Kubernetes Container Registry

Related tags

go kubernetes cli kubectl


A kubectl plugin for pushing OCI images through the Kubernetes API server.


  1. Build kubectl-k8scr
make build
  1. Move to location in PATH
sudo mv ./kubectl-k8scr /usr/local/bin
  1. Deploy simple in-memory registry into cluster
kubectl apply -f distribution.yaml

Optional: tail logs to observe results of next step with kubectl logs k8scr -f.

  1. Push image to registry
kubectl k8scr push crossplane/crossplane:v1.2.1


Usage: k8scr <command>

Push and pull images through the Kubernetes API server.

  -h, --help                   Show context-sensitive help.
      --kubeconfig=STRING      Override default kubeconfig path.
  -n, --namespace="default"    Namespace of registry Pod.
  -r, --registry="k8scr"       Name of registry Pod.

  push <image>

  pull <image>

How Does This Work?

k8scr uses go-containerregistry to push and pull images, but passes in an http.RoundTripper that reconstructs OCI distribution compliant requests so that they pass through the Kubernetes API server Pod proxy endpoint, before eventually calling the underlying transport constructed from a user's kubeconfig. This allows for pushing and pulling directly to and from an OCI image registry running in a Kubernetes cluster without having to expose it publicly or privately. Any user with access to the cluster and pods/proxy RBAC permissions for the registry Pod is able to push and pull.

What Else Can It Do?

Pretty much any of the operations go-containerregistry supports could also be supported here as the transport is pluggable. I'll likely move it upstream or offer it as a stand-alone library if there is enough interest.

  • Is this useful?

    Is this useful?

    I wrote k8scr quickly as a way to get OCI images into registries running in Kubernetes clusters because it was relevant to work I do with Crossplane. However, I imagine it could be generally useful for folks, and some have already shown interest. There are a variety of ways the scope of this project could be expanded, such as making the in-cluster registry component a little more automated (i.e. automatically deploy tiny temporary registry just to get image to whatever its final destination in the cluster is). Anyway, I am happy to expand / maintain this project if folks find it useful, so I would love to get some feedback as to what people want to see and how they may be using it already. Feel free to comment below or, if necessary, reach out privately to @hasheddan.

    opened by hasheddan 3
Daniel Mangum
A complex system that works is invariably found to have evolved from a simple system that worked.
Daniel Mangum
A Simple and Comprehensive Vulnerability Scanner for Container Images, Git Repositories and Filesystems. Suitable for CI

A Simple and Comprehensive Vulnerability Scanner for Containers and other Artifacts, Suitable for CI. Table of Contents Abstract Features Installation

Aqua Security 7.5k Jun 12, 2021
Explore Docker registries and manipulate Docker images!

L/S tags Utility and API to manipulate (analyze, synchronize and aggregate) images across different Docker registries. Example invocation $ lstags alp

Ivan Ilves 281 Jun 8, 2021
Build and deploy Go applications on Kubernetes

ko: Easy Go Containers ko is a simple, fast container image builder for Go applications. It's ideal for use cases where your image contains a single G

Google 3k Jun 19, 2021
Enterprise-grade container platform tailored for multicloud and multi-cluster management

KubeSphere Container Platform What is KubeSphere English | 中文 KubeSphere is a distributed operating system providing cloud native stack with Kubernete

KubeSphere 5.6k Jun 14, 2021
Production-Grade Container Scheduling and Management

Kubernetes (K8s) Kubernetes, also known as K8s, is an open source system for managing containerized applications across multiple hosts. It provides ba

Kubernetes 78k Jun 13, 2021
Lightweight Kubernetes

K3s - Lightweight Kubernetes Lightweight Kubernetes. Production ready, easy to install, half the memory, all in a binary less than 100 MB. Great for:

null 17k Jun 12, 2021
A toolbox for debugging docker container and kubernetes with web UI.

A toolbox for debugging Docker container and Kubernetes with visual web UI. You can start the debugging journey on any docker container host! You can

CloudNativer 7 May 18, 2021
👀 A Kubernetes cluster resource sanitizer

Popeye - A Kubernetes Cluster Sanitizer Popeye is a utility that scans live Kubernetes cluster and reports potential issues with deployed resources an

Fernand Galiana 2.7k Jun 14, 2021
The DataStax Kubernetes Operator for Apache Cassandra

Cass Operator The DataStax Kubernetes Operator for Apache Cassandra®. This repository replaces the old datastax/cass-operator for use-cases in the k8s

K8ssandra 18 Jun 17, 2021
Managing your Kubernetes clusters (including public, private, edge, etc) as easily as visiting the Internet

Clusternet Managing Your Clusters (including public, private, hybrid, edge, etc) as easily as Visiting the Internet. Clusternet (Cluster Internet) is

Clusternet 20 Jun 20, 2021
kubequery is a Osquery extension that provides SQL based analytics for Kubernetes clusters

kubequery powered by Osquery kubequery is a Osquery extension that provides SQL based analytics for Kubernetes clusters kubequery will be packaged as

Uptycs Inc 46 Jun 17, 2021
A Kubernetes Mutating Webhook to automatically re-point pod images to mirrors

kubernetes-mimic Kubernetes Mimic is a Mutating Webhook that will watch for pod creation and update events in a Kubernetes cluster and automatically a

null 3 May 6, 2021
Kubernetes Container Registry

k8scr A kubectl plugin for pushing OCI images through the Kubernetes API server. Quickstart Build kubectl-k8scr make build Move to location in PATH s

Daniel Mangum 52 Jun 16, 2021
🐶 Kubernetes CLI To Manage Your Clusters In Style!

K9s - Kubernetes CLI To Manage Your Clusters In Style! K9s provides a terminal UI to interact with your Kubernetes clusters. The aim of this project i

Fernand Galiana 12.3k Jun 21, 2021