operator-registry icon indicating copy to clipboard operation
operator-registry copied to clipboard
verified publisher icon operator-framework

[FEATURE REQUEST] opm tooling containerd registry is unaware of local docker cache

Open sugarraysam opened this issue 3 years ago • 0 comments

Description

The opm tooling uses a containerd registry under-the-hood: https://github.com/operator-framework/operator-registry/tree/master/pkg/image/containerdregistry. The issue with this is that containerd is unaware of the local docker cache (or local podman cache).

It is a major pain point while using OPM as the documentation suggests building images with docker but then there is no way of interacting with that local image unless you push it to a remote registry. (See here how to build file-based catalog suggests using docker or podman: https://docs.openshift.com/container-platform/4.9/operators/admin/olm-managing-custom-catalogs.html#olm-managing-custom-catalogs-fb).

The OPM tooling defaults to either trying to pull the image, or making HTTP requests to the registry.

Feature Request

Make the containerd registry aware of the local docker/podman cache.

ideas

  • Custom code to load local images in containerd store: https://github.com/operator-framework/operator-registry/blob/master/pkg/image/containerdregistry/store.go#L9
  • Write a new Registry implementation: https://github.com/operator-framework/operator-registry/blob/master/pkg/image/registry.go#L9
  • Investigate docker buildkit with containerd worker and update docs to show how to achieve sync: https://github.com/moby/buildkit#containerd-image-store

Example

# Local bundle and index image in my docker cache
$ docker images | grep local
local/rhods-index                              latest                                   6d61eab61d5b   18 minutes ago   61.3MB
local/rhods-bundle                             latest                                   1c02b4b162bc   4 days ago       47.5kB

# Trying some opm commands on the bundle
$ opm alpha bundle validate --tag local/rhods-bundle:latest
INFO[0000] Create a temp directory at /tmp/bundle-722167871  container-tool=docker
DEBU[0000] Pulling and unpacking container image         container-tool=docker
INFO[0000] running /usr/bin/docker pull local/rhods-bundle:latest  container-tool=docker
ERRO[0001] Error response from daemon: pull access denied for local/rhods-bundle, repository does not exist or may require 'docker login': denied: requested access to the resource is denied  container-tool=docker
Error: error pulling image: Error response from daemon: pull access denied for local/rhods-bundle, repository does not exist or may require 'docker login': denied: requested access to the resource is denied

$ opm render local/rhods-bundle:latest
2022/03/08 09:38:44 render reference "local/rhods-bundle:latest": error resolving name : failed to do request: Head "https://local/v2/rhods-bundle/manifests/latest": dial tcp: lookup local on 127.0.0.53:53: server misbehaving
exit 1

# Trying some opm commands on the index
$ opm render local/rhods-index:latest
2022/03/08 09:40:07 render reference "local/rhods-index:latest": error resolving name : failed to do request: Head "https://local/v2/rhods-index/manifests/latest": dial tcp: lookup local on 127.0.0.53:53: server misbehaving
exit 1

$ opm alpha list bundles local/rhods-index:latest
INFO[0000] trying next host                              error="failed to do request: Head \"https://local/v2/rhods-index/manifests/latest\": dial tcp: lookup local on 127.0.0.53:53: server misbehaving" host=local
FATA[0000] render reference "local/rhods-index:latest": error resolving name : failed to do request: Head "https://local/v2/rhods-index/manifests/latest": dial tcp: lookup local on 127.0.0.53:53: server misbehaving
exit 1

OPM version

$ opm version
Version: version.Version{OpmVersion:"v1.21.0", GitCommit:"9999f796", BuildDate:"2022-03-03T21:23:12Z", GoOs:"linux", GoArch:"amd64"}
```)

sugarraysam avatar Mar 08 '22 15:03 sugarraysam