lukaszraczylo/kubernetes-images-sync-operator
1
0
Fork 0
mirror of https://github.com/lukaszraczylo/kubernetes-images-sync-operator.git synced 2026-06-05 22:53:39 +00:00
Code Issues Packages Projects Releases Wiki Activity
62 Commits 9 Branches 3 Tags
59a6918eeace2e862d5484cefc2a4d71d5601702
T
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
lukaszraczylo 59a6918eea fixup! fixup! fixup! fixup! fixup! More fixes, moving from python to golang worker.
2025-12-18 01:46:18 +00:00
.github/workflows
fixup! fixup! fixup! More fixes, moving from python to golang worker.
2025-12-18 01:36:52 +00:00
api/raczylo.com/v1
More fixes, moving from python to golang worker.
2025-12-18 01:23:16 +00:00
chart
Bring operator to the brand new world of build and deployments.
2025-12-17 23:45:25 +00:00
chart-defaults
Initial commit for the operator
2024-09-04 20:51:41 +01:00
charts/kube-images-sync-operator
Clean up the code and basic improvements.
2025-12-18 00:17:02 +00:00
cmd
More fixes, moving from python to golang worker.
2025-12-18 01:23:16 +00:00
config
More fixes, moving from python to golang worker.
2025-12-18 01:23:16 +00:00
docker-image-worker
More fixes, moving from python to golang worker.
2025-12-18 01:23:16 +00:00
hack
Initial commit for the operator
2024-09-04 20:51:41 +01:00
internal
fixup! fixup! fixup! fixup! fixup! More fixes, moving from python to golang worker.
2025-12-18 01:46:18 +00:00
.dockerignore
Initial commit for the operator
2024-09-04 20:51:41 +01:00
.gitignore
Add ability to provide annotations to the jobs.
2024-09-12 00:04:55 +01:00
.golangci.yml
Ensure that job pods are also removed.
2024-09-12 00:04:57 +01:00
.goreleaser.yaml
More fixes, moving from python to golang worker.
2025-12-18 01:23:16 +00:00
Dockerfile
Add ability to include/exclude namespaces.
2024-09-12 00:04:53 +01:00
Dockerfile.goreleaser
Bring operator to the brand new world of build and deployments.
2025-12-17 23:45:25 +00:00
Dockerfile.worker
More fixes, moving from python to golang worker.
2025-12-18 01:23:16 +00:00
go.mod
fixup! More fixes, moving from python to golang worker.
2025-12-18 01:26:38 +00:00
go.sum
fixup! More fixes, moving from python to golang worker.
2025-12-18 01:26:38 +00:00
Makefile
Clean up the code and basic improvements.
2025-12-18 00:17:02 +00:00
PROJECT
Update all dependencies
2024-09-04 20:55:54 +01:00
README.md
More fixes, moving from python to golang worker.
2025-12-18 01:23:16 +00:00
semver.yaml
fixup! Work on flapping exports status
2025-01-13 13:27:22 +00:00
update-version.sh
Move directories around
2024-09-12 00:04:53 +01:00
workflow-prepare.sh
fixup! fixup! fixup! fixup! More fixes, moving from python to golang worker.
2025-12-18 01:38:39 +00:00

README.md

kubernetes-images-sync-operator

Kubernetes operator backing up images into the local / S3 compatible storage.

Description

Operator was created to simplify the impex between open-to-world and air-gapped environment. As transfer of the deployment manifests is relatively easy, images are a completely different story. Air-gapped environments usually have issues with missing images and amount of data required to be transferred between them. This operator takes care of it and ensures that no images were missed out ( including initImages and ephemeralImages ) and impex itself is as small as possible due to the cross comparison with previouslly executed backups.

Getting Started

Operator installation

helm repo add raczylo https://lukaszraczylo.github.io/helm-charts/
helm install raczylo/kube-images-sync

Starting the backup

Please remember that backups are triggered whenever the new object appears

apiVersion: raczylo.com/v1
kind: ClusterImageExport
metadata:
  name: backup-20240901
spec:
  name: backup-20240901
  jobAnnotations:
    my-fancy-export: 11-09-2024
  # Excludes will remove all images with listed wording from the backup list
  # excludes:
  #   - nginx

  # Includes will add ONLY images with listed wording to the backup list
  includes:
    - busybox

  # Works only with images within specified namespaces
  # namespaces:
  #  - default
  #  - longhorn

  # Works with all images EXCEPT of the ones within namespaces specified
  # excludedNamespaces:
  #  - my-awesome-namespace

  additionalImages:
    - minio/minio:RELEASE.2024-09-09T16-59-28Z

  basePath: /images # base path in the target directory
  storage:
    target: S3 # file backup is not ready yet
    s3:
      bucket: my-backup-in-s3
      region: us-west-2
      accessKey: yyy
      secretKey: zzz
    # Endpoint allows you to direct the backup to your own S3 compatible endpoint like minio
    # endpoint: http://127.0.0.1:8010
    # secretName: my-secret-in-cluster # Not ready yet
    # useRole: true # Current role to be used instead of access / secret keys
    # roleARN: my-awesome-role # Instead of picking the default role, use the specified one
  maxConcurrentJobs: 1

Automatic Cleanup (TTL & Retention)

To prevent old exports from accumulating, you can configure automatic cleanup using TTL (time-based) or retention policies (count-based).

Warning

: When a ClusterImageExport is deleted, the actual backed up images in storage are also deleted. Make sure your retention settings align with your backup requirements.

TTL-based cleanup

Delete exports after a specified number of days:

apiVersion: raczylo.com/v1
kind: ClusterImageExport
metadata:
  name: daily-backup-2024-12-18
spec:
  name: daily-backup
  basePath: /backups/daily
  storage:
    target: S3
    s3:
      bucket: my-backup-bucket
      region: eu-west-1
      useRole: true
  maxConcurrentJobs: 5
  # Delete this backup 30 days after completion
  ttlDaysAfterFinished: 30

Retention-based cleanup

Keep only the last N successful/failed exports per base path:

apiVersion: raczylo.com/v1
kind: ClusterImageExport
metadata:
  name: weekly-backup-2024-w51
spec:
  name: weekly-backup
  basePath: /backups/weekly
  storage:
    target: S3
    s3:
      bucket: my-backup-bucket
      region: eu-west-1
      useRole: true
  maxConcurrentJobs: 5
  # Keep the last 12 successful backups (3 months of weekly backups)
  # Keep only the last 2 failed backups for debugging
  retention:
    maxSuccessful: 12
    maxFailed: 2

Combined TTL + Retention

You can use both policies together. The export will be deleted when either condition is met:

apiVersion: raczylo.com/v1
kind: ClusterImageExport
metadata:
  name: monthly-backup-2024-12
spec:
  name: monthly-backup
  basePath: /backups/monthly
  storage:
    target: S3
    s3:
      bucket: my-backup-bucket
      region: eu-west-1
      useRole: true
  maxConcurrentJobs: 10
  # Keep backups for up to 1 year
  ttlDaysAfterFinished: 365
  # But also limit to last 12 monthly backups
  retention:
    maxSuccessful: 12
    maxFailed: 1

Worth knowing

  • If you provide roleARN, you also need to set the useRole to true.

Random fluff

Copyright 2024.

Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at

http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.

Reference in New Issue View Git Blame Copy Permalink
S
Description
Mirror of github.com/lukaszraczylo/kubernetes-images-sync-operator
Readme 368 KiB
Languages
Go 91.6%
Makefile 5.1%
Go Template 1.5%
Shell 1.1%
Dockerfile 0.7%