Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Kubernetes deployment support #506

Open
zhuoyuan-liu opened this issue Sep 11, 2024 · 2 comments
Open

Kubernetes deployment support #506

zhuoyuan-liu opened this issue Sep 11, 2024 · 2 comments
Labels
deployment Deployment related issues ✨ enhancement New feature or request

Comments

@zhuoyuan-liu
Copy link
Contributor

We have successfully deployed osctrl to our k8s cluster. The idea is to deploy the Nginx ingress as the entry point to provide mTLS/TLS termination. After that, the request was forwarded to osctrl-tls.

We also rebuilt the images using KO https://ko.build/ to minimize the vulnerability.

We currently using pure manifest with kustomization and would like to share these manifests if accepted.

@javuto javuto added ✨ enhancement New feature or request deployment Deployment related issues labels Sep 11, 2024
@javuto
Copy link
Collaborator

javuto commented Sep 12, 2024

This is great, please feel free to add any of these things to the project. Thank you! 🙏

@zhuoyuan-liu
Copy link
Contributor Author

zhuoyuan-liu commented Sep 27, 2024

@javuto Do you have a plan to host the docker image for osctrl. We can simply use the github container registry.

As I mentioned, we use the ko to build the production-ready multi-platform distroless images, which only contain the minimum package for running the application.

Here is the example image for osctrl-tls. You can see that the image size is around 20MB without any vulnerability.
image

Here is my example of using KO, which we don't need the dockerfile anymore: https://github.com/zhuoyuan-liu/osctrl/blob/main/.github/actions/build/docker/action.yml

However, for osctrl-admin, it needs some adjustment due to static assets. I am also happy to provide production level dockerfile if you believe dockerfile is a better choice.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
deployment Deployment related issues ✨ enhancement New feature or request
Projects
None yet
Development

No branches or pull requests

2 participants