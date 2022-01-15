Editing website images using Thumbor
Thumbor is an open-source project for on-demand image processing. Thumbor provides basic settings for editing images. For example, you can use it to resize the original image, increase its contrast ratio, or remove the red-eye effect.
Thumbor is a convenient tool you can use to prepare images for websites, e.g., to create thumbnails for video previews. Thumbor supports image caching. This allows you to reduce labor costs for your website support.
In the example below, images are posted to a website and edited using Thumbor. The edit includes resizing and adding a watermark. To upload images faster, a CDN is configured for the website using Yandex Cloud CDN.
To edit images using Thumbor and enable the CDN:
If you no longer need the resources you created, delete them.
Getting started
Prepare the infrastructure
-
-
Service account for the resources with the editor role for the folder where the Managed Service for Kubernetes cluster is created. This service account will be used to create resources for the Managed Service for Kubernetes cluster.
-
Service account for nodes with the container-registry.images.puller role to the folder with the Docker image registry. The nodes will pull Docker images from the registry on behalf of this account.
You can use the same service account for both operations.
-
thumbor-saservice account for Thumbor.
-
-
Create a Managed Service for Kubernetes cluster and a node group in any suitable configuration.
-
Create a bucket in Yandex Object Storage.
-
Grant the
thumbor-saservice account the
READpermission for the bucket.
-
If you do not have Terraform yet, install and configure it.
-
Download the file with provider settings. Place it in a separate working directory and specify the parameter values.
-
Download the k8s-for-thumbor.tf configuration file to the same working directory.
This file describes:
-
Network.
-
Subnet.
-
Security groups and rules for multiple functions:
-
Service accounts for different services:
- For Managed Service for Kubernetes cluster and node group.
- For Thumbor.
- To create Object Storage buckets.
-
Managed Service for Kubernetes cluster.
-
Node group.
-
Static access key for bucket creation.
-
Bucket.
-
-
In
k8s-for-thumbor.tf, specify:
- Folder ID.
- Kubernetes version for the Managed Service for Kubernetes cluster and node groups.
-
Run the
terraform initcommand in the directory with the configuration file. This command initializes the provider specified in the configuration files and enables you to use the provider resources and data sources.
-
Check if the Terraform configuration file is correct using this command:
terraform validate
If the file contains any errors, Terraform will point them out.
-
Create an infrastructure:
-
Run the command to view planned changes:
terraform plan
If the resource configuration descriptions are correct, the terminal will display a list of the resources to modify and their parameters. This is a test step. No resources are updated.
-
If you are happy with the planned changes, apply them:
-
Run the command:
terraform apply
-
Confirm the update of resources.
-
Wait for the operation to complete.
-
All the required resources will be created in the specified folder. You can check resource availability and their settings in the management console.
-
Install additional dependencies
-
If you don't have the Yandex Cloud command line interface yet, install and initialize it.
The folder specified in the CLI profile is used by default. You can specify a different folder using the
--folder-nameor
--folder-idparameter.
-
Install kubectl and configure it to work with the created cluster.
Install Thumbor
-
Create a static access key for the
thumbor-saservice account and save it to the
sa-key.jsonfile:
yc iam access-key create --service-account-name thumbor-sa \ --format json > sa-key.json
-
Install Thumbor with the following parameters:
- Namespace:
thumbor.
- Application name:
thumbor.
- Bucket name: Bucket to which you uploaded your images.
- Object Storage static access key: Contents of the
sa-key.jsonfile.
- Unsigned URLs: Allowed.
- Namespace:
Prepare images for Thumbor testing
-
Download images:
-
Upload the images to the bucket:ManuallyUsing Terraform
- In the management console, select the folder to upload an object to.
- Select Object Storage.
- Click the bucket name.
- Click Upload.
- In the window that opens, select the required files and click Open.
- Click Upload.
- Refresh the page.
In the management console, information about the number of objects in a bucket and the used space is updated with a few minutes' delay.
You can only upload objects to a bucket after you create it. Therefore, a separate configuration file is used for uploading images.
-
Download the
images-for-thumbor.tfconfiguration file to the working directory containing the k8s-for-thumbor.tf file. This file describes Object Storage objects, i.e., downloaded images to be uploaded to the bucket.
-
Specify relative or absolute paths to the images in the
images-for-thumbor.tffile. For example, if your images are stored in the same directory as the configuration files, specify:
poster_rodents_bunnysize.jpg
poster_bunny_bunnysize.jpg
cc.xlarge.png
-
-
Run the
terraform initcommand in the directory with the configuration files. This command initializes the provider specified in the configuration files and enables you to use the provider resources and data sources.
-
Check if the Terraform configuration file is correct using this command:
terraform validate
If the file contains any errors, Terraform will point them out.
-
Start image upload to the bucket:
-
Run the command to view planned changes:
terraform plan
If the resource configuration descriptions are correct, the terminal will display a list of the resources to modify and their parameters. This is a test step. No resources are updated.
