Skip to content

Commit

Permalink
add components.containerd (#401)
Browse files Browse the repository at this point in the history 
* add components.containerd

* readme
  • Loading branch information
@anvddriesch
anvddriesch authored Jan 22, 2025
1 parent 47908ee commit 666f221
Show file tree
Hide file tree
Showing 5 changed files with 187 additions and 16 deletions.
4 changes: 4 additions & 0 deletions CHANGELOG.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,10 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0

## [Unreleased]

### Added

- Add `components.containerd` to the schema and values.

## [0.64.0] - 2024-12-11

### Changed
Expand Down
26 changes: 26 additions & 0 deletions helm/cluster-cloud-director/README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -16,6 +16,32 @@ Properties within the `.internal` top-level object
| `internal.skipRde` | **Skip RDE** - Set to true if the API schema extension is installed in the correct version in VCD to create CAPVCD entities in the API. Set to false otherwise.|**Type:** `boolean`<br/>|
| `internal.useAsManagementCluster` | **Display as management cluster**|**Type:** `boolean`<br/>**Default:** `false`|

### Components
Properties within the `.global.components` object
Advanced configuration of components that are running on all nodes.

| **Property** | **Description** | **More Details** |
| :----------- | :-------------- | :--------------- |
| `global.components.containerd` | **Containerd** - Configuration of containerd.|**Type:** `object`<br/>|
| `global.components.containerd.containerRegistries` | **Container registries** - Endpoints and credentials configuration for container registries.|**Type:** `object`<br/>**Default:** `{}`|
| `global.components.containerd.containerRegistries.*` | **Registries** - Container registries and mirrors|**Type:** `array`<br/>|
| `global.components.containerd.containerRegistries.*[*]` | **Registry**|**Type:** `object`<br/>|
| `global.components.containerd.containerRegistries.*[*].credentials` | **Credentials**|**Type:** `object`<br/>|
| `global.components.containerd.containerRegistries.*[*].credentials.auth` | **Auth** - Base64-encoded string from the concatenation of the username, a colon, and the password.|**Type:** `string`<br/>|
| `global.components.containerd.containerRegistries.*[*].credentials.identitytoken` | **Identity token** - Used to authenticate the user and obtain an access token for the registry.|**Type:** `string`<br/>|
| `global.components.containerd.containerRegistries.*[*].credentials.password` | **Password** - Used to authenticate for the registry with username/password.|**Type:** `string`<br/>|
| `global.components.containerd.containerRegistries.*[*].credentials.username` | **Username** - Used to authenticate for the registry with username/password.|**Type:** `string`<br/>|
| `global.components.containerd.containerRegistries.*[*].endpoint` | **Endpoint** - Endpoint for the container registry.|**Type:** `string`<br/>|
| `global.components.containerd.localRegistryCache` | **Local registry caches configuration** - Enable local cache via http://127.0.0.1:<PORT>.|**Type:** `object`<br/>|
| `global.components.containerd.localRegistryCache.enabled` | **Enable local registry caches** - Flag to enable local registry cache.|**Type:** `boolean`<br/>**Default:** `false`|
| `global.components.containerd.localRegistryCache.mirroredRegistries` | **Registries to cache locally** - A list of registries that should be cached.|**Type:** `array`<br/>**Default:** `[]`|
| `global.components.containerd.localRegistryCache.mirroredRegistries[*]` |**None**|**Type:** `string`<br/>|
| `global.components.containerd.localRegistryCache.port` | **Local port for the registry cache** - Port for the local registry cache under: http://127.0.0.1:<PORT>.|**Type:** `integer`<br/>**Default:** `32767`|
| `global.components.containerd.managementClusterRegistryCache` | **Management cluster registry cache** - Caching container registry on a management cluster level.|**Type:** `object`<br/>|
| `global.components.containerd.managementClusterRegistryCache.enabled` | **Enabled** - Enabling this will configure containerd to use management cluster's Zot registry service. To make use of it as a pull-through cache, you also have to specify registries to cache images for.|**Type:** `boolean`<br/>**Default:** `true`|
| `global.components.containerd.managementClusterRegistryCache.mirroredRegistries` | **Registries to cache** - Here you must specify each registry to cache container images for. Please also make sure to have an entry for each registry in Global > Components > Containerd > Container registries.|**Type:** `array`<br/>**Default:** `[]`|
| `global.components.containerd.managementClusterRegistryCache.mirroredRegistries[*]` |**None**|**Type:** `string`<br/>|

