Pulp Container Roadmap » History » Sprint/Milestone 34
ipanova@redhat.com, 05/04/2020 02:20 PM
| 1 | 32 | ipanova@redhat.com | # Pulp Container Roadmap |
|---|---|---|---|
| 2 | 2 | ipanova@redhat.com | |
| 3 | ~~~ |
||
| 4 | 32 | ipanova@redhat.com | This is a living document that is moving towards a long term plan to develop Container plugin for Pulp 3.0 and beyond. |
| 5 | 2 | ipanova@redhat.com | ~~~ |
| 6 | 1 | ipanova@redhat.com | |
| 7 | 18 | ipanova@redhat.com | ~~~ |
| 8 | 32 | ipanova@redhat.com | With Pulp as a Container registry you can: |
| 9 | 18 | ipanova@redhat.com | |
| 10 | - Mirror container image repositories hosted on Docker-hub, Google Container Registry, Quay.io, etc |
||
| 11 | - Reduce disk use space by mirroring container image repositories using the "on demand" policy. An image is only downloaded once it has been requested by a client. |
||
| 12 | 32 | ipanova@redhat.com | - Use local filesystem or an object storage store such as S3 to host all the container images TBD |
| 13 | 18 | ipanova@redhat.com | - Curate container images by whitelisting what is mirrored from an external repository. |
| 14 | - Curate container images by creating repository versions with a specific set of images. |
||
| 15 | - Create versioned repositories that can be promoted or rolled back with a single operation. |
||
| 16 | |||
| 17 | Pulp also has: |
||
| 18 | - tasking system that can be used to perform a variety of specialized work such as analysis of content. e.g. integration with clair-scanner |
||
| 19 | - a large community of users |
||
| 20 | - a commuity of plugin developers |
||
| 21 | ~~~ |
||
| 22 | |||
| 23 | 1 | ipanova@redhat.com | |
| 24 | |||
| 25 | ## Supported Content Types |
||
| 26 | |||
| 27 | 34 | ipanova@redhat.com | - Docker Image manifest schema2 and schema1 (conversion on the fly) |
| 28 | - Docker Manifest list |
||
| 29 | - Docker Blob |
||
| 30 | - OCI Image manifest schema1 |
||
| 31 | - OCI Image index |
||
| 32 | - OCI Blob |
||
| 33 | - Image Tag |
||
| 34 | 1 | ipanova@redhat.com | |
| 35 | ## Pulp Container Plugin Use Cases |
||
| 36 | |||
| 37 | |||
| 38 | ##### Sync |
||
| 39 | |||
| 40 | 34 | ipanova@redhat.com | - As a user I can sync container repo from Container registry |
| 41 | * assumes registry is compliant v2 api specs |
||
| 42 | * with token based auth |
||
| 43 | * with basic auth |
||
| 44 | * specify \`feed\` and \`upstream_name\` |
||
| 45 | 1 | ipanova@redhat.com | |
| 46 | 34 | ipanova@redhat.com | - As a user I can sync a registry by whitelisting tags ( Filtered Sync) |
| 47 | * whitelisting tags supports wildcards |
||
| 48 | - As a user i can lazily fetch container repo by specifying the download policy |
||
| 49 | - As a user I can sync a private container repo from Container registry |
||
| 50 | - As a user I can sync from a container repo published by Pulp ( pulp2pulp3 and pulp3pulp3 sync) |
||
| 51 | - As a user, I can mirror the content of a remote repository with an additive behaviour, so content is never removed locally. |
||
| 52 | - As a user, I can exactly mirror the content of a remote repository( mirror on sync) |
||
| 53 | 1 | ipanova@redhat.com | |
| 54 | **NOTE**: dropping enable_v1, enable_v2, mask_id options |
||
| 55 | 8 | ipanova@redhat.com | |
| 56 | 16 | ipanova@redhat.com | ##### Publish |
| 57 | 1 | ipanova@redhat.com | |
| 58 | 34 | ipanova@redhat.com | - As a user I can distribute container content |
| 59 | - As a user, I can specify base_path that will be used in the Container registry |
||
| 60 | - As a user I can pull docker content with older client (Pulp will convert on the fly docker image schema2 to schema1) |
||
| 61 | - As a user I cam pull from Container registry that has auth mechanism |
||
| 62 | 33 | ipanova@redhat.com | \*token auth |
| 63 | 1 | ipanova@redhat.com | |
| 64 | 28 | ipanova@redhat.com | As a result the above section should enable clients to perform \`docker/podman pull\` |
| 65 | 1 | ipanova@redhat.com | |
| 66 | **NOTE** dropping protected option |
||
| 67 | |||
| 68 | 21 | ipanova@redhat.com | ##### Filtering |
| 69 | 1 | ipanova@redhat.com | |
| 70 | 34 | ipanova@redhat.com | - As a user I can filter tags and images by digest, media_type, tag_name |
| 71 | 21 | ipanova@redhat.com | |
| 72 | 22 | ipanova@redhat.com | ##### Addition of the content to the repo with deps |
| 73 | 21 | ipanova@redhat.com | |
| 74 | 34 | ipanova@redhat.com | - As a user I can add Manifest and all Blobs it references to the destination repo |
| 75 | - As a user I can add Manifest List and all Manifests and Blobs it references to the destination repo |
||
| 76 | - As a user I can add Tag and all its' associated content it references to the destination repo |
||
| 77 | 25 | ipanova@redhat.com | |
