redis driver for blob cache information and metadb (#2865)

* feat: add redis cache support https://github.com/project-zot/zot/pull/2005 Fixes https://github.com/project-zot/zot/issues/2004 * feat: add redis cache support Currently, we have dynamoDB as the remote shared cache but ideal only for the cloud use case. For on-prem use case, add support for redis. Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com> * feat(redis): added blackbox tests for redis Signed-off-by: Petu Eusebiu <peusebiu@cisco.com> * feat(redis): dummy implementation of MetaDB interface for redis cache Signed-off-by: Alexei Dodon <adodon@cisco.com> * feat: check validity of driver configuration on metadb instantiation Signed-off-by: Andrei Aaron <aaaron@luxoft.com> * feat: multiple fixes for redis cache driver implementation - add missing method GetAllBlobs - add redis cache tests, with and without mocking Signed-off-by: Andrei Aaron <aaaron@luxoft.com> * feat(redis): redis implementation for MetaDB Signed-off-by: Andrei Aaron <aaaron@luxoft.com> * feat(redis): use redsync to block concurrent write access to the redis DB Signed-off-by: Andrei Aaron <aaaron@luxoft.com> * feat(redis): update .github/workflows/cluster.yaml to also test redis Signed-off-by: Andrei Aaron <aaaron@luxoft.com> * feat(metadb): add keyPrefix parameter for redis and remove unneeded method meta.Crate() Signed-off-by: Andrei Aaron <aaaron@luxoft.com> * feat(redis): support RedisCluster configuration and add unit tests Signed-off-by: Andrei Aaron <aaaron@luxoft.com> * feat(redis): more tests for redis metadb implementation Signed-off-by: Andrei Aaron <aaaron@luxoft.com> * feat(redis): add more examples and update examples/README.md Signed-off-by: Andrei Aaron <aaaron@luxoft.com> * feat(redis): move option parsing and redis client initialization under pkg/api/config/redis Signed-off-by: Andrei Aaron <aaaron@luxoft.com> * chore(cachedb): move Cache interface to pkg/storage/types Signed-off-by: Andrei Aaron <aaaron@luxoft.com> * feat(redis): reorganize code in pkg/storage/cache.go Signed-off-by: Andrei Aaron <aaaron@luxoft.com> * feat(redis): call redis.SetLogger() with the zot logger as parameter Signed-off-by: Andrei Aaron <aaaron@luxoft.com> * feat(redis): rename pkg/meta/redisdb to pkg/meta/redis Signed-off-by: Andrei Aaron <aaaron@luxoft.com> --------- Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com> Signed-off-by: Petu Eusebiu <peusebiu@cisco.com> Signed-off-by: Alexei Dodon <adodon@cisco.com> Signed-off-by: Andrei Aaron <aaaron@luxoft.com> Co-authored-by: a <a@tuxpa.in> Co-authored-by: Ramkumar Chinchani <rchincha@cisco.com> Co-authored-by: Petu Eusebiu <peusebiu@cisco.com> Co-authored-by: Alexei Dodon <adodon@cisco.com>
2026-06-17 12:58:02 +08:00 · 2025-01-30 21:00:52 +02:00
parent 90e1393585
commit 05823cd74f
43 changed files with 7886 additions and 442 deletions
@@ -9,7 +9,7 @@ PATH=$PATH:${SCRIPTPATH}/../../hack/tools/bin

 tests=("pushpull" "pushpull_authn" "delete_images" "referrers" "metadata" "anonymous_policy"
      "annotations" "detect_manifest_collision" "cve" "sync" "sync_docker" "sync_replica_cluster"
-      "scrub" "garbage_collect" "metrics" "metrics_minimal" "multiarch_index" "docker_compat")
+      "scrub" "garbage_collect" "metrics" "metrics_minimal" "multiarch_index" "docker_compat" "redis_local")

 for test in ${tests[*]}; do
    ${BATS} ${BATS_FLAGS} ${SCRIPTPATH}/${test}.bats > ${test}.log & pids+=($!)
@@ -0,0 +1,12 @@
+
+function redis_start() {
+  local cname="$1" # container name
+  local free_port="$2"
+  docker run -d --name ${cname} -p ${free_port}:6379 redis
+}
+
+function redis_stop() {
+  local cname="$1"
+  docker stop ${cname}
+  docker rm -f ${cname}
+}
@@ -0,0 +1,124 @@
+# Note: Intended to be run as "make run-blackbox-tests" or "make run-blackbox-ci"
+#       Makefile target installs & checks all necessary tooling
+#       Extra tools that are not covered in Makefile target needs to be added in verify_prerequisites()
+
+load helpers_zot
+load helpers_redis
+
+function verify_prerequisites() {
+    if [ ! $(command -v curl) ]; then
+        echo "you need to install curl as a prerequisite to running the tests" >&3
+        return 1
+    fi
+
+    if [ ! $(command -v jq) ]; then
+        echo "you need to install jq as a prerequisite to running the tests" >&3
+        return 1
+    fi
+
+    if [ ! $(command -v docker) ]; then
+        echo "you need to install docker as a prerequisite to running the tests" >&3
+        return 1
+    fi
+
+    return 0
+}
+
+function setup_file() {
+    # Verify prerequisites are available
+    if ! $(verify_prerequisites); then
+        exit 1
+    fi
+
+    # Download test data to folder common for the entire suite, not just this file
+    skopeo --insecure-policy copy --format=oci docker://ghcr.io/project-zot/golang:1.20 oci:${TEST_DATA_DIR}/golang:1.20
+
+    # Setup redis server
+    redis_port=$(get_free_port)
+    redis_start redis_server_local ${redis_port}
+
+    # Setup zot server
+    local zot_root_dir=${BATS_FILE_TMPDIR}/zot
+    local zot_sync_ondemand_config_file=${BATS_FILE_TMPDIR}/zot_sync_ondemand_config.json
+    zot_port=$(get_free_port)
+    echo ${zot_port} > ${BATS_FILE_TMPDIR}/zot.port
+
+    mkdir -p ${zot_root_dir}
+
+    cat >${zot_sync_ondemand_config_file} <<EOF
+{
+    "distSpecVersion": "1.1.0",
+    "storage": {
+        "rootDirectory": "${zot_root_dir}",
+        "cacheDriver": {
+            "name": "redis",
+            "url": "redis://localhost:${redis_port}"
+        }
+    },
+    "http": {
+        "address": "0.0.0.0",
+        "port": "${zot_port}"
+    },
+    "log": {
+        "level": "debug",
+        "output": "/tmp/blackbox.log"
+    },
+    "extensions": {
+      "ui": {
+        "enable": true
+      },
+      "search": {
+        "enable": true
+      }
+    }
+}
+EOF
+
+    zot_serve ${ZOT_PATH} ${zot_sync_ondemand_config_file}
+    wait_zot_reachable ${zot_port}
+}
+
+@test "push 2 images" {
+    zot_port=`cat ${BATS_FILE_TMPDIR}/zot.port`
+    run skopeo --insecure-policy copy --dest-tls-verify=false \
+        oci:${TEST_DATA_DIR}/golang:1.20 \
+        docker://127.0.0.1:${zot_port}/golang:1.20
+    [ "$status" -eq 0 ]
+
+    run skopeo --insecure-policy copy --dest-tls-verify=false \
+        oci:${TEST_DATA_DIR}/golang:1.20 \
+        docker://127.0.0.1:${zot_port}/golang2:1.20
+    [ "$status" -eq 0 ]
+
+    run curl http://127.0.0.1:${zot_port}/v2/_catalog
+    [ "$status" -eq 0 ]
+    [ $(echo "${lines[-1]}" | jq '.repositories[0]') = '"golang"' ]
+    [ $(echo "${lines[-1]}" | jq '.repositories[1]') = '"golang2"' ]
+    run curl http://127.0.0.1:${zot_port}/v2/golang/tags/list
+    [ "$status" -eq 0 ]
+    [ $(echo "${lines[-1]}" | jq '.tags[]') = '"1.20"' ]
+}
+
+@test "pull both images" {
+    local oci_data_dir=${BATS_FILE_TMPDIR}/oci
+    zot_port=`cat ${BATS_FILE_TMPDIR}/zot.port`
+
+    mkdir -p ${oci_data_dir}
+    run skopeo --insecure-policy copy --src-tls-verify=false \
+        docker://127.0.0.1:${zot_port}/golang:1.20 \
+        oci:${oci_data_dir}/golang:1.20
+    [ "$status" -eq 0 ]
+    run cat ${BATS_FILE_TMPDIR}/oci/golang/index.json
+    [ "$status" -eq 0 ]
+    [ $(echo "${lines[-1]}" | jq '.manifests[].annotations."org.opencontainers.image.ref.name"') = '"1.20"' ]
+
+    run skopeo --insecure-policy copy --src-tls-verify=false \
+        docker://127.0.0.1:${zot_port}/golang2:1.20 \
+        oci:${oci_data_dir}/golang:1.20
+    [ "$status" -eq 0 ]
+}
+
+function teardown_file() {
+    zot_stop_all
+    redis_stop redis_server_local
