• Stars
    star
    874
  • Rank 52,219 (Top 2 %)
  • Language
    Go
  • License
    Apache License 2.0
  • Created about 5 years ago
  • Updated 3 months ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

Docker image synchronization tool for Docker Registry V2 based services

image-syncer

workflow check workflow build Version Go Report Card Github All Releases codecov License

image-syncer is a docker registry tools. With image-syncer you can synchronize docker images from some source registries to target registries, which include most popular public docker registry services.

English | 简体中文

Features

  • Support for many-to-many registry synchronization
  • Supports docker registry services based on Docker Registry V2 (e.g., Alibaba Cloud Container Registry Service, Docker Hub, Quay.io, Harbor, etc.)
  • Network & Memory Only, doesn't rely on any large disk storage, fast synchronization
  • Incremental Synchronization, ignore unchanged images automatically
  • BloB-Level Concurrent Synchronization, adjustable goroutine numbers
  • Automatic Retries of Failed Sync Tasks, to resolve the network problems (rate limit, etc.) while synchronizing
  • Doesn't rely on Docker daemon or other programs

Usage

GitHub Action

You can use image-sync-action to try image-syncer online without paying for any machine resources.

Install image-syncer

You can download the latest binary release here

Compile Manually

go get github.com/AliyunContainerService/image-syncer
cd $GOPATH/github.com/AliyunContainerService/image-syncer

# This will create a binary file named image-syncer
make

Example

# Get usage information
./image-syncer -h

./image-syncer --proc=6 --auth=./auth.json --images=./images.json --auth=./auth.json --retries=3

Configure Files

Image-syncer supports --auth and --images flag for passing authentication file and image sync configuration file, both of which supports YAML and JSON format. Seperate authentication information is more flexible to reuse it in different sync missions.

The older version (< v1.2.0) of configuration file is still supported via --config flag, you can find the example in config.yaml and config.json.

Authentication file

Authentication file holds all the authentication information for each registry. For each registry (or namespace), there is a object which contains username and password. For each images sync rule in image sync configuration file, image-syncer will try to find a match in all the authentication information and use the best(longest) fit one. Access will be anonymous if no authentication information is found.

You can find the example in auth.yaml and auth.json, here we use auth.yaml for explaination:

quay.io: # This "registry" or "registry/namespace" string should be the same as registry or registry/namespace used below in image sync rules. And if an url match multiple objects, the "registry/namespace" string will actually be used.
  username: xxx
  password: xxxxxxxxx
  insecure: true # Optional, "insecure" field needs to be true if this registry is a http service, default value is false.
registry.cn-beijing.aliyuncs.com:
  username: xxx # Optional, if the value string is a format of "${env}" or "$env", use the "env" environment variables as username.
  password: xxxxxxxxx # Optional, if the value string is a format of "${env}" or "$env", use the "env" environment variables as password.
docker.io:
  username: "${env}"
  password: "$env"
quay.io/coreos:
  username: abc
  password: xxxxxxxxx
  insecure: true

Image sync configuration file

Image sync configuration file defines all the image sync rules. Each rule is a key/value pair, of which the key refers to "the source images url" and the value refers to "the destination images url". The source/destination images url is mostly the same with the url we use in docker pull/push commands, but still something different in the "tags and digest" part:

  1. Neither of the source images url and the destination images url should be empty.
  2. If the source images url contains no tags or digest, all the tags of source repository will be synced.
  3. The source images url can have more than one tags, which should be seperated by comma, only the specified tags will be synced.
  4. The source images url can have at most one digest, and the destination images url should only have no digest or the same digest at the same time.
  5. The "tags" part of source images url can be a regular expression which needs to have an additional prefix and suffix string /. All the tags of source repository that matches the regular expression will be synced. Multiple regular expressions is not supported.
  6. If the destination images url has no digest or tags, it means the source images will keep the same tags or digest after being synced.
  7. The destination images url can have more than one tags, the number of which must be the same with the tags in the source images url, then all the source images' tags will be changed to a new one (correspond from left to right).
  8. The "destination images url" can also be an array, each of which follows the rules above.

You can find the example in images.yaml and images.json, here we use images.yaml for explaination:

quay.io/coreos/kube-rbac-proxy: quay.io/ruohe/kube-rbac-proxy
quay.io/coreos/kube-rbac-proxy:v1.0: quay.io/ruohe/kube-rbac-proxy
quay.io/coreos/kube-rbac-proxy:v1.0,v2.0: quay.io/ruohe/kube-rbac-proxy
quay.io/coreos/kube-rbac-proxy@sha256:14b267eb38aa85fd12d0e168fffa2d8a6187ac53a14a0212b0d4fce8d729598c: quay.io/ruohe/kube-rbac-proxy
quay.io/coreos/kube-rbac-proxy:v1.1:
  - quay.io/ruohe/kube-rbac-proxy1
  - quay.io/ruohe/kube-rbac-proxy2
quay.io/coreos/kube-rbac-proxy:/a+/: quay.io/ruohe/kube-rbac-proxy

Parameters

-h  --help       Usage information

    --config     Set the path of config file, this file need to be created before starting synchronization, default
                 config file is at "current/working/directory/config.json". (This flag can be replaced with flag --auth
                 and --images which for better orgnization.)

