Skip to content

v0.1.0-dev-15: Minimum enable (#20)
Compare
Choose a tag to compare
@github-actions github-actions released this 14 Feb 01:26
· 26 commits to main since this release
v0.1.0-dev-15
10b9bad
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.

Changelog (v0.1.0-dev-14 & 15)

  • Added api's to mirror configure hosts_config / containerd config
  • Changed acr-mirror service install to initialize the bare minimum for the mirror to start

Changelog (v0.1.0-dev-13)

  • Fixed deserialization bug with response from IMDS endpoint

Changelog (v0.1.0-dev-12)

  • Feat enable new token_cache for /auth api
    • Note -- If the /auth api is too slow it will timeout on the overlaybd side

Changelog (v0.1.0-dev-9)

  • Fix bug w/ teleport plugin only returning response from a HEAD request, changed to GET
    • TODO: Changing this to be a bit more elaborate based on the initial proxied request

Changelog (v0.1.0-dev-8)

  • Refactoring error handling
  • Added automatic token cache invalidation

Changelog (v0.1.0-dev-7)

  • Adding image reference alternative feature to handle containerd version under 1.7-beta-1
    • Since the _default host feature isn't backported to older versions of containerd, the previous implementations can't handle dynamic enablement. To address this issue, the mirror now has the ability to handle image references in this format azurecr.io/_tenant_{registry}/{repo}:{tag}. This will be translated into {registry}.azurecr.io/{repo}:{tag} by the mirror which will then go through the normal dynamic enablement flow.

Notes

Developer version of acr-mirror service. After installing, you can install and configure overlaybd w/

(as sudo)

/opt/acr/tools/overlaybd/install.sh
/opt/acr/tools/overlaybd/enable-http-auth.sh
/opt/acr/tools/overlaybd/enable.sh

This will,

  1. Download and install overlaybd-tcmu and overlaybd-snapshotter, enable kernel features, and configure containerd
  2. Enable overlaybd-tcmu to authenticate using the acr-mirror as the access provider
  3. Enable the systemd unit files for overlaybd services, and start them
  4. Restart containerd

If the acr-mirror service is running in an environment other than AKS, then installing az-cli and running az login once is required (for example on your dev box).

To remove the package run,

apt-get remove acr-mirror

This will delete the /opt/acr folder but will not uninstall overlaybd packages. They must be removed individually.

Install script,

Ubuntu 18.04

#!/bin/bash
set -e

pushd /tmp || exit 1
wget 'https://github.com/juliusl/lifec_registry/releases/download/v0.1.0-dev-15/acr-mirror-1804-v0.1.0-dev-15.deb'
sudo apt-get install './acr-mirror-1804-v0.1.0-dev-15.deb' -y
rm './acr-mirror-1804-v0.1.0-dev-15.deb'
popd

# These libraries are needed for overlaybd-tcmu
sudo apt install libaio1 libnl-3-dev libnl-genl-3-dev -y
sudo /opt/acr/tools/overlaybd/install.sh
sudo /opt/acr/tools/overlaybd/enable-http-auth.sh
modprobe target_core_user
sudo /opt/acr/tools/overlaybd/enable.sh

Ubuntu 20.04

#!/bin/bash
set -e

pushd /tmp || exit 1
wget 'https://github.com/juliusl/lifec_registry/releases/download/v0.1.0-dev-15/acr-mirror-2004-v0.1.0-dev-15-10b9b.deb'
sudo apt-get install './acr-mirror-2004-v0.1.0-dev-15-10b9b.deb' -y
rm './acr-mirror-2004-v0.1.0-dev-15-10b9b.deb'
popd

# These libraries are needed for overlaybd-tcmu
sudo apt install libaio1 libnl-3-dev libnl-genl-3-dev -y
sudo /opt/acr/tools/overlaybd/install.sh
sudo /opt/acr/tools/overlaybd/enable-http-auth.sh
modprobe target_core_user
sudo /opt/acr/tools/overlaybd/enable.sh
Assets 4
Loading