A kubernetes controller that watches the Deployments and “caches” the images

image-cloner

This is just an exercise.

It's a kubernetes controller that watches the Deployments and “caches” the images by re-uploading to your own registry repository and reconfiguring the applications to use these copies.

To configure the backup image registry you must specify the following environment variables:

Variable Description Example
IMAGE_CLONER_REGISTRY target registry localhost:5000
IMAGE_CLONER_USER target registry login username testuser
IMAGE_CLONER_PASS target registry login password testpass
IMAGE_CLONER_SKIP_NAMESPACES namespaces to skip ns1,...,nsN

For example, an option could be saving:

  • IMAGE_CLONER_REGISTRY in a configmap
  • IMAGE_CLONER_USER and IMAGE_CLONER_PASS in a secret

Local development and testing

Clone this project

$ git clone https://github.com/lucasepe/image-cloner.git

Change directory to examples.

$ cd examples

Start KinD with a local docker registry enabled

$ make kind.up

when you are done, to destroy the cluster, type:

$ make kind.down

Run the controller

Go back to root folder:

$ cd ..

Run the controller:

$ go run cmd/main.go

You should see something like this:

2021-12-18T18:46:48.693+0100	INFO	controller-runtime.metrics	metrics server is starting to listen	{"addr": ":8080"}
2021-12-18T18:46:48.693+0100	INFO	setup	starting manager
2021-12-18T18:46:48.693+0100	INFO	controller-runtime.manager	starting metrics server	{"path": "/metrics"}
2021-12-18T18:46:48.693+0100	INFO	controller.image-cloner	Starting Controller
2021-12-18T18:46:48.693+0100	INFO	controller.image-cloner	Starting workers	{"worker count": 1}
2021-12-18T18:46:48.693+0100	INFO	controller-runtime.manager.controller.deployment	Starting EventSource	{"reconciler group": "apps", "reconciler kind": "Deployment", "source": "kind source: /, Kind="}
2021-12-18T18:46:48.693+0100	INFO	controller-runtime.manager.controller.deployment	Starting Controller	{"reconciler group": "apps", "reconciler kind": "Deployment"}
2021-12-18T18:46:48.795+0100	INFO	controller-runtime.manager.controller.deployment	Starting workers	{"reconciler group": "apps", "reconciler kind": "Deployment", "worker count": 1}

Create a deployment and watch the logs

$ kubectl apply -f examples/deploy-nginx.yml

As soon as the deployment will be ready, the controller will clone the image.

In the next iteration, during the reconciliation loop, the controller will realize that the image has already been cloned and will skip the backup.

2021-12-18T18:51:25.484+0100    DEBUG   controller.image-cloner inspecting deployment   {"name": "nginx", "namespace": "demo-system"}
2021-12-18T18:51:25.484+0100    DEBUG   controller.image-cloner checking deployment container   {"name": "nginx", "namespace": "demo-system", "image": "nginx:1.21.4-alpine"}
2021-12-18T18:51:25.484+0100    DEBUG   controller.image-cloner cloning deployment image        {"name": "nginx", "namespace": "demo-system", "image": "nginx:1.21.4-alpine"}
2021-12-18T18:51:32.077+0100    DEBUG   controller.image-cloner updating deployment image       {"name": "nginx", "namespace": "demo-system", "From": "nginx:1.21.4-alpine", "To": "localhost:5000/nginx:1.21.4-alpine"}
2021-12-18T18:51:32.086+0100    DEBUG   controller.image-cloner deployment image reference updated      {"name": "nginx", "namespace": "demo-system", "image": "localhost:5000/nginx:1.21.4-alpine"}
2021-12-18T18:51:32.086+0100    DEBUG   controller.image-cloner inspecting deployment   {"name": "nginx", "namespace": "demo-system"}
2021-12-18T18:51:32.086+0100    DEBUG   controller.image-cloner checking deployment container   {"name": "nginx", "namespace": "demo-system", "image": "localhost:5000/nginx:1.21.4-alpine"}
2021-12-18T18:51:32.086+0100    DEBUG   controller.image-cloner image already cloned    {"name": "nginx", "namespace": "demo-system", "image": "localhost:5000/nginx:1.21.4-alpine"}

Deploying this controller to your Kubernetes cluster

Deploy the RBAC

Since this controller must be able to update deployments in any namespace, it will at least need a cluster role that gives permissions to list, get and update those resources.

To apply RBAC, type:

$ kubectl apply -f examples/rbac.yml

Deploy the Controller

$ kubectl apply -f examples/image-cloner.yml

Watch the logs

Loook at the image-cloner-system namespace to find the pod name:

$ kubectl get pods -n image-cloner-system

Retrieve the controller log stream:

$ kubectl logs --follow -n image-cloner-system image-cloner

Owner
Luca Sepe
Software Craftsman [Golang / CLI tools / K8s operators].
Luca Sepe
https://github.com/lucasepe/image-cloner
Similar Resources

Kubei is a flexible Kubernetes runtime scanner, scanning images of worker and Kubernetes nodes providing accurate vulnerabilities assessment, for more information checkout:

Kubei is a flexible Kubernetes runtime scanner, scanning images of worker and Kubernetes nodes providing accurate vulnerabilities assessment, for more information checkout:

Kubei is a vulnerabilities scanning and CIS Docker benchmark tool that allows users to get an accurate and immediate risk assessment of their kubernet

Dec 30, 2022

Linux provisioning scripts + application deployment tools. Suitable for self-hosting and hobby-scale application deployments.

