImageRepository, addon.Images)
addonDefaultImages := addon.Images
if addonDefaultImages == nil {
addonDefaultImages = make(map[string]string)
}
@ -778,23 +778,6 @@ func SelectAndPersistImages(addon *Addon, cc *config.ClusterConfig) (images, cus
return images, customRegistries, err
}
// fixes addon image names according to image repository used
func fixAddonImages(repo string, images map[string]string) map[string]string {
if repo == "registry.cn-hangzhou.aliyuncs.com/google_containers" {
// for aliyun registry must strip namespace from image name, e.g.
// registry.cn-hangzhou.aliyuncs.com/google_containers/k8s-minikube/storage-provisioner:v5 will not work
// registry.cn-hangzhou.aliyuncs.com/google_containers/storage-provisioner:v5 does work
newImages := make(map[string]string)
for name, image := range images {
image = strings.TrimPrefix(image, "k8s-minikube/")
image = strings.TrimPrefix(image, "kubernetesui/")
newImages[name] = image
}
return newImages
}
return images
}
// GenerateTemplateData generates template data for template assets
func GenerateTemplateData(addon *Addon, cfg config.KubernetesConfig, netInfo NetworkInfo, images, customRegistries map[string]string) interface{} {

View File

@ -0,0 +1,80 @@
/*
Copyright 2021 The Kubernetes Authors All rights reserved.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
package assets
import (
"encoding/json"
"fmt"
"strings"
"k8s.io/minikube/deploy/addons"
)
var AliyunMirror = loadAliyunMirror()
func loadAliyunMirror() map[string]string {
data, err := addons.AliyunMirror.ReadFile("aliyun_mirror.json")
if err != nil {
panic(fmt.Sprintf("Failed to load aliyun_mirror.json: %v", err))
}
var mirror map[string]string
err = json.Unmarshal(data, &mirror)
if err != nil {
panic(fmt.Sprintf("Failed to parse aliyun_mirror.json: %v", err))
}
return mirror
}
func FixAddonImagesAndRegistries(addon *Addon, images map[string]string, registries map[string]string) (customImages, customRegistries map[string]string) {
customImages = make(map[string]string)
customRegistries = make(map[string]string)
if images == nil {
images = addon.Images
}
if addon.Registries == nil {
addon.Registries = make(map[string]string)
}
if registries == nil {
registries = make(map[string]string)
}
for name, image := range images {
registry, found := registries[name]
if !found {
registry = addon.Registries[name]
}
img := image
if registry != "" && registry != "docker.io" {
img = registry + "/" + image
}
parts := strings.SplitN(img, ":", 2)
imageName := parts[0]
tag := parts[1]
mirror, found := AliyunMirror[imageName]
if found {
parts := strings.SplitN(mirror, "/", 2)
mirrorRegistry := parts[0]
mirrorImage := parts[1] + ":" + tag
customImages[name] = mirrorImage
customRegistries[name] = mirrorRegistry
} else {
customImages[name] = image
customRegistries[name] = registry
}
}
return customImages, customRegistries
}

View File

@ -32,7 +32,7 @@ import (
// binaryWithChecksumURL gets the location of a Kubernetes binary
func binaryWithChecksumURL(binaryName, version, osName, archName string) (string, error) {
base := fmt.Sprintf("https://storage.googleapis.com/kubernetes-release/release/%s/bin/%s/%s/%s", version, osName, archName, binaryName)
base := fmt.Sprintf("https://%s/kubernetes-release/release/%s/bin/%s/%s/%s", downloadHost, version, osName, archName, binaryName)
v, err := semver.Make(version[1:])
if err != nil {
return "", err

View File

@ -37,8 +37,16 @@ var (
// DownloadMock is called instead of the download implementation if not nil.
DownloadMock func(src, dst string) error
checkCache = os.Stat
aliyunMirror = "kubernetes.oss-cn-hangzhou.aliyuncs.com"
downloadHost = "storage.googleapis.com"
)
// SetAliyunMirror set the download host for Aliyun mirror
func SetAliyunMirror() {
downloadHost = aliyunMirror
}
// CreateDstDownloadMock is the default mock implementation of download.
func CreateDstDownloadMock(src, dst string) error {
if err := os.MkdirAll(filepath.Dir(dst), 0755); err != nil {

View File

@ -90,7 +90,7 @@ func TarballPath(k8sVersion, containerRuntime string) string {
// remoteTarballURL returns the URL for the remote tarball in GCS
func remoteTarballURL(k8sVersion, containerRuntime string) string {
return fmt.Sprintf("https://storage.googleapis.com/%s/%s", PreloadBucket, TarballName(k8sVersion, containerRuntime))
return fmt.Sprintf("https://%s/%s/%s", downloadHost, PreloadBucket, TarballName(k8sVersion, containerRuntime))
}
func setPreloadState(k8sVersion, containerRuntime string, value bool) {

View File

@ -331,7 +331,6 @@ func fixRemoteImageName(ref name.Reference, imgName string) (name.Reference, str
image = strings.TrimPrefix(image, "k8s-minikube/")
image = strings.TrimPrefix(image, "kubernetesui/")
image = strings.TrimPrefix(image, "coredns/")
image = strings.ReplaceAll(image, "coredns:v", "coredns:")
remoteRef, err := name.ParseReference(aliyunMirror+image, name.WeakValidation)
if err != nil {
return nil, "", err

View File

@ -21,4 +21,9 @@ const (
GithubMinikubeReleasesURL = "https://storage.googleapis.com/minikube/releases.json"
// GithubMinikubeBetaReleasesURL is the URL of the minikube Github beta releases JSON file
GithubMinikubeBetaReleasesURL = "https://storage.googleapis.com/minikube/releases-beta.json"
// GithubMinikubeReleasesAliyunURL is the URL of the minikube github releases JSON file from Aliyun Mirror
GithubMinikubeReleasesAliyunURL = "https://kubernetes.oss-cn-hangzhou.aliyuncs.com/minikube/releases.json"
// GithubMinikubeBetaReleasesAliyunURL is the URL of the minikube Github beta releases JSON file
GithubMinikubeBetaReleasesAliyunURL = "https://kubernetes.oss-cn-hangzhou.aliyuncs.com/minikube/releases-beta.json"
)

View File

@ -47,6 +47,11 @@ func MaybePrintUpdateTextFromGithub() {
maybePrintUpdateText(GithubMinikubeReleasesURL, GithubMinikubeBetaReleasesURL, lastUpdateCheckFilePath)
}
// MaybePrintUpdateTextFromGithub prints update text if needed, from Aliyun mirror
func MaybePrintUpdateTextFromAliyunMirror() {
maybePrintUpdateText(GithubMinikubeReleasesAliyunURL, GithubMinikubeBetaReleasesAliyunURL, lastUpdateCheckFilePath)
}
func maybePrintUpdateText(latestReleasesURL string, betaReleasesURL string, lastUpdatePath string) {
latestVersion, err := latestVersionFromURL(latestReleasesURL)
if err != nil {