mirror of
https://github.com/moby/moby.git
synced 2022-11-09 12:21:53 -05:00
add support of registry-mirrors and insecure-registries to buildkit
Signed-off-by: Anda Xu <anda.xu@docker.com>
This commit is contained in:
Anda Xu
parent
308701fac6
commit
171d51c861
5 changed files with 73 additions and 6 deletions
|
|
@ -34,6 +34,7 @@ import (
|
||||||
"github.com/moby/buildkit/util/flightcontrol"
|
"github.com/moby/buildkit/util/flightcontrol"
|
||||||
"github.com/moby/buildkit/util/imageutil"
|
"github.com/moby/buildkit/util/imageutil"
|
||||||
"github.com/moby/buildkit/util/progress"
|
"github.com/moby/buildkit/util/progress"
|
||||||
|
"github.com/moby/buildkit/util/resolver"
|
||||||
"github.com/moby/buildkit/util/tracing"
|
"github.com/moby/buildkit/util/tracing"
|
||||||
digest "github.com/opencontainers/go-digest"
|
digest "github.com/opencontainers/go-digest"
|
||||||
"github.com/opencontainers/image-spec/identity"
|
"github.com/opencontainers/image-spec/identity"
|
||||||
|
|
@ -51,6 +52,7 @@ type SourceOpt struct {
|
||||||
DownloadManager distribution.RootFSDownloadManager
|
DownloadManager distribution.RootFSDownloadManager
|
||||||
MetadataStore metadata.V2MetadataService
|
MetadataStore metadata.V2MetadataService
|
||||||
ImageStore image.Store
|
ImageStore image.Store
|
||||||
|
ResolverOpt resolver.ResolveOptionsFunc
|
||||||
}
|
}
|
||||||
|
|
||||||
type imageSource struct {
|
type imageSource struct {
|
||||||
|
|
@ -71,11 +73,16 @@ func (is *imageSource) ID() string {
|
||||||
return source.DockerImageScheme
|
return source.DockerImageScheme
|
||||||
}
|
}
|
||||||
|
|
||||||
func (is *imageSource) getResolver(ctx context.Context) remotes.Resolver {
|
func (is *imageSource) getResolver(ctx context.Context, rfn resolver.ResolveOptionsFunc, ref string) remotes.Resolver {
|
||||||
return docker.NewResolver(docker.ResolverOptions{
|
opt := docker.ResolverOptions{
|
||||||
Client: tracing.DefaultClient,
|
Client: tracing.DefaultClient,
|
||||||
Credentials: is.getCredentialsFromSession(ctx),
|
Credentials: is.getCredentialsFromSession(ctx),
|
||||||
})
|
}
|
||||||
|
if rfn != nil {
|
||||||
|
opt = rfn(ref)
|
||||||
|
}
|
||||||
|
r := docker.NewResolver(opt)
|
||||||
|
return r
|
||||||
}
|
}
|
||||||
|
|
||||||
func (is *imageSource) getCredentialsFromSession(ctx context.Context) func(string) (string, string, error) {
|
func (is *imageSource) getCredentialsFromSession(ctx context.Context) func(string) (string, string, error) {
|
||||||
|
|
@ -118,7 +125,7 @@ func (is *imageSource) resolveRemote(ctx context.Context, ref string, platform *
|
||||||
dt []byte
|
dt []byte
|
||||||
}
|
}
|
||||||
res, err := is.g.Do(ctx, ref, func(ctx context.Context) (interface{}, error) {
|
res, err := is.g.Do(ctx, ref, func(ctx context.Context) (interface{}, error) {
|
||||||
dgst, dt, err := imageutil.Config(ctx, ref, is.getResolver(ctx), is.ContentStore, platform)
|
dgst, dt, err := imageutil.Config(ctx, ref, is.getResolver(ctx, is.ResolverOpt, ref), is.ContentStore, platform)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
|
|
@ -181,7 +188,7 @@ func (is *imageSource) Resolve(ctx context.Context, id source.Identifier) (sourc
|
||||||
p := &puller{
|
p := &puller{
|
||||||
src: imageIdentifier,
|
src: imageIdentifier,
|
||||||
is: is,
|
is: is,
|
||||||
resolver: is.getResolver(ctx),
|
resolver: is.getResolver(ctx, is.ResolverOpt, imageIdentifier.Reference.String()),
