Giter VIP home page Giter VIP logo

Comments (4)

szab100 avatar szab100 commented on June 11, 2024 1

@aledbf is the support for /etc/containerd/certs.d needed because of the default internal registry using self-signed cert? If so, when configuring Gitpod to use an external registry (such as Artifactory) that containerd is already configured to pull from without needing custom root certs, am I correct that this is not required? It is not clear from the gitpod ami repo's boostrap.sh why this is needed, it just creates the dir, but nothing seems to copy anything into it, while airgap.sh is just pre-pulling some images (not sure why this is required?).

However, I do see some other differences, like the CNI plugin version, sysctl entries, extra apt pkgs, etc..

Speaking of images, most companies limit the registries their K8S environment is allowed to pull from, enforcing the use of a designated company-wide registry due to security & stability reasons. So, in the future we would need a simple way to specify custom registry to be used by Gitpod (& the installer) for all images it needs to pull, and maybe the installer could pull all images needed for a gitpod installation, re-tag & push them to the company's custom registry if a custom registry host (and path) is defined.

from gitpod-eks-guide.

aledbf avatar aledbf commented on June 11, 2024

@vavdoshka the custom AMIs predate the containerd support from AWS managed AMIs.

You should try to use the ones provided by AWS, creating the required /etc/containerd/certs.d directory

from gitpod-eks-guide.

vavdoshka avatar vavdoshka commented on June 11, 2024

@aledbf
yes I did try and found that I got the certificate trust error,
turned out the version of Containerd being used in the latest Amazon EKS AMI is 1.4.6 and as I understood the /etc/containerd/certs.d support was implemented in 1.5.
If this is the only constraint I will wait for Containerd update to >1.5 in Amazon AMI and test it once again.

from gitpod-eks-guide.

vavdoshka avatar vavdoshka commented on June 11, 2024

Hello @aledbf,

Any chance the Installer MVP can be tested to provide your with a feedback?
https://github.com/gitpod-io/gitpod/milestone/16 (seems like 2 issues are still opened at this point of time, but these are non-blocking to get MVP run at least)

At the same time I don't see any references of it in the docs, and according to this ticket it seems the installer MVP is targeting GKE/AKS only gitpod-io/gitpod#6422

Still, if possible to test on EKS what could be the pointers to start with?

from gitpod-eks-guide.

Related Issues (20)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.