Skip to content

feat: add registry addon #1116

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 13 commits into from
May 13, 2025
Merged

feat: add registry addon #1116

merged 13 commits into from
May 13, 2025

Conversation

dkoshkin
Copy link
Contributor

@dkoshkin dkoshkin commented May 2, 2025
edited
Loading

What problem does this PR solve?:
This PR adds a new addon registryMirror that deploys https://github.com/distribution/distribution as a StatefulSet
and a sidecar container to sync images across instances.

$ kubectl get pods -n registry-system 
NAME                                           READY   STATUS    RESTARTS   AGE
cncf-distribution-registry-docker-registry-0   2/2     Running   0          2m13s
cncf-distribution-registry-docker-registry-1   2/2     Running   0          8s

This addon is designed to only be a mirror and not used a regular registry, hence the name and the lack of external access to the Service.
In a follow up PR, the in-cluster Service will be used a Containerd mirror.
In a follow up PR, it will also be deployed with randomly generated credentials to further prevent direct use.

Which issue(s) this PR fixes:
Fixes #

How Has This Been Tested?:

Special notes for your reviewer:

dkoshkin
dkoshkin commented May 2, 2025
View reviewed changes
@dkoshkin dkoshkin force-pushed the dkoshkin/feat-registry-mirror-addon branch 2 times, most recently from a233a6c to 3de12c3 Compare May 2, 2025 19:25
dkoshkin
dkoshkin commented May 2, 2025
View reviewed changes
@dkoshkin dkoshkin force-pushed the dkoshkin/feat-registry-mirror-addon branch 2 times, most recently from 4f21611 to 91c70c3 Compare May 2, 2025 20:19
@github-actions github-actions bot added feature and removed feature labels May 2, 2025
@dkoshkin dkoshkin mentioned this pull request May 2, 2025
Merged
supershal
supershal reviewed May 7, 2025
View reviewed changes
supershal
supershal reviewed May 7, 2025
View reviewed changes
@dkoshkin dkoshkin force-pushed the dkoshkin/feat-registry-mirror-addon branch from 683a3e3 to 6e6c70b Compare May 7, 2025 18:40
supershal
supershal reviewed May 7, 2025
View reviewed changes
supershal
supershal approved these changes May 7, 2025
View reviewed changes
Copy link
Contributor

@supershal supershal left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks. The code changes looks good. Lets discuss if we can simplify providing all three registries, registryMirror and globalImageRegistry

jimmidyson
jimmidyson reviewed May 8, 2025
View reviewed changes
jimmidyson
jimmidyson reviewed May 8, 2025
View reviewed changes
jimmidyson
jimmidyson reviewed May 8, 2025
View reviewed changes
@dkoshkin dkoshkin changed the title feat: add registryMirror addon feat: add registry addon May 8, 2025
@github-actions github-actions bot added feature and removed feature labels May 8, 2025
@dkoshkin dkoshkin force-pushed the dkoshkin/feat-registry-mirror-addon branch 6 times, most recently from b1dda3b to dd251db Compare May 8, 2025 22:33
@dkoshkin
refactor: rename variable to just registry
816ffaa 
Along with that rename all files and any other related variables
@dkoshkin dkoshkin force-pushed the dkoshkin/feat-registry-mirror-addon branch from dd251db to 816ffaa Compare May 8, 2025 22:44
@dkoshkin dkoshkin requested a review from jimmidyson May 8, 2025 23:18
@github-actions github-actions bot added feature and removed feature labels May 9, 2025
manoj-nutanix
manoj-nutanix approved these changes May 12, 2025
View reviewed changes
Copy link
Contributor

@manoj-nutanix manoj-nutanix left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LG

@dkoshkin dkoshkin enabled auto-merge (squash) May 13, 2025 18:26
@dkoshkin dkoshkin merged commit f9c2f95 into main May 13, 2025
22 checks passed
@dkoshkin dkoshkin deleted the dkoshkin/feat-registry-mirror-addon branch May 13, 2025 18:35
dkoshkin added a commit that referenced this pull request May 16, 2025
@dkoshkin
feat: use registryMirror addon as Containerd mirror (#1117)
f2818d7 
**What problem does this PR solve?**:
Depends on
#1116

Automatically sets the registryMirror as a Containerd mirror. We're not
updating the Cluster object because this should not be a user controller
configuration and the IP used as the mirror is determined based on the
addon handler and the Service CIDRs.

Tested in a Docker cluster:
```
$ kubectl port-forward \
  --address=0.0.0.0 \
  --namespace registry-mirror-system \
  pod/registry-mirror-docker-registry-0 5000:5000
# Push an image tag that doesn't exist in dockerhub  
$ crane copy nginx:latest 0.0.0.0:5000/library/nginx:dkoshkin --insecure
$ kubectl run nginx-working --image=docker.io/library/nginx:dkoshkin
$ kubectl run nginx-should-be-broken --image=docker.io/library/nginx:dne
$ kubectl get pods 
NAME                                                              READY   STATUS              RESTARTS   AGE
cluster-autoscaler-0196931c-cb53-7abf-aa89-49c82c42ced5-86w5j8c   0/1     ContainerCreating   0          19m
nginx-should-be-broken                                            0/1     ErrImagePull        0          11m
nginx-working                                                     1/1     Running             0          11m
```

**Which issue(s) this PR fixes**:
Fixes #

**How Has This Been Tested?**:
<!--
Please describe the tests that you ran to verify your changes.
Provide output from the tests and any manual steps needed to replicate
the tests.
-->

**Special notes for your reviewer**:
<!--
Use this to provide any additional information to the reviewers.
This may include:
- Best way to review the PR.
- Where the author wants the most review attention on.
- etc.
-->
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@supershal supershal supershal approved these changes

@manoj-nutanix manoj-nutanix manoj-nutanix approved these changes

@jimmidyson jimmidyson Awaiting requested review from jimmidyson

Assignees
No one assigned
Labels
feature
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@dkoshkin @jimmidyson @supershal @manoj-nutanix