Open philips opened 8 years ago
philips
commented
8 years ago I guess the challenge here is the tagging of the image. Ideally how would this work? For example OCI will support delegation; would it essentially be a delegation configured in the container runtime to say: "quay.io is coming from localhost:9000"?
I could imagine rkt doing something like this:
rkt pull oci://quay.io/coreos/etcd --registry-endpoint=localhost:9000cc @jonboulle
josephschorr
commented
8 years ago Note: This is only done for Docker and not for rkt or squashed image support (although we definitely could do so)
jonboulle
commented
8 years ago What's the "one-shot registry"?
josephschorr
commented
8 years ago For docker torrent pull I boot a local Docker 2 registry and then have the Docker pull from it. docker load proved to be too slow and memory intensive, and Docker doesn't have a nice fetch file:///
philips
commented
8 years ago So, I assume we should just close this as not doable?
josephschorr
commented
8 years ago We could do it, but it doesn't buy as much - We are calling rkt directly, which has the bonus of signing support vs calling via docker://, which would be slower and not have signing.
As quayctl creates a one-shot registry perhaps it is just best that quayctl serve this up and not talk to container engines directly. This would make it possible for someone to say run quayctl under kubernetes as a daemonset and pull from a local port.
This might be an alternative mode or potentially just gets quayctl out of interacting with the runtimes all together.