From e9b2e2efc9a247dd161c2e0c63c77972b8a79d8e Mon Sep 17 00:00:00 2001 From: Rastislav Szabo Date: Thu, 8 Jul 2021 12:11:04 +0200 Subject: [PATCH] Add general overview docs (#23) Signed-off-by: Rastislav Szabo --- README.md | 2 + doc/README.md | 37 ++++++ doc/{ => img}/architecture.graphml | 0 doc/{ => img}/architecture.svg | 0 doc/img/global-registry-overview.svg | 3 + doc/img/global-registry-overview.xml | 162 +++++++++++++++++++++++++++ doc/reconciliation.md | 2 +- 7 files changed, 205 insertions(+), 1 deletion(-) create mode 100644 doc/README.md rename doc/{ => img}/architecture.graphml (100%) rename doc/{ => img}/architecture.svg (100%) create mode 100644 doc/img/global-registry-overview.svg create mode 100644 doc/img/global-registry-overview.xml diff --git a/README.md b/README.md index 9141fb4..282050d 100644 --- a/README.md +++ b/README.md @@ -62,6 +62,8 @@ project. Registry and Project resources are declaratively configured as separate files. For examples, see the `examples` directory. +For more details, feel free to review the content of the [Documentaion folder](doc/README.md). + ## Usage ### Applying the configuration diff --git a/doc/README.md b/doc/README.md new file mode 100644 index 0000000..ab6097b --- /dev/null +++ b/doc/README.md @@ -0,0 +1,37 @@ +# Registryman Documentation + +## Concepts +Registryman (Registry Manager) allows configuration of container image registry +projects, project members and project replication rules in a declarative way (by +virtue of k8s custom resources / YAML files) on top of multiple types of container image registries. + +Registryman can manage configuration of multiple registries at once and supports building hierarchical +registry solutions, consisting of: + + - **Global Registry Hub**, which acts as a single source of truth for centralized image & vulnerability management, + - **Multiple Local Registries** potentially located in different regions to have the images in close location to users. + +The Registryman ensures automatic replication of images between the Global and Local registries based on +the intent described using Registryman API. + +An example of such deployment is shown on the following picture: + +![global-registry-overview.svg](./img/global-registry-overview.svg "Overview") + +To summarize the concepts shown on the picture: + +- the setup consists of a single Global Registry Hub and multiple Local Registries, +- configuration and policies for projects across the whole setup can be managed using Registryman, +- Registryman ensures that projects, project members and project replication rules configuration is always synchronized across the setup, +- the users of global projects can push the images into the Global Registry Hub, +- images of the global projects will be automatically synchronized to all Local Registries, +- image consumers can pull the image from any Local (or Global) registry, e.g. based on their physical location, +- local project can exist within the Local Registries, they can be managed via Registryman, but are not replicated anywhere. + +## Implementation Details +For more implementation details, you can review the following documents: + +- [Registries and Projects](projects.md) +- [Data Model](datamodel.md) +- [Reconciliation](reconciliation.md) +- [Actions](actions.md) diff --git a/doc/architecture.graphml b/doc/img/architecture.graphml similarity index 100% rename from doc/architecture.graphml rename to doc/img/architecture.graphml diff --git a/doc/architecture.svg b/doc/img/architecture.svg similarity index 100% rename from doc/architecture.svg rename to doc/img/architecture.svg diff --git a/doc/img/global-registry-overview.svg b/doc/img/global-registry-overview.svg new file mode 100644 index 0000000..d423fcf --- /dev/null +++ b/doc/img/global-registry-overview.svg @@ -0,0 +1,3 @@ + + +
Global Registry Hub 
Global Registry Hub 
Project A
Project A
Project B
Project B
Local Registry EU 
Local Registry EU 
Project A
Project A
Project B
Project B
Local Project
Local Project
Local Registry Asia 
Local Registry Asia 
Project A
Project A
Project B
Project B
Local Project
Local Project
PUSH
PUSH
PULL
PULL
Global
Registry User
Globa...
PUSH
PUSH
Local
Registry User
Local...
PULL
PULL
SYNC
SYNC
SYNC
SYNC
Security
Scanner
Security...

Config + Policy
Reconciliation
Config + Poli...
Config Policies
Config Poli...
Project Admins
Proje...Viewer does not support full SVG 1.1 \ No newline at end of file diff --git a/doc/img/global-registry-overview.xml b/doc/img/global-registry-overview.xml new file mode 100644 index 0000000..77939e5 --- /dev/null +++ b/doc/img/global-registry-overview.xml @@ -0,0 +1,162 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/doc/reconciliation.md b/doc/reconciliation.md index cf4bfaa..f928767 100644 --- a/doc/reconciliation.md +++ b/doc/reconciliation.md @@ -8,7 +8,7 @@ and then compares it to the expected state. The architecture or registryman is shown below. -![architecture.svg](./architecture.svg "Architecture") +![architecture.svg](./img/architecture.svg "Architecture") ### The main packages