README
¶
image-clone-controller
Kubernetes controller to replicate and consume images via backup registry.
image-clone-controller clones images from all external(public) images into a backup registry. And then overrides pods to use images from backup registry instead of the external registry.
Currently, this controller supports the following resources:
- DaemonSet
- Deployment
NOTE: This controller will ignore system namespaces i.e. namespaces prefixed with kube-
Credentials
To provide credentials to access registry, user must create a secret image-clone-controller-config in the namespace where the operator is deployed.
apiVersion: v1
kind: Secret
metadata:
name: image-clone-controller-config
namespace: image-clone-controller-system
data:
# Example: docker.io
registry-url: <redacted>
# Example: admin
username: <redacted>
# Example: fakepass
password: <redacted>
Credential secret is a pre-requisite for installing via manifests and for local development.
Secret name can be modified using CONFIG_SECRET_NAME environment variable.
Installation
Manifests are maintained at manifests and are updated automatically through the pipeline. You can deploy via either:
To install the latest release:
- Modify the secret and provide valid credentials.
- Run any of these based on preference:
kubectl apply -f deploy/resources.yaml
OR
kubectl apply -f deploy/vanilla/
This will create all the required resources which include:
- Namespace
- Secret
- RBAC
- Deployment
- Service
Credentials for registry are a hard requirement for the controller to work. So make sure you have created the secret for registry by following this documentation.
Demo
Local Development
Requirements
- golang 1.16
- kubebuilder
- kustomize
Execution
- Ensure that a valid kubeconfig is loaded
- Create a namespace
image-clone-controller-system - Create a secret
image-clone-controller-config - Run
make runfrom the root directory to build and execute the binary
Testing Use Cases Locally
- Install KIND
- Create a Kind cluster using
kind create cluster - Create a namespace
image-clone-controller-system - Create a secret
image-clone-controller-config - Run
make runfrom the root directory to build and execute the binary - Run
kubectl apply -f examples/namespaces.yamlto create required namespaces for testing - Run
kubectl apply -f examples/deployments.yamlto create deployments - Run
kubectl apply -f examples/daemonsets.yamlto create daemonsets- Check logs in console to ensure that resources are reconciled and image is replaced. It takes some time for the image to be cloned to backup registry based on image size and bandwidth.
- To verify that images have been loaded from backup registry:
kubectl get pods -A kubectl get deploy,daemonset -A -o=jsonpath='{range .items[*]}{.metadata.namespace}{"/"}{.metadata.name}{":\t\t"}{range .spec.template.spec.containers[*]}{.image}{", "}{end}{"\n"}' | sort
Documentation
¶
There is no documentation for this package.
Source Files
Directories