Spegel v0.0.18 (#64)

* Add Spegel v0.0.18

* cleanup meta files

* Add readme

* fix typos

packs/spegel-0.0.18/README.md

@@ -0,0 +1,39 @@
+# Description
+Spegel, mirror in Swedish, is a stateless cluster local OCI registry mirror.
+Spegel is for you if you are looking to do any of the following:
+* Locally cache images from external registries with no explicit configuration.
+* Avoid cluster failure during external registry downtime.
+* Improve image pull speed and pod startup time by pulling images from the local cache first.
+* Avoid rate-limiting when pulling images from external registries (e.g. Docker Hub).
+* Decrease egressing traffic outside of the clusters network.
+* Increase image pull efficiency in edge node deployments.
+
+# Kubernetes versions supported:
+Above 1.21
+
+# Constraints:
+Currently, Spegel only works with Containerd, in the future other container runtime interfaces may be supported. Spegel relies on [Containerd registry mirroring](https://github.com/containerd/containerd/blob/main/docs/hosts.md#cri) to route requests to the correct destination. This requires Containerd to be properly configured, if it is not Spegel will exit. First of all the registry config path needs to be set, this is not done by default in Containerd. Second of all discarding unpacked layers cannot be enabled. Some Kubernetes flavors come with this setting out of the box, while others do not. Spegel is not able to write this configuration for you as it requires a restart of Containerd to take effect.
+
+```
+version = 2
+
+imports = ["/etc/containerd/conf.d/*.toml"]
+
+[plugins]
+  [plugins."io.containerd.grpc.v1.cri"]
+    sandbox_image = "registry.k8s.io/pause:3.9"
+  [plugins."io.containerd.grpc.v1.cri".containerd]
+   discard_unpacked_layers = false
+  [plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc]
+    runtime_type = "io.containerd.runc.v2"
+  [plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc.options]
+    SystemdCgroup = true
+  [plugins."io.containerd.grpc.v1.cri".registry]
+    config_path = "/etc/containerd/certs.d"
+```
+
+# Cloud types supported:
+Everything except GKE
+
+# References:
+  - https://github.com/XenitAB/spegel

packs/spegel-0.0.18/charts/spegel/.helmignore

@@ -0,0 +1,23 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*.orig
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/

packs/spegel-0.0.18/charts/spegel/Chart.yaml

@@ -0,0 +1,6 @@
+apiVersion: v2
+name: spegel
+description: Stateless cluster local OCI registry mirror.
+type: application
+version: 0.0.18
+appVersion: v0.0.18

