On Wed, Jun 6, 2018 at 9:11 AM, Simon Baatz <[email protected]> wrote:
> We looked into Pulp's Docker support recently and ran into surprising > problems. > > Our setup is probably not the usual Pulp & Crane setup: We have > detached content servers to which Pulp pushes yum and iso repositories > using rsync distributors. The content servers are static web servers > that make the repos available to clients. > > We planned to run Crane directly on the content servers using the new > URL rewriting feature (we would like to avoid using a full blown Pulp > installation on those servers). However, this does not seem to work > out of the box: > > - For rpm and iso repos, the rsync publisher uses the output of the > web publisher (pre-distributor). In contrast, the docker rsync > distributor has the web distributor as post-distributor. The > generated tree on the rsync destination can not be used by Crane as > the redirect files are missing. > > I understand that it makes sense to have a web post-distributor if > Crane runs on the Pulp node (or a node with a shared file > system). But is there a reason why the docker rsync distributor > does not distribute the redirect files? > > We did not have a use case for distributing the redirect files. This would be a good feature to add. If you are interested in adding this functionality, you should start by filing a Story on pulp.plan.io. Reply with the issue link here and we can work out the details on the ticket. > - The documentation [0] describes authentication for Crane, but this > authenticates only the redirects delivered by Crane. When adding > basic authentication to the actual content, the Docker daemon will > fail. Apparently, it does not add the credentials when following the > redirections. > > Is there a way to enable protection for both the redirections and > content? (I know that crane 3.2.0 supports Akamai CDN tokens, but > that does not help with a local server.) > > There is not a way to add content protection for the content itself right now. > > [0] https://docs.pulpproject.org/plugins/crane/index.html#user- > authentication > > _______________________________________________ > Pulp-list mailing list > [email protected] > https://www.redhat.com/mailman/listinfo/pulp-list >
_______________________________________________ Pulp-list mailing list [email protected] https://www.redhat.com/mailman/listinfo/pulp-list
