mirror of https://github.com/k3s-io/k3s
Moving image pullers to images directory
Ron Lai
parent
d1fba05a1b
commit
56b9daf50f
|
|
@ -142,13 +142,6 @@ type ContainerCommandRunner interface {
|
|||
PortForward(pod *Pod, port uint16, stream io.ReadWriteCloser) error
|
||||
}
|
||||
|
||||
// ImagePuller wraps Runtime.PullImage() to pull a container image.
|
||||
// It will check the presence of the image, and report the 'image pulling',
|
||||
// 'image pulled' events correspondingly.
|
||||
type ImagePuller interface {
|
||||
PullImage(pod *api.Pod, container *api.Container, pullSecrets []api.Secret) (error, string)
|
||||
}
|
||||
|
||||
// Pod is a group of containers.
|
||||
type Pod struct {
|
||||
// The ID of the pod, which can be used to retrieve a particular pod
|
||||
|
|
|
|||
|
|
@ -46,6 +46,7 @@ import (
|
|||
"k8s.io/kubernetes/pkg/client/record"
|
||||
kubecontainer "k8s.io/kubernetes/pkg/kubelet/container"
|
||||
"k8s.io/kubernetes/pkg/kubelet/events"
|
||||
"k8s.io/kubernetes/pkg/kubelet/images"
|
||||
"k8s.io/kubernetes/pkg/kubelet/lifecycle"
|
||||
"k8s.io/kubernetes/pkg/kubelet/metrics"
|
||||
"k8s.io/kubernetes/pkg/kubelet/network"
|
||||
|
|
@ -128,7 +129,7 @@ type DockerManager struct {
|
|||
dockerPuller DockerPuller
|
||||
|
||||
// wrapped image puller.
|
||||
imagePuller kubecontainer.ImagePuller
|
||||
imagePuller images.ImageManager
|
||||
|
||||
// Root of the Docker runtime.
|
||||
dockerRoot string
|
||||
|
|
@ -261,11 +262,7 @@ func NewDockerManager(
|
|||
seccompProfileRoot: seccompProfileRoot,
|
||||
}
|
||||
dm.runner = lifecycle.NewHandlerRunner(httpClient, dm, dm)
|
||||
if serializeImagePulls {
|
||||
dm.imagePuller = kubecontainer.NewSerializedImagePuller(kubecontainer.FilterEventRecorder(recorder), dm, imageBackOff)
|
||||
} else {
|
||||
dm.imagePuller = kubecontainer.NewImagePuller(kubecontainer.FilterEventRecorder(recorder), dm, imageBackOff)
|
||||
}
|
||||
dm.imagePuller = images.NewImageManager(kubecontainer.FilterEventRecorder(recorder), dm, imageBackOff, serializeImagePulls)
|
||||
dm.containerGC = NewContainerGC(client, podGetter, containerLogsDir)
|
||||
|
||||
dm.versionCache = cache.NewObjectCache(
|
||||
|
|
@ -1718,7 +1715,7 @@ func (dm *DockerManager) createPodInfraContainer(pod *api.Pod) (kubecontainer.Do
|
|||
|
||||
// No pod secrets for the infra container.
|
||||
// The message isn't needed for the Infra container
|
||||
if err, msg := dm.imagePuller.PullImage(pod, container, nil); err != nil {
|
||||
if err, msg := dm.imagePuller.EnsureImageExists(pod, container, nil); err != nil {
|
||||
return "", err, msg
|
||||
}
|
||||
|
||||
|
|
@ -2129,7 +2126,7 @@ func (dm *DockerManager) SyncPod(pod *api.Pod, _ api.PodStatus, podStatus *kubec
|
|||
// tryContainerStart attempts to pull and start the container, returning an error and a reason string if the start
|
||||
// was not successful.
