K8s packages should be hosted on community infra #281
Comments
|
I totally agree @jbeda! We just took the fast route initially with @mikedanese publishing the debs on Google infra I guess this transition will take some time as it will be a breaking change for consumers. Other thoughts @ixdy @timstclair @dankohn @bgrant0607 @thockin? |
|
No disagreement. We need (at least):
* a budget
* a way to get CNCF to pay for infra
* a process for who gets to access/sysadmin this stuff
And maybe:
* hire a sysadmin or 2
For now, Google is paying for it.
…On Thu, Mar 16, 2017 at 12:40 PM, Lucas Käldström ***@***.***> wrote:
I totally agree @jbeda <https://github.com/jbeda>! We just took the fast
route initially with @mikedanese <https://github.com/mikedanese>
publishing the debs on Google infra
I guess this transition will take some time as it will be a breaking
change for consumers.
But we should probably spin up a community (CNCF) hosted infra for both
binaries and packages, and gradually move to it during 2017 or so.
Other thoughts @ixdy <https://github.com/ixdy> @timstclair
<https://github.com/timstclair> @dankohn <https://github.com/dankohn>
@bgrant0607 <https://github.com/bgrant0607> @thockin
<https://github.com/thockin>?
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
<#281 (comment)>,
or mute the thread
<https://github.com/notifications/unsubscribe-auth/AFVgVBn-OCDUkS_yWqgaJ3gfUacZkBttks5rmZAogaJpZM4Mas-k>
.
|
|
Yup, I know, somebody's gotta pay :) That's why I pinged Dan on this, I think he has insight into what CNCF can do here. |
|
The gcr and gcs changeovers will be interesting to figure out, but luckily
we have a channel to those teams :)
…On Thu, Mar 16, 2017 at 12:50 PM, Lucas Käldström ***@***.***> wrote:
Yup, I know, somebody's gotta pay :)
And it shouldn't go unsaid that I'm really happy Google is paying for it
and maintaining it now, making it actually possible for us to publish
binaries easily and quickly, but long-term this belongs to the independent
foundation.
That's why I pinged Dan on this, I think he has insight into what CNCF can
do here.
Also related is the shift from gcr.io/google_containers to something
Kubernetes-wide that's maintained by the CNCF: #270
<#270>
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
<#281 (comment)>,
or mute the thread
<https://github.com/notifications/unsubscribe-auth/AFVgVNYaz5wstkvNjP14wcf2qI0xwjvKks5rmZJ3gaJpZM4Mas-k>
.
|
|
Just to confirm that CNCF is willing to take on the budget responsibility for this. Our preference would be to have companies that are contributing to Kubernetes continue to fulfill the sysadmin responsibilities, but once it is off Google infrastructure, non-Google sysadmins would be welcome. Our strong preference would also be for someone from the Kubernetes community to take the lead scoping our requirements, including a budget and transition plan. |
|
Dan, eventually we will have to have a conversation about sysadmins for the
rest of the kube infrastructure - from the website, to the test infra, to
the myriad little things we run to serve the community. I am a poor
sysadmin at best. :)
…On Thu, Mar 16, 2017 at 5:38 PM, Dan Kohn ***@***.***> wrote:
Just to confirm that CNCF is willing to take on the budget responsibility
for this. Our preference would be to have companies that are contributing
to Kubernetes continue to fulfill the sysadmin responsibilities, but once
it is off Google infrastructure, non-Google sysadmins would be welcome.
Our strong preference would also be for someone from the Kubernetes
community to take the lead scoping our requirements, including a budget and
transition plan.
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
<#281 (comment)>,
or mute the thread
<https://github.com/notifications/unsubscribe-auth/AFVgVFdqARcaJADbjsXSBxrXZrNI-D8Yks5rmdYhgaJpZM4Mas-k>
.
|
|
Like https://github.com/kubernetes/k8s.io, prow, mungegithub, ... |
|
I saw some things mentioned about what needs to be done, but they aren't super concrete for me. Does anyone feel comfortable outlining the first few steps in starting this process? Links to examples of related docs that might show how things are done would be especially useful. |
|
We are looking at making a new GCP "organization" for kubernetes stuff to
be hosted. CNCF will pick up th ebillm but we have to run it (as it should
be).
