Some stx-built docker images are not properly tagged
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
StarlingX |
Fix Released
|
High
|
Don Penney |
Bug Description
Brief Description
-----------------
There are some stx-built docker images that are not properly tagged in docker hub which can result in the wrong incompatible image being pulled.
This was reported on the stx-discuss mailing list with the k8s-plugins-
-----------
From: Chiing-Ting Huang [mailto:<email address hidden>]
Sent: Monday, November 04, 2019 10:17 PM
To: <email address hidden>
Subject: [Starlingx-discuss] sriov-network-
Dear StarlingX Team
I have installed StarlingX R2.0 in September, and kube-sriov-
I think the team updated starlingx/
So I roll back to starlingx/
-----------
Severity
--------
Major - Released stx loads can load an incompatible docker image
Steps to Reproduce
------------------
Install StarlingX 2.0 and configure the k8s sriov plugin
Expected Behavior
------------------
Expect the compatible image to be pulled by the load
Actual Behavior
----------------
In the case of stx.2.0, the wrong image was pulled and had to be rolled back manually.
Reproducibility
---------------
Reproducible
System Configuration
-------
Any
Branch/Pull Time/Commit
-------
Seen in stx.2.0, but expected to happen in stx.3.0 and in master.
Last Pass
---------
Not applicable
Timestamp/Logs
--------------
N/A - issue is understood
Test Activity
-------------
Other - reported on the mailing list
Changed in starlingx: | |
status: | In Progress → Fix Committed |
status: | Fix Committed → In Progress |
Changed in starlingx: | |
status: | In Progress → Fix Committed |
Changed in starlingx: | |
status: | Fix Committed → Fix Released |
tags: | added: in-r-stx30 |
Adding response from Don Penney: ------- ------- ------- ------- -- device container issue
-------
From: Penney, Don [mailto:<email address hidden>]
Sent: Wednesday, November 13, 2019 1:13 PM
To: Chiing-Ting Huang; <email address hidden>
Subject: Re: [Starlingx-discuss] sriov-network-
There are two references in r/stx.2.0 that configure the image tag to be used for the k8s-plugins- sriov-network- device image: /opendev. org/starlingx/ ansible- playbooks/ src/branch/ r/stx.2. 0/playbookconfi g/src/playbooks /bootstrap/ roles/bringup- essential- services/ templates/ sriov-plugin. yaml.j2# L43 /opendev. org/starlingx/ config/ src/branch/ r/stx.2. 0/puppet- manifests/ src/modules/ platform/ templates/ sriovdp- daemonset. yaml.erb# L43
https:/
https:/
It may only be the ansible-playbooks reference that has any effect, as the puppet-manifests reference may be stale code.
The k8s-cni-sriov and k8s-plugins- sriov-network- device images are built as part of the regular build, and tagged with a versioned tag and a latest tag, as with the other stx images. However, these are loaded as part of the built-in platform-integ-app and therefore uses the static image tag that’s in the repo.
What this means is that every load is referencing the master- stable- centos- latest tag when you initially bring up the system, which would be the latest weekly build at that time. This may not always work, if there is something incompatible in the new image. This is presumably what’s happened here with 2.0.
My suggestion would be to treat these images, built from upstream sources, specially and manually tag them with versions as needed, updating the static references to those tags.
In r/stx.2.0, we could update these static tags to the appropriate tag for that build - presumably the one referenced below by Ting.
Going forward, we can manually tag the image in docker hub with whatever format we choose - such as 1.0.0, or maybe whatever version corresponds to the upstream repo at that time (ie. v3.0.0). Once we’ve manually tagged the image, we push an update into the repo to update the static reference to use the new tag.
So for example:
k8s-cni-sriov: Currently building from https:/ /github. com/intel/ sriov-cni/ commit/ 365c8f8cc1204df 84f3e976ea30f11 3e733ca665, which looks like it’s tagged as v2.2. We could retag the current build as starlingx/ k8s-cni- sriov:v2. 2, then update ansible-playbooks with the new tag.
k8s-plugins- sriov-network- device: Building from: https:/ /github. com/intel/ sriov-network- device- plugin/ commit/ 000db15405f3ce3 b7c2f9feb180c30 51aa3f7aea, tagged as v3.1. We could retag the current build as starlingx/ k8s-plugins- sriov-network- device: v3.1, then update ansible-playbooks with the new tag.
Whenever there’s new content in these images we want to pick up, we retag the new build, and push updates to the static references.
------- ------- ------- ------- ------- --