k8ssandra K8SSAND-482 ⁃ Consider moving container images to Quay.io in order to avoid rate limits

Is your feature request related to a problem? Please describe. While attempting to install K8ssandra in an OKD 4.7 cluster, I encounter the docker.io rate limit.

Describe the solution you'd like Consider leveraging Quay.io for container images to avoid pull rate limits.

┆Issue is synchronized with this Jira Feature by Unito ┆epic: Alternate container image repository publishing ┆friendlyId: K8SSAND-482 ┆priority: Medium

May 25 '21 15:05 cgruver

@jdonenine we should look at mirroring in a couple of locations (Quay.io included)

May 26 '21 16:05 bradfordcp

That would be really helpful.

I did manage to complete the install. There are some additional security steps required to run on OpenShift. It does not like fixed uid and gid for pods. When I get done with my Quarkus app, I'll create a PR with some changes to the charts for OpenShift.

Despite the issue with Docker.io, this was by far the easiest Cassandra install ever!

May 26 '21 19:05 cgruver

@jdonenine we should look at mirroring in a couple of locations (Quay.io included)

Makes total sense, @emerkle826 just battled with the limits this week as well.

May 26 '21 22:05 jdonenine

I did manage to complete the install. There are some additional security steps required to run on OpenShift. It does not like fixed uid and gid for pods. When I get done with my Quarkus app, I'll create a PR with some changes to the charts for OpenShift.

@cgruver that would be awesome, looking forward to it!

May 26 '21 22:05 jdonenine

➤ Jeff DiNoto commented:

Some good content related to the problems with the limits:

https://www.openshift.com/blog/mitigate-impact-of-docker-hub-pull-request-limits ( https://www.openshift.com/blog/mitigate-impact-of-docker-hub-pull-request-limits|smart-link )

May 27 '21 17:05 sync-by-unito[bot]

➤ Jeff DiNoto commented:

Harbor can be configured to do the push from docker hub and push to other repositories. It can also do security scanning.

There’s an existing project in Harbor but wasn’t completely setup.

Jun 14 '21 14:06 sync-by-unito[bot]

@jdonenine I'm going to take this issue. I've already configured some of the pieces for this and will get it over the finish line. The repositories will appear at https://quay.io/organization/k8ssandra when the sync system comes online.

Jun 14 '21 15:06 bradfordcp

@bradfordcp, are you still working on this?

Mar 30 '22 07:03 adejanovski

I’m actually back to working on my project with Cassandra on OpenShift. I’ve pivoted to using the operator for installation. If the container images can be pulled from quay.io or gcr.io that will mitigate the docker.io limits.

Mar 30 '22 11:03 cgruver

This stalled internally within another team. I'm happy to see our automation tooling push to quay and Docker for the time being.

Apr 13 '22 19:04 bradfordcp

As an update I am mirroring all containers to Quay.io today. I expect a number of PRs updating our automation / defaults to happen over the coming days.

Apr 18 '22 18:04 bradfordcp

Mirroring process is done. Onward to PRs

Apr 19 '22 00:04 bradfordcp

@bradfordcp, should we shelve this work for now? I assume we're not actively working on it, right?

Sep 07 '22 06:09 adejanovski

Since I opened this last year, I've pivoted to using the operator. While many of the images still come from docker.io, I've worked around any rate limit issues by mirroring them into a local Nexus registry.

So, this isn't an urgent need at the moment. But, the Docker hub rate limits can be a pain for home lab or experimentation.

I haven't documented my work with the operator on OpenShift yet, but the WIP is here:

https://github.com/cgruver/lab-multi-region/tree/main/k8ssandra

Sep 07 '22 11:09 cgruver