2019-06-26 16:31:43 -05:00
# zot [![Build Status](https://travis-ci.org/anuvu/zot.svg?branch=master)](https://travis-ci.org/anuvu/zot) [![codecov.io](http://codecov.io/github/anuvu/zot/coverage.svg?branch=master)](http://codecov.io/github/anuvu/zot?branch=master)
2019-06-20 18:36:40 -05:00
2019-10-07 15:26:19 -05:00
**zot** is a vendor-neutral OCI image repository server purely based on
2019-10-09 13:50:10 -05:00
[OCI Distribution Specification ](https://github.com/opencontainers/distribution-spec ).
2019-06-20 18:36:40 -05:00
2020-05-20 13:37:54 -05:00
* Conforms to [OCI distribution spec ](https://github.com/opencontainers/distribution-spec ) APIs [![zot ](https://github.com/bloodorangeio/oci-conformance/workflows/zot-1/badge.svg )](https://github.com/bloodorangeio/oci-conformance/actions?query=workflow%3Azot-1) [![zot w. auth ](https://github.com/bloodorangeio/oci-distribution-conformance-results/workflows/zot-auth/badge.svg )](https://oci.bloodorange.io/results/report-zot-auth.html)
2019-06-20 18:36:40 -05:00
* Uses [OCI storage layout ](https://github.com/opencontainers/image-spec/blob/master/image-layout.md ) for storage layout
2020-05-19 18:53:05 -05:00
* Supports [helm charts ](https://helm.sh/docs/topics/registries/ )
2020-01-16 17:44:25 -05:00
* Currently suitable for on-prem deployments (e.g. colocated with Kubernetes)
2019-06-20 18:36:40 -05:00
* TLS support
2020-02-17 16:57:15 -05:00
* Authentication via:
* TLS mutual authentication
* HTTP *Basic* (local _htpasswd_ and LDAP)
* HTTP *Bearer* token
2019-08-28 17:16:11 -05:00
* Doesn't require _root_ privileges
2020-02-17 16:57:15 -05:00
* Storage optimizations:
* Automatic garbage collection of orphaned blobs
* Layer deduplication using hard links when content is identical
2019-08-15 11:34:54 -05:00
* Swagger based documentation
2019-10-07 15:26:19 -05:00
* Released under Apache 2.0 License
2019-12-11 17:11:52 -05:00
* ```go get -u github.com/anuvu/zot/cmd/zot```
2019-10-07 15:26:19 -05:00
2020-01-16 17:44:25 -05:00
2019-10-07 15:26:19 -05:00
# Presentations
* [OCI Weekly Discussion - Oct 2, 2019 ](https://hackmd.io/El8Dd2xrTlCaCG59ns5cwg#October-2-2019 )
2019-06-26 16:28:34 -05:00
2019-12-11 17:11:52 -05:00
# Build and install binary (using host's toolchain)
```
go get -u github.com/anuvu/zot/cmd/zot
```
# Full CI/CD Build
2019-08-14 14:35:51 -05:00
* Build inside a container (preferred)
```
make binary-container
```
2019-08-14 18:26:25 -05:00
* Alternatively, build inside a container using [stacker ](https://github.com/anuvu/stacker ) (preferred)
```
make binary-stacker
```
2019-08-14 14:35:51 -05:00
* Build using host's toolchain
```
make
```
Build artifacts are in bin/
2019-10-09 13:50:10 -05:00
# Serving
2020-01-24 12:54:38 -05:00
2019-10-09 13:50:10 -05:00
```
2019-08-28 17:16:11 -05:00
bin/zot serve _config-file_
2019-10-09 13:50:10 -05:00
```
2019-08-28 17:16:11 -05:00
Examples of config files are available in [examples/ ](examples/ ) dir.
2020-01-24 12:54:38 -05:00
# Container Image
The [Dockerfile ](./Dockerfile ) in this repo can be used to build a container image
that runs _zot_ .
2020-01-27 10:44:07 -05:00
To build the image with ref `zot:latest` :
2020-01-24 12:54:38 -05:00
```
make image
```
Then run the image with your preferred container runtime:
```
# with podman
2020-01-27 10:47:08 -05:00
podman run --rm -it -p 5000:5000 -v $(pwd)/registry:/var/lib/registry zot:latest
2020-01-24 12:54:38 -05:00
# with docker
2020-01-27 10:47:08 -05:00
docker run --rm -it -p 5000:5000 -v $(pwd)/registry:/var/lib/registry zot:latest
2020-01-24 12:54:38 -05:00
```
2020-01-27 10:44:07 -05:00
This will run a registry at http://localhost:5000, storing content at `./registry`
(bind mounted to `/var/lib/registry` in the container). By default, auth is disabled.
2020-01-24 12:54:38 -05:00
If you wish use custom configuration settings, you can override
the YAML config file located at `/etc/zot/config.yml` :
```
# Example: using a local file "custom-config.yml" that
2020-01-27 10:44:07 -05:00
# listens on port 8080 and uses /tmp/zot for storage root
2020-01-24 12:54:38 -05:00
podman run --rm -p 8080:8080 \
-v $(pwd)/custom-config.yml:/etc/zot/config.yml \
-v $(pwd)/registry:/tmp/zot \
zot:latest
```
2019-08-28 17:16:11 -05:00
# Ecosystem
2020-01-07 16:14:10 -05:00
Since we couldn't find clients or client libraries that are stictly compliant to
the dist spec, we had to patch containers/image (available as [anuvu/image ](https://github.com/anuvu/image )) and
then link various binaries against the patched version.
2019-08-28 17:16:11 -05:00
## skopeo
[skopeo ](https://github.com/containers/skopeo ) is a tool to work with remote
image repositories.
We have a [patched version ](https://github.com/anuvu/skopeo ) available that
works with _zot_ .
```
git clone https://github.com/anuvu/skopeo
cd skopeo
make GO111MODULE=on binary-local
```
## cri-o
[cri-o ](https://github.com/cri-o/cri-o ) is a OCI-based Kubernetes container
runtime interface.
We have a [patched version ](https://github.com/anuvu/image ) of containers/image
available that works with _zot_ which must be linked with cri-o.
```
git clone https://github.com/cri-o/cri-o
cd cri-o
echo 'replace github.com/containers/image => github.com/anuvu/image v1.5.2-0.20190827234748-f71edca6153a' >> go.mod
make bin/crio crio.conf GO111MODULE=on
```
2019-08-14 14:35:51 -05:00
2019-06-26 16:28:34 -05:00
# Caveats
* go 1.12+
* The OCI distribution spec is still WIP, and we try to keep up