-
If you are happy with the planned changes, apply them:
-
Run the command:
terraform apply
-
Confirm the update of resources.
-
Wait for the operation to complete.
-
All the required resources will be created in the specified folder. You can check resource availability and their settings in the management console.
-
Configure the CDN
-
Activate a CDN provider for your folder:
yc cdn provider activate --type=gcore --folder-id=<folder_ID>
-
Get the CDN provider's domain name:
yc cdn resource get-provider-cname
Result example:
cname: cl-msa87*****.edgecdn.ru folder_id: b1g86q4m5vej********
The domain name is specified in the
cnameparameter.
-
Configure a CNAME record for your domain:
-
Go to your domain's DNS settings on the site of your DNS hosting provider.
-
Set up a CNAME record so that it refers to the previously copied URL on the
.edgecdn.rudomain. For example, if the website domain name is
cdn.example.com, create a CNAME record or replace an existing one for
cdn:
cdn CNAME cl-msa87*****.edgecdn.ru.
-
-
Get Thumbor's external IP address:
kubectl -n thumbor get svc thumbor \ -o jsonpath='{.status.loadBalancer.ingress[0].ip}'
-
Create an origin group in Cloud CDN:
yc cdn origin-group create \ --name thumbor \ --origin source=<Thumbor_IP_address>,enabled=true
Result example:
id: "123***" folder_id: b1g86q4m5vej******** name: thumbor use_next: true origins: - id: "234****" origin_group_id: "345***" source: cdn.example.com enabled: true
This will get you the origin group ID in the
origin_group_idparameter. You will need this ID in the next step.
-
Create a CDN resource and connect the origin group to it:
yc cdn resource create \ --cname <resource_domain_name> \ --origin-group-id=<origin_group_ID> \ --origin-protocol=https \ --ignore-query-string \ --lets-encrypt-gcore-ssl-cert \ --forward-host-header
Sample resource domain name:
cdn.example.com.
To enable HTTPS access, use a Let's Encrypt® certificate.
Result example:
id: bc855oumelrqw3ceywih folder_id: b1g86q4m5vej******** cname: cdn.example.com created_at: "2022-01-15T15:13:42.827643Z" updated_at: "2022-01-15T15:13:42.827671Z" active: true options: edge_cache_settings: enabled: true default_value: "345600" query_params_options: ignore_query_string: enabled: true value: true host_options: forward_host_header: enabled: true value: true stale: enabled: true value: - error - updating origin_group_id: "345***" origin_group_name: thumbor origin_protocol: HTTPS ssl_certificate: type: LETS_ENCRYPT_GCORE status: CREATING
It takes 15 to 30 minutes to connect a CDN resource.
Check the result
Open your website at the URL:
https://<resource_domain_name>/unsafe/300x400/filters:watermark(cc.xlarge.png,10,-10,80,20)/poster_bunny_bunnysize.jpg
https://<resource_domain_name>/unsafe/600x800/filters:watermark(cc.xlarge.png,10,-10,80,20)/poster_bunny_bunnysize.jpg
https://<resource_domain_name>/unsafe/400x300/filters:watermark(cc.xlarge.png,-10,10,80,15)/poster_rodents_bunnysize.jpg
https://<resource_domain_name>/unsafe/800x600/filters:watermark(cc.xlarge.png,-10,10,80,15)/poster_rodents_bunnysize.jpg
You will see the prepared images of different sizes. Each image carries a Creative Commons watermark.
Delete the resources you created
Some resources are not free of charge. To avoid paying for them, delete the resources you no longer need:
Delete:
- CDN resource.
- CDN origin group.
- Node group.
- Managed Service for Kubernetes cluster.
- Public static IP if you reserved one for the cluster.
- Service accounts.
- Buckets and objects in them.
-
In the terminal window, switch to the directory containing the infrastructure plan.
-
Delete the
images-for-thumbor.tfconfiguration file. To delete a bucket, first delete the objects in it.
-
Check if the changes you made are correct using this command:
terraform validate
If there are any errors in the configuration files, Terraform will point them out.
-
Confirm updating the resources.
-
Run the command to view planned changes:
terraform plan
If the resource configuration descriptions are correct, the terminal will display a list of the resources to modify and their parameters. This is a test step. No resources are updated.
-
If you are happy with the planned changes, apply them:
-
Run the command:
terraform apply
-
Confirm the update of resources.
-
Wait for the operation to complete.
-
-
-
Delete the
k8s-for-thumbor.tfconfiguration file.
-
Make sure the Terraform configuration files are correct using this command:
terraform validate
If there are any errors in the configuration files, Terraform will point them out.
-
Confirm updating the resources.
-
Run the command to view planned changes:
terraform plan
If the resource configuration descriptions are correct, the terminal will display a list of the resources to modify and their parameters. This is a test step. No resources are updated.
-
If you are happy with the planned changes, apply them:
-
Run the command:
terraform apply
-
Confirm the update of resources.
-
Wait for the operation to complete.
-
All the resources described in the
k8s-for-thumbor.tfconfiguration file will be deleted.
-