### Connectivity
Properties within the `.connectivity` top-level object
Configurations related to cluster connectivity such as container registries.
Expand Down
34 changes: 18 additions & 16 deletions helm/cluster-cloud-director/ci/test-multiple-mirrors-with-auth-and-local-caching.yaml
View file
Original file line number Diff line number Diff line change
@@ -1,25 +1,27 @@
global:
components:
containerd:
containerRegistries:
gsoci.azurecr.io:
- endpoint: zot-test-1.golem.gaws.gigantic.io
credentials:
username: example
password: xxxxx
gsociprivate.azurecr.io:
- endpoint: zot-test-2.golem.gaws.gigantic.io
credentials:
username: example
password: yyyyy
localRegistryCache:
enabled: true
mirroredRegistries:
- gsoci.azurecr.io
- gsociprivate.azurecr.io
connectivity:
network:
loadBalancers:
vipSubnet: 10.205.9.254/24
baseDomain: "test.gigantic.io"
containerRegistries:
gsoci.azurecr.io:
- endpoint: zot-test-1.golem.gaws.gigantic.io
credentials:
username: example
password: xxxxx
gsociprivate.azurecr.io:
- endpoint: zot-test-2.golem.gaws.gigantic.io
credentials:
username: example
password: yyyyy
localRegistryCache:
enabled: true
mirroredRegistries:
- gsoci.azurecr.io
- gsociprivate.azurecr.io
metadata:
description: "Testing Cluster"
name: "test"
Expand Down
129 changes: 129 additions & 0 deletions helm/cluster-cloud-director/values.schema.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -531,6 +531,135 @@
"nodePools"
],
"properties": {
"components": {
"type": "object",
"title": "Components",
"description": "Advanced configuration of components that are running on all nodes.",
"additionalProperties": false,
"properties": {
"containerd": {
"type": "object",
"title": "Containerd",
"description": "Configuration of containerd.",
"required": [
"containerRegistries"
],
"additionalProperties": false,
"properties": {
"containerRegistries": {
"type": "object",
"title": "Container registries",
"description": "Endpoints and credentials configuration for container registries.",
"additionalProperties": {
"type": "array",
"title": "Registries",
"description": "Container registries and mirrors",
"items": {
"type": "object",
"title": "Registry",
"required": [
"endpoint"
],
"properties": {
"credentials": {
"type": "object",
"title": "Credentials",
"properties": {
"auth": {
"type": "string",
"title": "Auth",
"description": "Base64-encoded string from the concatenation of the username, a colon, and the password."
},
"identitytoken": {
"type": "string",
"title": "Identity token",
"description": "Used to authenticate the user and obtain an access token for the registry."
},
"password": {
"type": "string",
"title": "Password",
"description": "Used to authenticate for the registry with username/password."
},
"username": {
"type": "string",
"title": "Username",
"description": "Used to authenticate for the registry with username/password."
}
}
},
"endpoint": {
"type": "string",
"title": "Endpoint",
"description": "Endpoint for the container registry."
}
}
}
},
"default": {}
},
"localRegistryCache": {
"type": "object",
"title": "Local registry caches configuration",
"description": "Enable local cache via http://127.0.0.1:<PORT>.",
"required": [
"enabled",
"port"
],
"additionalProperties": false,
"properties": {
"enabled": {
"type": "boolean",
"title": "Enable local registry caches",
"description": "Flag to enable local registry cache.",
"default": false
},
"mirroredRegistries": {
"type": "array",
"title": "Registries to cache locally",
"description": "A list of registries that should be cached.",
"items": {
"type": "string"
},
"default": []
},
"port": {
"type": "integer",
"title": "Local port for the registry cache",
"description": "Port for the local registry cache under: http://127.0.0.1:<PORT>.",
"default": 32767
}
}
},
"managementClusterRegistryCache": {
"type": "object",
"title": "Management cluster registry cache",
"description": "Caching container registry on a management cluster level.",
"required": [
"enabled"
],
"additionalProperties": false,
"properties": {
"enabled": {
"type": "boolean",
"title": "Enabled",
"description": "Enabling this will configure containerd to use management cluster's Zot registry service. To make use of it as a pull-through cache, you also have to specify registries to cache images for.",
"default": true
},
"mirroredRegistries": {
"type": "array",
"title": "Registries to cache",
"description": "Here you must specify each registry to cache container images for. Please also make sure to have an entry for each registry in Global > Components > Containerd > Container registries.",
"items": {
"type": "string"
},
"default": []
}
}
}
}
}
}
},
"connectivity": {
"type": "object",
"title": "Connectivity",
Expand Down
10 changes: 10 additions & 0 deletions helm/cluster-cloud-director/values.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -232,6 +232,16 @@ cluster:
connectivity:
containerRegistries: {}
global:
components:
containerd:
containerRegistries: {}
localRegistryCache:
enabled: false
mirroredRegistries: []
port: 32767
managementClusterRegistryCache:
enabled: true
mirroredRegistries: []
connectivity:
containerRegistries: {}
localRegistryCache:
Expand Down

0 comments on commit 666f221

Please sign in to comment.