ko
ko copied to clipboard
Add containerd support to "--local" mode
Running ko
with --local
is super convenient 💯 Unfortunately it seems to works only with Docker daemons (correct me if I'm wrong).
I recently switched to k3s
in my local setup, which does not rely on a Docker daemon. Instead, k3s
exposes a containerd
GRPC server at /run/k3s/containerd/containerd.sock
.
What do you think about supporting publishing images directly to containerd
, and enabling the feature via and environment variable, e.g. KO_CONTAINERD_HOST
?
Ref #149
This issue is stale because it has been open for 90 days with no
activity. It will automatically close after 30 more days of
inactivity. Reopen the issue with /reopen
. Mark the issue as
fresh by adding the comment /remove-lifecycle stale
.
I'm certainly open to it.
This issue has suddenly become very relevant :)
Is this as simple as containerd.New
and then client.Import
? That shouldn't be too hard to add a new publisher and wire it up with flags.
We could probably do some detection to have --local
work for both containerd and docker automagically, but an explicit environment variable or flag would make that less surprising, which is good.
This issue is stale because it has been open for 90 days with no
activity. It will automatically close after 30 more days of
inactivity. Reopen the issue with /reopen
. Mark the issue as
fresh by adding the comment /remove-lifecycle stale
.
/reopen
Still relevant AFAIK
A simple (albeit inefficient) workaround is to export a tarball using --tarball=foo.tar --push=false
and import the resulting image into k3s/containerd using k3s ctr images import
.
Simple example usage: https://github.com/monogon-dev/NetMeta/blob/94fcccddcb03faef99ce46ea4738b5d14804ffb8/scripts/build_containers.sh#L17
A more efficient strategy might be to just run a very simple registry implementation in-process and have ko
act as the registry? Serializing to tarballs is annoying because you lose deduplication...
A more efficient strategy might be to just run a very simple registry implementation in-process and have
ko
act as the registry? Serializing to tarballs is annoying because you lose deduplication...
It should be possible to just write the layers straight to the containerd local store, right? Just like a Docker build does.
It should be possible to just write the layers straight to the containerd local store, right?
Definitely, but IMO it would be really nice if we could avoid it. I don't really want to link the containerd client library.
OTOH, there are cases where containerd might be on another machine, and my idea doesn't work if the target runtime is on a different network.