|
||||
func (dm *DockerManager) tryContainerStart(container *api.Container, pod *api.Pod, podStatus *kubecontainer.PodStatus, pullSecrets []api.Secret, namespaceMode, pidMode, podIP string) (err error, reason string) {
|
||||
err, msg := dm.imagePuller.PullImage(pod, container, pullSecrets)
|
||||
err, msg := dm.imagePuller.EnsureImageExists(pod, container, pullSecrets)
|
||||
if err != nil {
|
||||
return err, msg
|
||||
}
|
||||
|
|
|
|||
|
|
@ -0,0 +1,15 @@
|
|||
/*
|
||||
Copyright 2016 The Kubernetes Authors.
|
||||
Licensed under the Apache License, Version 2.0 (the "License");
|
||||
you may not use this file except in compliance with the License.
|
||||
You may obtain a copy of the License at
|
||||
http://www.apache.org/licenses/LICENSE-2.0
|
||||
Unless required by applicable law or agreed to in writing, software
|
||||
distributed under the License is distributed on an "AS IS" BASIS,
|
||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
See the License for the specific language governing permissions and
|
||||
limitations under the License.
|
||||
*/
|
||||
|
||||
// Package images is responsible for managing lifecycle of container images.
|
||||
package images
|
||||
|
|
@ -0,0 +1,41 @@
|
|||
|
||||
/*
|
||||
Copyright 2016 The Kubernetes Authors All.
|
||||
Licensed under the Apache License, Version 2.0 (the "License");
|
||||
you may not use this file except in compliance with the License.
|
||||
You may obtain a copy of the License at
|
||||
http://www.apache.org/licenses/LICENSE-2.0
|
||||
Unless required by applicable law or agreed to in writing, software
|
||||
distributed under the License is distributed on an "AS IS" BASIS,
|
||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
See the License for the specific language governing permissions and
|
||||
limitations under the License.
|
||||
*/
|
||||
|
||||
package images
|
||||
|
||||
type ImageManager struct {
|
||||
recorder record.EventRecorder
|
||||
runtime container.Runtime
|
||||
backOff *flowcontrol.Backoff
|
||||
imagePuller imagePuller
|
||||
}
|
||||
|
||||
func NewImageManager(recorder record.EventRecorder, runtime Runtime, imageBackOff *flowcontrol.Backoff, serialized bool) ImageManager {
|
||||
var imagePuller imagePuller
|
||||
if serialized {
|
||||
imagePuller = NewSerializedImagePuller(recorder, runtime, imageBackOff)
|
||||
} else {
|
||||
imagePuller = NewParallelImagePuller(recorder, runtime, imageBackOff)
|
||||
}
|
||||
return &imageManager{
|
||||
recorder: recorder,
|
||||
runtime: runtime,
|
||||
backOff: backOff,
|
||||
imagePuller: imagePuller,
|
||||
}
|
||||
}
|
||||
|
||||
func (*) EnsureImageExists(pod *api.Pod, container *api.Container, pullSecrets []api.Secret) (error, string) {
|
||||
return imagePuller.pullImage(pod , container pullSecrets)
|
||||
}
|
||||
|
|
@ -1,5 +1,5 @@
|
|||
/*
|
||||
Copyright 2015 The Kubernetes Authors.
|
||||
Copyright 2016 The Kubernetes Authors.
|
||||
|
||||
Licensed under the Apache License, Version 2.0 (the "License");
|
||||
you may not use this file except in compliance with the License.
|
||||
|
|
@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
|
|||
limitations under the License.
|
||||
*/
|
||||
|
||||
package container
|
||||
package images
|
||||
|
||||
import (
|
||||
"fmt"
|
||||
|
|
@ -29,18 +29,18 @@ import (
|
|||
// imagePuller pulls the image using Runtime.PullImage().
|
||||
// It will check the presence of the image, and report the 'image pulling',
|
||||
// 'image pulled' events correspondingly.
|
||||
type imagePuller struct {
|
||||
type parallelImagePuller struct {
|
||||
recorder record.EventRecorder
|
||||
runtime Runtime
|
||||
backOff *flowcontrol.Backoff
|
||||
}
|
||||
|
||||
// enforce compatibility.