    --auth       Set the path of authentication file, this file need to be created before starting synchronization, default
                 config file is at "current/working/directory/auth.json". This flag need to be pair used with --images.

    --images     Set the path of image rules file, this file need to be created before starting synchronization, default
                 config file is at "current/working/directory/images.json". This flag need to be pair used with --auth.

    --log        Set the path of log file, logs will be printed to Stderr by default

    --proc       Number of goroutines, default value is 5

    --retries    Times to retry failed tasks, default value is 2, the retries of failed tasks will start after all the tasks
                 are executed once, this can resolve most occasional network problems during synchronization

    --os         OS list to filter source tags, not works for docker v2 schema1 media, takes no effect if empty

    --arch       Architecture list to filter source tags, takes no effect if empty

    --force      Force update manifest whether the destination manifest exists

FAQs

Frequently asked questions are listed in FAQs

Star History

Star History Chart

More Repositories

1

k8s-for-docker-desktop

为Docker Desktop for Mac/Windows开启Kubernetes和Istio。
PowerShell
4,960
star
2

pouch

An Efficient Enterprise-class Container Engine
Go
4,626
star
3

log-pilot

Collect logs for docker containers
Go
1,429
star
4

gpushare-scheduler-extender

GPU Sharing Scheduler for Kubernetes Cluster
Go
1,403
star
5

kube-eventer

kube-eventer emit kubernetes events to sinks
Go
1,000
star
6

DevOps

阿里云容器服务持续交付
779
star
7

derrick

🐳A tool to help you containerize application in seconds
Go
685
star
8

terway

CNI plugin for Alibaba Cloud VPC/ENI
Go
550
star
9

gpushare-device-plugin

GPU Sharing Device Plugin for Kubernetes Cluster
Go
468
star
10

redis-cluster

HA Redis Cluster with Sentinel by Docker Compose
Shell
455
star
11

kubernetes-cronhpa-controller

⏰kubernetes-cronhpa-controller is a HPA controller that allows to scale your workload based on time schedule.
Go
443
star
12

docker-machine-driver-aliyunecs

Aliyun (Alibaba Cloud) ECS Driver of Docker Machine
Go
203
star
13

serverless-k8s-examples

Examples for Serverless Kubernetes on Alibaba Cloud - https://yq.aliyun.com/articles/591115
Go
158
star
14

ackdistro

Shell
122
star
15

flexvolume

FlexVolume plugin for Alibaba Cloud EBS/NAS/OSS, etc.
Go
109
star
16

jenkins-slaves

jenkins containerized slaves
Shell
107
star
17

alicloud-controller-manager

The official project is moved to https://github.com/kubernetes/cloud-provider-alibaba-cloud
Go
90
star
18

et-operator

Kubernetes Operator for AI and Bigdata Elastic Training
Go
84
star
19

sync-repo

Synchronize images from gcr.io, quay.io and Docker Hub to your Docker registry
Python
82
star
20

velero-plugin

Go
78
star
21

sgx-device-plugin

Kubernetes Device Plugin for Intel SGX
Go
67
star
22

alibaba-cloud-metrics-adapter

Kubernetes Custom Metrics API and External Metrics API for Alibaba Cloud
Go
55
star
23

maven-image

Maven Docker Image with Aliyun Mirror
Dockerfile
47
star
24

kubernetes-issues-solution

Kubernetes related issues solution
Shell
39
star
25

scaler

Java
39
star
26

roadmap

Product roadmap for Alibaba Cloud Container Services including ACK, ACR, ASK - Serverless K8S, ACK@Edge and ASM - Service Mesh
33
star
27

kube2ram

kube2ram provides different Alibaba Cloud RAM roles for pods running on ACK
Go
32
star
28

ack-ram-authenticator

Using Alibaba Cloud credentials to authenticate to a Kubernetes cluster
Go
31
star
29

alicloud-storage-provisioner

Alicloud Storage Provider for Kubernetes
Go
31
star
30

open-service-broker-alibabacloud

The Open Service Broker API implementation for Alibaba Cloud
Go
30
star
31

ack-image-builder

Custom Image Builder for ACK
Shell
28
star
32

ack-kms-plugin

KMS provider plugin for Alibaba Cloud
Go
27
star
33

spring-cloud-k8s-sample

This example demonstrate how to use AliCloud Container Service feature to build a spring-boot application leveraging with Spring Cloud capabilities.
Java
24
star
34