packs/spegel-0.0.18/charts/spegel/README.md

@@ -0,0 +1,98 @@
+# Spegel
+
+Stateless cluster local OCI registry mirror.
+
+## Installation
+
+Make sure that you have read the [compatibility guide](../../docs/COMPATIBILITY.md) before proceeding the with the installation.
+
+### CLI
+
+Delpoy Spegel with the Helm CLI.
+
+```sh
+helm upgrade --create-namespace --namespace spegel --install --version v0.0.18 spegel oci://ghcr.io/xenitab/helm-charts/spegel
+```
+
+### Flux
+
+Deploy Spegel with Flux.
+
+```yaml
+apiVersion: v1
+kind: Namespace
+metadata:
+  name: spegel
+---
+apiVersion: source.toolkit.fluxcd.io/v1beta2
+kind: HelmRepository
+metadata:
+  name: spegel
+  namespace: spegel
+spec:
+  type: "oci"
+  interval: 5m0s
+  url: oci://ghcr.io/xenitab/helm-charts
+---
+apiVersion: helm.toolkit.fluxcd.io/v2beta1
+kind: HelmRelease
+metadata:
+  name: spegel
+  namespace: spegel
+spec:
+  interval: 1m
+  chart:
+    spec:
+      chart: spegel
+      version: "v0.0.18"
+      interval: 5m
+      sourceRef:
+        kind: HelmRepository
+        name: spegel
+```
+
+## Values
+
+| Key | Type | Default | Description |
+|-----|------|---------|-------------|
+| affinity | object | `{}` | Affinity settings for pod assignment. |
+| fullnameOverride | string | `""` | Overrides the full name of the chart. |
+| image.digest | string | `""` | Image digest. |
+| image.pullPolicy | string | `"IfNotPresent"` | Image Pull Policy. |
+| image.repository | string | `"ghcr.io/xenitab/spegel"` | Image repository. |
+| image.tag | string | `""` | Overrides the image tag whose default is the chart appVersion. |
+| imagePullSecrets | list | `[]` | Image Pull Secrets |
+| nameOverride | string | `""` | Overrides the name of the chart. |
+| namespaceOverride | string | `""` | Overrides the namespace where spegel resources are installed. |
+| nodeSelector | object | `{"kubernetes.io/os":"linux"}` | Node selector for pod assignment. |
+| podAnnotations | object | `{}` | Annotations to add to the pod. |
+| podSecurityContext | object | `{}` | Security context for the pod. |
+| priorityClassName | string | `"system-node-critical"` | Priority class name to use for the pod. |
+| resources | object | `{}` | Resource requests and limits for the Spegel container. |
+| securityContext | object | `{}` | Security context for the Spegel container. |
+| service.metrics.port | int | `9090` | Port to expose the metrics via the service. |
+| service.registry.hostPort | int | `30020` | Local host port to expose the registry. |
+| service.registry.nodePort | int | `30021` | Node port to expose the registry via the service. |
+| service.registry.port | int | `5000` | Port to expose the registry via the service. |
+| service.registry.topologyAwareHintsEnabled | bool | `true` | If true adds topology aware hints annotation to node port service. |
+| service.router.port | int | `5001` | Port to expose the router via the service. |
+| serviceAccount.annotations | object | `{}` | Annotations to add to the service account |
+| serviceAccount.name | string | `""` | The name of the service account to use. If not set and create is true, a name is generated using the fullname template. |
+| serviceMonitor.enabled | bool | `false` | If true creates a Prometheus Service Monitor. |
+| serviceMonitor.interval | string | `"60s"` | Prometheus scrape interval. |
+| serviceMonitor.labels | object | `{}` | Service monitor specific labels for prometheus to discover servicemonitor. |
+| serviceMonitor.scrapeTimeout | string | `"30s"` | Prometheus scrape interval timeout. |
+| spegel.additionalMirrorRegistries | list | `[]` | Additional target mirror registries other than Spegel. |
+| spegel.blobSpeed | string | `""` | Maximum write speed per request when serving blob layers. Should be an integer followed by unit Bps, KBps, MBps, GBps, or TBps. |
+| spegel.containerdMirrorAdd | bool | `true` | If true Spegel will add mirror configuration to the node. |
+| spegel.containerdNamespace | string | `"k8s.io"` | Containerd namespace where images are stored. |
+| spegel.containerdRegistryConfigPath | string | `"/etc/containerd/certs.d"` | Path to Containerd mirror configuration. |
+| spegel.containerdSock | string | `"/run/containerd/containerd.sock"` | Path to Containerd socket. |
+| spegel.kubeconfigPath | string | `""` | Path to Kubeconfig credentials, should only be set if Spegel is run in an environment without RBAC. |
+| spegel.mirrorResolveRetries | int | `3` | Max ammount of mirrors to attempt. |
+| spegel.mirrorResolveTimeout | string | `"5s"` | Max duration spent finding a mirror. |
+| spegel.registries | list | `["https://docker.io","https://ghcr.io","https://quay.io","https://mcr.microsoft.com","https://public.ecr.aws","https://gcr.io","https://registry.k8s.io","https://k8s.gcr.io","https://lscr.io"]` | Registries for which mirror configuration will be created. |
+| spegel.resolveLatestTag | bool | `true` | When true latest tags will be resolved to digests. |
+| spegel.resolveTags | bool | `true` | When true Spegel will resolve tags to digests. |
+| tolerations | list | `[{"key":"CriticalAddonsOnly","operator":"Exists"},{"effect":"NoExecute","operator":"Exists"},{"effect":"NoSchedule","operator":"Exists"}]` | Tolerations for pod assignment. |
+| updateStrategy | object | `{}` | An update strategy to replace existing pods with new pods. |

packs/spegel-0.0.18/charts/spegel/templates/_helpers.tpl

@@ -0,0 +1,82 @@
+{{/*
+Expand the name of the chart.
+*/}}
+{{- define "spegel.name" -}}
+{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
+{{- end }}
+
+{{/*
+Create a default fully qualified app name.
+We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
+If release name contains chart name it will be used as a full name.
+*/}}
+{{- define "spegel.fullname" -}}
+{{- if .Values.fullnameOverride }}
+{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
+{{- else }}
+{{- $name := default .Chart.Name .Values.nameOverride }}
+{{- if contains $name .Release.Name }}
+{{- .Release.Name | trunc 63 | trimSuffix "-" }}
+{{- else }}
+{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
+{{- end }}
+{{- end }}
+{{- end }}
+
+{{/*
+Creates the namespace for the chart. 
+Defaults to the Release namespace unless the namespaceOverride is defined.
+*/}}
+{{- define "spegel.namespace" -}}
+{{- if .Values.namespaceOverride }}
+{{- printf "%s" .Values.namespaceOverride -}}
+{{- else }}
+{{- printf "%s" .Release.Namespace -}}
+{{- end }}
+{{- end }}
+
+
+{{/*
+Create chart name and version as used by the chart label.
+*/}}
+{{- define "spegel.chart" -}}
+{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
+{{- end }}
+
+{{/*
+Common labels
+*/}}
+{{- define "spegel.labels" -}}
+helm.sh/chart: {{ include "spegel.chart" . }}
+{{ include "spegel.selectorLabels" . }}
+{{- if .Chart.AppVersion }}
+app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
+{{- end }}
+app.kubernetes.io/managed-by: {{ .Release.Service }}
+{{- end }}
+
+{{/*
+Selector labels
+*/}}
+{{- define "spegel.selectorLabels" -}}
+app.kubernetes.io/name: {{ include "spegel.name" . }}
+app.kubernetes.io/instance: {{ .Release.Name }}
+{{- end }}
+
+{{/*
+Create the name of the service account to use
+*/}}
+{{- define "spegel.serviceAccountName" -}}
+{{- default (include "spegel.fullname" .) .Values.serviceAccount.name }}
+{{- end }}
+
+{{/*
+Image reference
+*/}}
+{{- define "spegel.image" -}}
+{{- if .Values.image.digest }}
+{{- .Values.image.repository }}@{{ .Values.image.digest }}
+{{- else }}
+{{- .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}
+{{- end }}
+{{- end }}