fixbug: blob for schemav1 could be uncompressed by yyb196 · Pull Request #2263 · containerd/containerd

yyb196 · 2018-04-02T13:27:27Z

blob for schemav1 could be uncompressed, which can be pulled by docker but cannot pull by ctr, because when docker downloading a blob layer it will check if it is compressed or not.

in our company we have a image registry which use schemaV1 and has uncompressed layers, these layers can be download by docker but cannot download by ctr, after dig a while i found that maybe we should check the downloading stream in advance, and if it is uncompressed we don't use the gzip reader to decompress it.

PTAL, and thanks.

Signed-off-by: frank yang [email protected]

codecov-io · 2018-04-02T14:25:09Z

Codecov Report

Merging #2263 into master will increase coverage by 3.72%.
The diff coverage is 60%.

@@            Coverage Diff             @@
##           master    #2263      +/-   ##
==========================================
+ Coverage   41.26%   44.98%   +3.72%     
==========================================
  Files          66       92      +26     
  Lines        7850     9400    +1550     
==========================================
+ Hits         3239     4229     +990     
- Misses       4103     4488     +385     
- Partials      508      683     +175

Flag	Coverage Δ
#linux	`49.22% <60%> (?)`
#windows	`41.25% <60%> (-0.02%)`	⬇️

Impacted Files	Coverage Δ
archive/compression/compression.go	`42.64% <60%> (-1.3%)`	⬇️
services/server/server_linux.go	`0% <0%> (ø)`
oci/spec_opts_unix.go	`21.77% <0%> (ø)`
content/local/store_unix.go	`75% <0%> (ø)`
sys/socket_unix.go	`0% <0%> (ø)`
oci/spec_unix.go	`98.37% <0%> (ø)`
archive/tar_unix.go	`54.54% <0%> (ø)`
snapshots/btrfs/btrfs.go	`57.39% <0%> (ø)`
cio/io_unix.go	`74.71% <0%> (ø)`
mount/temp_unix.go	`0% <0%> (ø)`
... and 24 more

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 63522d9...046536c. Read the comment docs.

stevvooe · 2018-04-02T18:15:44Z

log.G(ctx).WithError(err).Errorf("failed to fetch blob %v", desc.Digest)

stevvooe · 2018-04-02T18:17:55Z

For schema1, uncompressed blobs wasn't really ever well supported, but it does work in docker.

I would say this change is fine as long as the following steps are taken:

We only do autodetection for schema1 (this PR follows that convention).
Once the compression is detected, the converted manifest should reflect that in the media types. In this case, the gzip needs to be dropped.

cc @dmcgowan

dmcgowan · 2018-04-02T18:22:28Z

Change looks reasonable, please use the decompression code in github.com/containerd/containerd/archive/compression

yyb196 · 2018-04-03T03:09:47Z

@stevvooe @dmcgowan thanks for your advice, i have changed and commit as your suggestion, PTAL.

I donn't real know what does this suggestion mean "Once the compression is detected, the converted manifest should reflect that in the media types. In this case, the gzip needs to be dropped." , if this step is a must ,please give me more tips, appreciate your help.

dmcgowan · 2018-04-03T17:09:11Z

Once the compression is detected, the converted manifest should reflect that in the media types. In this case, the gzip needs to be dropped.

The issue is that after the conversion takes place, a manifest is created which has layers described as having the media type application/vnd.oci.image.layer.v1.tar+gzip, but the actual media type is application/vnd.oci.image.layer.v1.tar. If this created OCI manifest is then pushed to a registry, it could later fail on pull, and we will not support invalid OCI manifests for this case. There is 2 possible solutions, one is discard the manifest and layers after pulling so the converted manifest cannot be directly pushed, or change the media type to the uncompressed media type.

yyb196 · 2018-04-08T07:33:07Z

@dmcgowan thanks very much for your patient explanation, and i change the media type of layer from application/vnd.docker.image.rootfs.diff.tar.gzip to application/vnd.docker.image.rootfs.diff.tar if found it isn't gzip. PTAL

yyb196 · 2018-04-18T05:46:08Z

@stevvooe @dmcgowan could you guys take a look again? any feed back will be appreciate.

dmcgowan · 2018-04-23T22:45:02Z

This function should return Compression. Maybe a signature like GetCompression(r. io.Reader) Compression

yyb196 · 2018-04-24T03:01:10Z

@dmcgowan thanks for you review, I have change code according to your suggestion.

dmcgowan · 2018-04-27T18:37:23Z

nit: break the comment into 2 lines. Also instead of the reader r -> the given reader, the variable name is not relevant to the caller.

dmcgowan · 2018-04-27T18:40:54Z

Does the caller not properly handle or log this error?

you are right, the caller will handle this error, I'll get rid of this log

dmcgowan · 2018-04-27T18:45:24Z

Use WithField here, also the message could be more descriptive
log.G(ctx).WithField("d", desc.Digest).Debuf("changed media type for uncompressed schema1 layer blob")

dmcgowan · 2018-04-27T18:45:40Z

A few nits, otherwise LGTM

yyb196 · 2018-05-03T01:49:05Z

@dmcgowan appreciate your advice, all the nits you mentioned has been fixed.

yyb196 · 2018-05-29T06:51:46Z

@dmcgowan @stevvooe what do you think of this pr.

I found this pr has been tag to milestone 1.2, Since containerd-1.1 has released, can you guys merge this pr or do I need to fix something more.

cpuguy83 · 2018-05-30T13:07:15Z

What if instead readCloseWrapper stored the Compression that was used? Otherwise this will have to be updated in tandem with DecompressStream (Assuming at some point DecompressStream supports more than gzip).

yyb196 · 2018-06-07T02:32:22Z

@cpuguy83 the design you suggested is more elegant, I have change implement according to your suggestion, PTAL

yyb196 · 2018-06-07T07:13:15Z

I think CI fail isn't because of the new commit, is a url cannot be connected.

Err:1 http://mirror.jmu.edu/pub/ubuntu trusty-backports/main amd64 libseccomp2 amd64 2.2.3-2ubuntu1~ubuntu14.04.1
  Could not connect to mirror.jmu.edu:80 (134.126.36.183), connection timed out
Err:2 http://mirror.jmu.edu/pub/ubuntu trusty-backports/main amd64 libseccomp-dev amd64 2.2.3-2ubuntu1~ubuntu14.04.1
  Unable to connect to mirror.jmu.edu:http:
E: Failed to fetch http://mirror.jmu.edu/pub/ubuntu/pool/main/libs/libseccomp/libseccomp2_2.2.3-2ubuntu1~ubuntu14.04.1_amd64.deb  Could not connect to mirror.jmu.edu:80 (134.126.36.183), connection timed out
E: Failed to fetch http://mirror.jmu.edu/pub/ubuntu/pool/main/libs/libseccomp/libseccomp-dev_2.2.3-2ubuntu1~ubuntu14.04.1_amd64.deb  Unable to connect to mirror.jmu.edu:http:
E: Unable to fetch some archives, maybe run apt-get update or try with --fix-missing?

Signed-off-by: frank yang <[email protected]>

AkihiroSuda · 2018-07-07T08:17:09Z

@cpuguy83 PTAL?

AkihiroSuda · 2018-07-30T03:01:34Z

@stevvooe @dmcgowan LGTY?

dmcgowan · 2018-07-30T21:43:38Z

LGTM

estesp

LGTM

yyb196 force-pushed the fix_no_gzip branch from 72c5aa2 to 7e5fcf8 Compare April 2, 2018 14:10

yyb196 force-pushed the fix_no_gzip branch from 7e5fcf8 to a5fdf0a Compare April 2, 2018 14:31

stevvooe reviewed Apr 2, 2018

View reviewed changes

yyb196 force-pushed the fix_no_gzip branch from a5fdf0a to 47f4f3e Compare April 3, 2018 02:08

yyb196 force-pushed the fix_no_gzip branch from 47f4f3e to e25b69f Compare April 3, 2018 10:11

yyb196 force-pushed the fix_no_gzip branch from e25b69f to 9551079 Compare April 8, 2018 07:29

yyb196 force-pushed the fix_no_gzip branch from 9551079 to d77393e Compare April 8, 2018 07:35

dmcgowan reviewed Apr 23, 2018

View reviewed changes

dmcgowan added this to the 1.2 milestone Apr 23, 2018

yyb196 force-pushed the fix_no_gzip branch from d77393e to 80bfa1d Compare April 24, 2018 02:38

dmcgowan reviewed Apr 27, 2018

View reviewed changes

yyb196 force-pushed the fix_no_gzip branch from 80bfa1d to 0f83edd Compare May 2, 2018 06:42

cpuguy83 reviewed May 30, 2018

View reviewed changes

yyb196 force-pushed the fix_no_gzip branch from 0f83edd to fdfd706 Compare June 7, 2018 02:16

estesp mentioned this pull request Jun 7, 2018

fix schema1 fetchBlob() #2390

Merged

fixbug: blob for schemav1 could be uncompressed

046536c

Signed-off-by: frank yang <[email protected]>

yyb196 force-pushed the fix_no_gzip branch from fdfd706 to 046536c Compare June 8, 2018 03:52

estesp approved these changes Jul 30, 2018

View reviewed changes

estesp merged commit c55b963 into containerd:master Jul 30, 2018

allencloud deleted the fix_no_gzip branch October 17, 2018 13:34

Conversation

yyb196 commented Apr 2, 2018

Uh oh!

codecov-io commented Apr 2, 2018 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Codecov Report

Uh oh!

stevvooe Apr 2, 2018 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Choose a reason for hiding this comment

Uh oh!

stevvooe commented Apr 2, 2018

Uh oh!

dmcgowan commented Apr 2, 2018

Uh oh!

yyb196 commented Apr 3, 2018

Uh oh!

dmcgowan commented Apr 3, 2018

Uh oh!

yyb196 commented Apr 8, 2018 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

yyb196 commented Apr 18, 2018

Uh oh!

dmcgowan Apr 23, 2018

Choose a reason for hiding this comment

Uh oh!

yyb196 commented Apr 24, 2018

Uh oh!

dmcgowan Apr 27, 2018

Choose a reason for hiding this comment

Uh oh!

dmcgowan Apr 27, 2018

Choose a reason for hiding this comment

Uh oh!

yyb196 May 2, 2018

Choose a reason for hiding this comment

Uh oh!

dmcgowan Apr 27, 2018

Choose a reason for hiding this comment

Uh oh!

dmcgowan commented Apr 27, 2018

Uh oh!

yyb196 commented May 3, 2018

Uh oh!

yyb196 commented May 29, 2018

Uh oh!

cpuguy83 May 30, 2018

Choose a reason for hiding this comment

Uh oh!

yyb196 commented Jun 7, 2018

Uh oh!

yyb196 commented Jun 7, 2018

Uh oh!

AkihiroSuda commented Jul 7, 2018

Uh oh!

AkihiroSuda commented Jul 30, 2018

Uh oh!

dmcgowan commented Jul 30, 2018

Uh oh!

estesp left a comment

Choose a reason for hiding this comment

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

7 participants

codecov-io commented Apr 2, 2018 •

edited

Loading

stevvooe Apr 2, 2018 •

edited

Loading

yyb196 commented Apr 8, 2018 •

edited

Loading