A k8s controller which watches the applications and caches the images by re-uploading to our own registry and re-configures the applications to use these copies.
- A cluster is required, it can be a managed cluster like GKE etc. or a local
kindorminikubecluster.
The makefile contains the way to create thekindcluster with the following command. If you don't havekindinstalled:
$ make install-kind$ make cluster- The operator need a secret which holds the registry creds to the private docker registry where all the image will be cached.
This has to be created upfront before deploying the operator to your cluster. Below are the steps
apiVersion: v1
kind: Secret
metadata:
name: private-registry-creds
namespace: system
type: Opaque
stringData:
DOCKER_REGISTRY_URI: <registry_name/repo_name> # example "index.docker.io/ishankhare07"
DOCKER_REGISTRY_USERNAME: <username>
DOCKER_REGISTRY_PASSWORD: <password>And then create this secret in the cluster:
$ kubectl apply -f secret.yamlThe controller image is currently available as a public image on dockerhub at ishankhare07/image-cloner, in case you want to host your own image
build and push to your registry in the following way:
$ docker login <your_registry>
...
...
...
$ IMG="<your_registry/username>" make build
$ IMG="<your_registry/username>" make push
$ IMG="<your_registry/username>" make deployIf you are okay with using the current image on the public dockerhub, just go ahead and deploy:
$ make deployThis will apply the following to your cluster:
- Create namespace
system - Create
clusterrolefor the controllers - Create
clusterrolebindings - Create
deploymentwhich will actually run the controller.
When running locally, create a file called config/config.env which contains the private registry cred as follows:
DOCKER_REGISTRY_URI="<registry_name/repo_name>"
DOCKER_REGISTRY_USERNAME="<username>"
DOCKER_REGISTRY_PASSWORD="<password>"
This allows easily testing the whole flow, next just run:
$ make cluster
$ make run