| 78 | ##### Removal of the content from the repo with deps |
||
| 79 | 1 | ipanova@redhat.com | |
| 80 | 34 | ipanova@redhat.com | - As a user I can remove Manifest and all Blobs it references from the repo |
| 81 | - As a user I can remove Manifest List and all Manifests and Blobs it references from the repo |
||
| 82 | - As a user I can remove Tag and all its' associated content it references from the repo |
||
| 83 | 21 | ipanova@redhat.com | |
| 84 | 1 | ipanova@redhat.com | **NOTE** units that are referenced by other units are not removed |
| 85 | 31 | ipanova@redhat.com | |
| 86 | ##### Copy of the content form source repo to the dest repo with deps |
||
| 87 | |||
| 88 | 34 | ipanova@redhat.com | - As a user I can copy by digest, media_type Manifest and all Blobs it references from the source repo to the destination repo |
| 89 | - As a user I can copy by digest , media_type Manifest List and all Manifests and Blobs it references from the source repo to the destination repo |
||
| 90 | - As a user I can copy Tag by name and all its' associated content it references from the source repo to the destination repo |
||
| 91 | 21 | ipanova@redhat.com | |
| 92 | 1 | ipanova@redhat.com | ##### Adding/removing Tag via pulp api |
| 93 | 27 | ipanova@redhat.com | |
| 94 | 34 | ipanova@redhat.com | - As a user I can Tag an imagine in a repo |
| 95 | - As a user I can Untag an imagine in a repo |
||
| 96 | - As a user I can point existing Tag to a different image in a repo |
||
| 97 | 21 | ipanova@redhat.com | |
| 98 | 34 | ipanova@redhat.com | ##### Enable v2/catalog endpoint |
| 99 | 25 | ipanova@redhat.com | |
| 100 | 34 | ipanova@redhat.com | ##### As a user I can build OCI images from Containerfiles and serve them from Pulp Registry |
| 101 | |||
| 102 | ### Post-MVP ( subject to extension) |
||
| 103 | |||
| 104 | 1 | ipanova@redhat.com | ##### Sync |
| 105 | |||
| 106 | 32 | ipanova@redhat.com | - As a user, I can sync from a repository with Foreign Layers and save them in pulp for disconnected env. |
| 107 | 34 | ipanova@redhat.com | - As a user, I can sync from external registry using a pull-secret file |
| 108 | 1 | ipanova@redhat.com | |
| 109 | 34 | ipanova@redhat.com | |
| 110 | 1 | ipanova@redhat.com | ##### Publish |
| 111 | 32 | ipanova@redhat.com | |
| 112 | 1 | ipanova@redhat.com | - As a user I cam pull from Container registry that has auth mechanism |
| 113 | \*basic auth |
||
| 114 | 30 | ipanova@redhat.com | |
| 115 | ##### Force removal of the content from the repo with deps |
||
| 116 | |||
| 117 | - As a user I can remove Manifest and all Blobs it references from the repo |
||
| 118 | - As a user I can remove Manifest List and all Manifests and Blobs it references from the repo |
||
| 119 | - As a user I can remove Tag and all its' associated content it references from the repo |
||
| 120 | 26 | ipanova@redhat.com | |
| 121 | 21 | ipanova@redhat.com | ##### Export |
| 122 | 32 | ipanova@redhat.com | |
| 123 | 1 | ipanova@redhat.com | - As a user I can distribute Container content using a remote server ( rsync exporter) |
| 124 | 32 | ipanova@redhat.com | |
| 125 | 34 | ipanova@redhat.com | ##### Import/Export |
| 126 | - As a user I can export a repository and import it in an air-gapped environment |
||
| 127 | |||
| 128 | 1 | ipanova@redhat.com | ##### Docker/podman push |
| 129 | 10 | ipanova@redhat.com | |
| 130 | 13 | ipanova@redhat.com | - As a user, I can 'docker push' to a Pulp repository |
| 131 | 11 | ipanova@redhat.com | - As a user I can 'docker tag' to a Pulp repository |
| 132 | 7 | ipanova@redhat.com | |
| 133 | 13 | ipanova@redhat.com | ##### Skopeo copy |
| 134 | 8 | ipanova@redhat.com | |
| 135 | 3 | ipanova@redhat.com | - As a user I can use skopeo pulp transport to push images to Pulp container registry |
| 136 | 1 | ipanova@redhat.com | |
| 137 | 2 | ipanova@redhat.com | |
| 138 | 32 | ipanova@redhat.com | ## What will be dropped in Pulp3 |
| 139 | |||
| 140 | 7 | ipanova@redhat.com | - v1 API support. In Pulp3 we'll have just v2 api registry and corresponding v2 content types |
| 141 | 32 | ipanova@redhat.com | - v1/search. There is no v2/search so \`docker search\` for v2 content will not work. If upstream docker will add support for v2 docker content search by the time we deliver container plugin for pulp3 we will reconsider and include the endpoint. |
| 142 | 1 | ipanova@redhat.com | - content protection. In Pulp3 container repos will not support entitlement cert protection. ( option \`protected\` is dropped) |
| 143 | - export content into a tar file. It was possible to do so for v1 content. |
||
| 144 | - Crane is not longer used as a registry API. Pulp 3's ability to serve custom live APIs has made it possible for Crane's feature set to be incorporated into the pulp_container plugin |
.