A container for rsync:ing stuff
These environment variables can be used to configure the container
DEBUG=
SSH_PRIVATE_KEY_FILE=/secrets/id_rsa
SSH_PRIVATE_KEY=<private key here> # Prioritized over SSH_PRIVATE_KEY_FILE if set
SSH_KNOWN_HOSTS_FILE=/config/know_hosts
SSH_KNOWN_HOSTS=<known_hosts contents here> # Prioritize dover SSH_KNOWN_HOSTS_FILE if set
RSYNC_SOURCE=/m/source/
RSYNC_TARGET=/m/target/
RSYNC_OPTIONS=-avz
SSH_PRIVATE_KEY_FILE
should contain path to the private key to be used for accessing any remote hosts. Alternatively the key can be directly given in the SSH_PRIVATE_KEY
. SSH_PRIVATE_KEY
will be prioritized if both are set.
SSH_KNOWN_HOSTS_FILE
should contain the public keys for the ssh hosts that will be accessed. Format is whatever will be accepted as UserKnownHostsFile in ssh_config. Alternatively the contents of the file can be given in SSH_KNOWN_HOSTS
. SSH_KNOWN_HOSTS will be prioritized if both are set
RSYNC_SOURCE
and RSYNC_TARGET
will be fed to rsync as is. They can be either local (e.g. /path/to/file) or remote (e.g. [email protected]:/path/to/file) or whatever rsync normally accepts.
RSYNC_OPTIONS
can be used to define extra options for rsync. Do not override the ssh command ('-e' -flag). Anything that would need the ssh command to be customized (e.g. different ssh port) are not well supported at the moment.
Make sure you have have the OpenShift CLI tools installed and that you are logged in
oc login
Before using the rsync image, we need to import it from dockerhub to the OpenShift internal registry
Import the image:
oc import-image rsync:latest --from=docker.io/secoresearch/rsync:latest --confirm --scheduled true
Set the lookup policy for the imagestream. This makes it so that Kubernetes Resources (e.g. ubilds, Jobs) can refernece the imagestream directly.
oc set image-lookup rsync
If you wish, you can replace the imagestream name 'rsync' with something else.
TODO: Setting up known_hosts config not explained here
In the openshift/ folder, there is a template that can be used to schedule rsync of a folder/file between a volume and a remote host
First you need to have an OpenShift secret containing the private ssh key used to access the remote host. If you don't have one, create one e.g.
oc create secret generic <secret-name> --from-file=ssh-privatekey=<path/to/ssh/privatekey> --type=kubernetes.io/ssh-auth
To create an rsync CronJob using the template:
oc process -f 'template-rsync-cronjob.yaml' --param-file <template-parameters-file> | oc create -f -
or
oc process -f 'template-rsync-cronjob.yaml' -p CRONJOB_NAME=example-rsync -p ... | oc create -f -
See rsync-cronjob-example.params
for an example parameters file.