From f7b800d0826b175e0ef2dc0f94b19792ee391113 Mon Sep 17 00:00:00 2001 From: Prasanth B <89722848+bupd@users.noreply.github.com> Date: Tue, 9 Jul 2024 19:39:27 +0530 Subject: [PATCH] Add ground control to Proposal (#1) Signed-off-by: bupd --- .../harbor-satellite/ground-control.svg | 142 ++++++++++++++++++ proposals/new/harbor-satellite-proposal.md | 32 +++- 2 files changed, 170 insertions(+), 4 deletions(-) create mode 100644 proposals/images/harbor-satellite/ground-control.svg diff --git a/proposals/images/harbor-satellite/ground-control.svg b/proposals/images/harbor-satellite/ground-control.svg new file mode 100644 index 00000000..eb5c953b --- /dev/null +++ b/proposals/images/harbor-satellite/ground-control.svg @@ -0,0 +1,142 @@ + + + + + + + + + Ground Control Capabilities + - Fleet Management + - Satellite Registration + - Authentication + - Logical mapping of image sets to satellite groups (1:n) + - State Monitoring of replications + Information Stored in Ground Control + - List of Images that need to be present on Satellite + - Remote State of Satellite (What oci artifacts are on + remote) + - Hearbeat of Satellites + - Satellite Configuration + Interfaces of Ground Control + - Interface for Satellites + - Adapter Interface + - Management Interface + - accept list images + - manage Satellite groups + Line of Sight + - Satellite to Ground Control + - Satellite Core can run on its own + - Ground Control to Registry + - Registry (none) + - Registry Adapter to Ground Control + + Satellite + + Remote Registry + + + + + + + + + Pull + Images + from Remote + Registry + + OCI Registry + Pull && Push Support + + Volume + + + + + + + + + + Pushing Images + + + + + Hirarchy of Options + Interface can be a file + + Ground Control + + + + + + + + + Fetch a list of images to + replicate + (Optional) + + + + + + + + + + Registry Adapter + + + Network Bounderies + + + + + + + + + + + + + + + DB + + + + + + + + + Management + Interfaace + + + + + + + + + + + + + + + + Artifact List + repo/tag + repo/tag:@digest + + diff --git a/proposals/new/harbor-satellite-proposal.md b/proposals/new/harbor-satellite-proposal.md index 05e9f86f..2ca59c58 100644 --- a/proposals/new/harbor-satellite-proposal.md +++ b/proposals/new/harbor-satellite-proposal.md @@ -1,6 +1,6 @@ # Proposal: `Harbor Satellite` -Authors: Vadim Bauer / [Vad1mo](https://github.com/Vad1mo), Csaba Almasi, Philip Laine, David Huseby / [dhuseby](https://github.com/dhuseby), Roald Brunell / [OneFlyingBanana](https://github.com/OneFlyingBanana) +Authors: Vadim Bauer / [Vad1mo](https://github.com/Vad1mo), Csaba Almasi, Philip Laine, David Huseby / [dhuseby](https://github.com/dhuseby), Roald Brunell / [OneFlyingBanana](https://github.com/OneFlyingBanana), Prasanth / [bupd](https://github.com/bupd) ## Abstract @@ -38,6 +38,9 @@ Harbor Satellite aims to be resilient, lightweight and will be able to keep func Compatibility with all container registries or edge devices can't be guaranteed. ## Implementation +![Basic Harbor Satellite Diagram](../images/harbor-satellite/harbor-satellite-diagram.svg) + +

Basic Harbor Satellite Diagram

### Overall Architecture @@ -45,11 +48,32 @@ Harbor Satellite, at its most basic, will run in a single container and will be - **Satellite** : Is responsible for moving artifacts from upstream (using Skopeo/Crane/Other), identifying the source and reading the list of images that needs to be replicated. Satellite will also be able to modify and manage the container runtimes. configuration in sync so that container runtime does not fetch images from remote. - **OCI Registry** : Is responsible for storing required OCI artifacts locally (using zotregistry or docker registry). -- **Ground Control** : Is a component of Harbor and is responsible for serving a Harbor Satellite with the list of images it needs. +- **Ground Control** : Is responsible for the artifact synchronization with edge locations and function as a service endpoint for satellites. Ground control will register and authenticate satellites, provide a list of images that should be present on the satellite, and facilitate seamless replication of container images to edge locations. Ground Control includes adapters for different central registries, enabling seamless synchronization of image lists across various sources. -![Basic Harbor Satellite Diagram](../images/harbor-satellite/harbor-satellite-diagram.svg) -

Basic Harbor Satellite Diagram

+### Ground Control Responsibilities +![Ground Control](../images/harbor-satellite/ground-control.svg) + +

Ground Control

+ +1. **Authentication and Registration:** + - **Satellite Authentication:** Ground Control authenticates each satellite to ensure that only authorized devices can request and receive image updates. This prevents unauthorized access and ensures that image distribution is controlled and secure. + - **Satellite Registration:** Each satellite must register with Ground Control before it can request image lists. This registration process involves validating the satellite’s credentials and recording its details in Ground Control, establishing a trusted relationship between the satellite and Ground Control. + +2. **Image List Management:** + + - **Maintaining Image Lists:** Ground Control maintains a detailed list of container images, including their tags and digests, that are required by the satellites. These lists are kept up-to-date and are readily available for distribution to registered satellites. + - **List Provisioning:** Satellites periodically request the image list from Ground Control. Ground Control responds with the most recent list, ensuring that the satellite always has the latest images required for its operations. + +3. **Adaptability with Central Registries:** + + - **Adapters for Multiple Registries:** Ground Control includes adapters that allow it to interface with various central container registries. This capability ensures that it can synchronize image lists with multiple sources, regardless of the registry's specific implementation or API. + - **Synchronization of Image Lists:** Using these adapters, Ground Control can pull image updates from different central registries and update its managed image list accordingly. This enables the seamless integration of images from various sources, providing a comprehensive and updated list to satellites. + +4. **Independent Satellite Operation:** + + - **Decentralized Functioning:** Ground Control enables satellites to operate independently by providing them with the necessary image lists. Satellites fetch and manage their own images based on the lists provided, reducing their dependency on real-time connectivity to a central registry. + - **Offline Resilience:** In the event of connectivity issues with Ground Control, satellites can continue to serve the required images from their local storage, ensuring uninterrupted operations in edge environments. ### Specific Use Cases