The project is in a healthy, maintained state
Pulp 3 container registry support for Foreman/Katello Smart-Proxy
2005
2006
2007
2008
2009
2010
2011
2012
2013
2014
2015
2016
2017
2018
2019
2020
2021
2022
2023
2024
 Dependencies

Runtime

 Project Readme

Smart Proxy - Container Gateway

A Foreman smart proxy plugin for Katello. Implements container registry functions for Pulp 3-enabled smart proxy mirrors.

Example Apache /etc/httpd/conf.d/05-foreman-ssl.d/docker_proxy.conf

<Location /pulpcore_registry/v2/>
   SSLRequire %{SSL_CLIENT_S_DN_CN} eq "admin"
</Location>

SSLProxyCheckPeerCN off
SSLProxyCheckPeerName off

ProxyPass /pulpcore_registry/v2/ http://127.0.0.1:24817/v2/
ProxyPassReverse /pulpcore_registry/v2/ http://127.0.0.1:24817/v2/

ProxyPass /pulp/container/ unix:///run/pulpcore-content.sock|http://centos7-katello-devel.cannolo.example.com/pulp/container/
ProxyPassReverse /pulp/container/ unix:///run/pulpcore-content.sock|http://centos7-katello-devel.cannolo.example.com/pulp/container/

ProxyPass /v2 https://127.0.0.1:9090/container_gateway/v2
ProxyPassReverse https://127.0.0.1:9090/container_gateway/v2 /v2
ProxyPass /v1 https://127.0.0.1:9090/container_gateway/v1
ProxyPassReverse https://127.0.0.1:9090/container_gateway/v1 /v1

Server configuration

The Container Gateway plugin requires a Pulp 3 instance to connect to. Related configuration options:

:pulp_endpoint: 'https://your_pulp_3_server_here.com'
:pulp_client_ssl_cert: 'Path to X509 certificate for authenticating with Pulp'
:pulp_client_ssl_key: 'Path to RSA private key for the Pulp certificate'

Database information

SQLite and PostgreSQL are supported, with SQLite being the default for development and testing. Use PostgreSQL in production for improved performance by adding the following settings:

# Example PostgreSQL connection settings, using UNIX socket and ident auth
:db_connection_string: postgres:///container_gateway

When switching from SQLite to PostgreSQL, if the PostgreSQL database is empty, the SQLite database will be automatically migrated to PostgreSQL. For the migration to work, the sqlite_db_path setting must point to the old SQLite database file if the default (no setting definition) was not used. The SQLite database file will be deleted after the migration to PostgreSQL is complete.

Database migrations are completely automated. The plugin checks if the database is up-to-date at initialization time.

Katello interaction

Auth information is retrieved from the Katello server during smart proxy sync time and cached in the database.

Logging in with a container client will cause the Container Gateway to fetch a token from Katello using the login information.

Testing

bundle exec rubocop

bundle exec rake test