[Pulp-list] Pulp 2: Docker rsync distributors & Crane
Simon Baatz
gmbnomis at gmail.com
Wed Jun 6 13:11:20 UTC 2018
We looked into Pulp's Docker support recently and ran into surprising
problems.
Our setup is probably not the usual Pulp & Crane setup: We have
detached content servers to which Pulp pushes yum and iso repositories
using rsync distributors. The content servers are static web servers
that make the repos available to clients.
We planned to run Crane directly on the content servers using the new
URL rewriting feature (we would like to avoid using a full blown Pulp
installation on those servers). However, this does not seem to work
out of the box:
- For rpm and iso repos, the rsync publisher uses the output of the
web publisher (pre-distributor). In contrast, the docker rsync
distributor has the web distributor as post-distributor. The
generated tree on the rsync destination can not be used by Crane as
the redirect files are missing.
I understand that it makes sense to have a web post-distributor if
Crane runs on the Pulp node (or a node with a shared file
system). But is there a reason why the docker rsync distributor
does not distribute the redirect files?
- The documentation [0] describes authentication for Crane, but this
authenticates only the redirects delivered by Crane. When adding
basic authentication to the actual content, the Docker daemon will
fail. Apparently, it does not add the credentials when following the
redirections.
Is there a way to enable protection for both the redirections and
content? (I know that crane 3.2.0 supports Akamai CDN tokens, but
that does not help with a local server.)
[0] https://docs.pulpproject.org/plugins/crane/index.html#user-authentication
More information about the Pulp-list
mailing list