From Graduate to Maintainer: My Journey Solving Sealer’s Image Caching Challenges
The author recounts joining the open‑source sealer project in early 2021, describes the tool’s purpose for cloud‑native cluster image packaging, details technical hurdles like caching dependent container images and private‑registry proxying, and shares the solutions, lessons learned, and future plans for the project.
Overview
Sealer is an open‑source cloud‑native tool (originally from Alibaba Cloud, now a CNCF sandbox project) that packages, distributes and runs distributed software on Kubernetes clusters. The project focuses on cluster image management.
Image Module Responsibilities
Cluster image cache – reuse image layers to accelerate builds.
Cluster dependency image cache – automatically cache all container images required by a cluster without user intervention.
Cluster image sharing – push/pull/save/load of cluster images similar to Docker.
Technical Challenges
Caching all dependent container images during the build process, especially for offline clusters.
Providing a proxy for private container registries because Docker daemon does not support registry mirrors for non‑Docker‑Hub registries.
Investigation
The Docker engine ( moby) and the distribution registry ( distribution) source code were examined. The registry’s pull‑through cache supports only a single remoteurl configuration, which is insufficient when a cluster depends on images from multiple registries.
proxy:
remoteurl: https://registry-1.docker.io
username: [username]
password: [password]Solution
Incremental configuration items were added to:
Allow Docker to proxy any container registry.
Enable the registry to cache multiple remote repositories without requiring explicit user configuration (manual overrides remain possible).
The enhanced capabilities are illustrated in the diagram:
Impact
Within a few months of open‑sourcing, Sealer gained its first production user (Zhengcai Cloud). Refactoring moved all image‑related operations into a dedicated module and introduced a filesystem abstraction layer, improving code modularity and reducing the risk of accidental file manipulation.
Future Work
Performance optimization for faster and more stable delivery.
Architectural refactoring to decouple modules and lower the entry barrier for contributors.
Expand the ecosystem by encouraging community contributions to cluster image building.
Improve quick‑start guides and increase developer participation.
Collaborate with related projects such as openyurt (https://github.com/openyurtio/openyurt) and sealos (https://github.com/labring/sealos).
References
Sealer repository: https://github.com/sealerio/sealer
Docker private‑registry mirror issue: https://github.com/moby/moby/issues/18818
Docker source: https://github.com/moby/moby
Distribution source: https://github.com/distribution/distribution
Signed-in readers can open the original source through BestHub's protected redirect.
This article has been distilled and summarized from source material, then republished for learning and reference. If you believe it infringes your rights, please contactand we will review it promptly.
Alibaba Cloud Native
We publish cloud-native tech news, curate in-depth content, host regular events and live streams, and share Alibaba product and user case studies. Join us to explore and share the cloud-native insights you need.
How this landed with the community
Was this worth your time?
0 Comments
Thoughtful readers leave field notes, pushback, and hard-won operational detail here.