Add Pull-through caching

[lubosmj]

• Devise a workflow for adding content to a single repository version (adding content one by one will not follow the planned path for having repositories with consolidated repository versions)
• Write a functional test (creating a pull-through cache remote and distribution and pulling content via the Pulp Container Registry)
• Bump up the pulpcore requirement correspondingly because of migrations
• Clean up the code (refactoring the code to remove duplicates and speeding up the operation)

closes #507

[mdellweg]

This needs a new identifier. (almost certain)

[lubosmj]

@ipanova, @mdellweg, would you mind reviewing this PR? Focus on the underlying logic.

Things to consider:

1. The pull-through cache logic is placed exclusively in the live API (within a synchronous context). I could not lock a repository from the content app.
2. Repository/distributions' names/base_paths are created from remotes' upstream names. This might cause problems with existing repository/distributions' names/base_paths.
3. Similarly to the push workflow, I adopted the concept of pending blobs/manifests and extended it to classic repositories. The content is added to a repository only when the latest remaining blob from the manifest's layers is requested to prevent a situation in which the content is scattered in multiple repository versions.
4. In some cases (when some manifest layers are stored in the local storage), podman does not pull all blobs from Pulp. Because of this, we are not committing the content to the repository since we are waiting for a user to request it first. Is this fine? I thought of removing the need for adding content to the repository. In pulp-to-pulp sync scenarios where one Pulp instance acts as a master (with enabled pull-through-caching), the content will be committed to the repository because the master will serve it to another instance.

[lubosmj]

Oh, the reason why I did not include sending head requests beforehand is that "docker-content-digest" is not a required header and is probably not present in other non-docker registries.

[mdellweg]

1. The pull-through cache logic is placed exclusively in the live API (within a synchronous context). I could not lock a repository from the content app.

Can't you dispatch the add_content task from the content app? In the end, the content app does not even need to wait for it to finish, right?

[mdellweg]

Sorry, wrong button

[lubosmj]

I believe the problem was due to the asynchronous context. I could not dispatch the task because of it.

[lubosmj]

@ipanova and I concluded that we should preserve the idea of adding content to a repository (the exact opposite of what we are doing in other plugins). The 4th bullet point is no longer a concern if we assume that there is a user who does not have cached layers on his system and will eventually download all pending blobs (this leads to committing the repository version). Repositories/distributions, created from special distributions, will be visible to users because we allow the pull operation.

Besides that, we identified two flaws in the current implementation:

1. We need to address garbage collection. At this time, it is sufficient to mimic the behaviour of mirror=True synced repositories (add_and_remove - delete content which is not needed + retain_repo_version=1). Later we can handle the garbage collection with: As an admin/user I can maintain a controlled registry that doesn't continually grow in space #1268.
2. The name of a distribution and a repository should have the following format to mitigate the conflicts: {special_cache_distribution_base_path}/{upstream_name}

Things to work on next:

• delete manifests and blobs from a caching repository, set retain_repo_version=1
• update the base_path/name initialization for distribution/remote/repository in get_pull_through_drv
• issue head/get requests to fetch the latest version of cached content
• add support for namespaced caching (allow caching a specific organization besides the whole registry)

[mdellweg]

I think immediate tasks that run async code called from other async code will attempt to create their own async event loop and that is the setup for the error you are seeing. But i thought we were dispatching the task to run independently in the background anyway never to be awaited.

[mdellweg]

You might want to adjust that name.

[mdellweg]

While this downloader runs, are we already streaming the data to the user?

[lubosmj]

No, we want to ensure that we initialize the manifest and remote blobs first and add them to the pending_* content before dispatching the task and streaming data back to a client. The client can be faster than the task in this matter.

[ipanova]

you already have it on line 208

[lubosmj]

In that case, we check for the digest with the HEAD request.

[ipanova]

that's ok but you don't need to write twice remote.get_downloader(url=tag_url)

[ipanova]

the digest you got from docker-content-digest header is not reliable because that is not a required header. you should resort to calcualt_digest as in the except branch on line 176

[ipanova]

how are you sure this is not a schema1 manifest?

[lubosmj]

I am not. 😭

[ipanova]

should be path here

[ipanova]

you need to do something about this code being repeated 3 times in 3 places

[lubosmj]

I extracted a new class.

[ipanova]

why not raising the error?

[lubosmj]

There is still a chance that the fired pull-through download task has not finished and the user is trying to get a new listed manifest. We do not pre-record all listed manifests and their blobs in content-app. So, the manifest does not exist in pending_manifests and is still not associated with any repository.

[ipanova]

@lubosmj

2. Setting `mirror=True` in the staging resulted in older tags being removed from the repository. I am using the default `mirror=False`.

I thought this is the desired behavior. Since this is a pull-through-cache repository, it should match exactly the content remotely. So if a tag was removed remotely I would not know why we should keep it locally.

[lubosmj]

I thought this is the desired behavior. Since this is a pull-through-cache repository, it should match exactly the content remotely. So if a tag was removed remotely I would not know why we should keep it locally.

But, using mirror=True causes the sync pipeline to think that the old tag, which was previously pulled by the user, had gone. It removes it even though it might be present on the remote. See the test case test_pull_manifest_list where I pull two different tags. With mirror=True, the test fails because of the missing latest tag.

How can I forcefully tell the sync pipeline to not remove the existing tag? Also, how do we know if the tag was removed from the remote registry if the user never asks for it and thus we never realize that?

[ipanova]

@lubosmj since we using ContainerPullThroughCacheDeclarativeVersion that never checks rest of content as it would usually check in the normal DeclarativeVersion, it will always keep only the latest pulled tag with mirror=True. So you're right we should use mirror=False because we have no choice

[lubosmj]

Add the cast call here.

[lubosmj]

Explicitly state that inside this if branch we are working through the pull-through distribution.

[lubosmj]

Instead, return the existing tag. The tag will just not be refreshed.

[lubosmj]

Maybe, mention that we parse "blobs" and initialize a remote artifact here.

[lubosmj]

Leave a TODO comment about possible changes in the future. Right now, we are masking error messages that might be useful to the client.

[lubosmj]

Get the schema version from media_type.

[lubosmj]

Add the tag to the repository via an immediate task.

[lubosmj]

Maybe, revert this change.

[lubosmj]

TODO: add a comment about inheriting the private flag from the pull-through cache distribution.

[lubosmj]

TODO in the future? Propagate the permissions and private flag from the pull-through distribution to this distribution.

[lubosmj]

Distributions are public by default.

[ipanova]

We walked through the PR on the call and @lubosmj has few things to update and can mere afterwards