Public image server

kamzar1 · March 10, 2022, 9:31am

This is as well related to : Is there a LXD hub in the pipleline anywhere? - #5 by vrms

We already run own simplestream image servers.

Just wonder whether it would make sense, setting up a community based private/public image server.

Idea is, users can push/upload their own images to server and fetch it from anywhere through simplestreams.
Also eventually a moderated public area where license free stuff or even licensed, published by license owners can be uploaded.

Simplestreams works great, though missing an AUTh mechanism.
It could be as simple as auth_basic, auth_digest, webdav … which can be handled by webservers.

stgraber · March 10, 2022, 2:54pm

It’s not something that the core team has time or resources to do, but if someone in the community would want to stand that up and operate it, it’d certainly be fine

kamzar1 · March 10, 2022, 5:17pm

Seriously considering
It could be a website with short instructions, detailed list of publicly available images and a registration form.

In theory, would it be possible from your side to make simple streams work with sort of authentication, webdav alike? That will probably suffice to offer User/Group based directories from server side. Considered, a rich choice of pre-built containers might attract additional users.

stgraber · March 10, 2022, 5:20pm

LXD supports basic http auth (username/password) on simplestreams, so you can most likely use that to have LXD access the images.

Publishing an image to the service would likely have to be done manually through lxc image export and uploading the resulting files as LXD’s lxc image copy only works over the LXD API and not simplestreams.

kamzar1 · March 10, 2022, 5:32pm

Interesting, I was not aware of that. How? simply passing the credentials in server address (link)?

As for upload, a bash script can do the job, can export the image to scp or webdav client or ssh/rsync…
It also can add the simplestreams address and credentials to lxd remote list.
Once image uploaded, server can re-index immediately or on schedule.

turtle0x1 · March 10, 2022, 6:47pm

Its mildly concerning that you want to run a public image server but cant run lxc remote add --help

Which returns;

  Basic authentication can be used when combined with the "simplestreams" protocol:
    lxc remote add some-name https://LOGIN:PASSWORD@example.com/some/path --protocol=simplestreams

stgraber · March 10, 2022, 6:57pm

It’s standard URL-encoded basic auth, so https://LOGIN:PASSWORD@server/path will do it.

kamzar1 · March 11, 2022, 3:24pm

Thanks for that.
Appreciate your feedback and skills.
You have been helpful on many occasions.