search

siderolabs / talos

Talos Linux is a modern Linux distribution built for Kubernetes.
https://www.talos.dev
Mozilla Public License 2.0
6.91k stars 556 forks source link

configuring image cache #9614

Open smira opened 3 weeks ago

smira commented 3 weeks ago

For security reasons, image cache is enabled only if the machine config has machine.features.imageCache.

It is only enabled if the image cache volume was found.

The local registry service #9612 should be fed with the path(s) of the discovered images cache volumes.

Registry mirror configuration should be adjusted on the fly to include local registry service endpoint as the first entry.

### Tasks
- [ ] https://github.com/siderolabs/talos/issues/9766
- [ ] https://github.com/siderolabs/talos/issues/9767
smira commented 5 days ago

We need a controller which takes machine config as an input, and outputs a resource which implements config.Registries interfaces.

In image/pull.go, read this resource instead of machine config.

In cri_registry_config.go, read this resource instead of machine config.

If image cache is enabled (and we found a volume), this resource is updated to include the registryd endpoint as the first endpoint for all configured mirrors, and for * (even if it's not configured yet).