jenkins-demo

Java
23
star
35

spot-instance-advisor

spot-instance-advisor is command line tool to get the cheapest group of spot instanceTypes.
Go
22
star
36

solution-blockchain-demo

This is a repository for source codes of demo application and demo explorer for Blockchain Solution of Alibaba Cloud Container Service
JavaScript
22
star
37

helm-acr

Alibaba Cloud's Helm plugin to push chart package to ChartMuseum.
Go
22
star
38

docker-jenkins

Jenkins Docker Image which can set proper permission for local host volume
Shell
20
star
39

gpu-analyzer

GPU analyzer for Kubernetes GPU clusters
Go
17
star
40

ai-starter

Shell
17
star
41

benchmark-for-spark

benchmark-for-spark
HCL
16
star
42

terway-qos

The QoS project is a cloud-native solution leveraging eBPF technology, designed to efficiently manage and optimize network traffic across diverse hybrid deployment scenarios.
C
15
star
43

ack-secret-manager

ACK Secret Manager allows you to use external secret management systems (*e.g.*, Alibaba Cloud Secrets Manager) to securely add secrets in Kubernetes.
Go
15
star
44

kubeflow-aliyun

Deploy Kubeflow on Alibaba Cloud
14
star
45

monitoring-sample

Shell
13
star
46

cluster-api-provider-alibabacloud

Go
11
star
47

kubernetes-ops-handbook

Common kubernetes problems ops handbook.
10
star
48

hello-servicemesh-grpc

gRPC demo for ServiceMesh
Shell
9
star
49

jenkins-cos

Aliyun-Container-Service-plugin
Java
9
star
50

jenkins-on-serverless

9
star
51

rust-wasm-4-envoy

Shell
8
star
52

kubectl-autoscaler-plugin

7
star
53

ubuntu-image

Official Ubuntu Docker image with Aliyun mirror
7
star
54

centos-image

Official CentOS Docker image with Aliyun mirror
6
star
55

ack-ram-tool

Go
6
star
56

asm-labs

Go
6
star
57

ai-models-on-ack

Examples of deploying AI applications on ACK
Makefile
6
star
58

kubernetes-webhook-injector

Go
6
star
59

ghost-image

Ghost Blog Docker image with Aliyun OSS and MySQL
JavaScript
6
star
60

disk-snapshot

Support Aliyun Disk Snapshot in K8S without CSI Plugin
Go
5
star
61

prometheus-operator-charts

5
star
62

alibabacloud-ack-connector

Go
5
star
63

tsung-image

tsung docker image.
Shell
5
star
64

alpine-image

Official Alpine Docker Image with Aliyun Mirror
Shell
5
star
65

notation-alibabacloud-secret-manager

Go
4
star
66

data-on-ack

Examples of Data & AI/ML on Alibaba Cloud ACK by AI Suite
Go
4
star
67

debian-image

Official Debian Docker image with Aliyun mirror
3
star
68

demo-java

Java
3
star
69

node-resource-manager

3
star
70

nginx-sd-image

Python
2
star
71

demo-logstash

2
star
72

secrets-store-csi-driver-provider-alibaba-cloud

The Alibaba Cloud provider for the Secrets Store CSI Driver allows you to fetch secrets from Alibaba Cloud Secrets Manager and mount them into Kubernetes pods.
Go
2
star
73

python-image

Official Python image with Aliyun mirror of Pypi
Shell
2
star
74

grpc-transcoder

an envoyfiler generator for grpc-transcoder
Go
2
star
75

mpi-operator

Go
1
star
76

ack-tag-tool

Simple tool to tag all Alibaba Cloud resources used in specific ACK K8s cluster.
Python
1
star
77

wordpress-image

Official Wordpress Docker Image with Aliyun OSS plugin
PHP
1
star
78

haproxy-image

Official Haproxy Docker Image with Aliyun Mirror
1
star
79

cloud-environments

Makefile
1
star
80

argo-workflow-examples

Python
1
star
81

infrakit.aliyun

Infrakit plugins for Aliyun (Alibaba Cloud).
Go
1
star
82

node-image

Official NodeJS Docker Image with Taobao NPM mirror
1
star
83

demo-nodejs

JavaScript
1
star
84

gitops-demo

Smarty
1
star
85

ruby-image

Official Ruby Docker image with Ruby China mirror
Shell
1
star
86

jupyter-notebook

Jupyter Notebook Python, Scala, R, Spark, Mesos Stack
1
star
87

alibabacloud-erdma-controller

Go
1
star