I want to deploy a product on a client's server using Kubernetes. My product has 4 components. Mainly I am concerned about one only .i.e token_service_api which produces a token through which clients can use other components. let's suppose I have provided them with 4 images of 4 components. And every container from token_service_api image can produce 1 million tokens. The goals I want to achieve are
My one image of token_service_api can produce 1 million tokens. If a client want to deploy 2 or 4 containers of token_service_api image for load balancing purposes how can I keep count of how many token have been generated, if they use different databases.
Secondly they will have images. If they deploy a totally separate Kubernetes cluster, they will again use the infinite tokens. Is there a way to make images use one or two times only and can I stop them from committing a container.
Up till now I have one solution that every token_service_api will request the main component that way I will know how many containers are up.
P.S inbound and outbound traffic traffic of the server will be closed.
Kubernetes doesn't have built-in option, other than Volumes, to save Pod's state, also no built-in option to restrict Pods to be created with certain image.
However, you can indroduce such feature on your custom cluster using Operators and custom Admission Controllers.
From the image perspective you can deny access to the image repository from unknown IPs or use authenticated access to the registry, but that doesn't stop anyone to run more replicas from the image that already exist in the cluster.
Now, for the workarounds:
token_service_api
pods. Alternatively you can scrape number of tokens as a metric by service like Prometheus.