Add os.features support for EROFS native container images#13091
Add os.features support for EROFS native container images#13091fuweid merged 5 commits intocontainerd:mainfrom
os.features support for EROFS native container images#13091Conversation
hsiangkao
force-pushed
the
os_features
branch
5 times, most recently
from
c9d565c to
fe51250
Compare
| } | ||
|
|
||
| if err := i.checkSnapshotterSupport(ctx, snapshotterName, manifest, | ||
| config.CheckPlatformSupported); err != nil { |
There was a problem hiding this comment.
It might be worth adding a note on UnpackConfig that containerd always checks snapshotter support if the image platform requires specific OSFeatures.
|
After thinking about this a bit more - this makes OSFeatures equivalent to "SnapshotterFeatures", doesn't it? Is there a use-case where an image would require a non-default/non-standard feature that the snapshotters wouldn't know or care about? |
| // Use EROFS snapshotter to extract EROFS native images | ||
| func erofsPlatformSpec() specs.Platform { | ||
| p := platforms.DefaultSpec() | ||
| p.OSFeatures = []string{"erofs"} |
There was a problem hiding this comment.
There was a problem hiding this comment.
This was previously discussed in some OCI calls. The possible values for this field are not fully defined and its up to us as a runtime and user of the spec to experiment, validate, and propose changes to the spec. That won't happen unless there is successful adoption using this field.
There was a problem hiding this comment.
hi @AkihiroSuda , as @dmcgowan said, yes and it's always a chicken-and-egg issue, but this PR is useful for user experence and multiple manifest images (e.g. one for OCI & one for erofs) for image publishers.
@Kern-- I think it might have, but currently we only have one @dmcgowan should we define some prefix which should be considered as incompatible features now, and ignore the random |
Its more an image defines what it needs, the unpack configuration defines what the snapshotter provides. The feature could be provided by something other than a snapshotter, that is just the initial use case. Ultimately, it is the unpacker that has to make the decision about what is the best matching image for the current runtime configuration.
I don't think that is necessary right now, the feature is unambiguous and unlikely that the number of supported features would increase drastically. |
|
@hsiangkao the previous PR was merged, can you rebase |
done, thanks for reminder. |
This makes sense, but this current implementation requires snapshotters to be aware of every feature or it will be rejected by default. I suppose this would fail loudly and could be addressed in the future once there's a use case. |
yes, I think if there is another non-snapshotter feature, we could address it then; no real difference for now. |
|
Is this expected? |
Signed-off-by: Gao Xiang <[email protected]>
If no snapshotter is specified and `os.features` contains "erofs", unpacking should use the EROFS snapshotter and differ. This enhances the usability of native EROFS container images. Signed-off-by: Gao Xiang <[email protected]>
Just use apitypes.OCIPlatformFromProto(). Suggested-by: Jin Dong <[email protected]> Signed-off-by: Gao Xiang <[email protected]>
…e` is set
If no snapshotter is specified, container run selects the default
snapshotter.
However, if `os.features` is set, we should always call
`checkSnapshotterSupport()`. This ensures containerd clients
report a clear error:
```
ctr: snapshotter overlayfs does not support platform
{amd64 linux [erofs] } for image sha256:[]
```
instead of the confusing layer extraction error:
```
ctr: apply layer error for "": failed to extract layer sha256:[]:
failed to get stream processor for application/vnd.erofs.layer.v1:
no processor for media-type
```
Signed-off-by: Gao Xiang <[email protected]>
Now fixed as |
github-project-automation
Bot
moved this from Needs Reviewers
to Review In Progress
in Pull Request Review
|
Do we know why the release CI triggered? |
... Just random flakiness, retry again. |
|
@containerd/committers could we get it merged? It's useful for end users. |
github-merge-queue
Bot
removed this pull request from the merge queue due to failed status checks
github-merge-queue
Bot
removed this pull request from the merge queue due to failed status checks
github-project-automation
Bot
moved this from Review In Progress
to Done
in Pull Request Review
10 participants
depends on #13080supercedes #12784
Note that users still need to explicitly specify the EROFS snapshotter in order to run the EROFS native images by design; it only improves the user experence of the unpacking process
First, it enhances the transfer service: If no snapshotter is specified and
os.featurescontains "erofs", unpacking should use the EROFS snapshotter and differ.Second, if no snapshotter is specified, container run selects the default snapshotter. However, if
os.featuresis set, we should always callcheckSnapshotterSupport()so that containerd clients can report a clear error instead of the confusing layer extraction error out of overlayfs snapshotter.Tested by the ubuntu-22.04 multi-manifest image ("linux/amd64" and "linux(+erofs)/amd64"):
ctr i pull --platform="linux(+erofs)" docker.io/hsiangkao/ubuntu:22.04-platformsand
ctr run --platform="linux(+erofs)/amd64" --tty docker.io/hsiangkao/ubuntu:22.04-platforms testand
ctr run --platform="linux(+erofs)/amd64" --snapshotter erofs --tty docker.io/hsiangkao/ubuntu:22.04-platforms testScreenshot (
docker.1ms.runis a connectable mirror ofdocker.io):