Git Product home page Git Product logo

texano00 / urunner Goto Github PK

View Code? Open in Web Editor NEW
11.0 2.0 3.0 632 KB

URunner is a lightweight Kubernetes utility in order to auto restart pods on image tag digest change. This is very useful on environments where it is commonly used the latest tag which frequently changes over time. Urunner auto detects the container image tag digest (for example the digest of tag latest) and automatically restart pods.

Dockerfile 3.62% Python 85.85% Smarty 10.53%
containers docker helm kubernetes

urunner's Introduction

urunner

Artifact Hub CI_CD_Helm CI_CD_App

Intro

URunner is a lightweight Kubernetes utility in order to auto restart pods on image tag digest change.
This is very useful on environments where it is commonly used the latest tag which frequently changes over time.
Urunner auto detects the container image tag digest (for example the digest of tag latest) and automatically restart pods.

Docker API V2

Urunner integrates external container registry (ex. Harbor) using standard Docker API V2.
Actually Harbor, AWS ECR, Digital Ocean and GitLab are the container registries officially supported.
Azure ACR and Dockerhub support will be released soon.

URunner use cases with specific how-to:

Configurable watcher

Urunner is also fully configurable in order to watch only specific namespaces with specific label to manage exception.
Add label urunner=enable to all namespaces in order to be watched by Urunner.
kubectl label ns mynamespace urunner=enable

apiVersion: v1
kind: Namespace
metadata:
  labels:
    # add this label
    urunner: enable
  name: mynamespace

Also, you can add exceptions inside mynamespace, for example
kubectl label deployment mydeployment urunner=disable -n mynamespace

apiVersion: apps/v1
kind: Deployment
metadata:
  labels:
    # add this label
    urunner: disable
...

Doing so, all deployments except mydeployment will be watched by Urunner.

Helm

helm upgrade --install urunner oci://ghcr.io/texano00/urunner/helm/urunner --version 0.1.0 --values my-values.yaml -n urunner --create-namespace

Urunner env vars

Var Description Example
URUNNER_CONF_DOCKER_API_VERIFY SSL verify to docker registry True or False
URUNNER_CONF_LOG_LEVEL Log Level DEBUG,INFO,WARNING
URUNNER_CONF_KUBE_AUTH Kubernetes client authentication strategy incluster or kubeconfig
URUNNER_CONF_SQLLIGHT_PATH Path of sqlight DB ./urunner.db
URUNNER_CONF_FREQUENCY_CHECK_SECONDS Frequency of urunner cron job (seconds) 30
URUNNER_CONF_CONTAINER_REGISTRY_TO_WATCH Which is the container registry to watch registry.mycompanyhost.net:8080
URUNNER_CONF_CONTAINER_REGISTRY_TYPE Kind of container registry harbor,aws_ecr, digitalocean, gitlab
URUNNER_SECR_HARBOR_USER Harbor username, configure only if registry type is harbor user
URUNNER_SECR_HARBOR_PASS Harbor password, configure only if registry type is harbor pass
URUNNER_SECR_AWS_ACCESS_KEY_ID AWS credential in order to pull from AWS private ECR, configure only if registry type is aws_ecr AKIAIOSFODNN7EXAMPLE
URUNNER_SECR_AWS_REGION AWS region us-east-2
URUNNER_SECR_AWS_SECRET_ACCESS_KEY AWS credential in order to pull from AWS private ECR, configure only if registry type is aws_ecr wJalrXUtnFEMI/K7MDENG/xRfiCYEXAMPLEKEY
URUNNER_SECR_DIGITAL_OCEAN_TOKEN Digital Ocean token xxxxx
URUNNER_SECR_GITLAB_TOKEN Gitlab token xxxxx

Flow

Generic

AWS

DigitalOCean

GitLab

ToDo

  • Test Azure ACR integration
  • manage sqlite persistence in Helm chart

Notes

Logo was generated using Fotor AI tool https://www.fotor.com/features/ai-image-generator/

urunner's People

Contributors

texano00 avatar tekno45 avatar

Stargazers

Jae Hyuck Sa avatar Giovanni Ferri avatar Rachid Zarouali avatar Andrew Kan avatar Rico Moorman avatar avatar Pablo Reyes avatar avatar ryankim avatar avatar Gerard Albanell avatar

Watchers

avatar avatar

Forkers

overzoo joseph-netog tekno45

urunner's Issues

cannot validate aws region

ERR

Traceback (most recent call last): File "/app/app.py", line 51, in <module> schedule.run_pending() File "/usr/lib/python3.10/site-packages/schedule/__init__.py", line 780, in run_pending default_scheduler.run_pending() File "/usr/lib/python3.10/site-packages/schedule/__init__.py", line 100, in run_pending self._run_job(job) File "/usr/lib/python3.10/site-packages/schedule/__init__.py", line 172, in _run_job ret = job.run() File "/usr/lib/python3.10/site-packages/schedule/__init__.py", line 661, in run ret = self.job_func() File "/app/app.py", line 39, in job general.process_resource(db_ref=db_ref, kubernetes=kubernetes, image=image) File "/app/utils/general.py", line 77, in process_resource auth = docker_api_auth_mapper[container_registry_type](image) File "/app/utils/dockerapi.py", line 41, in get_aws_auth client = boto3.client("ecr", region_name=config.get_urunner_secr_aws_region) File "/usr/lib/python3.10/site-packages/boto3/__init__.py", line 92, in client return _get_default_session().client(*args, **kwargs) File "/usr/lib/python3.10/site-packages/boto3/session.py", line 299, in client return self._session.create_client( File "/usr/lib/python3.10/site-packages/botocore/session.py", line 918, in create_client region_name = self._resolve_region_name(region_name, config) File "/usr/lib/python3.10/site-packages/botocore/session.py", line 1002, in _resolve_region_name validate_region_name(region_name) File "/usr/lib/python3.10/site-packages/botocore/utils.py", line 1307, in validate_region_name valid = valid_host_label.match(region_name) TypeError: expected string or bytes-like object

Even if URUNNER_SECR_AWS_REGION=us-east-1 was set

GitLab container registry support

Hello @texano00!

I'm trying to use urunner to auto-restart a pod that uses an image hosted in GitLab Container registry, and it seems that the harbor/DockerV2 API doesn't work for those โ€”ย I get "ERROR:root:Error status code: 401" in urunner logs. Can you please look into implementing support for GitLab registries as well?

Unable requesting repository if I use another region

This line
client = boto3.client("ecr", region_name="us-east-2")
leads to unable requesting repository if I use another region (not "us-east-2").
As I seen you have real region in lines above.
Please fix if you will have time

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.