…On Fri, Apr 21, 2017 at 8:34 AM, Greg Taylor ***@***.***> wrote:
I saw some things mentioned about what needs to be done, but they aren't
super concrete for me. Does anyone feel comfortable outlining the first few
steps in starting this process? Links to examples of related docs that
might show how things are done would be especially useful.
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
<#281 (comment)>,
or mute the thread
<https://github.com/notifications/unsubscribe-auth/AFVgVJCpFScHMXuQ-2JUMUn_UW9ZtPBZks5ryMyTgaJpZM4Mas-k>
.
|
|
Sounds reasonable. I'm around if help is needed!
…On Apr 22, 2017 10:17 PM, "Tim Hockin" ***@***.***> wrote:
We are looking at making a new GCP "organization" for kubernetes stuff to
be hosted. CNCF will pick up th ebillm but we have to run it (as it should
be).
On Fri, Apr 21, 2017 at 8:34 AM, Greg Taylor ***@***.***>
wrote:
> I saw some things mentioned about what needs to be done, but they aren't
> super concrete for me. Does anyone feel comfortable outlining the first
few
> steps in starting this process? Links to examples of related docs that
> might show how things are done would be especially useful.
>
> —
> You are receiving this because you were mentioned.
> Reply to this email directly, view it on GitHub
> <#281 (comment)
>,
> or mute the thread
> <https://github.com/notifications/unsubscribe-
auth/AFVgVJCpFScHMXuQ-2JUMUn_UW9ZtPBZks5ryMyTgaJpZM4Mas-k>
> .
>
—
You are receiving this because you are subscribed to this thread.
Reply to this email directly, view it on GitHub
<#281 (comment)>,
or mute the thread
<https://github.com/notifications/unsubscribe-auth/AAEnJBp4jhI-2lQwtvn9ZLSg_aBs3_XTks5ryt7RgaJpZM4Mas-k>
.
|
|
Note that kubernetes-charts and kubernetes-helm are GCP projects to which non-Googlers have access. Maybe we should set up more such projects for relatively independent subprojects. |
Automatic merge from submit-queue (batch tested with PRs 54379, 56593, 56685, 54174, 57309). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>. Use k8s.gcr.io vanity domain for container images Related issue: kubernetes/release#281 ```release-note Use "k8s.gcr.io" for container images rather than "gcr.io/google_containers". This is just a redirect, for now, so should not impact anyone materially. Documentation and tools should all convert to the new name. Users should take note of this in case they see this new name in the system. ```
Automatic merge from submit-queue (batch tested with PRs 54379, 56593, 56685, 54174, 57309). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>. Use k8s.gcr.io vanity domain for container images Related issue: kubernetes/release#281 ```release-note Use "k8s.gcr.io" for container images rather than "gcr.io/google_containers". This is just a redirect, for now, so should not impact anyone materially. Documentation and tools should all convert to the new name. Users should take note of this in case they see this new name in the system. ``` Kubernetes-commit: e5abffca6f91d42fb5ae97b28fa6683e4244c12b
|
@spiffxp a prereq as being able to sign the artifacts which we don't have a good path for yet |
|
/milestone v1.22 Part of kubernetes/sig-release#1372. |
k8s-ci-robot
added
the
priority/important-longterm
justaugustus
removed
the
priority/critical-urgent
|
Super late reply but:
We host lots of stuff in the project that involve integration with specific vendor platforms, so I think that's fine. For the record: While this issue is about the k8s packages, the conversation here veered off into the infra in general. So with that in mind: The wg-k8s-infra effort and SIG Testing, SIG release, etc. have moved many things to community controlled (though much of it google funded and GCP based), infrastructure. This however is not one of them yet. Unlike GCR this is not a product offering we can "just" pull off migrating to a community controlled but google funded instance of. The package host is ~internal infrastructure meant for hosting official stuff like the gcloud SDK. We'll need to use something else entirely to move it to community control. This should probably be pretty easy if someone wants to staff it, though the big question is likely that of signing packages, as currently googlers sign them via google's registry ... Realistically we could probably just do something like docker etc., and create a key for the project and ask people to trust it / import it 🤷♂️ |
|
(@BenTheElder -- working on a plan for this in 1.21) |
|
/milestone v1.23 |
k8s-ci-robot
added
sig/k8s-infra
|
Closing this in favor of #913. |
|
@justaugustus: Closing this issue. In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
It is clear the apt repository for the k8s packages are shared with other google repositories.
The text was updated successfully, but these errors were encountered: