You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: content/operate/kubernetes/deployment/container-images.md
+13-3Lines changed: 13 additions & 3 deletions
Original file line number
Diff line number
Diff line change
@@ -16,10 +16,12 @@ weight: 92
16
16
Redis Enterprise Software, its Kubernetes operator, and the Service Rigger
17
17
are all distributed as separate container images.
18
18
Your Kubernetes deployment will pull these images as needed.
19
-
You can control where these images are
19
+
You can control where these images are
20
20
pulled from within the operator deployment and also via the
21
21
Redis Enterprise custom resources.
22
22
23
+
The operator image also includes the admission controller, which runs as part of the operator container and provides validation for Redis Enterprise database resources.
24
+
23
25
In general, images for deployments that do not have a registry domain
24
26
name (e.g., `gcr.io` or `localhost:5000`) are pulled from the default registry associated
25
27
with the Kubernetes cluster. A plain reference to `redislabs/redis` will likely pull from DockerHub
@@ -84,7 +86,7 @@ Important images for a Redis Enterprise Software deployment include:
84
86
* Redis Enterprise Software
85
87
* Bootstrapping a Redis Enterprise cluster node (in the operator image)
86
88
* The Service Rigger
87
-
* The Redis Enterprise Software operator
89
+
* The Redis Enterprise Software operator (which also includes the admission controller)
88
90
89
91
You will need to push all these images to your private container registry. In general,
90
92
to push the images you must:
@@ -123,7 +125,7 @@ require authentication. If you do need authentication, add a [pull secret](https
123
125
124
126
### Specify the operator image source
125
127
126
-
The operator bundle contains the operator deployment and the reference to the operator image (`redislabs/operator`). To use a private container registry, you must
128
+
The operator bundle contains the operator deployment and the reference to the operator image (`redislabs/operator`). This image includes both the operator functionality and the admission controller. To use a private container registry, you must
127
129
change this image reference in your operator deployment file **before** you deploy the operator. If you apply this change to modify an existing operator deployment, the operator's pod will restart.
128
130
129
131
In the operator deployment file, 'containers:image' should point to the same repository and tag you used when [pushing]({{< relref "/operate/kubernetes/deployment/container-images#push-images-to-a-private-container-registry" >}}) to the private container registry:
@@ -238,6 +240,14 @@ spec:
238
240
versionTag: 7.22.0-7
239
241
```
240
242
243
+
## Admission controller
244
+
245
+
The admission controller is included as part of the operator container image and does not require a separate container image. When you configure a private container registry for the operator image, the admission controller functionality is automatically included.
246
+
247
+
The admission controller runs within the operator pod and provides validation for Redis Enterprise database resources. It exposes an HTTPS endpoint on port 8443 that Kubernetes uses to validate resource configurations before they are applied to the cluster.
248
+
249
+
For more information about configuring the admission controller, see [Enable the admission controller]({{< relref "/operate/kubernetes/deployment/quick-start#enable-the-admission-controller" >}}).
250
+
241
251
## Rate limiting with DockerHub
242
252
243
253
Docker has [rate limits for image pulls](https://www.docker.com/blog/scaling-docker-to-serve-millions-more-developers-network-egress/).
0 commit comments