Upload staging images to Google Artifact Registry
This is specifically for testing unreleased k8s components. Most of this is from https://cloud.google.com/artifact-registry/docs/docker/quickstart
Pre Reqs
Setup
Each release includes a compressed file that includes the container images and artifacts. These can be found in the latest server-binaries link from the CHANGELOG.
Get the container images on disk and load them into docker.
curl -LO https://dl.k8s.io/v1.24.0-alpha.1/kubernetes-server-linux-amd64.tar.gz
Extract only the stuff we care about (/bin).
tar xvf kubernetes-server-linux-amd64.tar.gz --strip=2 --wildcards "*/bin"
Load images into Docker.
export array=(kube-apiserver kube-controller-manager kube-scheduler kube-proxy)
for i in "${array[@]}"; do
sudo docker load -i bin/$i.tar
done
Output is similar to:
250f75829aad: Loading layer [==================================================>] 1.509MB/1.509MB
e4532922ece0: Loading layer [==================================================>] 131.3MB/131.3MB
Loaded image: k8s.gcr.io/kube-apiserver-amd64:v1.24.0-alpha.1
c71194ba6df3: Loading layer [==================================================>] 121.1MB/121.1MB
Loaded image: k8s.gcr.io/kube-controller-manager-amd64:v1.24.0-alpha.1
f146ae1f263c: Loading layer [==================================================>] 49.62MB/49.62MB
Loaded image: k8s.gcr.io/kube-scheduler-amd64:v1.24.0-alpha.1
27109972a1c4: Loading layer [==================================================>] 44.15MB/44.15MB
Loaded image: k8s.gcr.io/kube-proxy-amd64:v1.24.0-alpha.1
We also need to ensure we have the images (either already local or pull them)
sudo docker pull k8s.gcr.io/pause:3.6
sudo docker pull k8s.gcr.io/etcd:3.5.1-0
sudo docker pull k8s.gcr.io/coredns/coredns:v1.8.6
sudo docker pull k8s.gcr.io/kube-proxy:v1.24.0-alpha.1
Google Artifact Registry
Create a Google Artifact Registry in GCP & move images to GAR. The following assumes you have a gcloud CLI configured to the project above you are using (gcloud auth login).
gcloud auth login
Follow the recommendation for setup.
# ex: gcloud artifacts repositories create k8s-testing --repository-format=docker \
--location=us-central1 --description="Docker repository"
gcloud auth configure-docker us-central1-docker.pkg.dev
Tag and move images.
for i in "${array[@]}"; do
sudo docker tag k8s.gcr.io/$i-amd64:v1.24.0-alpha.1 us-central1-docker.pkg.dev/out-of-pocket-cloudlab/k8s-testing/$i:v1.24.0-alpha.1 && sudo docker push us-central1-docker.pkg.dev/out-of-pocket-cloudlab/k8s-testing/$i:v1.24.0-alpha.1
done
Do the additional images too.
# Tag 'em
sudo docker tag k8s.gcr.io/pause:3.6 us-central1-docker.pkg.dev/out-of-pocket-cloudlab/k8s-testing/pause:3.6
sudo docker tag k8s.gcr.io/etcd:3.5.1-0 us-central1-docker.pkg.dev/out-of-pocket-cloudlab/k8s-testing/etcd:3.5.1-0
sudo docker tag k8s.gcr.io/coredns/coredns:v1.8.6 us-central1-docker.pkg.dev/out-of-pocket-cloudlab/k8s-testing/coredns:v1.8.6
sudo docker tag k8s.gcr.io/kube-proxy:v1.24.0-alpha.1 us-central1-docker.pkg.dev/out-of-pocket-cloudlab/k8s-testing/kube-proxy:v1.24.0-alpha.1
# Push 'em
sudo docker push us-central1-docker.pkg.dev/out-of-pocket-cloudlab/k8s-testing/pause:3.6
sudo docker push us-central1-docker.pkg.dev/out-of-pocket-cloudlab/k8s-testing/etcd:3.5.1-0
sudo docker push us-central1-docker.pkg.dev/out-of-pocket-cloudlab/k8s-testing/coredns:v1.8.6
sudo docker push us-central1-docker.pkg.dev/out-of-pocket-cloudlab/k8s-testing/kube-proxy:v1.24.0-alpha.1
Make images public (https://cloud.google.com/artifact-registry/docs/access-control#public)
gcloud artifacts repositories add-iam-policy-binding k8s-testing --location=us-central1 --member=allUsers --role=roles/artifactregistry.reader --project out-of-pocket-cloudlab
Output:
Updated IAM policy for repository [k8s-testing].
bindings:
- members:
- allUsers
role: roles/artifactregistry.reader
etag: BwXS_MvXa94=
version: 1
When using with kubeadm, specify the image path with --image-repository string. For example, --image-repository "us-central1-docker.pkg.dev/out-of-pocket-cloudlab/k8s-testing"