Project

Profile

Help

Pulp Container Roadmap » History » Sprint/Milestone 30

ipanova@redhat.com, 08/28/2019 08:08 PM

1 1 ipanova@redhat.com
# Pulp Docker Roadmap
2 2 ipanova@redhat.com
3
~~~
4
This is a living document that is moving towards a long term plan to develop Docker plugin for Pulp 3.0 and beyond.
5
~~~
6 1 ipanova@redhat.com
7 18 ipanova@redhat.com
~~~
8
With Pulp as a docker registry you can:
9
10
- Mirror container image repositories hosted on Docker-hub, Google Container Registry, Quay.io, etc
11
- Reduce disk use space by mirroring container image repositories using the "on demand" policy. An image is only downloaded once it has been requested by a client.
12
- Use local filesystem or an object storage store such as S3 to host all the container images.
13
- Curate container images by whitelisting what is mirrored from an external repository.
14
- Curate container images by creating repository versions with a specific set of images.
15
- Create versioned repositories that can be promoted or rolled back with a single operation.
16
17
Pulp also has:
18
- tasking system that can be used to perform a variety of specialized work such as analysis of content. e.g. integration with clair-scanner
19
- a large community of users
20
- a commuity of plugin developers
21
~~~
22
23 22 ipanova@redhat.com
<span style="color: #458b74;">green</span>
24 1 ipanova@redhat.com
25
### MVP
26
27 22 ipanova@redhat.com
## Supported Content Types
28
29 16 ipanova@redhat.com
  - <span style="color: #458b74;">Image manifest schema2 and schema1</span>
30
  - {color: #458b74} Manifest list
31
  - {color: #458b74} Blob
32
  - {color: #458b74} Tag
33 2 ipanova@redhat.com
34 1 ipanova@redhat.com
## Pulp Docker Plugin Use Cases
35
36
### MVP
37
38 2 ipanova@redhat.com
##### Sync
39 8 ipanova@redhat.com
40 16 ipanova@redhat.com
  - <span style="color: #458b74;">As a user I can sync docker repo from docker registry</span>
41 1 ipanova@redhat.com
42
<!-- end list -->
43 8 ipanova@redhat.com
44 16 ipanova@redhat.com
  - {color: #458b74} assumes registry is compliant v2 api specs
45
  - {color: #458b74} with token based auth
46 21 ipanova@redhat.com
  - {color: #458b74} with basic auth
47 16 ipanova@redhat.com
  - {color: #458b74} specify \`feed\` and \`upstream_name\`
48 8 ipanova@redhat.com
49
<!-- end list -->
50 1 ipanova@redhat.com
51 19 ipanova@redhat.com
  - {color: #458b74} As a user I can sync a registry by whitelisting tags ( Filtered Sync)
52
  - {color: #458b74} As a user i can lazily fetch docker repo by specifying the download policy
53 23 ipanova@redhat.com
  - {color: #458b74} As a user I can sync a private docker repo from docker registry
54
  - {color: #458b74} As a user I can sync from a docker repo published by Pulp ( pulp2pulp3 and pulp3pulp3 sync)
55 17 ipanova@redhat.com
  - {color: #458b74} As a user, I can mirror the content of a remote repository with an additive behaviour, so content is never removed locally.
56 1 ipanova@redhat.com
57
**NOTE**: dropping enable_v1, enable_v2, mask_id options
58
59 8 ipanova@redhat.com
##### Publish
60
61 16 ipanova@redhat.com
  - {color: #458b74} As a user I can distribute docker content
62
  - {color: #458b74} As a user, I can specify publish_directory( i.e base_path) from which the content will be served( provided by pulp_core)
63 29 ipanova@redhat.com
  - {color: #458b74} As a user, I can specify base_path that will be used in the docker registry
64 13 ipanova@redhat.com
  - As a user I can specify whether i want to convert docker image schema2 to schema1( aka schema convertor, for older clients support)
65 30 ipanova@redhat.com
  - As a user I cam pull from docker registry that has auth mechanism  
66 28 ipanova@redhat.com
    \*token auth
67 8 ipanova@redhat.com
68 1 ipanova@redhat.com
As a result the above section should enable clients to perform \`docker/podman pull\`
69
70 21 ipanova@redhat.com
**NOTE** dropping protected option
71 1 ipanova@redhat.com
72 21 ipanova@redhat.com
##### Filtering
73
74 22 ipanova@redhat.com
  - {color: #458b74} As a user I can filter tags and images by digest, media_type, tag_name
75 21 ipanova@redhat.com
76 1 ipanova@redhat.com
##### Addition of the content to the repo with deps
77
78 25 ipanova@redhat.com
  - <span style="color: #458b74;">As a user I can add Manifest and all Blobs it references to the destination repo</span>
79
  - <span style="color: #458b74;">As a user I can add Manifest List and all Manifests and Blobs it references to the destination repo</span>
80
  - <span style="color: #458b74;">As a user I can add Tag and all its' associated content it references to the destination repo</span>
81 1 ipanova@redhat.com
82 21 ipanova@redhat.com
##### Removal of the content from the repo with deps
83 1 ipanova@redhat.com
84 21 ipanova@redhat.com
  - As a user I can remove Manifest and all Blobs it references from the repo
85 1 ipanova@redhat.com
  - As a user I can remove Manifest List and all Manifests and Blobs it references from the repo
86 21 ipanova@redhat.com
  - As a user I can remove Tag and all its' associated content it references from the repo
87
88 30 ipanova@redhat.com
**NOTE** units that are referenced by other units are not removed
89 21 ipanova@redhat.com
90
##### Copy of the content form source repo to the dest repo with deps
91
92 1 ipanova@redhat.com
  - {color: #458b74} As a user I can copy by digest, media_type Manifest and all Blobs it references from the source repo to the destination repo
93 27 ipanova@redhat.com
  - {color: #458b74} As a user I can copy by digest , media_type Manifest List and all Manifests and Blobs it references from the source repo to the destination repo
94
  - {color: #458b74} As a user I can copy Tag by name and all its' associated content it references from the source repo to the destination repo
95
96 21 ipanova@redhat.com
##### Adding/removing Tag via pulp api
97
98
  - <span style="color: #458b74;">As a user I can Tag an imagine in a repo</span>
99 25 ipanova@redhat.com
  - <span style="color: #458b74;">As a user I can Untag an imagine in a repo</span>
100
  - <span style="color: #458b74;">As a user I can point existing Tag to a different image in a repo</span>
101 21 ipanova@redhat.com
102 30 ipanova@redhat.com
### Post-MVP 4.1+ ( subject to extension)
103 1 ipanova@redhat.com
104
##### Sync
105
106
  - As a user, I can sync from a repository with Forein Layers and save them in pulp for disconnected env.
107
  - As a user, I can exactly mirror the content of a remote repository( mirror on sync)
108
109
##### Publish
110
111
  - As a user I cam pull from docker registry that has auth mechanish  
112
    \*basic auth
113
114 30 ipanova@redhat.com
##### Force removal of the content from the repo with deps
115
116
  - As a user I can remove Manifest and all Blobs it references from the repo
117
  - As a user I can remove Manifest List and all Manifests and Blobs it references from the repo
118
  - As a user I can remove Tag and all its' associated content it references from the repo
119
120 26 ipanova@redhat.com
##### Export
121 21 ipanova@redhat.com
122 1 ipanova@redhat.com
  - As a user I can distribute docker content using a remote server ( rsync exporter)
123
124 25 ipanova@redhat.com
##### Docker push
125
126
  - As a user, I can 'docker push' to a Pulp repository
127 16 ipanova@redhat.com
  - As a user I can 'docker tag' to a Pulp repository
128 1 ipanova@redhat.com
129 10 ipanova@redhat.com
##### Skopeo copy
130 13 ipanova@redhat.com
131 11 ipanova@redhat.com
  - As a user I can use skopeo pulp transport to push images to Pulp container registry
132 7 ipanova@redhat.com
133 13 ipanova@redhat.com
##### Enable v2/catalog endpoint
134 8 ipanova@redhat.com
135 3 ipanova@redhat.com
## What will be dropped in Pulp3
136 1 ipanova@redhat.com
137 2 ipanova@redhat.com
  - v1 API support. In Pulp3 we'll have just v2 api registry and corresponding v2 content types
138
  - v1/search. There is no v2/search so \`docker search\` for v2 content will not work. If upstream docker will add support for v2 docker content search by the time we deliver docker plugin for pulp3 we will reconsider and include the endpoint.
139 1 ipanova@redhat.com
  - content protection. In Pulp3 docker repos will not support entitlement cert protection. ( option \`protected\` is dropped)
140 7 ipanova@redhat.com
  - export content into a tar file. It was possible to do so for v1 content.
141 13 ipanova@redhat.com
  - Crane is not longer used as a registry API. Pulp 3's ability to serve custom live APIs has made it possible for Crane's feature set to be incorporated into the pulp_docker plugin