ko icon indicating copy to clipboard operation
ko copied to clipboard

Published 20 hours ago verified publisher icon ko-build

Add containerd support to "--local" mode

Open antoineco opened this issue 4 years ago • 11 comments

Running ko with --local is super convenient 💯 Unfortunately it seems to works only with Docker daemons (correct me if I'm wrong).

I recently switched to k3s in my local setup, which does not rely on a Docker daemon. Instead, k3s exposes a containerd GRPC server at /run/k3s/containerd/containerd.sock.

What do you think about supporting publishing images directly to containerd, and enabling the feature via and environment variable, e.g. KO_CONTAINERD_HOST?

antoineco avatar Apr 06 '20 17:04 antoineco

Ref #149

antoineco avatar Apr 18 '20 13:04 antoineco

This issue is stale because it has been open for 90 days with no activity. It will automatically close after 30 more days of inactivity. Reopen the issue with /reopen. Mark the issue as fresh by adding the comment /remove-lifecycle stale.

github-actions[bot] avatar Sep 26 '20 01:09 github-actions[bot]

I'm certainly open to it.

jonjohnsonjr avatar Nov 10 '20 23:11 jonjohnsonjr

This issue has suddenly become very relevant :)

antoineco avatar Dec 03 '20 22:12 antoineco

Is this as simple as containerd.New and then client.Import? That shouldn't be too hard to add a new publisher and wire it up with flags.

We could probably do some detection to have --local work for both containerd and docker automagically, but an explicit environment variable or flag would make that less surprising, which is good.

jonjohnsonjr avatar Dec 05 '20 01:12 jonjohnsonjr

This issue is stale because it has been open for 90 days with no activity. It will automatically close after 30 more days of inactivity. Reopen the issue with /reopen. Mark the issue as fresh by adding the comment /remove-lifecycle stale.

github-actions[bot] avatar Mar 08 '21 01:03 github-actions[bot]

/reopen

Still relevant AFAIK

imjasonh avatar Mar 08 '21 15:03 imjasonh

A simple (albeit inefficient) workaround is to export a tarball using --tarball=foo.tar --push=false and import the resulting image into k3s/containerd using k3s ctr images import.

Simple example usage: https://github.com/monogon-dev/NetMeta/blob/94fcccddcb03faef99ce46ea4738b5d14804ffb8/scripts/build_containers.sh#L17

leoluk avatar Nov 04 '21 18:11 leoluk

A more efficient strategy might be to just run a very simple registry implementation in-process and have ko act as the registry? Serializing to tarballs is annoying because you lose deduplication...

jonjohnsonjr avatar Nov 04 '21 22:11 jonjohnsonjr

A more efficient strategy might be to just run a very simple registry implementation in-process and have ko act as the registry? Serializing to tarballs is annoying because you lose deduplication...

It should be possible to just write the layers straight to the containerd local store, right? Just like a Docker build does.

leoluk avatar Nov 04 '21 23:11 leoluk

It should be possible to just write the layers straight to the containerd local store, right?

Definitely, but IMO it would be really nice if we could avoid it. I don't really want to link the containerd client library.

OTOH, there are cases where containerd might be on another machine, and my idea doesn't work if the target runtime is on a different network.

jonjohnsonjr avatar Nov 05 '21 00:11 jonjohnsonjr