|
||||||
platform: platform,
|
platform: platform,
|
||||||
}
|
}
|
||||||
return p, nil
|
return p, nil
|
||||||
|
|
|
||||||
|
|
@ -23,6 +23,7 @@ import (
|
||||||
"github.com/moby/buildkit/session"
|
"github.com/moby/buildkit/session"
|
||||||
"github.com/moby/buildkit/solver/llbsolver"
|
"github.com/moby/buildkit/solver/llbsolver"
|
||||||
"github.com/moby/buildkit/util/entitlements"
|
"github.com/moby/buildkit/util/entitlements"
|
||||||
|
"github.com/moby/buildkit/util/resolver"
|
||||||
"github.com/moby/buildkit/util/tracing"
|
"github.com/moby/buildkit/util/tracing"
|
||||||
"github.com/pkg/errors"
|
"github.com/pkg/errors"
|
||||||
"golang.org/x/sync/errgroup"
|
"golang.org/x/sync/errgroup"
|
||||||
|
|
@ -55,6 +56,7 @@ type Opt struct {
|
||||||
Dist images.DistributionServices
|
Dist images.DistributionServices
|
||||||
NetworkController libnetwork.NetworkController
|
NetworkController libnetwork.NetworkController
|
||||||
DefaultCgroupParent string
|
DefaultCgroupParent string
|
||||||
|
ResolverOpt resolver.ResolveOptionsFunc
|
||||||
}
|
}
|
||||||
|
|
||||||
// Builder can build using BuildKit backend
|
// Builder can build using BuildKit backend
|
||||||
|
|
|
||||||
|
|
@ -97,6 +97,7 @@ func newController(rt http.RoundTripper, opt Opt) (*control.Controller, error) {
|
||||||
MetadataStore: dist.V2MetadataService,
|
MetadataStore: dist.V2MetadataService,
|
||||||
ImageStore: dist.ImageStore,
|
ImageStore: dist.ImageStore,
|
||||||
ReferenceStore: dist.ReferenceStore,
|
ReferenceStore: dist.ReferenceStore,
|
||||||
|
ResolverOpt: opt.ResolverOpt,
|
||||||
})
|
})
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
|
|
@ -160,7 +161,7 @@ func newController(rt http.RoundTripper, opt Opt) (*control.Controller, error) {
|
||||||
WorkerController: wc,
|
WorkerController: wc,
|
||||||
Frontends: frontends,
|
Frontends: frontends,
|
||||||
CacheKeyStorage: cacheStorage,
|
CacheKeyStorage: cacheStorage,
|
||||||
ResolveCacheImporterFunc: registryremotecache.ResolveCacheImporterFunc(opt.SessionManager),
|
ResolveCacheImporterFunc: registryremotecache.ResolveCacheImporterFunc(opt.SessionManager, opt.ResolverOpt),
|
||||||
// TODO: set ResolveCacheExporterFunc for exporting cache
|
// TODO: set ResolveCacheExporterFunc for exporting cache
|
||||||
})
|
})
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -291,6 +291,7 @@ func newRouterOptions(config *config.Config, d *daemon.Daemon) (routerOptions, e
|
||||||
Dist: d.DistributionServices(),
|
Dist: d.DistributionServices(),
|
||||||
NetworkController: d.NetworkController(),
|
NetworkController: d.NetworkController(),
|
||||||
DefaultCgroupParent: cgroupParent,
|
DefaultCgroupParent: cgroupParent,
|
||||||
|
ResolverOpt: d.NewResolveOptionsFunc(),
|
||||||
})
|
})
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return opts, err
|
return opts, err
|
||||||
|
|
|
||||||
|
|
@ -9,6 +9,7 @@ import (
|
||||||
"context"
|
"context"
|
||||||
"fmt"
|
"fmt"
|
||||||
"io/ioutil"
|
"io/ioutil"
|
||||||
|
"math/rand"
|
||||||
"net"
|
"net"
|
||||||
"os"
|
"os"
|
||||||
"path"
|
"path"
|
||||||
|
|
@ -23,6 +24,8 @@ import (
|
||||||
"github.com/containerd/containerd"
|
"github.com/containerd/containerd"
|
||||||
"github.com/containerd/containerd/defaults"
|
"github.com/containerd/containerd/defaults"
|
||||||
"github.com/containerd/containerd/pkg/dialer"
