Comments (4)
@aledbf is the support for /etc/containerd/certs.d
needed because of the default internal registry using self-signed cert? If so, when configuring Gitpod to use an external registry (such as Artifactory) that containerd is already configured to pull from without needing custom root certs, am I correct that this is not required? It is not clear from the gitpod ami repo's boostrap.sh
why this is needed, it just creates the dir, but nothing seems to copy anything into it, while airgap.sh
is just pre-pulling some images (not sure why this is required?).
However, I do see some other differences, like the CNI plugin version, sysctl entries, extra apt pkgs, etc..
Speaking of images, most companies limit the registries their K8S environment is allowed to pull from, enforcing the use of a designated company-wide registry due to security & stability reasons. So, in the future we would need a simple way to specify custom registry to be used by Gitpod (& the installer) for all images it needs to pull, and maybe the installer could pull all images needed for a gitpod installation, re-tag & push them to the company's custom registry if a custom registry host (and path) is defined.
from gitpod-eks-guide.
@vavdoshka the custom AMIs predate the containerd support from AWS managed AMIs.
You should try to use the ones provided by AWS, creating the required /etc/containerd/certs.d
directory
from gitpod-eks-guide.
@aledbf
yes I did try and found that I got the certificate trust error,
turned out the version of Containerd being used in the latest Amazon EKS AMI is 1.4.6 and as I understood the /etc/containerd/certs.d
support was implemented in 1.5.
If this is the only constraint I will wait for Containerd update to >1.5 in Amazon AMI and test it once again.
from gitpod-eks-guide.
Hello @aledbf,
Any chance the Installer MVP can be tested to provide your with a feedback?
https://github.com/gitpod-io/gitpod/milestone/16 (seems like 2 issues are still opened at this point of time, but these are non-blocking to get MVP run at least)
At the same time I don't see any references of it in the docs, and according to this ticket it seems the installer MVP is targeting GKE/AKS only gitpod-io/gitpod#6422
Still, if possible to test on EKS what could be the pointers to start with?
from gitpod-eks-guide.
Related Issues (20)
- OAuth providers integration documentation is 404
- Make AMI available in other AWS regions, e.g. ap-southeast-2 HOT 2
- Add support for external message broker (Amazon MQ)
- Used the instructions from this repo but can't run docker in workspace HOT 15
- AWS IAM Credentials to Provide
- Update AWS guide for the installer HOT 2
- Installer needs to add a feature to allow set `defaultBaseImageRegistryWhitelist`
- Installer needs a feature to allow setting `imageBuilderMk3` pull secret
- ws-daemon stuck in pod initialization when using shiftfs HOT 1
- CREATE_FAILED Custom::AWSCDK-EKS-HelmChart jaegerBaseClusterc HOT 2
- Creating Workspace after setup fail HOT 2
- Install gitpod-eks in China Ningxia region failed: Message returned: Error: b'Release "aws-load-balancer-controller" does not exist. Installing it now.\nError: timed out waiting for the condition\n' HOT 3
- AWS Load balancer return 504 HOT 1
- Error: No matching bindings found for serviceIdentifier: SubscriptionService
- Don't fail on S3 bucket existence
- Allow to user to toggle RDS
- Custom ami and overrideBootstrapCommand problem. Nodes faile to create
- Add support for using a private CA
- Don't report issues in this repo
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from gitpod-eks-guide.