k8s.io/registry.k8s.io@v0.3.1/cmd/archeio/docs/request-handling.md

k8s.io/registry.k8s.io@v0.3.1/cmd/archeio/docs/request-handling.md (about)

     1  # Request Handling
     2  
     3  Requests to archeio follows the following flow:
     4  
     5  1. If it's a request for `/`: Redirect to our wiki page about the project
     6  1. If it's a request for `/privacy`: Redirect to Linux Foundation privacy policy page
     7  1. If it's not a request for `/` or `/privacy` and does not start with `/v2/`: 404 error
     8  1. For registry API requests, all of which start with `/v2/`:
     9      - If it's a non-standard API call (`/v2/_catalog`): 404 error
    10      - If it's a manifest request: Redirect to Upstream Registry
    11      - If it's from a known GCP IP: Redirect to Upstream Registry
    12      -  If it's a known AWS IP AND HEAD request for the layer succeeeds in S3: Redirect to S3
    13      -  If it's a known AWS IP AND HEAD fails: Redirect to Upstream Registry
    14  
    15  See also: OCI Distribution [Specification](https://github.com/opencontainers/distribution-spec/blob/main/spec.md)
    16  
    17  Currently the `Upstream Registry` is a region specific Artifact Registry backend.
    18  
    19  Or in chart form:
    20  ```mermaid
    21  flowchart TD
    22  
    23  A(Does the request path start with /v2/?) -->|No, it is not a registry API call| B(Is the request for /?)
    24  B -->|No| D[Is the request for /privacy?]
    25  D -->|No, it is an unknown path| C[Serve 404 error]
    26  D -->|Yes| K[Serve redirect to Linux Foundation privacy policy page]
    27  B -->|Yes| E[Serve redirect to registry wiki page]
    28  A -->|Yes, it is a registry API call| L(Is it an OCI Distribution Standard API Call?)
    29  L -->|No, it is a non-standard API call.<br>Currently: `/v2/_catalog`.| M[Serve 404 error]
    30  L -->|Yes, it is a standard API call| F(Is it a blob request?)
    31  F -->|No| G[Serve redirect to Source Registry on GCP]
    32  F -->|Yes, it matches known blob request format| H(Is the client IP known to be from GCP?)
    33  H -->|Yes| G
    34  H -->|No| I(Does the blob exist in S3?<br/>Check by way of cached HEAD on the bucket we've selected based on client IP.)
    35  I -->|No| G
    36  I -->|Yes| J[Redirect to blob copy in S3]
    37  ```
    38  
    39  This allows us to efficiently serve traffic in the most local copy available
    40  based on the cloud resource funding the Kubernetes project receives.