|
"github.com/containerd/containerd/pkg/dialer"
|
||||||
|
"github.com/containerd/containerd/remotes/docker"
|
||||||
|
"github.com/docker/distribution/reference"
|
||||||
"github.com/docker/docker/api/types"
|
"github.com/docker/docker/api/types"
|
||||||
containertypes "github.com/docker/docker/api/types/container"
|
containertypes "github.com/docker/docker/api/types/container"
|
||||||
"github.com/docker/docker/api/types/swarm"
|
"github.com/docker/docker/api/types/swarm"
|
||||||
|
|
@ -36,6 +39,8 @@ import (
|
||||||
"github.com/docker/docker/daemon/logger"
|
"github.com/docker/docker/daemon/logger"
|
||||||
"github.com/docker/docker/daemon/network"
|
"github.com/docker/docker/daemon/network"
|
||||||
"github.com/docker/docker/errdefs"
|
"github.com/docker/docker/errdefs"
|
||||||
|
"github.com/moby/buildkit/util/resolver"
|
||||||
|
"github.com/moby/buildkit/util/tracing"
|
||||||
"github.com/sirupsen/logrus"
|
"github.com/sirupsen/logrus"
|
||||||
// register graph drivers
|
// register graph drivers
|
||||||
_ "github.com/docker/docker/daemon/graphdriver/register"
|
_ "github.com/docker/docker/daemon/graphdriver/register"
|
||||||
|
|
@ -141,6 +146,57 @@ func (daemon *Daemon) Features() *map[string]bool {
|
||||||
return &daemon.configStore.Features
|
return &daemon.configStore.Features
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// NewResolveOptionsFunc returns a call back function to resolve "registry-mirrors" and
|
||||||
|
// "insecure-registries" for buildkit
|
||||||
|
func (daemon *Daemon) NewResolveOptionsFunc() resolver.ResolveOptionsFunc {
|
||||||
|
return func(ref string) docker.ResolverOptions {
|
||||||
|
var (
|
||||||
|
registryKey = "docker.io"
|
||||||
|
mirrors = make([]string, len(daemon.configStore.Mirrors))
|
||||||
|
m = map[string]resolver.RegistryConf{}
|
||||||
|
)
|
||||||
|
// must trim "https://" or "http://" prefix
|
||||||
|
for i, v := range daemon.configStore.Mirrors {
|
||||||
|
v = strings.TrimPrefix(v, "https://")
|
||||||
|
v = strings.TrimPrefix(v, "http://")
|
||||||
|
mirrors[i] = v
|
||||||
|
}
|
||||||
|
// set "registry-mirrors"
|
||||||
|
m[registryKey] = resolver.RegistryConf{Mirrors: mirrors}
|
||||||
|
// set "insecure-registries"
|
||||||
|
for _, v := range daemon.configStore.InsecureRegistries {
|
||||||
|
v = strings.TrimPrefix(v, "http://")
|
||||||
|
m[v] = resolver.RegistryConf{
|
||||||
|
PlainHTTP: true,
|
||||||
|
}
|
||||||
|
}
|
||||||
|
def := docker.ResolverOptions{
|
||||||
|
Client: tracing.DefaultClient,
|
||||||
|
}
|
||||||
|
|
||||||
|
parsed, err := reference.ParseNormalizedNamed(ref)
|
||||||
|
if err != nil {
|
||||||
|
return def
|
||||||
|
}
|
||||||
|
host := reference.Domain(parsed)
|
||||||
|
|
||||||
|
c, ok := m[host]
|
||||||
|
if !ok {
|
||||||
|
return def
|
||||||
|
}
|
||||||
|
|
||||||
|
if len(c.Mirrors) > 0 {
|
||||||
|
def.Host = func(string) (string, error) {
|
||||||
|
return c.Mirrors[rand.Intn(len(c.Mirrors))], nil
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
def.PlainHTTP = c.PlainHTTP
|
||||||
|
|
||||||
|
return def
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
func (daemon *Daemon) restore() error {
|
func (daemon *Daemon) restore() error {
|
||||||
containers := make(map[string]*container.Container)
|
containers := make(map[string]*container.Container)
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue