Merge pull request #269 from sgotti/executor_docker_pull_initimage_only_when_needed
executor/docker: pull init image only when needed
This commit is contained in:
commit
875e118817
|
@ -15,7 +15,6 @@
|
|||
package driver
|
||||
|
||||
import (
|
||||
"bufio"
|
||||
"context"
|
||||
"encoding/base64"
|
||||
"encoding/json"
|
||||
|
@ -73,16 +72,8 @@ func (d *DockerDriver) Setup(ctx context.Context) error {
|
|||
return nil
|
||||
}
|
||||
|
||||
func (d *DockerDriver) createToolboxVolume(ctx context.Context, podID string) (*dockertypes.Volume, error) {
|
||||
reader, err := d.client.ImagePull(ctx, d.initImage, dockertypes.ImagePullOptions{})
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
scanner := bufio.NewScanner(reader)
|
||||
for scanner.Scan() {
|
||||
d.log.Infof("create toolbox volume image pull output: %s", scanner.Text())
|
||||
}
|
||||
if err := scanner.Err(); err != nil {
|
||||
func (d *DockerDriver) createToolboxVolume(ctx context.Context, podID string, out io.Writer) (*dockertypes.Volume, error) {
|
||||
if err := d.fetchImage(ctx, d.initImage, false, nil, out); err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
|
@ -153,7 +144,7 @@ func (d *DockerDriver) NewPod(ctx context.Context, podConfig *PodConfig, out io.
|
|||
return nil, errors.Errorf("empty container config")
|
||||
}
|
||||
|
||||
toolboxVol, err := d.createToolboxVolume(ctx, podConfig.ID)
|
||||
toolboxVol, err := d.createToolboxVolume(ctx, podConfig.ID, out)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
@ -240,7 +231,7 @@ func (d *DockerDriver) NewPod(ctx context.Context, podConfig *PodConfig, out io.
|
|||
return pod, nil
|
||||
}
|
||||
|
||||
func (d *DockerDriver) fetchImage(ctx context.Context, image string, registryConfig *registry.DockerConfig, out io.Writer) error {
|
||||
func (d *DockerDriver) fetchImage(ctx context.Context, image string, alwaysFetch bool, registryConfig *registry.DockerConfig, out io.Writer) error {
|
||||
regName, err := registry.GetRegistry(image)
|
||||
if err != nil {
|
||||
return err
|
||||
|
@ -257,8 +248,21 @@ func (d *DockerDriver) fetchImage(ctx context.Context, image string, registryCon
|
|||
}
|
||||
registryAuthEnc := base64.URLEncoding.EncodeToString(buf)
|
||||
|
||||
// by default always try to pull the image so we are sure only authorized users can fetch them
|
||||
// see https://kubernetes.io/docs/reference/access-authn-authz/admission-controllers/#alwayspullimages
|
||||
tag, err := registry.GetImageTagOrDigest(image)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
args := filters.NewArgs()
|
||||
args.Add("reference", image)
|
||||
img, err := d.client.ImageList(ctx, dockertypes.ImageListOptions{Filters: args})
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
exists := len(img) > 0
|
||||
|
||||
// fetch only if forced, is latest tag or image doesn't exist
|
||||
if alwaysFetch || tag == "latest" || !exists {
|
||||
reader, err := d.client.ImagePull(ctx, image, dockertypes.ImagePullOptions{RegistryAuth: registryAuthEnc})
|
||||
if err != nil {
|
||||
return err
|
||||
|
@ -266,12 +270,17 @@ func (d *DockerDriver) fetchImage(ctx context.Context, image string, registryCon
|
|||
|
||||
_, err = io.Copy(out, reader)
|
||||
return err
|
||||
}
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
func (d *DockerDriver) createContainer(ctx context.Context, index int, podConfig *PodConfig, maincontainerID string, toolboxVol *dockertypes.Volume, out io.Writer) (*container.ContainerCreateCreatedBody, error) {
|
||||
containerConfig := podConfig.Containers[index]
|
||||
|
||||
if err := d.fetchImage(ctx, containerConfig.Image, podConfig.DockerConfig, out); err != nil {
|
||||
// by default always try to pull the image so we are sure only authorized users can fetch them
|
||||
// see https://kubernetes.io/docs/reference/access-authn-authz/admission-controllers/#alwayspullimages
|
||||
if err := d.fetchImage(ctx, containerConfig.Image, true, podConfig.DockerConfig, out); err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
|
|
|
@ -76,6 +76,14 @@ var (
|
|||
}
|
||||
)
|
||||
|
||||
func GetImageTagOrDigest(image string) (string, error) {
|
||||
ref, err := name.ParseReference(image, name.WeakValidation)
|
||||
if err != nil {
|
||||
return "", err
|
||||
}
|
||||
return ref.Identifier(), nil
|
||||
}
|
||||
|
||||
func GetRegistry(image string) (string, error) {
|
||||
ref, err := name.ParseReference(image, name.WeakValidation)
|
||||
if err != nil {
|
||||
|
|
Loading…
Reference in New Issue