ocm-controller is a pivotal part of the Open Component Model (OCM) ecosystem, designed to automate software deployment using the Open Component Model alongside Flux.
Here are its core functionalities:
Component Descriptor Resolution:
ComponentDescriptormetadata for specific component versions.
- Handles authentication with OCM repositories, safeguarding secure access to required resources.
- Fetches artifacts from OCM repositories, gathering essential software or data necessary for deployment.
- Conducts verification of components ensuring integrity and correctness.
- Makes individual resources from components available within the cluster, facilitating proper resource management.
Localization and Configuration:
- Manages localization and configuration of component resources, ensuring correct setup for the target environment.
ocm-controller is developed to be a robust tool within the OCM framework, aiming to streamline the deployment process, making it more structured, secure, and automated. Through its features, it tackles various crucial aspects of modern software deployment, contributing to a more efficient and reliable deployment workflow.
ocm-controller operates using a pipeline model. The purpose of the pipeline is to process resources from a component and automatically prepare them for deployment, using deployment information that is part of the component itself. In this, sense the processing pipeline is “OCM aware”.
The pipeline model is faciliated through the introduction of a
Snapshot Kubernetes resource. The
Snapshot resource is managed by the
ocm-controller and captures the output of a pipeline step. The content of a
Snapshot is persisted to an in-cluster OCI registry that is also managed by the
ocm-controller. As a result of the dedicated Kuberetes resource and OCI-based storage, S
Snapshot’s can be processed and produced by any third-party Kubernetes controller. In addition,
Snapshots are Flux-compliant OCI Images and can be deployed using Flux.
ocm-controller contains several built-in processors that can produce, transform and deploy
Snapshots, these are as follows:
- Produces a
Snapshotcontaining the specified OCM resource
- Produces a
Snapshotthat applies Localization rules to an input resource. Localization rules specify how to resolve references to images or other artifacts in manifests that are part of the resource using information from the
Component. This is important when deploying in air-gapped scenarios or when resources have been moved from their original location using the
- Similar to the
Localizationprocess but applies configuration rules to an input resource. Configuration data can be passed inline to the controller and is then validated and injected into the resource manifests.
- An WASM-based controller that allows streamlining and consolidating the pipeline approach. Each step in a
ResourcePipelinecan be a WASM module that contains the logic for transforming resources. A dedicated ABI is provided that enables calling host-functions in order to access component metadata. The
ResourcePipelineshould eventually replace all usage of
- A Flux wrapper that consumes
FluxDeployercreates a Flux
OCIRepositorysource that can be consumed by either a