Add support for custom cache sizes

pull/22/head
Sebastián Ramírez 2019-09-27 13:44:07 -05:00
parent df8c057855
commit f3d2eefc09
3 changed files with 10 additions and 5 deletions

View File

@ -20,6 +20,7 @@ for this to work it requires inserting a root CA certificate into system trusted
- Expose port 3128 to the network - Expose port 3128 to the network
- Map volume `/docker_mirror_cache` for up to 32gb of cached images from all registries - Map volume `/docker_mirror_cache` for up to 32gb of cached images from all registries
- Map volume `/ca`, the proxy will store the CA certificate here across restarts - Map volume `/ca`, the proxy will store the CA certificate here across restarts
- Env `CACHE_MAX_SIZE` (default `32g`): set the max size to be used for caching local Docker image layers. Use [Nginx sizes](http://nginx.org/en/docs/syntax.html).
- Env `REGISTRIES`: space separated list of registries to cache; no need to include Docker Hub, its already there. - Env `REGISTRIES`: space separated list of registries to cache; no need to include Docker Hub, its already there.
- Env `AUTH_REGISTRIES`: space separated list of `hostname:username:password` authentication info. - Env `AUTH_REGISTRIES`: space separated list of `hostname:username:password` authentication info.
- `hostname`s listed here should be listed in the REGISTRIES environment as well, so they can be intercepted. - `hostname`s listed here should be listed in the REGISTRIES environment as well, so they can be intercepted.
@ -126,7 +127,6 @@ Yeah. Docker Inc should do it. So should NPM, Inc. Wonder why they don't. 😼
- Allow using multiple credentials for DockerHub; this is possible since the `/token` request includes the wanted repo as a query string parameter. - Allow using multiple credentials for DockerHub; this is possible since the `/token` request includes the wanted repo as a query string parameter.
- Test and make auth work with quay.io, unfortunately I don't have access to it (_hint, hint, quay_) - Test and make auth work with quay.io, unfortunately I don't have access to it (_hint, hint, quay_)
- Make the cache size configurable, today it's fixed at 32gb.
- Hide the mitmproxy building code under a Docker build ARG. - Hide the mitmproxy building code under a Docker build ARG.
- I hope that in the future this can also be used as a "Developer Office" proxy, where many developers on a fast local network - I hope that in the future this can also be used as a "Developer Office" proxy, where many developers on a fast local network
share a proxy for bandwidth and speed savings; work is ongoing in this direction. share a proxy for bandwidth and speed savings; work is ongoing in this direction.

View File

@ -81,6 +81,13 @@ fi
echo " listen 443 ssl default_server;" > /etc/nginx/caching.layer.listen echo " listen 443 ssl default_server;" > /etc/nginx/caching.layer.listen
echo "error_log /var/log/nginx/error.log warn;" > /etc/nginx/error.log.debug.warn echo "error_log /var/log/nginx/error.log warn;" > /etc/nginx/error.log.debug.warn
# Set Docker Registry cache size, by default, 32 GB ('32g')
CACHE_MAX_SIZE=${CACHE_MAX_SIZE:-32g}
# The cache directory. This can get huge. Better to use a Docker volume pointing here!
# Set to 32gb which should be enough
echo "proxy_cache_path /docker_mirror_cache levels=1:2 max_size=$CACHE_MAX_SIZE inactive=60d keys_zone=cache:10m use_temp_path=off;" > /etc/nginx/conf.d/cache_max_size.conf
# normally use non-debug version of nginx # normally use non-debug version of nginx
NGINX_BIN="nginx" NGINX_BIN="nginx"

View File

@ -42,10 +42,6 @@ http {
keepalive_timeout 300; keepalive_timeout 300;
gzip off; gzip off;
# The cache directory. This can get huge. Better to use a Docker volume pointing here!
# Set to 32gb which should be enough
proxy_cache_path /docker_mirror_cache levels=1:2 max_size=32g inactive=60d keys_zone=cache:10m use_temp_path=off;
# Just in case you want to rewrite some hosts. Default maps directly. # Just in case you want to rewrite some hosts. Default maps directly.
map $host $targetHost { map $host $targetHost {
hostnames; hostnames;
@ -93,6 +89,8 @@ http {
default "DID_NOT_MATCH_PATH"; default "DID_NOT_MATCH_PATH";
} }
include /etc/nginx/conf.d/*.conf;
# The proxy director layer, listens on 3128 # The proxy director layer, listens on 3128
server { server {