Commit graph

675 commits

Author SHA1 Message Date
Stephen Day
3dc95e213c Merge pull request #104 from AndreyKostov/storagedriver-s3-fix-iam-role-bug
Fixes an IAM role authentication bug
2015-01-23 16:03:21 -08:00
Andrey Kostov
34f86b9ad6 Fixes an IAM role authentication bug
More specifically, the driver panics if initialized with
FromParameters with empty accesskey or secretkey.
2015-01-23 15:50:55 -08:00
Stephen Day
75c1b2bae7 Merge pull request #91 from tianon/dockerfile-godeps
Update the Dockerfile to use the Godeps versions of libraries and to explicitly use golang:1.4
2015-01-22 16:11:46 -08:00
Stephen Day
bd0d90396b Merge pull request #98 from docker/circle-godep
Move to circle.yml to godep
2015-01-22 16:11:02 -08:00
Olivier Gambier
49357a5d59 Move to godep 2015-01-22 15:52:46 -08:00
Stephen Day
6b3bfa724d Merge pull request #90 from stevvooe/registry-decorator
Implement registry decorator toolkit
2015-01-22 15:08:13 -08:00
Stephen Day
686da01dd7 Merge pull request #93 from BrianBland/config-test
Adds test for extraneous configuration environment variables
2015-01-21 15:40:14 -08:00
Brian Bland
a35f1d04fe Adds test for extraneous configuration environment variables
Signed-off-by: Brian Bland <brian.bland@docker.com>
2015-01-21 12:02:51 -08:00
Stephen J Day
3911880491 Implement registry decorator toolkit
This change provides a toolkit for intercepting registry calls, such as
`ManifestService.Get` and `LayerUpload.Finish`, with the goal of easily
supporting interesting callbacks and listeners. The package proxies
returned objects through the decorate function before creation, allowing one to
carefully choose injection points.

Use cases range from notification systems all the way to cache integration.
While such a tool isn't strictly necessary, it reduces the amount of code
required to accomplish such tasks, deferring the tricky aspects to the
decorator package.

Signed-off-by: Stephen J Day <stephen.day@docker.com>
2015-01-21 10:46:20 -08:00
Tianon Gravi
037a8a11e8 Update the Dockerfile to use the Godeps versions of libraries and to explicitly use golang:1.4
This speeds up the build (and makes it more consistent) since it doesn't have to clone a bunch of repos. 👍

Signed-off-by: Andrew "Tianon" Page <admwiggin@gmail.com>
2015-01-20 20:08:44 -07:00
Stephen Day
c448e04169 Merge pull request #89 from jlhawn/version_header
Add Docker Distribution API Version header
2015-01-20 13:42:12 -08:00
Josh Hawn
c4b2249cb2 Add Docker Distribution API Version header
Setting a header for all responses can help clients better determine
if the server speaks the legacy v1 API or the v2 API. It is important
that the header be set *BEFORE* routing the request.

Docker-DCO-1.1-Signed-off-by: Josh Hawn <josh.hawn@docker.com> (github: jlhawn)
2015-01-20 13:26:05 -08:00
Olivier Gambier
8ae6179711 Merge pull request #74 from stevvooe/refactor-storage-interfaces
Refactor storage API to be registry oriented
2015-01-20 10:44:56 -08:00
Stephen Day
4dcc892bf2 Merge pull request #81 from AndreyKostov/storagedriver-s3-fix-param
Fix regionName parameter so as to not have a panic when it is not a string
2015-01-19 15:29:36 -08:00
Andrey Kostov
671c69e0df Fix regionName parameter so as to not have a panic when it is not a string 2015-01-19 14:23:28 -08:00
Ahmet Alp Balkan
7f200f886a Add TestPutContentMultipleTimes to storage driver suite
Signed-off-by: Ahmet Alp Balkan <ahmetalpbalkan@gmail.com>
2015-01-18 00:29:12 -08:00
Ahmet Alp Balkan
9981318d75 modify TestWriteReadLargeStreams to write in one shot 2015-01-17 17:11:12 -08:00
Stephen J Day
ff4a1700cc Update the registry app to use the new storage interfaces
Signed-off-by: Stephen J Day <stephen.day@docker.com>
2015-01-16 18:33:28 -08:00
Stephen J Day
ea5b999fc0 Refactor storage API to be registry oriented
In support of making the storage API ready for supporting notifications and
mirroring, we've begun the process of paring down the storage model. The
process started by creating a central Registry interface. From there, the
common name argument on the LayerService and ManifestService was factored into
a Repository interface. The rest of the changes directly follow from this.

An interface wishlist was added, suggesting a direction to take the registry
package that should support the distribution project's future goals. As these
objects move out of the storage package and we implement a Registry backed by
the http client, these design choices will start getting validation.

