Support for arm images

Question

Support for arm images

wsilva opened this issue 2 years ago · 3 comments

wsilva commented 2 years ago

Feature Description

Ability to run in ARM architecture clusters like raspberries computers or AWS graviton instances

Is your feature request related to a problem?

Yeap, I can not run the zora operator into a arm cluster.

What alternatives have you considered?

Not sure if it's too complicated to compile the container entrypoint command and build the container image for multi architecture.

Additional Context

I have a "cluster" with 4 raspberries 3B and 2 raspberries zero w. We can disregard the Zero W models because they are have armv6l architecture that are not supported by Kubernetes or even Docker, I struggle to put then in a running cluster. But the 3B are running fine with a k3s cluster:

$ k get node -o wide
NAME   STATUS   ROLES                  AGE    VERSION        INTERNAL-IP   EXTERNAL-IP   OS-IMAGE                         KERNEL-VERSION   CONTAINER-RUNTIME
pi4    Ready    <none>                 93m    v1.25.6+k3s1   10.0.0.74     <none>        Debian GNU/Linux 11 (bullseye)   5.15.84-v8+      containerd://1.6.15-k3s1
pi1    Ready    control-plane,master   110m   v1.25.6+k3s1   10.0.0.71     <none>        Debian GNU/Linux 11 (bullseye)   5.15.84-v8+      containerd://1.6.15-k3s1
pi3    Ready    <none>                 99m    v1.25.6+k3s1   10.0.0.73     <none>        Debian GNU/Linux 11 (bullseye)   5.15.84-v8+      containerd://1.6.15-k3s1
pi2    Ready    <none>                 101m   v1.25.6+k3s1   10.0.0.72     <none>        Debian GNU/Linux 11 (bullseye)   5.15.84-v8+      containerd://1.6.15-k3s1

I can even install with the following command:

$ helm upgrade --install zora undistro/zora  --set saas.workspaceID='my-suppressed-id'  -n zora-system  --create-namespace --wait

But the operator is not able to run:

$ k -n zora-system get pod -o wide
NAME                             READY   STATUS             RESTARTS        AGE   IP          NODE   NOMINATED NODE   READINESS GATES
zora-operator-858f7c4959-6xdz6   1/2     CrashLoopBackOff   9 (2m29s ago)   23m   10.42.3.4   pi4    <none>           <none>

The rbac proxy container is ok:

$ k -n zora-system logs -f zora-operator-858f7c4959-6xdz6 -c kube-rbac-proxy
I0307 16:00:16.487611       1 main.go:190] Valid token audiences:
I0307 16:00:16.488076       1 main.go:262] Generating self signed cert as no cert is provided
I0307 16:00:23.703087       1 main.go:311] Starting TCP socket on 0.0.0.0:8443
I0307 16:00:23.704538       1 main.go:318] Listening securely on 0.0.0.0:8443

But the manager throws the following:

$ k -n zora-system logs -f zora-operator-858f7c4959-6xdz6 -c manager
exec /manager: exec format error

Answer 1 · 2023-03-08T01:07:48.000Z

Hi @wsilva
Thank you for reporting this issue.

Your suggestion makes sense.

We can build a multi-platform docker image by using docker buildx.
The kube-rbac-proxy container works because it image is already multi-platform.

Could you try to use the multi-platform images that I built in this draft, please?

Just add the following parameters in the helm upgrade --install command:

--set operator.image.tag="feat-multi-platform-support" \
--set worker.image.tag="feat-multi-platform-support" \
--set scan.plugins.popeye.image.tag="v0.11.1-cross"

Below is the difference between the docker manifest inspect command output for both images.

docker manifest inspect ghcr.io/undistro/zora/operator:v0.4.4

Output

{
	"schemaVersion": 2,
	"mediaType": "application/vnd.docker.distribution.manifest.v2+json",
	"config": {
		"mediaType": "application/vnd.docker.container.image.v1+json",
		"size": 1727,
		"digest": "sha256:334702e4278923e5d4c547b6a53154fe564904430b9eacd0d574c5606ae7a9e2"
	},
	"layers": [
		{
			"mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
			"size": 795825,
			"digest": "sha256:fc251a6e798157dc3b46fd265da72f39cd848e3f9f4a0b28587d1713b878deb9"
		},
		{
			"mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
			"size": 20953202,
			"digest": "sha256:dcf23b580ff00402205ffd934a2166ad91bdd122ba4d2dcb51fc90871f655f22"
		}
	]
}

docker manifest inspect ghcr.io/undistro/zora/operator:feat-multi-platform-support

Output

{
   "schemaVersion": 2,
   "mediaType": "application/vnd.docker.distribution.manifest.list.v2+json",
   "manifests": [
      {
         "mediaType": "application/vnd.docker.distribution.manifest.v2+json",
         "size": 701,
         "digest": "sha256:036dc83a4dc29a433817cdf21133ede07fd3afe16ec96ae8b69a4ab4f54600a2",
         "platform": {
            "architecture": "arm64",
            "os": "linux"
         }
      },
      {
         "mediaType": "application/vnd.docker.distribution.manifest.v2+json",
         "size": 701,
         "digest": "sha256:e18cc4c0e4c0f3dbf39a0d0e9798f3fc0bfacb0fc12efd69fccbd5aaba700b8c",
         "platform": {
            "architecture": "amd64",
            "os": "linux"
         }
      },
      {
         "mediaType": "application/vnd.docker.distribution.manifest.v2+json",
         "size": 701,
         "digest": "sha256:3480a866dd4e2f13638fe35eda3026056d7b5b311404f654b4c6ce4e1354fd06",
         "platform": {
            "architecture": "s390x",
            "os": "linux"
         }
      },
      {
         "mediaType": "application/vnd.docker.distribution.manifest.v2+json",
         "size": 701,
         "digest": "sha256:011baa4a601409ceb3131314a149904179966ff92e6bd780d5bc51453a8da70e",
         "platform": {
            "architecture": "ppc64le",
            "os": "linux"
         }
      }
   ]
}

Answer 2 · 2023-03-08T02:19:46.000Z

Wow, thanks. 🙇

You were faster than me. Also made the following PR: #202 but I will close mine since yours is way more complete.

Will make some tests tomorrow and let you know.

Answer 3 · 2023-03-08T12:12:50.000Z

Oh @wsilva I didn't know you were working on it.

Feel free to reopen your PR and we can work on it.
Your contributions are welcome!