Using local asset repositories
- To avoid rate limits or network transfer costs.
- To limit exposure to watering-hole attacks.
There can be one repository for images and another for files.
To configure a local image repository, set either or assets.containerProxy
in the cluster spec. They both do essentially the same thing, but containerRegistry
avoids using characters in the local image names.
Configuring a local file repository
To configure a local file repository, set assets.fileRepository
in the cluster spec.
You can copy assets into their repositories either by running kops get assets --copy
or through an external process.
For file assets, kOps only supports copying to a repository that is either an S3 or GCS bucket. An S3 bucket must be configured using the . A GCS bucket must be configured with a prefix of https://storage.googleapis.com/
.
Introduced |
---|
kOps 1.22 |
You can obtain a list of image and file assets used by a particular cluster by running kops get assets
. You can get output in table, YAML, or JSON format. You can feed this into a process, external to kOps, for copying the assets to their respective repositories.