chore: merge main

Signed-off-by: santong <[email protected]>

Author: 244372610

client/daemon/peer/peertask_base.go

@@ -626,7 +626,7 @@ func (pt *peerTask) waitFailedPiece() (int32, bool) {
 		return -1, false
 	case failed := <-pt.failedPieceCh:
 		pt.Warnf("download piece/%d failed, retry", failed)
-		return -1, true
+		return failed, true
 	}
 }
 

client/daemon/proxy/proxy_sni.go

@@ -26,13 +26,14 @@ import (
 	"time"
 
 	"github.com/golang/groupcache/lru"
+	"github.com/pkg/errors"
 
 	logger "d7y.io/dragonfly/v2/internal/dflog"
 )
 
 func (proxy *Proxy) ServeSNI(l net.Listener) error {
 	if proxy.cert == nil {
-		return fmt.Errorf("empty cert")
+		return errors.New("empty cert")
 	}
 	if proxy.cert.Leaf != nil && proxy.cert.Leaf.IsCA {
 		logger.Infof("hijack sni https request with CA <%s>", proxy.cert.Leaf.Subject.CommonName)

docs/en/ecosystem/Kubernetes-with-Dragonfly.md

@@ -11,6 +11,137 @@ Table of contents:
 
 ## Helm Support
 
+### Runtime Configuration Guide for Dragonfly Helm Chart
+
+When enable runtime configuration in dragonfly, you can skip [Configure Runtime](#configure-runtime-manually) manually.
+
+#### 1. Docker
+
+Dragonfly helm supports config docker automatically.
+
+Config cases:
+
+**Case 1: Implicit registries support**
+
+Chart customize values.yaml:
+```yaml
+containerRuntime:
+  docker:
+    enable: true
+    # -- Inject domains into /etc/hosts to force redirect traffic to dfdaemon.
+    # Caution: This feature need dfdaemon to implement SNI Proxy, confirm image tag is greater than v0.4.0.
+    # When use certs and inject hosts in docker, no necessary to restart docker daemon.
+    injectHosts: true
+    registryDomains:
+    - "harbor.example.com"
+    - "harbor.example.net"
+```
+
+This config enables docker pulling images from registries `harbor.example.com` and `harbor.example.net` via Dragonfly.
+When deploying Dragonfly with above config, it's unnecessary to restart docker daemon.
+
+Limitations:
+* Only support implicit registries
+
+**Case 2: Arbitrary registries support**
+
+Chart customize values.yaml:
+```yaml
+containerRuntime:
+  docker:
+    enable: true
+    # -- Restart docker daemon to redirect traffic to dfdaemon
+    # When containerRuntime.docker.restart=true, containerRuntime.docker.injectHosts and containerRuntime.registry.domains is ignored.
+    # If did not want restart docker daemon, keep containerRuntime.docker.restart=false and containerRuntime.docker.injectHosts=true.
+    restart: true
+```
+
+This config enables docker pulling images from arbitrary registries via Dragonfly.
+When deploying Dragonfly with above config, dfdaemon will restart docker daemon.
+
+Limitations:
+* Must enable live-restore feature in docker
+* Need restart docker daemon
+
+#### 2. Containerd
+
+The config of containerd has two version with complicated fields. These are many cases to consider:
+
+**Case 1: Version 2 config with config_path**
+
+There is `config_path` in `/etc/containerd/config.toml`:
+```toml
+[plugins."io.containerd.grpc.v1.cri".registry]
+  config_path = "/etc/containerd/certs.d"
+```
+
+This case is very simple to enable multiple registry mirrors support.
+
+Chart customize values.yaml:
+```yaml
+containerRuntime:
+  containerd:
+    enable: true
+```
+
+**Case 2: Version 2 config without config_path**
+
+* Option 1 - Allow charts to inject config_path and restart containerd.
+
+This option also enable multiple registry mirrors support.
+
+> Caution: if there are already many other mirror config in config.toml, should not use this option, or migrate your config with `config_path`.
+
+Chart customize values.yaml:
+```yaml
+containerRuntime:
+  containerd:
+    enable: true
+    injectConfigPath: true
+```
+
+* Option 2 - Just mirror only one registry which `dfdaemon.config.proxy.registryMirror.url` is
+
+Chart customize values.yaml:
+
+```yaml
+containerRuntime:
+  containerd:
+    enable: true
+```
+
+**Case 3: Version 1**
+
+With version 1 config.toml, only support the registry which `dfdaemon.config.proxy.registryMirror.url` is.
+
+Chart customize values.yaml:
+
+```yaml
+containerRuntime:
+  containerd:
+    enable: true
+```
+
+#### 3. [WIP] CRI-O
+
+> DON'T USE, Work in progress
+
+Dragonfly helm supports config CRI-O automatically with drop-in registries.
+
+Chart customize values.yaml:
+```yaml
+containerRuntime:
+  crio:
+    # -- Enable CRI-O support
+    # Inject drop-in mirror config into /etc/containers/registries.conf.d.
+    enable: true
+    # Registries full urls
+    registries:
+    - "https://ghcr.io"
+    - "https://quay.io"
+    - "https://harbor.example.com:8443"
+```
+
 ### Prepare Kubernetes Cluster
 
 If there is no available Kubernetes cluster for testing, [minikube](https://minikube.sigs.k8s.io/docs/start/) is
@@ -101,7 +232,7 @@ Wait all pods running
 kubectl -n dragonfly-system wait --for=condition=ready --all --timeout=10m pod
 ```
 
-### Configure Runtime
+### Configure Runtime Manually
 
 Use Containerd with CRI as example, more runtimes can be found [here](../user-guide/quick-start.md)
 
@@ -146,10 +277,10 @@ crictl pull docker.io/library/alpine:latest
 After pulled images, find logs in dfdaemon pod:
 ```shell
 # find pods
-kubectl -n dragonfly get pod -l component=dfdaemon
+kubectl -n dragonfly-system get pod -l component=dfdaemon
 # find logs
 pod_name=dfdaemon-xxxxx
-kubectl -n dragonfly exec -it ${pod_name} -- grep "peer task done" /var/log/dragonfly/daemon/core.log
+kubectl -n dragonfly-system exec -it ${pod_name} -- grep "peer task done" /var/log/dragonfly/daemon/core.log
 ```
 
 Example output:
@@ -176,12 +307,12 @@ kustomize build Dragonfly2/deploy/kustomize/single-cluster-native/overlays/sampl
 Wait all pods running
 
 ```shell
-kubectl -n dragonfly wait --for=condition=ready --all --timeout=10m pod
+kubectl -n dragonfly-system wait --for=condition=ready --all --timeout=10m pod
 ```
 
 ### Next Steps
 
-Following [Configure Runtime](#configure-runtime) to configure runtime.
+Following [Configure Runtime](#configure-runtime-manually) to configure runtime.
 
 Following [Using Dragonfly](#using-dragonfly) to use Dragonfly.