Apollo Linux provisioning scripts + application deployment tools. Suitable for self-hosting and hobby-scale application deployments. Philosophy Linux-

Feb 7, 2022

🚥 See the status of your vercel deployments on the pimoroni blinkt!

verpi 🚥 See the status of your vercel deployments on the pimoroni blinkt! verpi 🎥 Demo 🚥 Setup your own version 💵 Getting the parts 🚥 Install the

May 22, 2022

No YAML deployments to K8s

no-yaml No YAML deployments to K8s with following approaches: Pulumi NAML cdk8s We will deploy the 📨 🚚 CNCF App Delivery SIG Demo podtato-head and u

Dec 27, 2022

Annotated and kubez-autoscaler-controller will maintain the HPA automatically for kubernetes resources.

Kubez-autoscaler Overview kubez-autoscaler 通过为 deployment / statefulset 添加 annotations 的方式,自动维护对应 HorizontalPodAutoscaler 的生命周期. Prerequisites 在 kuber

Jan 2, 2023

An Ingress controller for Kubernetes using NGINX as a reverse proxy and load balancer

NGINX Ingress Controller Overview ingress-nginx is an Ingress controller for Kubernetes using NGINX as a reverse proxy and load balancer. Learn more a

Nov 15, 2021

Sesame: an Ingress controller for Kubernetes that works by deploying the Envoy proxy as a reverse proxy and load balancer

Sesame Overview Sesame is an Ingress controller for Kubernetes that works by dep

Dec 28, 2021

A Kubernetes Terraform Controller

A Kubernetes Terraform Controller

Terraform Controller Terraform Controller is a Kubernetes Controller for Terraform, which can address the requirement of Using Terraform HCL as IaC mo

Jan 2, 2023

the simplest testing framework for Kubernetes controller.

KET(Kind E2e Test framework) KET is the simplest testing framework for Kubernetes controller. KET is available as open source software, and we look fo

Dec 10, 2022
Related tags
DevOps Tools golang sample kubernetes-operator
Image clone controller is a kubernetes controller to safe guard against the risk of container images disappearing

Image clone controller image clone controller is a kubernetes controller to safe guard against the risk of container images disappearing from public r

Oct 10, 2021
A controller managing namespaces deployments, statefulsets and cronjobs objects. Inspired by kube-downscaler.

kube-ns-suspender Kubernetes controller managing namespaces life cycle. kube-ns-suspender Goal Usage Internals The watcher The suspender Flags Resourc

Dec 27, 2022
Kubernetes controller for backing up public container images to our own registry repository

image-clone-controller Kubernetes controller which watches applications (Deployment and DaemonSet) and "caches" the images (public container images) b

Aug 28, 2022
A kubernetes operator demo generated by code-generator, it only watches cr's events

intro a small operator demo which only watches car cr's events. environment: ubuntu-20.04-amd64 k3s-1.21 docker-20.10.7 go-1.17 tools code-generator d

Dec 13, 2021
Progressive delivery Kubernetes operator (Canary, A/B Testing and Blue/Green deployments)
 Progressive delivery Kubernetes operator (Canary, A/B Testing and Blue/Green deployments)

flagger Flagger is a progressive delivery tool that automates the release process for applications running on Kubernetes. It reduces the risk of intro

Jan 5, 2023
Carrier is a Kubernetes controller for running and scaling game servers on Kubernetes.
 Carrier is a Kubernetes controller for running and scaling game servers on Kubernetes.

Carrier is a Kubernetes controller for running and scaling game servers on Kubernetes. This project is inspired by agones. Introduction Genera

Nov 25, 2022
network-node-manager is a kubernetes controller that controls the network configuration of a node to resolve network issues of kubernetes.
 network-node-manager is a kubernetes controller that controls the network configuration of a node to resolve network issues of kubernetes.

Network Node Manager network-node-manager is a kubernetes controller that controls the network configuration of a node to resolve network issues of ku

Dec 18, 2022
Watches for zips and unzips them

unziploc Watches for zips/tars/rars and unzips them Options: PATHS = /data #Comma seperated list of paths to watch WRITE_DELAY = 1m #How long to wait

Nov 28, 2021
A long-running Go program that watches a Youtube playlist for new videos, and downloads them using yt-dlp or other preferred tool.

ytdlwatch A long-running Go program that watches a Youtube playlist for new videos, and downloads them using yt-dlp or other preferred tool. Ideal for

Jul 25, 2022
An image server which automatically optimize non webp and avif images to webp and avif images

go-imageserver go-imageserver is an image server which automatically optimize no

Apr 18, 2022