Signed-off-by: Stephen J Day <stephen.day@docker.com>
2015-01-16 18:33:21 -08:00
Stephen Day
03406ab708 Merge pull request #73 from BrianBland/godeps
Updates Godeps to a compiling/stable state
2015-01-16 14:05:16 -08:00
Brian Bland
e1ab3443db Updates Godeps to a compiling/stable state
Includes newer docker/libtrust and crowdmob/goamz
2015-01-16 13:56:37 -08:00
Stephen Day
81ea264dea Merge pull request #70 from BrianBland/go-yaml-dep
Remove dependency on BrianBland/yaml fork
2015-01-16 13:55:55 -08:00
Brian Bland
24155c0431 Remove dependency on BrianBland/yaml fork
Switched back to only using the go-yaml/yaml mainline repo.
Fixes #69
2015-01-16 11:36:25 -08:00
Stephen Day
10c9dfb5a6 Merge pull request #67 from BrianBland/layerhandler-http-method
Forwards http method to the layerhandler for layer serving
2015-01-16 10:54:20 -08:00
Brian Bland
bd9f3702f7 DelegateLayerHandler now uses http method in url generation 2015-01-15 18:15:26 -08:00
Stephen Day
e5f0622a14 Merge pull request #64 from stevvooe/separate-signature-storage
Refactor backend storage layout to meet new requirements (addresses #25, #46)
2015-01-15 13:33:46 -08:00
Stephen Day
effa09bd77 Merge pull request #63 from AndreyKostov/add-urlfor-method-param
Add functionality to make a url signed for a HEAD request to S4 driver
2015-01-15 10:44:05 -08:00
Stephen J Day
83d62628fc Refactor storage to use new backend layout
This change refactors the storage backend to use the new path layout. To
facilitate this, manifest storage has been separated into a revision store and
tag store, supported by a more general blob store. The blob store is a hybrid
object, effectively providing both small object access, keyed by content
address, as well as methods that can be used to manage and traverse links to
underlying blobs. This covers common operations used in the revision store and
tag store, such as linking and traversal. The blob store can also be updated to
better support layer reading but this refactoring has been left for another
day.

The revision store and tag store support the manifest store's compound view of
data. These underlying stores provide facilities for richer access models, such
as content-addressable access and a richer tagging model. The highlight of this
change is the ability to sign a manifest from different hosts and have the
registry merge and serve those signatures as part of the manifest package.

Various other items, such as the delegate layer handler, were updated to more
directly use the blob store or other mechanism to fit with the changes.

Signed-off-by: Stephen J Day <stephen.day@docker.com>
2015-01-15 10:32:18 -08:00
Olivier Gambier
82a7101f21 Merge pull request #66 from stevvooe/autogenerate-authors-file
Autogenerate AUTHORS file for distribution repo
2015-01-15 10:07:21 -08:00
Stephen J Day
deddda5d29 Autogenerate AUTHORS file for distribution repo
Signed-off-by: Stephen J Day <stephen.day@docker.com>
2015-01-14 16:25:27 -08:00
Andrey Kostov
bdd5d35622 Add functionality to make a url signed for a HEAD request to S4 driver 2015-01-14 13:37:39 -08:00
Stephen Day
d64e70b0e1 Merge pull request #59 from stevvooe/use-godep-for-dependencies
Use Godep to vendor distribution dependencies
2015-01-14 12:13:25 -08:00
Stephen J Day
3277d9fc74 Redesign path layout for backend storage
Several requirements for storing registry data have been compiled and the
backend layout has been refactored to comply. Specifically, we now store most
data as blobs that are linked from repositories. All data access is traversed
through repositories. Manifest updates are no longer destructive and support
references by digest or tag. Signatures for manifests are now stored externally
to the manifest payload to allow merging of signatures posted at different
time.

The design is detailed in the documentation for pathMapper.

Signed-off-by: Stephen J Day <stephen.day@docker.com>
2015-01-14 11:34:47 -08:00
Stephen J Day
10a4605ec2 Explicitly select digest method for content
Detecting tar files then falling back for calculating digests turned out to be
fairly unreliable. Likely, the implementation was broken for content that was
not a tarfile. Also, for the use case of the registry, it is really not needed.
This functionality has been removed in FromReader and FromBytes. FromTarArchive
has been added for convenience.

Signed-off-by: Stephen J Day <stephen.day@docker.com>
2015-01-14 10:35:42 -08:00
Stephen Day
6b18639eac Merge pull request #60 from BrianBland/s3-docs
Clarifies s3 driver "secure" flag documentation
2015-01-13 19:39:47 -08:00
Brian Bland
14c8e2b5f0 Clarifies s3 driver "secure" flag documentation
Signed-off-by: Brian Bland <brian.bland@docker.com>
2015-01-13 11:38:19 -08:00
Stephen J Day
01bc08351d Ignore Godeps for gofmt and golint
Signed-off-by: Stephen J Day <stephen.day@docker.com>
2015-01-12 14:01:13 -08:00
Stephen J Day
fc2a840e8f Use Godep to vendor distribution dependencies
As we get closer to release, we need to ensure that builds are repeatable.
Godep provides a workable solution to managing dependencies in Go to support
this requirement. This commit should be bolstered by updates to documentation
and build configuration.

