chore: cache oras binary in Windows image#7860
Conversation
github-actions
bot
added
the
components
There was a problem hiding this comment.
Pull request overview
Adds Windows support for caching the oras CLI as part of the Windows VHD build cache, by extending the shared components manifest.
Changes:
- Added
windowsDownloadLocationfor theoraspackage. - Added a Windows-specific
downloadURIs.windows.defaultentry fororas(v1.2.2).
| "windows": { | ||
| "default": { | ||
| "versionsV2": [ | ||
| { | ||
| "renovateTag": "<DO_NOT_UPDATE>", | ||
| "latestVersion": "1.2.2" | ||
| } | ||
| ], | ||
| "downloadURL": "https://github.com/oras-project/oras/releases/download/v${version}/oras_${version}_windows_amd64.zip" | ||
| } |
There was a problem hiding this comment.
The Windows oras version here (1.2.2) doesn’t match the oras version currently used during Windows VHD build for OCI pulls (vhdbuilder/packer/windows/configure-windows-vhd.ps1 hardcodes 1.2.3). This creates version drift and can result in downloading/storing two different oras zips in a single build (extra time/space) while the cached copy may never be used. Consider aligning the version with what the VHD build uses, and ideally sourcing the oras version from a single place (e.g., components.json) to prevent future divergence.
There was a problem hiding this comment.
@jiashun0011
found function Pull-OCIArtifact, it hardcode to install v1.2.3 oras and installed seems only in aksTempDir "c:\akstemp". I guess it is not impleted for cse runtime?
cc @abeltrano
There was a problem hiding this comment.
maybe we can change the cache version to v1.2.3
and in Pull-OCIArtifact, we modify to detect cached version first, wdyt?
There was a problem hiding this comment.
I changed version to v1.3.0
parts/common/components.json
Outdated
| { | ||
| "name": "oras", | ||
| "downloadLocation": "/opt/bin", | ||
| "windowsDownloadLocation": "c:\\akse-cache\\oras\\", |
There was a problem hiding this comment.
akse-cache will be removed finally.
Do you think we should move the oras.exe to another place to keep it? e.g. c:/aks-tools/oras/oras.exe?
There was a problem hiding this comment.
good point, let's use the future location to avoid problems in the future.
where can I learn more about the deprecation of the akse-cache folder ?
There was a problem hiding this comment.
i think it should happen during NodePrep
i just created on windows node, kubectl enter this node but did not find c:\akse-cache
There was a problem hiding this comment.
As far as I'm aware, we have no plans to remove the aks-cache directory. It's used during node provisioning and it's probably deleted after the node joins the cluster to save drive space.
There was a problem hiding this comment.
thats ture, it is deleted after the node joins. Is that possible for us to remain oras.exe on the node? because if the node has issue, without this tool, we will hard to troubleshoot network isolated cluster issues
| "default": { | ||
| "versionsV2": [ | ||
| { | ||
| "renovateTag": "<DO_NOT_UPDATE>", |
There was a problem hiding this comment.
why not setting up renovate to fetch the version from github and have automatic PR created for ORAS.
There was a problem hiding this comment.
it's nice and I may modify it in following pr, as first pr, we just want to make sure the oras binrary needed can be cached as expected
There was a problem hiding this comment.
I'm confused. For windows, Oras seems to be only used during VHD creation. It's not needed (as far as I can tell) during node provisioning. So we don't need it cached on the VHD. Ideally it would be used to pull OCI Artifacts and then deleted afterwards.
If we want to update the version, we can do this in the configure-windows-vhd.ps1 file. Currently it's set to 1.2.3. We probably need a better way to specify this, but I don't think components.json is the right place.
Hi @timmy-wright sorry for confusing, we are onboarding network isolated cluster on windows. |
jiashun0011
force-pushed
the
jiashunliu/oras-cache
branch
from
c999447 to
b966582
Compare
jiashun0011
force-pushed
the
jiashunliu/oras-cache
branch
from
b966582 to
d94826d
Compare
jiashun0011
requested review from
AbelHu,
Devinwong,
awesomenix,
cameronmeissner,
ganeshkumarashok,
juan-lee,
junjiezhang1997,
lilypan26,
mxj220,
pdamianov-dev,
phealy,
r2k1 and
zachary-bailey
as code owners
Changes cached containers or packages on windows VHDsPlease get a Windows SIG member to approve. The following dif file shows any additions or deletions from what will be cached on windows VHDs organised by VHD type.
diff --git a/vhd_files/2022-containerd-gen2.txt b/vhd_files/2022-containerd-gen2.txt
index 9b3f85b..51e063e 100644
--- a/vhd_files/2022-containerd-gen2.txt
+++ b/vhd_files/2022-containerd-gen2.txt
@@ -0,0 +1 @@
+c:\aks-tools\oras\: https://github.com/oras-project/oras/releases/download/v1.3.0/oras_1.3.0_windows_amd64.zip
diff --git a/vhd_files/2022-containerd.txt b/vhd_files/2022-containerd.txt
index 3e69016..8e49978 100644
--- a/vhd_files/2022-containerd.txt
+++ b/vhd_files/2022-containerd.txt
@@ -0,0 +1 @@
+c:\aks-tools\oras\: https://github.com/oras-project/oras/releases/download/v1.3.0/oras_1.3.0_windows_amd64.zip
diff --git a/vhd_files/2025-gen2.txt b/vhd_files/2025-gen2.txt
index dfbde77..d0ebfd3 100644
--- a/vhd_files/2025-gen2.txt
+++ b/vhd_files/2025-gen2.txt
@@ -0,0 +1 @@
+c:\aks-tools\oras\: https://github.com/oras-project/oras/releases/download/v1.3.0/oras_1.3.0_windows_amd64.zip
diff --git a/vhd_files/2025.txt b/vhd_files/2025.txt
index e855749..425cc8c 100644
--- a/vhd_files/2025.txt
+++ b/vhd_files/2025.txt
@@ -0,0 +1 @@
+c:\aks-tools\oras\: https://github.com/oras-project/oras/releases/download/v1.3.0/oras_1.3.0_windows_amd64.zip
diff --git a/vhd_files/23H2-gen2.txt b/vhd_files/23H2-gen2.txt
index 6ab5475..aa86b17 100644
--- a/vhd_files/23H2-gen2.txt
+++ b/vhd_files/23H2-gen2.txt
@@ -0,0 +1 @@
+c:\aks-tools\oras\: https://github.com/oras-project/oras/releases/download/v1.3.0/oras_1.3.0_windows_amd64.zip
diff --git a/vhd_files/23H2.txt b/vhd_files/23H2.txt
index aab7763..4f6ac7c 100644
--- a/vhd_files/23H2.txt
+++ b/vhd_files/23H2.txt
@@ -0,0 +1 @@
+c:\aks-tools\oras\: https://github.com/oras-project/oras/releases/download/v1.3.0/oras_1.3.0_windows_amd64.zip |
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 2 out of 2 changed files in this pull request and generated no new comments.
Comments suppressed due to low confidence (1)
vhdbuilder/packer/test/windows-files-check.ps1:24
- This skip entry is added for oras_1.3.0_windows_amd64.zip, but it's premature. The file will only be present in the VHD if the package is actually downloaded and cached during VHD build. Currently, the Pull-OCIArtifact function downloads oras 1.2.3 to c:\akstemp\ (not c:\aks-tools\oras), so this 1.3.0 zip file will never be downloaded during the VHD build process unless Pull-OCIArtifact is updated to use the cached version.
This entry should only be added after the integration work is complete and oras 1.3.0 is actually being cached on the VHD.
"oras_1.3.0_windows_amd64.zip" = @();
What this PR does / why we need it:
Cache oras binary in Windows image.
Which issue(s) this PR fixes:
Chore: cache oras binary in Windows image