User Images: How/should we support users submitting custom images? #6
Comments
brendangadd
added
component/kubeflow
|
@Colette-G issue #39 will build examples of workarounds we can show to users to decide whether we need to prioritize this issue. |
|
Just putting some information that may be interesting for a more container-centric solution: |
ca-scribner
changed the title
|
Rescoped issue to be specifically about submitting user images. Argument for user images:
Argument against:
Possible solutions:
|
|
My preference is against the human-checked model. I think it:
|
|
Is there any progress on this issue? I was working on developing a new pipeline for our processing, and after creating the Python scripts and Dockerfile I was a little surprised to discover I can't actually build the image within the AAW. If Pipelines are a core functionality of the environment, then I think it's important that users can create new pipelines (which necessitates creating containers) without too much headache. |
|
Hey @JosephKuchar , It's admittedly not a great solution, but the current approach is to push images through here: https://github.com/StatCan/daaas-containers/ We do want to add support for building images, for instance using kaniko or podman, but managing the security around that is a surprisingly tough problem... |
|
Thanks @blairdrummond ! For what it's worth, I'll add that for building I can move my work to my personal Digital Ocean server, so it's not too much of an inconvenience for me right now, but more generally any functionality that's removed from things like the AAW forces users to use their own computers or external solutions, which is really not ideal. |
|
Well, as I said, there is a way to build and push images into the AAW for users; it's via https://github.com/StatCan/daaas-containers/ I.e. it goes through a scanning process to make sure it doesn't introduce security-vulnerabilities. Anyone can use github in order to do these image builds for free, so it doesn't require anyone to acquire a separate environment. We're definitely looking to make this smoother, but at the moment ProB and such is a pretty high priority for us, and so it might be a bit of time before we can invest in the UX of that. If you want to push your images into AAW, for now daaas-containers is the way to go. |
|
I think Joseph is already taking advantage of this stuff. What he’s looking
for is something more integrated than what we have, that lets him
iteratively design.
…On Mon, Dec 14, 2020 at 12:43 Blair Drummond ***@***.***> wrote:
Well, as I said, there *is* a way to build and push images into the AAW
for users; it's via
https://github.com/StatCan/daaas-containers/
I.e. it goes through a scanning process to make sure it doesn't introduce
security-vulnerabilities. Anyone can use github in order to do these image
builds for free, so it doesn't require anyone to acquire a separate
environment. We're definitely looking to make this smoother, but at the
moment ProB and such is a pretty high priority for us, and so it might be a
bit of time before we can invest in the UX of that.
If you want to push your images into AAW, for now daaas-containers is the
way to go.
—
You are receiving this because you were assigned.
Reply to this email directly, view it on GitHub
<#6 (comment)>, or
unsubscribe
<https://github.com/notifications/unsubscribe-auth/ALPFPI6ESWLC4CEJKTRP4GTSUZFFDANCNFSM4MM25R7A>
.
|
No description provided.
The text was updated successfully, but these errors were encountered: