refactor AWS URL mapping with a default URL and don't depend on region list from CIDR data
This commit is contained in:
Benjamin Elder
parent
4ffa1a4f7a
commit
e20b14aaf4
|
|
@ -23,10 +23,10 @@ import (
|
|||
"k8s.io/klog/v2"
|
||||
)
|
||||
|
||||
// awsRegionToS3URL returns the base S3 bucket URL for an OCI layer blob given the AWS region
|
||||
// awsRegionToHostURL returns the base S3 bucket URL for an OCI layer blob given the AWS region
|
||||
//
|
||||
// blobs in the buckets should be stored at /containers/images/sha256:$hash
|
||||
func awsRegionToS3URL(region string) string {
|
||||
func awsRegionToHostURL(region, defaultURL string) string {
|
||||
switch region {
|
||||
// each of these has the region in which we have a bucket listed first
|
||||
// and then additional regions we're mapping to that bucket
|
||||
|
|
@ -66,15 +66,7 @@ func awsRegionToS3URL(region string) string {
|
|||
case "eu-west-2", "eu-west-3", "eu-north-1":
|
||||
return "https://prod-registry-k8s-io-eu-west-2.s3.dualstack.eu-west-2.amazonaws.com"
|
||||
default:
|
||||
// TestRegionToAWSRegionToS3URL checks we return a non-empty result for all regions
|
||||
// that this app knows about
|
||||
//
|
||||
// we will not attempt to route to a region we do now know about
|
||||
//
|
||||
// if we see empty string returned, then we've failed to account for all regions
|
||||
//
|
||||
// we want to precompute the mapping for all regions
|
||||
return ""
|
||||
return defaultURL
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -24,7 +24,7 @@ import (
|
|||
)
|
||||
|
||||
func TestCachedBlobChecker(t *testing.T) {
|
||||
bucket := awsRegionToS3URL("us-east-1")
|
||||
bucket := awsRegionToHostURL("us-east-1", "")
|
||||
blobs := newCachedBlobChecker()
|
||||
testCases := []struct {
|
||||
Name string
|
||||
|
|
|
|||
|
|
@ -18,22 +18,29 @@ package app
|
|||
|
||||
import (
|
||||
"testing"
|
||||
|
||||
"k8s.io/registry.k8s.io/pkg/net/cloudcidrs"
|
||||
)
|
||||
|
||||
func TestRegionToAWSRegionToS3URL(t *testing.T) {
|
||||
// TODO: replace / fix this
|
||||
// ensure all known regions return a configured bucket
|
||||
regions := cloudcidrs.Regions()
|
||||
for region := range regions {
|
||||
url := awsRegionToS3URL(region)
|
||||
func TestRegionToAWSRegionToHostURL(t *testing.T) {
|
||||
// ensure known regions return a configured bucket
|
||||
regions := []string{
|
||||
"GLOBAL", "af-south-1", "ap-east-1",
|
||||
"ap-northeast-1", "ap-northeast-2", "ap-northeast-3",
|
||||
"ap-south-1", "ap-south-2", "ap-southeast-1",
|
||||
"ap-southeast-2", "ap-southeast-3", "ap-southeast-4",
|
||||
"ap-southeast-6", "ca-central-1", "ca-west-1", "cn-north-1",
|
||||
"cn-northwest-1", "eu-central-1", "eu-central-2", "eu-north-1",
|
||||
"eu-south-1", "eu-south-2", "eu-west-1", "eu-west-2", "eu-west-3",
|
||||
"il-central-1", "me-central-1", "me-south-1", "sa-east-1", "us-east-1",
|
||||
"us-east-2", "us-gov-east-1", "us-gov-west-1", "us-west-1", "us-west-2",
|
||||
}
|
||||
for _, region := range regions {
|
||||
url := awsRegionToHostURL(region, "")
|
||||
if url == "" {
|
||||
t.Fatalf("received empty string for known region %q url", region)
|
||||
t.Fatalf("received empty string for known region %q", region)
|
||||
}
|
||||
}
|
||||
// ensure bogus region would return "" so we know above test is valid
|
||||
if url := awsRegionToS3URL("nonsensical-region"); url != "" {
|
||||
// test default region
|
||||
if url := awsRegionToHostURL("nonsensical-region", "____default____"); url != "____default____" {
|
||||
t.Fatalf("received non-empty URL string for made up region \"nonsensical-region\": %q", url)
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -33,6 +33,7 @@ type RegistryConfig struct {
|
|||
UpstreamRegistryPath string
|
||||
InfoURL string
|
||||
PrivacyURL string
|
||||
DefaultAWSBaseURL string
|
||||
}
|
||||
|
||||
// MakeHandler returns the root archeio HTTP handler
|
||||
|
|
@ -131,7 +132,7 @@ func makeV2Handler(rc RegistryConfig, blobs blobChecker) func(w http.ResponseWri
|
|||
}
|
||||
|
||||
// check if blob is available in our S3 bucket for the region
|
||||
bucketURL := awsRegionToS3URL(ipInfo.Region)
|
||||
bucketURL := awsRegionToHostURL(ipInfo.Region, rc.DefaultAWSBaseURL)
|
||||
// this matches GCR's GCS layout, which we will use for other buckets
|
||||
blobURL := bucketURL + "/containers/images/sha256%3A" + hash
|
||||
if blobs.BlobExists(blobURL, bucketURL, hash) {
|
||||
|
|
|
|||
|
|
@ -45,6 +45,7 @@ func main() {
|
|||
UpstreamRegistryPath: getEnv("UPSTREAM_REGISTRY_PATH", "k8s-artifacts-prod/images"),
|
||||
InfoURL: "https://github.com/kubernetes/registry.k8s.io",
|
||||
PrivacyURL: "https://www.linuxfoundation.org/privacy-policy/",
|
||||
DefaultAWSBaseURL: getEnv("DEFAULT_AWS_BASE_URL", "https://prod-registry-k8s-io-us-east-1.s3.dualstack.us-east-1.amazonaws.com"),
|
||||
}
|
||||
|
||||
// configure server with reasonable timeout
|
||||
|
|
|
|||
Loading…
Reference in New Issue