0
Fork 0
mirror of https://github.com/project-zot/zot.git synced 2024-12-16 21:56:37 -05:00
zot - A scale-out production-ready vendor-neutral OCI-native container image/artifact registry (purely based on OCI Distribution Specification)
Find a file
2020-06-25 17:04:32 -07:00
.bazel lint: relax agressive linter settings 2020-03-25 13:21:55 -07:00
cmd/zot zot: initial commit 2019-06-21 15:29:19 -07:00
docs docs: commit docs so that zot binary build becomes easier 2019-12-11 14:17:06 -08:00
errors dedupe: use hard links to dedupe blobs 2020-04-03 09:29:12 -07:00
examples conformance: align with upstream conformance tests 2020-04-16 16:01:53 -07:00
pkg Changed umoci import path 2020-06-25 17:04:32 -07:00
test/scripts .gitignore: ignore generated test artifacts 2019-12-13 14:44:10 -08:00
.bazelignore zot: initial commit 2019-06-21 15:29:19 -07:00
.bazelrc zot: initial commit 2019-06-21 15:29:19 -07:00
.gitignore .gitignore: add .vscode/ 2020-06-09 17:18:30 -04:00
.travis.yml CI/CD: code coverage and bazel improvements 2019-06-26 15:01:52 -07:00
BUILD.bazel zot: initial commit 2019-06-21 15:29:19 -07:00
Dockerfile Add new Dockerfile and README instructions 2020-01-24 11:54:38 -06:00
Dockerfile.build rename Dockerfile to Dockerfile.build 2020-01-24 11:47:16 -06:00
go.mod Changed umoci import path 2020-06-25 17:04:32 -07:00
go.sum Changed umoci import path 2020-06-25 17:04:32 -07:00
LICENSE Initial commit 2019-06-21 14:40:59 -07:00
Makefile coverage: fix coverage to track packages better 2020-02-13 11:22:04 -08:00
Makefile.bazel docs: fix Makefile 2019-08-29 10:56:59 -07:00
README.md fix the conformance link 2020-05-20 11:37:54 -07:00
stacker.yaml build: support building inside a container using stacker 2019-08-14 16:26:49 -07:00
WORKSPACE Changed umoci import path 2020-06-25 17:04:32 -07:00
zot.go zot: initial commit 2019-06-21 15:29:19 -07:00

zot Build Status codecov.io

zot is a vendor-neutral OCI image repository server purely based on OCI Distribution Specification.

  • Conforms to OCI distribution spec APIs zot zot w. auth
  • Uses OCI storage layout for storage layout
  • Supports helm charts
  • Currently suitable for on-prem deployments (e.g. colocated with Kubernetes)
  • TLS support
  • Authentication via:
    • TLS mutual authentication
    • HTTP Basic (local htpasswd and LDAP)
    • HTTP Bearer token
  • Doesn't require root privileges
  • Storage optimizations:
    • Automatic garbage collection of orphaned blobs
    • Layer deduplication using hard links when content is identical
  • Swagger based documentation
  • Released under Apache 2.0 License
  • go get -u github.com/anuvu/zot/cmd/zot

Presentations

Build and install binary (using host's toolchain)

go get -u github.com/anuvu/zot/cmd/zot

Full CI/CD Build

  • Build inside a container (preferred)
make binary-container
  • Alternatively, build inside a container using stacker (preferred)
make binary-stacker
  • Build using host's toolchain
make

Build artifacts are in bin/

Serving

bin/zot serve _config-file_

Examples of config files are available in examples/ dir.

Container Image

The Dockerfile in this repo can be used to build a container image that runs zot.

To build the image with ref zot:latest:

make image

Then run the image with your preferred container runtime:

# with podman
podman run --rm -it -p 5000:5000 -v $(pwd)/registry:/var/lib/registry zot:latest

# with docker
docker run --rm -it -p 5000:5000 -v $(pwd)/registry:/var/lib/registry zot:latest

This will run a registry at http://localhost:5000, storing content at ./registry (bind mounted to /var/lib/registry in the container). By default, auth is disabled.

If you wish use custom configuration settings, you can override the YAML config file located at /etc/zot/config.yml:

# Example: using a local file "custom-config.yml" that
# listens on port 8080 and uses /tmp/zot for storage root
podman run --rm -p 8080:8080 \
  -v $(pwd)/custom-config.yml:/etc/zot/config.yml \
  -v $(pwd)/registry:/tmp/zot \
  zot:latest

Ecosystem

Since we couldn't find clients or client libraries that are stictly compliant to the dist spec, we had to patch containers/image (available as anuvu/image) and then link various binaries against the patched version.

skopeo

skopeo is a tool to work with remote image repositories.

We have a patched version available that works with zot.

git clone https://github.com/anuvu/skopeo

cd skopeo

make GO111MODULE=on binary-local

cri-o

cri-o is a OCI-based Kubernetes container runtime interface.

We have a patched version of containers/image available that works with zot which must be linked with cri-o.

git clone https://github.com/cri-o/cri-o

cd cri-o

echo 'replace github.com/containers/image => github.com/anuvu/image v1.5.2-0.20190827234748-f71edca6153a' >> go.mod

make bin/crio crio.conf GO111MODULE=on

Caveats

  • go 1.12+
  • The OCI distribution spec is still WIP, and we try to keep up