`karmor install --local` does not set `ImagePullPolicy` to `IfNotPresent` for all containers
Vyom-Yadav opened this issue · comments
Description
--local flag does not set ImagePullPolicy to IfNotPresent for many containers across different deployments. For example:
spec:
containers:
- image: kubearmor/kubearmor-relay-server:latest
imagePullPolicy: Always # This should have been IfNotPresent
name: kubearmor-relay-serverWork in the scope of this issue
Check all pod controllers (deployments, daemon sets, etc.) deployed by karmor install have ImagePullPolicy set to IfNotPresent for all containers if --local flag is specified.
Hey @kranurag7, as I'm new here, so up to my understanding I think changes had to be made in deployment>>probdeployment.go file.
Do correct me if I'm wrong...
Hey @chirag0002 Thanks for looking into the issue.
You need to make the changes here with respect to kubearmor-relay-server. For other resources, where ImagePullPolicy is not set, you can add ImagePullPolicy in the same file.
Hey @kranurag7 I want to work on this. So I have to change the ImagePullPolicy in here:
and here
https://github.com/kubearmor/KubeArmor/blob/4fa2397bfca2cb9a54f480b542951f86e107e0ad/deployments/get/objects.go#L580
to IfNotPresent
Hey @Abhishek-569 Sorry for the delayed response, your implementation works I think for the issue.
@rootxrishabh the changes needs to be done only in the ImagePullPolicy not the Image
Hey @kranurag7,
As you specified in this comment I'll update the ImagePullPolicy where it already exists and add where it doesn't.
Hey @chirag0002 Thanks for looking into the issue. You need to make the changes here with respect to kubearmor-relay-server. For other resources, where
ImagePullPolicyis not set, you can addImagePullPolicyin the same file.
Hey @rootxrishabh, We don't want to update the deployment YAMLs.
As you can see here
kubearmor-client/install/install.go
Lines 280 to 282 in 9eda6b0
But this is limited to the Daemonset.
In my opinion the scope of the issue is to implement the same things as part of other deployment and services as well that are installed.
Thanks @kranurag7 will raise a PR soon.
Hey @daemon1024, I appreciate the information. As I understand it, the deployments in the install.go file should be set up with the "IfNotPresent" imagePullPolicy. One specific deployment(one of the many) that needs this configuration is the Policy Manager Deployment. Please correct me if my understanding is incorrect.
As I understand it, the deployments in the install.go file should be set up with the "IfNotPresent" imagePullPolicy.
It should be set to "IfNotPresent" only if the --local flag is used, like how we do in the Daemonset.
One specific deployment(one of the many) that needs this configuration is the Policy Manager Deployment.
That's right