From 777abe453475dad3393d26e27a0b363ffce31a70 Mon Sep 17 00:00:00 2001 From: Javier Lopez Date: Wed, 4 Sep 2024 11:59:46 +0200 Subject: [PATCH 1/3] feat: Add network.mode configuration option for buildkit service Signed-off-by: Javier Lopez --- src/content/self-hosted/helm-configuration.mdx | 1 + 1 file changed, 1 insertion(+) diff --git a/src/content/self-hosted/helm-configuration.mdx b/src/content/self-hosted/helm-configuration.mdx index d186dc27a..452634b0c 100644 --- a/src/content/self-hosted/helm-configuration.mdx +++ b/src/content/self-hosted/helm-configuration.mdx @@ -209,6 +209,7 @@ The build service. It's used in combination with `okteto build` to build contain - `persistence.cache`: The size (in Mi) of the buildkit cache to store image caches. It should be around 30Gi smaller than `storage.size`. Defaults to 500Gi. - `tolerations`: List of tolerations to be added to the buildkit service Pods. This list of tolerations will be applied in conjunction with any tolerations set in [`tolerations.buildPool`](self-hosted/helm-configuration.mdx#tolerations) until deprecation of `tolerations.buildPool`. If not set, the buildkit Pods will inherit the tolerations list set in [`globals.tolerations.okteto`](self-hosted/helm-configuration.mdx#globals). - `nodeSelectors`: Dictionary of node selectors to be added to the buildkit service Pods. This helps you match Pods to nodes whose labels match the node selector. This list of node selectors will be applied in conjunction with the node selectors set by [`tolerations.buildPool`](self-hosted/helm-configuration.mdx#tolerations) until deprecation of `tolerations.buildPool`. If not set, the buildkit Pods will inherit the node selectors dictionary set in [`globals.nodeSelectors.okteto`](self-hosted/helm-configuration.mdx#globals). +- `network.mode`: Controls the networking environment for containers during the build process. Defaults to `auto` but can be set to `host`, `none`, or `bridge`. ```yaml buildkit: From 9a42f448ae83d02d1b3659c8298ece58a8c4cb84 Mon Sep 17 00:00:00 2001 From: Cody Landstrom Date: Wed, 4 Sep 2024 07:35:18 -0700 Subject: [PATCH 2/3] add explaination on bridge mode --- src/content/self-hosted/helm-configuration.mdx | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/content/self-hosted/helm-configuration.mdx b/src/content/self-hosted/helm-configuration.mdx index 452634b0c..a2f00141a 100644 --- a/src/content/self-hosted/helm-configuration.mdx +++ b/src/content/self-hosted/helm-configuration.mdx @@ -209,7 +209,7 @@ The build service. It's used in combination with `okteto build` to build contain - `persistence.cache`: The size (in Mi) of the buildkit cache to store image caches. It should be around 30Gi smaller than `storage.size`. Defaults to 500Gi. - `tolerations`: List of tolerations to be added to the buildkit service Pods. This list of tolerations will be applied in conjunction with any tolerations set in [`tolerations.buildPool`](self-hosted/helm-configuration.mdx#tolerations) until deprecation of `tolerations.buildPool`. If not set, the buildkit Pods will inherit the tolerations list set in [`globals.tolerations.okteto`](self-hosted/helm-configuration.mdx#globals). - `nodeSelectors`: Dictionary of node selectors to be added to the buildkit service Pods. This helps you match Pods to nodes whose labels match the node selector. This list of node selectors will be applied in conjunction with the node selectors set by [`tolerations.buildPool`](self-hosted/helm-configuration.mdx#tolerations) until deprecation of `tolerations.buildPool`. If not set, the buildkit Pods will inherit the node selectors dictionary set in [`globals.nodeSelectors.okteto`](self-hosted/helm-configuration.mdx#globals). -- `network.mode`: Controls the networking environment for containers during the build process. Defaults to `auto` but can be set to `host`, `none`, or `bridge`. +- `network.mode`: Controls the networking environment for containers during the build process. Defaults to `auto` but can be set to `host`, `none`, or `bridge`. Bridge mode allows you to control which stages of a multi-stage Docker build have access to the network. This can be useful in complex build environments where security, efficiency, and consistency are priorities ```yaml buildkit: From e9d64025f30295ed2ec888e5e0b9e3b868821d59 Mon Sep 17 00:00:00 2001 From: Cody Landstrom Date: Wed, 4 Sep 2024 08:17:51 -0700 Subject: [PATCH 3/3] fix details on bridge mode --- src/content/self-hosted/helm-configuration.mdx | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/content/self-hosted/helm-configuration.mdx b/src/content/self-hosted/helm-configuration.mdx index a2f00141a..84a5e58f9 100644 --- a/src/content/self-hosted/helm-configuration.mdx +++ b/src/content/self-hosted/helm-configuration.mdx @@ -209,7 +209,7 @@ The build service. It's used in combination with `okteto build` to build contain - `persistence.cache`: The size (in Mi) of the buildkit cache to store image caches. It should be around 30Gi smaller than `storage.size`. Defaults to 500Gi. - `tolerations`: List of tolerations to be added to the buildkit service Pods. This list of tolerations will be applied in conjunction with any tolerations set in [`tolerations.buildPool`](self-hosted/helm-configuration.mdx#tolerations) until deprecation of `tolerations.buildPool`. If not set, the buildkit Pods will inherit the tolerations list set in [`globals.tolerations.okteto`](self-hosted/helm-configuration.mdx#globals). - `nodeSelectors`: Dictionary of node selectors to be added to the buildkit service Pods. This helps you match Pods to nodes whose labels match the node selector. This list of node selectors will be applied in conjunction with the node selectors set by [`tolerations.buildPool`](self-hosted/helm-configuration.mdx#tolerations) until deprecation of `tolerations.buildPool`. If not set, the buildkit Pods will inherit the node selectors dictionary set in [`globals.nodeSelectors.okteto`](self-hosted/helm-configuration.mdx#globals). -- `network.mode`: Controls the networking environment for containers during the build process. Defaults to `auto` but can be set to `host`, `none`, or `bridge`. Bridge mode allows you to control which stages of a multi-stage Docker build have access to the network. This can be useful in complex build environments where security, efficiency, and consistency are priorities +- `network.mode`: Controls the networking environment for containers during the build process. Defaults to `auto` but can be set to `host`, `none`, or `bridge`. Bridge mode can be useful for preventing port collisions in concurrent builds by isolating network environments. ```yaml buildkit: