Skip to content

Docker image on Kubernetes support #1083

New issue
New issue
Closed
Closed
Docker image on Kubernetes support#1083
Labels
enhancementNew feature or requestprojectIssue is part of an ongoing project
@mc2eqe

Description

@mc2eqe
mc2eqe
opened on Nov 8, 2023

The Issue proposes two distinct improvements to the Docker image:

  1. Change from CMD to ENTRYPOINT:
    This modification shifts the container's main executable specification from the CMD directive to ENTRYPOINT. The primary advantage of this is the encapsulation of the executable within the image, which simplifies the command needed to run the container. Instead of having to specify the executable each time, like so:
    docker run staketechnologies/astar-collator:latest astar-collator --chain astar
    Users can now simply pass the necessary arguments directly, as the ENTRYPOINT specifies the executable:
    docker run staketechnologies/astar-collator:latest --chain astar

This change is particularly beneficial for Kubernetes deployments, where the ENTRYPOINT of a Docker image typically specifies the starting command.

  1. Retention of the shell (/bin/sh):
    The Docker image previously had steps to remove /usr/bin and /usr/sbin, which included the shell. The Helm chart by Parity Tech relies on the shell within the container to execute a sequence of operations. For instance, the persist-generated-node-key init container script uses /bin/sh to perform actions such as generating a node key if it doesn't already exist:
- name: persist-generated-node-key
  image: {{ .Values.image.repository }}:{{ .Values.image.tag }}
  command: [ "/bin/sh" ]
  args:
    - -c
    - |
      set -eu {{ if .Values.initContainers.persistGeneratedNodeKey.debug }}-x{{ end }}
      ...
      # Script continues to check and generate the node key

Maintaining the shell in the image ensures compatibility with these scripts and prevents the failure of Helm chart operations that depend on shell access within the container.

The Issue's intent is to provide a Docker image that not only maintains backward compatibility but also enhances the image's usability within Kubernetes environments, especially when managed via Helm charts.

An example of our current usage in k8s:

repositories:
  - name: parity
    url: https://paritytech.github.io/helm-charts/

helmDefaults:
  createNamespace: false
  waitForJobs: true

namespace: astar

releases:
  - name: collator
    chart: parity/node
    version: 5.1.0
    values:
      - image:
          repository: freeverseio/astar
          tag: cd9c353d5a23c4545a16e4d02f78ff3a36ad3d53
      - node:
          chain: astar
          command: "astar-collator"
          replicas: 1
          role: collator
          perNodeServices:
            paraP2pService:
              enabled: true
              type: LoadBalancer
          isParachain: true
          allowUnsafeRpcMethods: true
          customChainspecUrl: https://raw.githubusercontent.com/freeverseio/laos/main/ownership-chain/specs/astar-local-raw.json
          collatorRelayChain:
            customChainspecUrl: https://raw.githubusercontent.com/freeverseio/laos-ownership-node/dev/specs/rococo-freeverse-chainspec.json

Metadata

Metadata

Assignees

No one assigned

    Labels

    enhancementNew feature or requestprojectIssue is part of an ongoing project

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions