-
Notifications
You must be signed in to change notification settings - Fork 3.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Native support for Docker operations #2325
Labels
type/feature
Feature request
Comments
@srivathsanvc don’t forget to add to the “backlog” milestone. |
For something like a build farm, one would want a scalable docker service. |
I have solved this privileged access aspect. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Summary
Argo workflows to support docker operations natively, without requiring additional cluster privileges.
Motivation
Argo workflows is used in build and deployment situations situations to do docker operations, such as:
At Intuit, we use Argo workflows to interact with AWS SageMaker. One of the steps in interacting with SageMaker is to push containers into ECR (via
docker push
).The best way to achieve these operations is to have a docker sidecar and a privileged connection to the docker socket. This requires elevated privileges for the workflow on the cluster.
However, many organizations have managed K8s clusters, where privileged access to the docker socket is not permitted for security reasons. In these scenarios, performing the docker operations via Argo workflows is extremely difficult.
Proposal
It would be useful to have the capability for Argo workflow steps to be able to perform these docker operations without having to be executing in a privileged mode.
Message from the maintainers:
If you wish to see this enhancement implemented please add a 👍 reaction to this issue! We often sort issues this way to know what to prioritize.
The text was updated successfully, but these errors were encountered: