diff --git a/pkg/kubelet/container/runtime.go b/pkg/kubelet/container/runtime.go index 6f26162dc96..70fd30e479c 100644 --- a/pkg/kubelet/container/runtime.go +++ b/pkg/kubelet/container/runtime.go @@ -34,6 +34,13 @@ type Version interface { String() string } +// ImageSpec is an internal representation of an image. Currently, it wraps the +// value of a Container's Image field, but in the future it will include more detailed +// information about the different image types. +type ImageSpec struct { + Image string +} + // Runtime interface defines the interfaces that should be implemented // by a container runtime. type Runtime interface { @@ -61,14 +68,15 @@ type Runtime interface { ExecInContainer(containerID string, cmd []string, stdin io.Reader, stdout, stderr io.WriteCloser, tty bool) error // Forward the specified port from the specified pod to the stream. PortForward(pod *Pod, port uint16, stream io.ReadWriteCloser) error - // PullImage pulls an image from the network to local storage. - PullImage(image string) error + // PullImage pulls an image from the network to local storage using the supplied + // secrets if necessary. + PullImage(image ImageSpec, secrets []api.Secret) error // IsImagePresent checks whether the container image is already in the local storage. - IsImagePresent(image string) (bool, error) + IsImagePresent(image ImageSpec) (bool, error) // Gets all images currently on the machine. ListImages() ([]Image, error) // Removes the specified image. - RemoveImage(image string) error + RemoveImage(image ImageSpec) error // TODO(vmarmol): Unify pod and containerID args. // GetContainerLogs returns logs of a specific container. By // default, it returns a snapshot of the container log. Set 'follow' to true to diff --git a/pkg/kubelet/dockertools/manager.go b/pkg/kubelet/dockertools/manager.go index eda841f6084..cea8c5e1065 100644 --- a/pkg/kubelet/dockertools/manager.go +++ b/pkg/kubelet/dockertools/manager.go @@ -743,18 +743,18 @@ func (dm *DockerManager) ListImages() ([]kubecontainer.Image, error) { // TODO(vmarmol): Consider unexporting. // PullImage pulls an image from network to local storage. -func (dm *DockerManager) PullImage(image string) error { - return dm.Puller.Pull(image) +func (dm *DockerManager) PullImage(image kubecontainer.ImageSpec, _ []api.Secret) error { + return dm.Puller.Pull(image.Image) } // IsImagePresent checks whether the container image is already in the local storage. -func (dm *DockerManager) IsImagePresent(image string) (bool, error) { - return dm.Puller.IsImagePresent(image) +func (dm *DockerManager) IsImagePresent(image kubecontainer.ImageSpec) (bool, error) { + return dm.Puller.IsImagePresent(image.Image) } // Removes the specified image. -func (dm *DockerManager) RemoveImage(image string) error { - return dm.client.RemoveImage(image) +func (dm *DockerManager) RemoveImage(image kubecontainer.ImageSpec) error { + return dm.client.RemoveImage(image.Image) } // podInfraContainerChanged returns true if the pod infra container has changed. @@ -1156,8 +1156,9 @@ func (dm *DockerManager) createPodInfraContainer(pod *api.Pod) (kubeletTypes.Doc if err != nil { glog.Errorf("Couldn't make a ref to pod %v, container %v: '%v'", pod.Name, container.Name, err) } + spec := kubecontainer.ImageSpec{container.Image} // TODO: make this a TTL based pull (if image older than X policy, pull) - ok, err := dm.IsImagePresent(container.Image) + ok, err := dm.IsImagePresent(spec) if err != nil { if ref != nil { dm.recorder.Eventf(ref, "failed", "Failed to inspect image %q: %v", container.Image, err) @@ -1165,7 +1166,7 @@ func (dm *DockerManager) createPodInfraContainer(pod *api.Pod) (kubeletTypes.Doc return "", err } if !ok { - if err := dm.PullImage(container.Image); err != nil { + if err := dm.PullImage(spec, nil); err != nil { if ref != nil { dm.recorder.Eventf(ref, "failed", "Failed to pull image %q: %v", container.Image, err) } @@ -1324,7 +1325,8 @@ func (dm *DockerManager) computePodContainerChanges(pod *api.Pod, runningPod kub // Pull the image for the specified pod and container. func (dm *DockerManager) pullImage(pod *api.Pod, container *api.Container) error { - present, err := dm.IsImagePresent(container.Image) + spec := kubecontainer.ImageSpec{container.Image} + present, err := dm.IsImagePresent(spec) if err != nil { ref, err := kubecontainer.GenerateContainerRef(pod, container) if err != nil { @@ -1340,7 +1342,7 @@ func (dm *DockerManager) pullImage(pod *api.Pod, container *api.Container) error return nil } - err = dm.PullImage(container.Image) + err = dm.PullImage(spec, nil) dm.runtimeHooks.ReportImagePull(pod, container, err) return err } diff --git a/pkg/kubelet/rkt/rkt_linux.go b/pkg/kubelet/rkt/rkt_linux.go index 76ace6c7337..051a3e7ca54 100644 --- a/pkg/kubelet/rkt/rkt_linux.go +++ b/pkg/kubelet/rkt/rkt_linux.go @@ -745,7 +745,8 @@ func (r *runtime) writeDockerAuthConfig(image string, creds docker.AuthConfigura // // https://github.com/GoogleCloudPlatform/kubernetes/issues/7203 // -func (r *runtime) PullImage(img string) error { +func (r *runtime) PullImage(image kubecontainer.ImageSpec, _ []api.Secret) error { + img := image.Image // TODO(yifan): The credential operation is a copy from dockertools package, // Need to resolve the code duplication. repoToPull, tag := parsers.ParseRepositoryTag(img) @@ -775,7 +776,8 @@ func (r *runtime) PullImage(img string) error { // IsImagePresent returns true if the image is available on the machine. // TODO(yifan): 'rkt image' is now landed on master, use that once we bump up // the rkt version. -func (r *runtime) IsImagePresent(img string) (bool, error) { +func (r *runtime) IsImagePresent(image kubecontainer.ImageSpec) (bool, error) { + img := image.Image if _, err := r.runCommand("prepare", "--local=true", dockerPrefix+img); err != nil { return false, nil } @@ -786,7 +788,7 @@ func (r *runtime) ListImages() ([]kubecontainer.Image, error) { return []kubecontainer.Image{}, fmt.Errorf("rkt: ListImages unimplemented") } -func (r *runtime) RemoveImage(image string) error { +func (r *runtime) RemoveImage(image kubecontainer.ImageSpec) error { return fmt.Errorf("rkt: RemoveImages unimplemented") }