public-cloud-roadmap
public-cloud-roadmap copied to clipboard
ovh
Managed Kubernetes - Allow activation/deactivation of Admission Plugins
Currently API server is configured with following parameter: --enable-admission-plugins=AlwaysPullImages
Allow us to remove this parameters to make 'ImagePullPolicy' work. For 2 mains reason:
- Docker hub introduce a download quota since december for free account, people don't want to download every newest image. (save the forest !)
- If Docker hub is unavailable we still want our pod (iImagePullPolicy: IfnotPresent + Tag != latest) to startup if node got image in cache.
Thanks,
Hi, we would gladly like that feature too ! We use gitlab internally with their registry, and it happens that their API is not responsive (like every service), combine with some node/deployment restart and you can't start your pod. Thanks
Hi @Chaya56 and @cemonneau I confirm that we heard you and we will make this change? I dont have yet an ETA to share but will had this officially to the changelog and update here as soon as I have this information
Hi, I confirm this possibility is important for many cases, especially when registry is down like today, and node restart appears in the same time...
I'm voting for this feature. The container image pull time on the "AlwaysPullImages" is significantly longer.
Adding to this, docker hub has a quota limit:
https://docs.docker.com/docker-hub/download-rate-limit/
Hi guys, I know you don't have ETAs, but was there some changes or discussions on your end ? Gitlab had an outage yesterday, right when we made some changes and it impacted us. Thanks
Hello @cemonneau and sorry for the long time with no update on this. I confurm this feature will be developped during summer and i will update this issue with a more precise ETA in a couple of weeks.
Hello 😊
First time for me on an OVH Kubernetes cluster, and shocked that this option is turned on by default, with no way to changed that, in an era of DockerHub quotas :cry:
More than 2 months later, could we have an ETA ? 🙏
hello @bcouetil I confirl this feature is currently under developpment. I cannot yet share an ETA for production, but this is now a matter of weeks.
@bcouetil @cemonneau @digiserg @tsn77130 @hshimizu @abstract-entity
The feature is now available API only. This API will be documented (including default values) and the Terraform provider will be updated in the next 2 l weeks to reflex this facultative additionnal parameters.
You can alreadu use it though these API routes : https://api.ovh.com/console/#/cloud/project/%7BserviceName%7D/kube~POST for a new cluster https://api.ovh.com/console/#/cloud/project/%7BserviceName%7D/kube/%7BkubeId%7D/customization~PUT to force a new customization on an existing cluster
Thanks for your patience !
Thank you 🙏
Can someone share a working curl command for existing cluster ? Thanks !
Hi, Great news ! we got caught up with gitlab maintenance today and pod restart, so we will look at changing the options next week. What's the impact on a running k8s cluster : master node restart, nodes restart ? just to be sure of the impact on production cluster.
Thanks !
Hello,
Components API server/kubescheduler/controller manager are redeployed
best,
@cemonneau and all , the featire is now documented : https://docs.ovh.com/gb/en/kubernetes/apiserver-flags-configuration/
The feature is deployed and documented but I reopen because we are waiting for UI integration
The feature is also available through the Terraform provider: https://docs.ovh.com/gb/en/kubernetes/apiserver-flags-configuration/#configure-the-api-server-admission-plugins-through-terraform_1 :-)
