You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Hello,
Is there anyway that docker could be added as an image extension? This would help many users that run CI/CD pipelines on top of kubernetes that currently use the underlying hosts /var/run/docker.sock to build docker images. I know using the host /var/run/docker.sock is an inherent security issue, but supporting this feature will mitigate users from having to rewrite all their codebases just to use Talos, and retain the functionality of building multi-arch images using buildx.
With this in mind, users could update their repos and pipelines to use more secure build tools like Kaniko, Buildah, or DinD gradually instead of creating an entire paradigm shift the moment they start using Talos.
The text was updated successfully, but these errors were encountered:
ZachThill
changed the title
[Request] Docker Extension
[Request] Docker Engine Extension
Nov 20, 2024
Kubernetes support for running on top of dockerd was removed long time ago, so you can't find any modern Kubernetes vanilla distro which would actually have dockerd used for Kubernetes. Modern Kubernetes uses CRI API, and it can run on top of containerd or some other CRI implementation.
CRI is used to run Kubernetes workloads, and it should not run anything else which is not managed by Kubernetes.
We ourselves run Talos CI by running dockerd as sidercar container when needed.
Hello,
Is there anyway that docker could be added as an image extension? This would help many users that run CI/CD pipelines on top of kubernetes that currently use the underlying hosts
/var/run/docker.sock
to build docker images. I know using the host/var/run/docker.sock
is an inherent security issue, but supporting this feature will mitigate users from having to rewrite all their codebases just to use Talos, and retain the functionality of building multi-arch images usingbuildx
.With this in mind, users could update their repos and pipelines to use more secure build tools like Kaniko, Buildah, or DinD gradually instead of creating an entire paradigm shift the moment they start using Talos.
The text was updated successfully, but these errors were encountered: