Project

Profile

Help

Pulp Container Roadmap » History » Sprint/Milestone 33

ipanova@redhat.com, 12/11/2019 03:50 PM

1 32 ipanova@redhat.com
# Pulp Container Roadmap
2 2 ipanova@redhat.com
3
~~~
4 32 ipanova@redhat.com
This is a living document that is moving towards a long term plan to develop Container plugin for Pulp 3.0 and beyond.
5 2 ipanova@redhat.com
~~~
6 1 ipanova@redhat.com
7 18 ipanova@redhat.com
~~~
8 32 ipanova@redhat.com
With Pulp as a Container registry you can:
9 18 ipanova@redhat.com
10
- Mirror container image repositories hosted on Docker-hub, Google Container Registry, Quay.io, etc
11
- Reduce disk use space by mirroring container image repositories using the "on demand" policy. An image is only downloaded once it has been requested by a client.
12 32 ipanova@redhat.com
- Use local filesystem or an object storage store such as S3 to host all the container images TBD
13 18 ipanova@redhat.com
- Curate container images by whitelisting what is mirrored from an external repository.
14
- Curate container images by creating repository versions with a specific set of images.
15
- Create versioned repositories that can be promoted or rolled back with a single operation.
16
17
Pulp also has:
18
- tasking system that can be used to perform a variety of specialized work such as analysis of content. e.g. integration with clair-scanner
19
- a large community of users
20
- a commuity of plugin developers
21
~~~
22
23 22 ipanova@redhat.com
<span style="color: #458b74;">green</span>
24 1 ipanova@redhat.com
25
### MVP
26
27 22 ipanova@redhat.com
## Supported Content Types
28
29 32 ipanova@redhat.com
  - <span style="color: #458b74;">Docker Image manifest schema2 and schema1</span>
30
  - {color: #458b74} Docker Manifest list
31
  - {color: #458b74} Docker Blob
32 33 ipanova@redhat.com
  - {color: #458b74} OCI Image manifest schema1
33
  - {color: #458b74} OCI Image index
34
  - {color: #458b74} OCI Blob
35
  - {color: #458b74} Image Tag
36 2 ipanova@redhat.com
37 32 ipanova@redhat.com
## Pulp Container Plugin Use Cases
38 1 ipanova@redhat.com
39
### MVP
40
41 2 ipanova@redhat.com
##### Sync
42 8 ipanova@redhat.com
43 32 ipanova@redhat.com
  - <span style="color: #458b74;">As a user I can sync container repo from Container registry</span>
44 1 ipanova@redhat.com
45
<!-- end list -->
46 8 ipanova@redhat.com
47 16 ipanova@redhat.com
  - {color: #458b74} assumes registry is compliant v2 api specs
48
  - {color: #458b74} with token based auth
49 21 ipanova@redhat.com
  - {color: #458b74} with basic auth
50 16 ipanova@redhat.com
  - {color: #458b74} specify \`feed\` and \`upstream_name\`
51 8 ipanova@redhat.com
52
<!-- end list -->
53 1 ipanova@redhat.com
54 19 ipanova@redhat.com
  - {color: #458b74} As a user I can sync a registry by whitelisting tags ( Filtered Sync)
55 32 ipanova@redhat.com
  - {color: #458b74} As a user i can lazily fetch container repo by specifying the download policy
56
  - {color: #458b74} As a user I can sync a private container repo from Container registry
57
  - {color: #458b74} As a user I can sync from a container repo published by Pulp ( pulp2pulp3 and pulp3pulp3 sync)
58 17 ipanova@redhat.com
  - {color: #458b74} As a user, I can mirror the content of a remote repository with an additive behaviour, so content is never removed locally.
59 1 ipanova@redhat.com
60
**NOTE**: dropping enable_v1, enable_v2, mask_id options
61
62 8 ipanova@redhat.com
##### Publish
63 16 ipanova@redhat.com
64 1 ipanova@redhat.com
  - {color: #458b74} As a user I can distribute container content
65
  - {color: #458b74} As a user, I can specify publish_directory( i.e base_path) from which the content will be served( provided by pulp_core)
66 32 ipanova@redhat.com
  - {color: #458b74} As a user, I can specify base_path that will be used in the Container registry
67 33 ipanova@redhat.com
  - {color: #458b74} As a user I can pull docker content with older client (Pulp will convert on the fly docker image schema2 to schema1)
68
  - {color: #458b74} As a user I cam pull from Container registry that has auth mechanism  
69 28 ipanova@redhat.com
    \*token auth
70 8 ipanova@redhat.com
71 1 ipanova@redhat.com
As a result the above section should enable clients to perform \`docker/podman pull\`
72
73 21 ipanova@redhat.com
**NOTE** dropping protected option
74 1 ipanova@redhat.com
75 21 ipanova@redhat.com
##### Filtering
76
77 22 ipanova@redhat.com
  - {color: #458b74} As a user I can filter tags and images by digest, media_type, tag_name
78 21 ipanova@redhat.com
79 1 ipanova@redhat.com
##### Addition of the content to the repo with deps
80
81 25 ipanova@redhat.com
  - <span style="color: #458b74;">As a user I can add Manifest and all Blobs it references to the destination repo</span>
82
  - <span style="color: #458b74;">As a user I can add Manifest List and all Manifests and Blobs it references to the destination repo</span>
83
  - <span style="color: #458b74;">As a user I can add Tag and all its' associated content it references to the destination repo</span>
84 1 ipanova@redhat.com
85 21 ipanova@redhat.com
##### Removal of the content from the repo with deps
86 1 ipanova@redhat.com
87 31 ipanova@redhat.com
<span style="color: #458b74;">\* As a user I can remove Manifest and all Blobs it references from the repo</span>  
88
<span style="color: #458b74;">\* As a user I can remove Manifest List and all Manifests and Blobs it references from the repo</span>  
89
<span style="color: #458b74;">\* As a user I can remove Tag and all its' associated content it references from the repo</span>
90 21 ipanova@redhat.com
91 30 ipanova@redhat.com
**NOTE** units that are referenced by other units are not removed
92 21 ipanova@redhat.com
93
##### Copy of the content form source repo to the dest repo with deps
94
95 1 ipanova@redhat.com
  - {color: #458b74} As a user I can copy by digest, media_type Manifest and all Blobs it references from the source repo to the destination repo
96 27 ipanova@redhat.com
  - {color: #458b74} As a user I can copy by digest , media_type Manifest List and all Manifests and Blobs it references from the source repo to the destination repo
97
  - {color: #458b74} As a user I can copy Tag by name and all its' associated content it references from the source repo to the destination repo
98
99 21 ipanova@redhat.com
##### Adding/removing Tag via pulp api
100
101
  - <span style="color: #458b74;">As a user I can Tag an imagine in a repo</span>
102 25 ipanova@redhat.com
  - <span style="color: #458b74;">As a user I can Untag an imagine in a repo</span>
103
  - <span style="color: #458b74;">As a user I can point existing Tag to a different image in a repo</span>
104 21 ipanova@redhat.com
105 30 ipanova@redhat.com
### Post-MVP 4.1+ ( subject to extension)
106 1 ipanova@redhat.com
107
##### Sync
108
109 32 ipanova@redhat.com
  - As a user, I can sync from a repository with Foreign Layers and save them in pulp for disconnected env.
110 1 ipanova@redhat.com
  - As a user, I can exactly mirror the content of a remote repository( mirror on sync)
111
112
##### Publish
113
114 32 ipanova@redhat.com
  - As a user I cam pull from Container registry that has auth mechanism  
115 1 ipanova@redhat.com
    \*basic auth
116
117 30 ipanova@redhat.com
##### Force removal of the content from the repo with deps
118
119
  - As a user I can remove Manifest and all Blobs it references from the repo
120
  - As a user I can remove Manifest List and all Manifests and Blobs it references from the repo
121
  - As a user I can remove Tag and all its' associated content it references from the repo
122
123 26 ipanova@redhat.com
##### Export
124 21 ipanova@redhat.com
125 32 ipanova@redhat.com
  - As a user I can distribute Container content using a remote server ( rsync exporter)
126 1 ipanova@redhat.com
127 32 ipanova@redhat.com
##### Docker/podman push
128 25 ipanova@redhat.com
129
  - As a user, I can 'docker push' to a Pulp repository
130 16 ipanova@redhat.com
  - As a user I can 'docker tag' to a Pulp repository
131 1 ipanova@redhat.com
132 10 ipanova@redhat.com
##### Skopeo copy
133 13 ipanova@redhat.com
134 11 ipanova@redhat.com
  - As a user I can use skopeo pulp transport to push images to Pulp container registry
135 7 ipanova@redhat.com
136 13 ipanova@redhat.com
##### Enable v2/catalog endpoint
137 8 ipanova@redhat.com
138 3 ipanova@redhat.com
## What will be dropped in Pulp3
139 1 ipanova@redhat.com
140 2 ipanova@redhat.com
  - v1 API support. In Pulp3 we'll have just v2 api registry and corresponding v2 content types
141 32 ipanova@redhat.com
  - v1/search. There is no v2/search so \`docker search\` for v2 content will not work. If upstream docker will add support for v2 docker content search by the time we deliver container plugin for pulp3 we will reconsider and include the endpoint.
142
  - content protection. In Pulp3 container repos will not support entitlement cert protection. ( option \`protected\` is dropped)
143 7 ipanova@redhat.com
  - export content into a tar file. It was possible to do so for v1 content.
144 32 ipanova@redhat.com
  - Crane is not longer used as a registry API. Pulp 3's ability to serve custom live APIs has made it possible for Crane's feature set to be incorporated into the pulp_container plugin