Signed-off-by: Stephen J Day <stephen.day@docker.com>
2015-01-12 14:01:04 -08:00
Stephen Day
972a95f077 Merge pull request #58 from BrianBland/s3-enable
Enables s3 driver
2015-01-12 13:41:35 -08:00
Brian Bland
16a258ce69 Enables s3 driver, limits permission check to scope of rootdirectory
Signed-off-by: Brian Bland <brian.bland@docker.com>
2015-01-12 13:34:49 -08:00
Stephen Day
df4441d03c Merge pull request #18 from AndreyKostov/ng-add-s3driver-features
Add features to the s3 driver
2015-01-12 13:10:33 -08:00
Stephen Day
e9e26bd362 Merge pull request #56 from stevvooe/blob-upload-unknown
Correctly handle missing layer upload
2015-01-12 12:14:32 -08:00
Olivier Gambier
bbc94aef39 Clarify maturity of this
Fixes https://github.com/docker/docker-registry/issues/894
2015-01-12 11:10:13 -08:00
Stephen Day
16e1c441f1 Merge pull request #57 from icecrime/groups_in_readme
Add Google Groups to README.md
2015-01-12 11:09:18 -08:00
Arnaud Porterie
cbb493e881 Add Google Groups to README.md
Signed-off-by: Arnaud Porterie <arnaud.porterie@docker.com>
2015-01-12 08:31:04 -08:00
Stephen J Day
c78335a023 Correctly handle missing layer upload
Because we guarded the error check, nil Upload on the handler was getting
through to unexpected branches. This directly handles the missing upload
ensuring its set as expected.

Signed-off-by: Stephen J Day <stephen.day@docker.com>
2015-01-09 16:09:45 -08:00
Stephen Day
21a69f53b5 Merge pull request #53 from stevvooe/spool-uploads-remotely
Spool uploads remotely
2015-01-09 15:40:22 -08:00
Stephen J Day
4aa7837f83 Directly manage layerUploadState in webapp
Most of this change follows from the modifications to the storage api. The
driving factor is the separation of layerUploadState from the storage backend,
leaving it to the web application to store and update it. As part of the
updates to meet changes in the storage api, support for the size parameter has
been completely removed.

Signed-off-by: Stephen J Day <stephen.day@docker.com>
2015-01-09 14:51:13 -08:00
Stephen J Day
2f2445a335 Refactor handling of hmac state packing
This refactors the hmac state token to take control of the layerUploadState
json message, which has been removed from the storage backend. It also moves
away from the concept of a LayerUploadStateStore callback object, which was
short-lived. This allows for upload offset to be managed by the web application
logic in the face of an inconsistent backend. By controlling the upload offset
externally, we reduce the possibility of misreporting upload state to a client.

We may still want to modify the way this works after getting production
experience.

Signed-off-by: Stephen J Day <stephen.day@docker.com>
2015-01-09 14:50:39 -08:00
Stephen J Day
ba6b774aea Spool layer uploads to remote storage
To smooth initial implementation, uploads were spooled to local file storage,
validated, then pushed to remote storage. That approach was flawed in that it
present easy clustering of registry services that share a remote storage
backend. The original plan was to implement resumable hashes then implement
remote upload storage. After some thought, it was found to be better to get
remote spooling working, then optimize with resumable hashes.

Moving to this approach has tradeoffs: after storing the complete upload
remotely, the node must fetch the content and validate it before moving it to
the final location. This can double bandwidth usage to the remote backend.
Modifying the verification and upload code to store intermediate hashes should
be trivial once the layer digest format has settled.

The largest changes for users of the storage package (mostly the registry app)
are the LayerService interface and the LayerUpload interface. The LayerService
now takes qualified repository names to start and resume uploads. In corallry,
the concept of LayerUploadState has been complete removed, exposing all aspects
of that state as part of the LayerUpload object. The LayerUpload object has
been modified to work as an io.WriteSeeker and includes a StartedAt time, to
allow for upload timeout policies. Finish now only requires a digest, eliding
the requirement for a size parameter.

Resource cleanup has taken a turn for the better. Resources are cleaned up
after successful uploads and during a cancel call. Admittedly, this is probably
not completely where we want to be. It's recommend that we bolster this with a
periodic driver utility script that scans for partial uploads and deletes the
underlying data. As a small benefit, we can leave these around to better
understand how and why these uploads are failing, at the cost of some extra
disk space.

Many other changes follow from the changes above. The webapp needs to be
updated to meet the new interface requirements.

Signed-off-by: Stephen J Day <stephen.day@docker.com>
2015-01-09 14:50:39 -08:00