Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Implement Docker Hub Proxy for Docker Image Caching #3315

Open
slamer59 opened this issue Mar 18, 2024 · 6 comments · May be fixed by #5820
Open

Implement Docker Hub Proxy for Docker Image Caching #3315

slamer59 opened this issue Mar 18, 2024 · 6 comments · May be fixed by #5820
Assignees
@yoyounik
Labels
enhancement New feature or request good first issue Great issue for new contributors kind/cooldown Great candidate for the cooldown period

Comments

@slamer59
Copy link

slamer59 commented Mar 18, 2024
edited
Loading

Feature description

In a CI/CD process like Kestra, it's common to encounter Docker Hub rate limits when pulling Docker images repeatedly during builds. To mitigate this issue and improve build performance, Docker Hub proxy feature within Kestra could improve performance and remove this rate limiting.

Problem Statement

Currently, CI/CD workflows relying on Docker images from Docker Hub (or any other) can face rate limits, causing delays and disruptions in build processes. This limitation hinders the scalability and efficiency of automated builds, especially in large-scale projects with frequent image pulls.

Ex for anonymous user : 100 pulls per 6 hours per IP address

Proposed Solution

Integrate a Docker Hub proxy mechanism within Kestra that allows caching Docker images locally. This proxy should intelligently manage image requests, reducing the need for repetitive pulls from Docker Hub and optimizing build times.

Benefits

  1. Improved Build Performance: By caching Docker images locally, CI/CD builds will experience faster execution times as they won't be dependent on external Docker Hub requests for every build.
  2. Reduced Dependency on External Sources: Minimizing direct dependencies on Docker Hub reduces the impact of rate limits and network latency, enhancing the reliability of CI/CD pipelines.
  3. Scalability: The Docker Hub proxy feature enables seamless scaling of CI/CD infrastructure without concerns about exceeding Docker Hub rate limits.
  4. Enhanced Developer Experience: Developers can focus on coding and testing without being hindered by external service limitations, leading to a smoother development workflow.

Implementation Considerations

  1. Proxy Configuration: Provide a straightforward configuration option within Kestra's settings to define the Docker Hub proxy.
  2. Cache Management: Implement intelligent caching strategies to manage cached Docker images efficiently, considering expiration policies and cache invalidation mechanisms.
  3. Logging and Monitoring: Include logging and monitoring capabilities to track proxy activity, cache hits/misses, and overall performance metrics.
  4. Documentation: Ensure comprehensive documentation detailing how users can configure and utilize the Docker Hub proxy feature in their CI/CD workflows.

Use Case

Consider a scenario where a CI/CD pipeline in Kestra regularly pulls Docker images from Docker Hub for building and testing applications. With the Docker Hub proxy feature enabled, these images are cached locally, significantly reducing build times and improving overall pipeline efficiency.

This feature request aims to enhance the functionality and performance of Kestra in CI/CD environments, providing users with a seamless Docker image caching solution to optimize build workflows.

Relevant Documentation

  1. Docker setup Proxy
  2. Gitlab to setup proxy (in a gitlab CI/CD)
  3. harbor proxy setup
@slamer59 slamer59 added the enhancement New feature or request label Mar 18, 2024
@tchiotludo tchiotludo added this to the v0.16.0 milestone Mar 18, 2024
@kriko
Copy link
Contributor

kriko commented Mar 18, 2024

For organizations that have an existing DockerHub repository mirror set up, then they can use that by specifying the mirror in the image name. However, this works only for unauthenticated internal registry mirrors.

There are a few options:

  • Docker supports configuring Docker daemon with --registry-mirror option or by configuring /etc/docker/daemon.json
  • For private mirrors that have authentication, a docker login command must be issued
  • support for paid subscriptions of DockerHub can also be supported by providing registry credentials for image pulls.

I am not sure if bundling Docker registry pull through cache is that important, since there are several alternatives - blog post or you have a GitLab installation, then GitLab provides Dependency Proxy.

@kriko
Copy link
Contributor

kriko commented Mar 19, 2024

Additional information regarding authentication against private repository mirrors.
This only works, if the image specified is referenced through the mirror. eg: mirror.company.com/image:tag, if the image is plainly referenced as image:tag then repository mirror works only if it's unauthenticated. This seems to be a limitation of dockerd and is still an unresolved issue. Authentication without speficying the mirror in the image name only works for authenticated DockerHub accounts (eg. paid accounts).

@anna-geller anna-geller removed this from the v0.16.0 milestone Mar 25, 2024
@anna-geller anna-geller added technical-issue and removed enhancement New feature or request labels Mar 25, 2024
@github-project-automation github-project-automation bot moved this to Backlog in Issues Jun 10, 2024
@tchiotludo tchiotludo added kind/cooldown Great candidate for the cooldown period and removed kind/technical-issue labels Jul 6, 2024
@tchiotludo tchiotludo added good first issue Great issue for new contributors and removed kind/good-first-issue labels Oct 1, 2024
@yoyounik
Copy link
Contributor

yoyounik commented Nov 6, 2024

hii @anna-geller @tchiotludo can i work on this issue if no one is currently working.

@yoyounik
Copy link
Contributor

yoyounik commented Nov 6, 2024

Hii @anna-geller @MilosPaunovic @slamer59
i have raised a corrected PR for this:
#5820
please go through this whenever you get time, thanks.

@MilosPaunovic MilosPaunovic linked a pull request Nov 6, 2024 that will close this issue
Open
@slamer59
Copy link
Author

slamer59 commented Nov 6, 2024
edited
Loading

Hii @anna-geller @MilosPaunovic @slamer59
i have raised a corrected PR for this:
#5820
please go through this whenever you get time, thanks.

I thanks. I am in another topic right now. I dont have time these days sorry.

@yoyounik
Copy link
Contributor

yoyounik commented Nov 6, 2024

that fine @slamer59 , please go through this whenever you get time . i will be in touch with you for this .

@MilosPaunovic MilosPaunovic moved this from Backlog to In review in Issues Jan 16, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@yoyounik yoyounik

Labels
enhancement New feature or request good first issue Great issue for new contributors kind/cooldown Great candidate for the cooldown period
Projects
Issues
Status: In review
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Added a proxy service yoyounik/kestra
5 participants
@kriko @tchiotludo @slamer59 @anna-geller @yoyounik