Data

Tools

Indexes

Applications

Experiments

Awesome

An open API service indexing awesome lists of open source software.

https://github.com/kubesphere/image-sync-config


https://github.com/kubesphere/image-sync-config

Last synced: 2 months ago
JSON representation

Awesome Lists containing this project

README 

        
# image-sync-config



This repository persists `image-syncer` configuration files that cover all the docker images used by KubeSphere.



## Synchrizition Directions



### From other registries to Kubesphere



We prefer to push third part images to the KubeSphere namespace on Docker Hub. with less namespace, we can import/export them to a private registry easier. 



### From Kubesphere to Aliyun CR



Aliyun CR is an alternate way for china users to accelerate image download speed.



## Example



#### Image sync configuration file



Image sync configuration file defines all the image synchronization rules, the following is an example of `images.json`



```yaml

# Rules of image synchronization, each rule is a kv pair of source(key) and destination(value). 



# The source of each rule should not be empty string.



# If you need to synchronize images from one source to multi destinations, add more rules.



# Both source and destination are docker image url (registry/namespace/repository:tag), 

# with or without tags.



# For both source and destination, if destination is not an empty string, "registry/namespace/repository" 

# is needed at least.



# You cannot synchronize a whole namespace or a registry but a repository for one rule at most.



# The repository name and tag of destination can be deferent from source, which works like 

# "docker pull + docker tag + docker push"



"quay.io/coreos/kube-rbac-proxy": "quay.io/ruohe/kube-rbac-proxy",

"xxxx":"xxxxx",

"xxx/xxx/xx:tag1,tag2,tag3":"xxx/xxx/xx"



# If a source doesn't include tags, it means all the tags of this repository need to be synchronized,

# destination should not include tags at this moment.



# Each source can include more than one tags, which is split by comma (e.g., "a/b/c:1", "a/b/c:1,2,3").



# If a source includes just one tag (e.g., "a/b/c:1"), it means only one tag need to be synchronized;

# at this moment, if the destination doesn't include a tag, synchronized image will keep the same tag.



# When a source includes more than one tag (e.g., "a/b/c:1,2,3"), at this moment,

# the destination should not include tags, synchronized images will keep the original tags.

# e.g., "a/b/c:1,2,3":"x/y/z".



# When a destination is an empty string, source will be synchronized to "default-registry/default-namespace"

# with the same repository name and tags, default-registry and default-namespace can be set by both parameters

# and environment variable.

```



#### Authentication file



Authentication file holds all the authentication information for each registry, the following is an example of `auth.json`



```java

{               

    // Authentication fields, each object has a URL as key and a username/password pair as value, 

    // if authentication object is not provided for a registry, access to the registry will be anonymous.

        

    "quay.io": {        // This "registry" or "registry/namespace" string should be the same as registry or registry/namespace used below in "images" field.  

                            // The format of "registry/namespace" will be more prior matched than "registry"

        "username": "xxx",             

        "password": "xxxxxxxxx",

        "insecure": true         // "insecure" field needs to be true if this registry is a http service, default value is false, version of image-syncer need to be later than v1.0.1 to support this field

    },

    "registry.cn-beijing.aliyuncs.com": {

        "username": "xxx",

        "password": "xxxxxxxxx"

    },

    "registry.hub.docker.com": {

        "username": "xxx",

        "password": "xxxxxxxxxx"

    },

    "quay.io/coreos": {     // "registry/namespace" format is supported after v1.0.3 of image-syncer     

        "username": "abc",              

        "password": "xxxxxxxxx",

        "insecure": true  

    }

}

```