Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

WIP: Add garbage collector to docker registry #1

Closed
wants to merge 11 commits into from
Closed

WIP: Add garbage collector to docker registry #1

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
11 commits
Select commit Hold shift + click to select a range
ca7d236
Add garbage collector to docker registry
ironpinguin Apr 6, 2018
179ef9a
Extend Test with run gc
ironpinguin Apr 6, 2018
17d348a
change to mkEnableOption and fix typos
ironpinguin Apr 7, 2018
db9f58b
Fix copy & paste string
ironpinguin Apr 7, 2018
ad71bb4
Fix a other typo
ironpinguin Apr 7, 2018
6a8194f
fix evaluation + applying minor fixes
Ma27 Apr 7, 2018
7c31c36
start fixing tests
Ma27 Apr 8, 2018
fa65288
stupid me
Ma27 Apr 8, 2018
ef2fd10
review comment
Ma27 Apr 8, 2018
8d05940
just restart in the end
Ma27 Apr 8, 2018
384749a
Add wait for open docker-registry port
Apr 8, 2018
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
41 changes: 33 additions & 8 deletions nixos/modules/services/misc/docker-registry.nix
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -42,6 +42,8 @@ let
};
};

configFile = pkgs.writeText "docker-registry-config.yml" (builtins.toJSON (registryConfig // cfg.extraConfig));

in {
options.services.dockerRegistry = {
enable = mkEnableOption "Docker Registry";
Expand Down Expand Up @@ -70,11 +72,7 @@ in {
description = "Enable delete for manifests and blobs.";
};

enableRedisCache = mkOption {
type = types.bool;
default = false;
description = "Enable redis as blob cache instade of inmemory.";
};
enableRedisCache = mkEnableOption "redis as blob cache";

redisUrl = mkOption {
type = types.str;
Expand All @@ -95,16 +93,27 @@ in {
default = {};
type = types.attrsOf types.str;
};

enableGarbageCollect = mkEnableOption "garbage collect";

garbageCollectDates = mkOption {
default = "daily";
type = types.str;
description = ''
Specification (in the format described by
<citerefentry><refentrytitle>systemd.time</refentrytitle>
<manvolnum>7</manvolnum></citerefentry>) of the time at
which the garbage collect will occur.
'';
};
};

config = mkIf cfg.enable {
systemd.services.docker-registry = {
description = "Docker Container Registry";
wantedBy = [ "multi-user.target" ];
after = [ "network.target" ];
script = let
configFile = pkgs.writeText "docker-registry-config.yml" (builtins.toJSON (registryConfig // cfg.extraConfig));
in ''
script = ''
${pkgs.docker-distribution}/bin/registry serve ${configFile}
'';

Expand All @@ -114,6 +123,22 @@ in {
};
};

systemd.services.docker-registry-garbage-collect = {
description = "Run Garbage Collection for docker registry";

restartIfChanged = false;
unitConfig.X-StopOnRemoval = false;

serviceConfig.Type = "oneshot";

script = ''
${pkgs.docker-distribution}/bin/registry garbage-collect ${configFile}
${pkgs.systemd}/bin/systemctl restart docker-registry.service
'';

startAt = optional cfg.enableGarbageCollect cfg.garbageCollectDates;
};

users.extraUsers.docker-registry = {
createHome = true;
home = cfg.storagePath;
Expand Down
20 changes: 17 additions & 3 deletions nixos/tests/docker-registry.nix
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@
import ./make-test.nix ({ pkgs, ...} : {
name = "docker-registry";
meta = with pkgs.stdenv.lib.maintainers; {
maintainers = [ globin ma27 ];
maintainers = [ globin ma27 ironpinguin ];
};

nodes = {
Expand All @@ -12,6 +12,7 @@ import ./make-test.nix ({ pkgs, ...} : {
services.dockerRegistry.enableDelete = true;
services.dockerRegistry.port = 8080;
services.dockerRegistry.listenAddress = "0.0.0.0";
services.dockerRegistry.enableGarbageCollect = true;
networking.firewall.allowedTCPPorts = [ 8080 ];
};

Expand All @@ -23,7 +24,6 @@ import ./make-test.nix ({ pkgs, ...} : {
client2 = { config, pkgs, ...}: {
virtualisation.docker.enable = true;
virtualisation.docker.extraOptions = "--insecure-registry registry:8080";
environment.systemPackages = [ pkgs.jq ];
};
};

Expand All @@ -35,6 +35,7 @@ import ./make-test.nix ({ pkgs, ...} : {

$registry->start();
$registry->waitForUnit("docker-registry.service");
$registry->waitForOpenPort("8080");
$client1->succeed("docker push registry:8080/scratch");

$client2->start();
Expand All @@ -43,7 +44,20 @@ import ./make-test.nix ({ pkgs, ...} : {
$client2->succeed("docker images | grep scratch");

$client2->succeed(
'curl -fsS -X DELETE registry:8080/v2/scratch/manifests/$(curl registry:8080/v2/scratch/manifests/latest | jq ".fsLayers[0].blobSum" | sed -e \'s/"//g\')'
'curl -fsS -X DELETE registry:8080/v2/scratch/manifests/$(curl -fsS -I -H"Accept: application/vnd.docker.distribution.manifest.v2+json" registry:8080/v2/scratch/manifests/latest | grep Docker-Content-Digest | sed -e \'s/Docker-Content-Digest: //\' | tr -d \'\r\')'
);

$registry->systemctl("start docker-registry-garbage-collect.service");
$registry->waitUntilFails("systemctl status docker-registry-garbage-collect.service");
$registry->waitForUnit("docker-registry.service");

$registry->fail(
'ls -l /var/lib/docker-registry/docker/registry/v2/blobs/sha256/*/*/data'
);

$client1->succeed("docker push registry:8080/scratch");
$registry->succeed(
'ls -l /var/lib/docker-registry/docker/registry/v2/blobs/sha256/*/*/data'
);
'';
})