Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Docker image on Kubernetes support #1083

Open
mc2eqe opened this issue Nov 8, 2023 · 0 comments
Open

Docker image on Kubernetes support #1083

mc2eqe opened this issue Nov 8, 2023 · 0 comments
Labels
enhancement New feature or request project Issue is part of an ongoing project

Comments

@mc2eqe
Copy link
Contributor

mc2eqe commented Nov 8, 2023

The Issue proposes two distinct improvements to the Docker image:

  1. Change from CMD to ENTRYPOINT:
    This modification shifts the container's main executable specification from the CMD directive to ENTRYPOINT. The primary advantage of this is the encapsulation of the executable within the image, which simplifies the command needed to run the container. Instead of having to specify the executable each time, like so:
    docker run staketechnologies/astar-collator:latest astar-collator --chain astar
    Users can now simply pass the necessary arguments directly, as the ENTRYPOINT specifies the executable:
    docker run staketechnologies/astar-collator:latest --chain astar

This change is particularly beneficial for Kubernetes deployments, where the ENTRYPOINT of a Docker image typically specifies the starting command.

  1. Retention of the shell (/bin/sh):
    The Docker image previously had steps to remove /usr/bin and /usr/sbin, which included the shell. The Helm chart by Parity Tech relies on the shell within the container to execute a sequence of operations. For instance, the persist-generated-node-key init container script uses /bin/sh to perform actions such as generating a node key if it doesn't already exist:
- name: persist-generated-node-key
  image: {{ .Values.image.repository }}:{{ .Values.image.tag }}
  command: [ "/bin/sh" ]
  args:
    - -c
    - |
      set -eu {{ if .Values.initContainers.persistGeneratedNodeKey.debug }}-x{{ end }}
      ...
      # Script continues to check and generate the node key

Maintaining the shell in the image ensures compatibility with these scripts and prevents the failure of Helm chart operations that depend on shell access within the container.

The Issue's intent is to provide a Docker image that not only maintains backward compatibility but also enhances the image's usability within Kubernetes environments, especially when managed via Helm charts.

An example of our current usage in k8s:

repositories:
  - name: parity
    url: https://paritytech.github.io/helm-charts/

helmDefaults:
  createNamespace: false
  waitForJobs: true

namespace: astar

releases:
  - name: collator
    chart: parity/node
    version: 5.1.0
    values:
      - image:
          repository: freeverseio/astar
          tag: cd9c353d5a23c4545a16e4d02f78ff3a36ad3d53
      - node:
          chain: astar
          command: "astar-collator"
          replicas: 1
          role: collator
          perNodeServices:
            paraP2pService:
              enabled: true
              type: LoadBalancer
          isParachain: true
          allowUnsafeRpcMethods: true
          customChainspecUrl: https://raw.githubusercontent.com/freeverseio/laos/main/ownership-chain/specs/astar-local-raw.json
          collatorRelayChain:
            customChainspecUrl: https://raw.githubusercontent.com/freeverseio/laos-ownership-node/dev/specs/rococo-freeverse-chainspec.json
@mc2eqe mc2eqe added enhancement New feature or request project Issue is part of an ongoing project labels Nov 8, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request project Issue is part of an ongoing project
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@mc2eqe