luktom.net
  • blog
  • contact
  • polish





Docker limits enforcement – check your k8s cluster!

On 30 Oct, 2020
Kubernetes
No Comments
Views : 2366

Docker announced a couple months ago that they’re going to limit images download rate for non-paying users and yesterday I got an e-mail that the day of the enforcement is set to Nov, 2nd:

You are receiving this email because of a policy change to Docker products and services you use. On Monday, November 2, 2020 at 9am Pacific Standard Time, Docker will begin enforcing rate limits on container pulls for Anonymous and Free users. Anonymous (unauthenticated) users will be limited to 100 container image pulls every six hours, and Free (authenticated) users will be limited to 200 container image pulls every six hours, when enforcement is fully implemented. Docker Pro and Team subscribers can pull container images from Docker Hub without restriction, as long as the quantities are not excessive or abusive.

If you don’t use private repositories for hosting all your images, including copies of public ones, your cluster can be affected by the rate limits :(

How to check that? Here’s a quick “one-liner” that lists all images in your Kubernetes cluster, excluding popular repositories like Quay, GCR or ECR:

kubectl get pods --all-namespaces -o jsonpath="{..image}" |\
tr -s '[[:space:]]' '\n' |\
sort -u |\
grep -v -E "gcr\.io|quay\.io|dkr\.ecr"

And now, it’s time to do something with above images, like making local copy (e.g. in ECR on AWS) and then… changing all references in your yaml manifests… :(

I hope above command will help you :) Good luck!



Leave a Comment

Click here to cancel reply

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>





Łukasz Tomaszkiewicz

Łukasz Tomaszkiewicz

Łukasz Tomaszkiewicz is a highly skilled and passionate cloud expert who loves to automate repeatable things and secure them.

His broad experience in the areas of software development, database design, containerization and cloud infrastructure management gives him a holistic view of a modern technology stack.

In his spare time he enjoys photography, blogging and speaking on local IT-related communities.

Vim-believer :)

Categories

  • Ansible
  • AWS
  • C#
  • Go
  • Google Cloud
  • Kubernetes
  • Prometheus
  • Speeches
  • Virtualization
  • Windows

Tags

alert alerting alertmanager ansible ansible operator argocd aws aws cli aws ug bash c# centos cloudwatch databases esxi flux gcp gitops google cloud k8s kubernetes linux mysql open source operator operator-sdk policies powershell prelekcje prometheus recovery restore rhel rpo rto scp speeches terraform virtualization vmware vsan vsphere weaveworks wifi windows

Copyright © 2006-2018 by Łukasz Tomaszkiewicz. Wszelkie prawa zastrzeżone