|
||||
var _ ImagePuller = &imagePuller{}
|
||||
var _ imagePuller = ¶llelImagePuller{}
|
||||
|
||||
// NewImagePuller takes an event recorder and container runtime to create a
|
||||
// image puller that wraps the container runtime's PullImage interface.
|
||||
func NewImagePuller(recorder record.EventRecorder, runtime Runtime, imageBackOff *flowcontrol.Backoff) ImagePuller {
|
||||
func NewImagePuller(recorder record.EventRecorder, runtime Runtime, imageBackOff *flowcontrol.Backoff) imagePuller {
|
||||
return &imagePuller{
|
||||
recorder: recorder,
|
||||
runtime: runtime,
|
||||
|
|
@ -64,7 +64,7 @@ func shouldPullImage(container *api.Container, imagePresent bool) bool {
|
|||
}
|
||||
|
||||
// records an event using ref, event msg. log to glog using prefix, msg, logFn
|
||||
func (puller *imagePuller) logIt(ref *api.ObjectReference, eventtype, event, prefix, msg string, logFn func(args ...interface{})) {
|
||||
func (puller *parallelImagePuller) logIt(ref *api.ObjectReference, eventtype, event, prefix, msg string, logFn func(args ...interface{})) {
|
||||
if ref != nil {
|
||||
puller.recorder.Event(ref, eventtype, event, msg)
|
||||
} else {
|
||||
|
|
@ -73,7 +73,7 @@ func (puller *imagePuller) logIt(ref *api.ObjectReference, eventtype, event, pre
|
|||
}
|
||||
|
||||
// PullImage pulls the image for the specified pod and container.
|
||||
func (puller *imagePuller) PullImage(pod *api.Pod, container *api.Container, pullSecrets []api.Secret) (error, string) {
|
||||
func (puller *parallelImagePuller) PullImage(pod *api.Pod, container *api.Container, pullSecrets []api.Secret) (error, string) {
|
||||
logPrefix := fmt.Sprintf("%s/%s", pod.Name, container.Image)
|
||||
ref, err := GenerateContainerRef(pod, container)
|
||||
if err != nil {
|
||||
|
|
@ -1,5 +1,5 @@
|
|||
/*
|
||||
Copyright 2015 The Kubernetes Authors.
|
||||
Copyright 2016 The Kubernetes Authors.
|
||||
|
||||
Licensed under the Apache License, Version 2.0 (the "License");
|
||||
you may not use this file except in compliance with the License.
|
||||
|
|
@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
|
|||
limitations under the License.
|
||||
*/
|
||||
|
||||
package container
|
||||
package images
|
||||
|
||||
import (
|
||||
"fmt"
|
||||
|
|
@ -48,13 +48,13 @@ type serializedImagePuller struct {
|
|||
}
|
||||
|
||||
// enforce compatibility.
|
||||
var _ ImagePuller = &serializedImagePuller{}
|
||||
var _ imagePuller = &serializedImagePuller{}
|
||||
|
||||
// NewSerializedImagePuller takes an event recorder and container runtime to create a
|
||||
// image puller that wraps the container runtime's PullImage interface.
|
||||
// Pulls one image at a time.
|
||||
// Issue #10959 has the rationale behind serializing image pulls.
|
||||
func NewSerializedImagePuller(recorder record.EventRecorder, runtime Runtime, imageBackOff *flowcontrol.Backoff) ImagePuller {
|
||||
func NewSerializedImagePuller(recorder record.EventRecorder, runtime Runtime, imageBackOff *flowcontrol.Backoff) imagePuller {
|
||||
imagePuller := &serializedImagePuller{
|
||||
recorder: recorder,
|
||||
runtime: runtime,
|
||||
|
|
@ -0,0 +1,35 @@
|
|||
/*
|
||||
Copyright 2016 The Kubernetes Authors All.
|
||||
Licensed under the Apache License, Version 2.0 (the "License");
|
||||
you may not use this file except in compliance with the License.
|
||||
You may obtain a copy of the License at
|
||||
http://www.apache.org/licenses/LICENSE-2.0
|
||||
Unless required by applicable law or agreed to in writing, software
|
||||
distributed under the License is distributed on an "AS IS" BASIS,
|
||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
See the License for the specific language governing permissions and
|
||||
limitations under the License.
|
||||
*/
|
||||
|
||||
package images
|
||||
|
||||
import "k8s.io/kubernetes/pkg/api"
|
||||
|
||||
// ImageManager provides an interface to manage the lifecycle of images.
|
||||
// Implementations of this interface are expected to deal with pulling (downloading),
|
||||
// managing, and deleting container images.
|
||||
// Implementations are expected to abstract the underlying runtimes.
|
||||
// Implementations are expected to be thread safe.
|
||||
type ImageManager interface {
|
||||
// EnsureImageExists ensures that image specified in `container` exists.
|
||||
EnsureImageExists(pod *api.Pod, container *api.Container, pullSecrets []api.Secret) (error, string)
|
||||
|
||||
// TODO(ronl): consolidating image managing and deleting operation in this interface
|
||||
}
|
||||
|
||||
// ImagePuller wraps Runtime.PullImage() to pull a container image.
|
||||
// It will check the presence of the image, and report the 'image pulling',
|
||||
// 'image pulled' events correspondingly.
|
||||
type imagePuller interface {
|
||||
pullImage(pod *api.Pod, container *api.Container, pullSecrets []api.Secret) (error, string)
|
||||
}
|
||||
|
|
@ -46,6 +46,7 @@ import (
|
|||
"k8s.io/kubernetes/pkg/credentialprovider"
|
||||
kubecontainer "k8s.io/kubernetes/pkg/kubelet/container"
|
||||
"k8s.io/kubernetes/pkg/kubelet/events"
|
||||
"k8s.io/kubernetes/pkg/kubelet/images"
|
||||
"k8s.io/kubernetes/pkg/kubelet/leaky"
|
||||
"k8s.io/kubernetes/pkg/kubelet/lifecycle"
|
||||
"k8s.io/kubernetes/pkg/kubelet/network"
|
||||
|
|
@ -152,7 +153,7 @@ type Runtime struct {
|
|||
runtimeHelper kubecontainer.RuntimeHelper
|
||||
recorder record.EventRecorder
|
||||
livenessManager proberesults.Manager
|
||||
imagePuller kubecontainer.ImagePuller
|
||||
imagePuller images.ImageManager
|
||||
runner kubecontainer.HandlerRunner
|
||||
execer utilexec.Interface
|
||||
os kubecontainer.OSInterface
|
||||
|
|
@ -271,11 +272,7 @@ func New(
|
|||
|
||||
rkt.runner = lifecycle.NewHandlerRunner(httpClient, rkt, rkt)
|
||||
|
||||
if serializeImagePulls {
|
||||
rkt.imagePuller = kubecontainer.NewSerializedImagePuller(recorder, rkt, imageBackOff)
|
||||
} else {
|
||||
rkt.imagePuller = kubecontainer.NewImagePuller(recorder, rkt, imageBackOff)
|
||||
}
|
||||
rkt.imagePuller = images.NewImageManager(recorder, rkt, imageBackOff, serializeImagePulls)
|
||||
|
||||
if err := rkt.getVersions(); err != nil {
|
||||
return nil, fmt.Errorf("rkt: error getting version info: %v", err)
|
||||
|
|
@ -753,7 +750,7 @@ func (r *Runtime) newAppcRuntimeApp(pod *api.Pod, podIP string, c api.Container,
|
|||
if requiresPrivileged && !securitycontext.HasPrivilegedRequest(&c) {
|
||||
return fmt.Errorf("cannot make %q: running a custom stage1 requires a privileged security context", format.Pod(pod))
|
||||
}
|
||||
if err, _ := r.imagePuller.PullImage(pod, &c, pullSecrets); err != nil {
|
||||
if err, _ := r.imagePuller.EnsureImageExists(pod, &c, pullSecrets); err != nil {
|
||||
return nil
|
||||
}
|
||||
imgManifest, err := r.getImageManifest(c.Image)
|
||||
|
|
|
|||
Loading…
Reference in New Issue