+}
@@ -0,0 +1,129 @@
+# Note: Intended to be run as "make run-blackbox-tests" or "make run-blackbox-ci"
+#       Makefile target installs & checks all necessary tooling
+#       Extra tools that are not covered in Makefile target needs to be added in verify_prerequisites()
+
+load helpers_zot
+load helpers_redis
+load helpers_cloud
+
+function verify_prerequisites() {
+    if [ ! $(command -v docker) ]; then
+        echo "you need to install docker as a prerequisite to running the tests" >&3
+        return 1
+    fi
+
+    return 0
+}
+
+function setup_file() {
+    # Verify prerequisites are available
+    if ! $(verify_prerequisites); then
+        exit 1
+    fi
+
+    # Download test data to folder common for the entire suite, not just this file
+    skopeo --insecure-policy copy --format=oci docker://ghcr.io/project-zot/test-images/alpine:3.17.3 oci:${TEST_DATA_DIR}/alpine:1
+
+    # Setup redis server
+    redis_port=$(get_free_port)
+    redis_start redis_server ${redis_port}
+
+    # Setup zot server
+    local zot_root_dir=${BATS_FILE_TMPDIR}/zot
+    local zot_sync_ondemand_config_file=${BATS_FILE_TMPDIR}/zot_sync_ondemand_config.json
+    zot_port=$(get_free_port)
+    echo ${zot_port} > ${BATS_FILE_TMPDIR}/zot.port
+
+    mkdir -p ${zot_root_dir}
+
+    cat >${zot_sync_ondemand_config_file} <<EOF
+{
+    "distSpecVersion": "1.1.0",
+    "storage": {
+        "dedupe": true,
+        "gc": true,
+        "rootDirectory": "${zot_root_dir}",
+        "cacheDriver": {
+            "name": "redis",
+            "url": "redis://localhost:${redis_port}"
+        },
+        "storageDriver": {
+            "name": "s3",
+            "rootdirectory": "/zot",
+            "region": "us-east-2",
+            "regionendpoint": "localhost:4566",
+            "bucket": "zot-storage",
+            "secure": false,
+            "skipverify": false
+        }
+    },
+    "http": {
+        "address": "0.0.0.0",
+        "port": "${zot_port}"
+    },
+    "log": {
+        "level": "debug",
+        "output": "/tmp/blackbox.log"
+    },
+    "extensions": {
+      "ui": {
+        "enable": true
+      },
+      "search": {
+        "enable": true
+      }
+    }
+}
+EOF
+    awslocal s3 --region "us-east-2" mb s3://zot-storage
+
+    zot_serve ${zot_sync_ondemand_config_file}
+    wait_zot_reachable ${zot_port}
+}
+
+@test "push 3 images with dedupe enabled" {
+    zot_port=`cat ${BATS_FILE_TMPDIR}/zot.port`
+
+    for i in {1..3}
+    do
+        run skopeo --insecure-policy copy --dest-tls-verify=false \
+            oci:${TEST_DATA_DIR}/alpine:1 \
+            docker://127.0.0.1:${zot_port}/alpine${i}:1.0
+        [ "$status" -eq 0 ]
+    done
+}
+
+@test "pull second image with deduped blobs" {
+    local oci_data_dir=${BATS_FILE_TMPDIR}/test1/alpine2
+    zot_port=`cat ${BATS_FILE_TMPDIR}/zot.port`
+
+    mkdir -p ${oci_data_dir}
+
+    run skopeo --insecure-policy copy --src-tls-verify=false docker://127.0.0.1:${zot_port}/alpine2:1.0 oci:${oci_data_dir}:1.0
+    [ "$status" -eq 0 ]
+}
+
+@test "original blobs are moved to the next image when removing the first one" {
+    local oci_data_dir=${BATS_FILE_TMPDIR}/test2/alpine2/
+    zot_port=`cat ${BATS_FILE_TMPDIR}/zot.port`
+
+    # in case of s3, because it doesn't support symlinks:
+    # blobs contents are stored only once, the rest of deduped blobs are 0 size files
+    # when removing an image which contains original blobs, their contents should move to the next candidates.
+    # so removing the first image: alpine1 which contains only original blobs, the contents should move to alpine2
+    run skopeo --insecure-policy delete --tls-verify=false \
+        docker://127.0.0.1:${zot_port}/alpine1:1.0
+    [ "$status" -eq 0 ]
+
+    mkdir -p ${oci_data_dir}
+
+    # pulling the next image should work
+    run skopeo --insecure-policy copy --src-tls-verify=false docker://127.0.0.1:${zot_port}/alpine2:1.0 oci:${oci_data_dir}:1.0
+    [ "$status" -eq 0 ]
+}
+
+function teardown_file() {
+    zot_stop
+    redis_stop redis_server
+    awslocal s3 --region "us-east-2" rb s3://zot-storage --force
+}