First time I see this piece of software and I'm both intrigued and scared of what it's capable of. My fear (as a k8s administrator) comes from not yet understanding the details of how it works. Yes, I've read the linked article and project's readme on github and they didn't contain the important details.
Does this tool work with any k8s cluster? or does one at first need to install an operator into their cluster?
Does this tool talk to kubernetes API? If yes - then does it rely on kubectl's config or what?
> No, mirrord doesn’t install anything on the cluster, nor does it have any persistent state. It does spawn a short-living pod/container to run the proxy, which is automatically removed when mirrord exits.
> If you have any restrictions for pulling external images inside your cluster, you have to allow pulling of ghcr.io/metalbear-co/mirrord image.
and also another important detail:
> Since mirrord uses the dynamic linker to load into the application’s process, it cannot load if the binary is statically linked.
[+] [-] aviramha|3 years ago|reply
[+] [-] mathfailure|3 years ago|reply
Does this tool work with any k8s cluster? or does one at first need to install an operator into their cluster?
Does this tool talk to kubernetes API? If yes - then does it rely on kubectl's config or what?
https://mirrord.dev/docs/overview/faq/ - Here I've found an answer to "how exactly does it do it's magic?":
> Does mirrord install anything on the cluster?
> No, mirrord doesn’t install anything on the cluster, nor does it have any persistent state. It does spawn a short-living pod/container to run the proxy, which is automatically removed when mirrord exits.
> If you have any restrictions for pulling external images inside your cluster, you have to allow pulling of ghcr.io/metalbear-co/mirrord image.
and also another important detail:
> Since mirrord uses the dynamic linker to load into the application’s process, it cannot load if the binary is statically linked.