Skip to content

Commit 47c4dba

Browse files
djdongjindjdongjin
committed
Unify default transport in docker resolver
The default transport are used in 3 places: 1. `ConfigureDefaultRegistries` (no `hosts_dir` is set) 2. `ConfigureHosts` (when `hosts_dir` is set) 3. in cri service 2 and 3 use/duplicate the same default transport, whereas 1 uses go's default Client/Transport This PR moves the default transport to a common funcion (can pass in tls config). Signed-off-by: Jin Dong <[email protected]>
1 parent 2207955 commit 47c4dba

3 files changed

Lines changed: 23 additions & 34 deletions

File tree

core/remotes/docker/config/hosts.go

Lines changed: 1 addition & 14 deletions
Original file line numberDiff line numberDiff line change
@@ -28,7 +28,6 @@ import (
2828
"path"
2929
"path/filepath"
3030
"strings"
31-
"time"
3231

3332
"github.com/containerd/errdefs"
3433
"github.com/containerd/log"
@@ -144,19 +143,7 @@ func ConfigureHosts(ctx context.Context, options HostOptions) docker.RegistryHos
144143
defaultTLSConfig = &tls.Config{}
145144
}
146145

147-
defaultTransport := &http.Transport{
148-
Proxy: http.ProxyFromEnvironment,
149-
DialContext: (&net.Dialer{
150-
Timeout: 30 * time.Second,
151-
KeepAlive: 30 * time.Second,
152-
FallbackDelay: 300 * time.Millisecond,
153-
}).DialContext,
154-
MaxIdleConns: 10,
155-
IdleConnTimeout: 30 * time.Second,
156-
TLSHandshakeTimeout: 10 * time.Second,
157-
TLSClientConfig: defaultTLSConfig,
158-
ExpectContinueTimeout: 5 * time.Second,
159-
}
146+
defaultTransport := docker.DefaultHTTPTransport(defaultTLSConfig)
160147

161148
client := &http.Client{
162149
Transport: defaultTransport,

core/remotes/docker/registry.go

Lines changed: 21 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -17,9 +17,11 @@
1717
package docker
1818

1919
import (
20+
"crypto/tls"
2021
"errors"
2122
"net"
2223
"net/http"
24+
"time"
2325
)
2426

2527
// HostCapabilities represent the capabilities of the registry
@@ -170,7 +172,9 @@ func ConfigureDefaultRegistries(ropts ...RegistryOpt) RegistryHosts {
170172
}
171173

172174
if config.Client == nil {
173-
config.Client = http.DefaultClient
175+
config.Client = &http.Client{
176+
Transport: DefaultHTTPTransport(nil),
177+
}
174178
}
175179

176180
if opts.plainHTTP != nil {
@@ -242,3 +246,19 @@ func MatchLocalhost(host string) (bool, error) {
242246

243247
return ip.IsLoopback(), nil
244248
}
249+
250+
func DefaultHTTPTransport(defaultTLSConfig *tls.Config) *http.Transport {
251+
return &http.Transport{
252+
Proxy: http.ProxyFromEnvironment,
253+
DialContext: (&net.Dialer{
254+
Timeout: 30 * time.Second,
255+
KeepAlive: 30 * time.Second,
256+
FallbackDelay: 300 * time.Millisecond,
257+
}).DialContext,
258+
MaxIdleConns: 10,
259+
IdleConnTimeout: 30 * time.Second,
260+
TLSHandshakeTimeout: 10 * time.Second,
261+
TLSClientConfig: defaultTLSConfig,
262+
ExpectContinueTimeout: 5 * time.Second,
263+
}
264+
}

internal/cri/server/images/image_pull.go

Lines changed: 1 addition & 19 deletions
Original file line numberDiff line numberDiff line change
@@ -22,7 +22,6 @@ import (
2222
"encoding/base64"
2323
"fmt"
2424
"io"
25-
"net"
2625
"net/http"
2726
"net/url"
2827
"path/filepath"
@@ -448,7 +447,7 @@ func (c *CRIImageService) registryHosts(ctx context.Context, credentials func(ho
448447
}
449448

450449
var (
451-
transport = newTransport()
450+
transport = docker.DefaultHTTPTransport(nil) // no tls config
452451
client = &http.Client{Transport: transport}
453452
config = c.config.Registry.Configs[u.Host]
454453
)
@@ -564,23 +563,6 @@ func (c *CRIImageService) registryEndpoints(host string) ([]string, error) {
564563
return append(endpoints, defaultScheme(defaultHost)+"://"+defaultHost), nil
565564
}
566565

567-
// newTransport returns a new HTTP transport used to pull image.
568-
// TODO(random-liu): Create a library and share this code with `ctr`.
569-
func newTransport() *http.Transport {
570-
return &http.Transport{
571-
Proxy: http.ProxyFromEnvironment,
572-
DialContext: (&net.Dialer{
573-
Timeout: 30 * time.Second,
574-
KeepAlive: 30 * time.Second,
575-
FallbackDelay: 300 * time.Millisecond,
576-
}).DialContext,
577-
MaxIdleConns: 10,
578-
IdleConnTimeout: 30 * time.Second,
579-
TLSHandshakeTimeout: 10 * time.Second,
580-
ExpectContinueTimeout: 5 * time.Second,
581-
}
582-
}
583-
584566
// encryptedImagesPullOpts returns the necessary list of pull options required
585567
// for decryption of encrypted images based on the cri decryption configuration.
586568
// Temporarily removed for v2 upgrade

0 commit comments

Comments
 (0)