Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add pull through cache ability to the Registry. #779

Merged
merged 1 commit into from
Aug 5, 2015
Merged

Add pull through cache ability to the Registry. #779

merged 1 commit into from
Aug 5, 2015

Conversation

RichardScothern
Copy link
Contributor

Add pull through cache ability to the Registry.

Create a Repository middleware which delegates storage to a proxyBlobStore
and proxyManifestStore. These stores will pull through data if not present
locally.

Create a Registry middleware which runs a scheduler to remove
expired content.

The scheduler runs as a background goroutine. When a blob
or manifest is pulled through from the remote registry,
an entry is added to the scheduler with a TTL. When the
TTL expires the scheduler calls a pre-specified function
to remove the fetched resource.

Add token authentication to the registry middleware.
Get a token at startup and preload the credential store
with the username and password supplied in the config file.

Signed-off-by: Richard Scothern richard.scothern@gmail.com

@thaJeztah thaJeztah mentioned this pull request Jul 29, 2015
Closed
@dmp42 dmp42 added this to the Registry/2.1 milestone Jul 29, 2015
@thaJeztah thaJeztah mentioned this pull request Jul 29, 2015
Closed
@RichardScothern RichardScothern force-pushed the pull-through-cache branch 2 times, most recently from bf39258 to 375afb0 Compare July 30, 2015 00:45
@RichardScothern RichardScothern mentioned this pull request Jul 30, 2015
Closed
stevvooe
stevvooe reviewed Jul 30, 2015
View reviewed changes
cmd/registry/config-cache.yml
disabled: true
middleware:
repository:
- name: proxy
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Does one have to configure both middlewares for this to work? I'm worried people will omit one or other or not even understand this. Can we make it so that the repository portion is not required?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Reduced to a single middleware configuration.

ahmetb
ahmetb reviewed Jul 31, 2015
View reviewed changes
docs/mirror.md
For example, if your mirror is serving on http://10.0.0.2:5000, you would run:

```
docker --registry-mirror=http://10.0.0.2:5000 -d
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hmm, wouldn't the docker daemon complain about this example address as it is not https?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It would. I'll change the example to https (and link the certs documentation)

@RichardScothern RichardScothern force-pushed the pull-through-cache branch 2 times, most recently from abb5f3b to ad39ef9 Compare August 4, 2015 20:16
@RichardScothern
Copy link
Contributor Author

Now 100% unmiddlewared, @stevvooe

@stevvooe
Copy link
Collaborator

stevvooe commented Aug 4, 2015

LGTM

aaronlehmann
aaronlehmann reviewed Aug 4, 2015
View reviewed changes
registry/proxy/proxyblobstore.go
scheduler *scheduler.TTLExpirationScheduler
}

var _ distribution.BlobStore = proxyBlobStore{}
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

What does this line do?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It asserts that proxyBlobStore implements the distribution.BlobStore
interface.

On Tue, Aug 4, 2015 at 3:46 PM, Aaron Lehmann notifications@github.com
wrote:

In registry/proxy/proxyblobstore.go
#779 (comment):

  • "github.com/docker/distribution"
  • "github.com/docker/distribution/context"
  • "github.com/docker/distribution/digest"
  • "github.com/docker/distribution/registry/proxy/scheduler"
    +)

+// todo(richardscothern): from cache control header or config file
+const blobTTL = time.Duration(24 * 7 * time.Hour)
+
+type proxyBlobStore struct {

  • localStore distribution.BlobStore
  • remoteStore distribution.BlobService
  • scheduler *scheduler.TTLExpirationScheduler
    +}

+var _ distribution.BlobStore = proxyBlobStore{}

What does this line do?


Reply to this email directly or view it on GitHub
https://github.com/docker/distribution/pull/779/files#r36251728.

@aaronlehmann
Copy link
Contributor

LGTM, but note minor comments above.

@RichardScothern
Add pull through cache functionality to the Registry which can be con…
94935f3 
…figured

with a new `proxy` section in the configuration file.

Create a new registry type which delegates storage to a proxyBlobStore
and proxyManifestStore.  These stores will pull through data if not present
locally.  proxyBlobStore takes care not to write duplicate data to disk.

Add a scheduler to cleanup expired content. The scheduler runs as a background
goroutine.  When a blob or manifest is pulled through from the remote registry,
an entry is added to the scheduler with a TTL.  When the TTL expires the
scheduler calls a pre-specified function to remove the fetched resource.

Add token authentication to the registry middleware.  Get a token at startup
and preload the credential store with the username and password supplied in the
config file.

Allow resumable digest functionality to be disabled at runtime and disable
it when the registry is a pull through cache.

Signed-off-by: Richard Scothern <richard.scothern@gmail.com>
stevvooe added a commit that referenced this pull request Aug 5, 2015
@stevvooe
Merge pull request #779 from RichardScothern/pull-through-cache
a0c6337 
Add pull through cache ability to the Registry.
@stevvooe stevvooe merged commit a0c6337 into distribution:master Aug 5, 2015
@RichardScothern RichardScothern mentioned this pull request Aug 5, 2015
Closed
12 tasks
@dalanlan
Copy link

dalanlan commented Aug 5, 2015

I was wondering how to set up a mirror registry for a private registry (gcr.io, for example).
Should we configure it as cmd/registry/config-cache.yml?
I do believe an example enclosed in the doc would help much:)

@dmp42
Copy link
Contributor

dmp42 commented Aug 5, 2015

@dalanlan this is still experimental - mirroring of private registries is not yet a supported scenario (by docker itself).

@dalanlan
Copy link

dalanlan commented Aug 5, 2015

Ic. Many thanks ;-)

@dalanlan
Copy link

dalanlan commented Aug 5, 2015

Any pr i can trace though?

@dmp42
Copy link
Contributor

dmp42 commented Aug 6, 2015

@dalanlan do you mean #779 ?

@dalanlan
Copy link

dalanlan commented Aug 6, 2015

Hmm, as specified in #459

Unlike the V1 registry mirroring feature, a V2 registry mirror can proxy to a private registry.

I assume it's a coming feature. And since #779 is merged, i was wondering whether there is any other pr to trace.

@dalanlan
Copy link

dalanlan commented Aug 6, 2015

Or this feature has been fully finished by #779, remaining experimental though. If that's the case, any new milestone ( will not be Registry/2.1 anymore ) in plan? :)

@mbentley
Copy link
Contributor

mbentley commented Aug 6, 2015

Awesome, so far the pull through caching is working well for me on docker engine 1.8.0-rc2. I'll put more load on it tomorrow 👍

@dmp42
Copy link
Contributor

dmp42 commented Aug 6, 2015

@dalanlan it's a bit early for registry 2.2.

For now, the docker engine itself only support Hub mirroring (though the registry side of it is not limited).

About the "experimental" status: we feel mirroring needs to be fire-tested before calling it "stable".

@lvlv
Copy link

lvlv commented Aug 12, 2015

@matt @olivier Do we have some instructions to set this up? It'll be super
useful for me. :-)
Thanks

On Fri, Aug 7, 2015 at 1:23 AM, Olivier Gambier notifications@github.com
wrote:

@dalanlan https://github.com/dalanlan it's a bit early for registry 2.2.

For now, the docker engine itself only support Hub mirroring (though the
registry side of it is not limited).

About the "experimental" status: we feel mirroring needs to be fire-tested
before calling it "stable".


Reply to this email directly or view it on GitHub
#779 (comment).

@mbentley
Copy link
Contributor

@lvlv - I just did the following:

docker run -d --restart=always -p 5000:5000 --name v2-mirror \
  -v /data/v2-mirror:/var/lib/registry \
  distribution/registry:2.1.0-rc.0 \
  /var/lib/registry/config.mirror.yml

I have a config.mirror.yml file in my /data/v2-mirror directory on my host to provide my customized configuration that enables the mirror (and removes any other features I am currently not using). My config looks like this:

version: 0.1
log:
  level: info
storage:
    filesystem:
        rootdirectory: /var/lib/registry
http:
    addr: :5000
proxy:
  remoteurl: https://registry-1.docker.io

@stevvooe
Copy link
Collaborator

Please stop commenting on merged issues. This is not a support channel.

@distribution distribution locked and limited conversation to collaborators Aug 12, 2015
@RichardScothern RichardScothern deleted the pull-through-cache branch October 30, 2015 21:32
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers
No reviews
Assignees

@RichardScothern RichardScothern

Labels
feature
Projects
None yet
Milestone
Registry/2.1
Development

Successfully merging this pull request may close these issues.

None yet
9 participants
@RichardScothern @stevvooe @aaronlehmann @dalanlan @dmp42 @mbentley @lvlv @ahmetb @GordonTheTurtle