[carry] Mount Windows layers as volumes on the host #2366
Closed
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
crosbymichael
changed the title
Codecov Report
@@ Coverage Diff @@
## master #2366 +/- ##
==========================================
+ Coverage 45.11% 45.44% +0.32%
==========================================
Files 92 93 +1
Lines 9358 9590 +232
==========================================
+ Hits 4222 4358 +136
- Misses 4457 4530 +73
- Partials 679 702 +23
Continue to review full report at Codecov.
|
mlaventure
reviewed
May 29, 2018
mount/mount_windows.go
Outdated
Contributor
There was a problem hiding this comment.
looks like this is not necessary, dir and file are only used on the next line :layerid could be appended directly to the call to ReadFile
Member
|
@crosbymichael Could you rebase this |
Member
Author
|
@tonistiigi we chatted about this yesterday with @jterry75. I'm going to rebase it but this is not enough to get it in a working state that we are happy with. There will be changes required after a rebase. |
crosbymichael
force-pushed
the
mountvol
branch
3 times, most recently
from
69a22ef to
e96da84
Compare
Squashed commit of the following: commit 126a6eafe8ec9e9e04ba5865ada3ccc0b77f5602 Merge: 7f800e0 a12b082 Author: Michael Crosby <[email protected]> Date: Tue May 29 10:55:18 2018 -0400 Merge branch 'MountVol' of https://github.com/darstahl/containerd into darstahl-MountVol Signed-off-by: Michael Crosby <[email protected]> commit a12b082 Author: Darren Stahl <[email protected]> Date: Thu May 10 17:04:09 2018 -0700 Fix vendoring Signed-off-by: Darren Stahl <[email protected]> commit 4844ea1 Author: Darren Stahl <[email protected]> Date: Wed May 9 15:51:30 2018 -0700 More cleanup Signed-off-by: Darren Stahl <[email protected]> commit 845b2b3 Author: Darren Stahl <[email protected]> Date: Wed May 9 12:03:20 2018 -0700 cleanup Signed-off-by: Darren Stahl <[email protected]> commit 8cb63cc Author: Darren Stahl <[email protected]> Date: Tue May 8 18:34:44 2018 -0700 Use final version of continuity changes Signed-off-by: Darren Stahl <[email protected]> commit b36adf2 Author: Darren Stahl <[email protected]> Date: Tue May 8 16:14:09 2018 -0700 Mark windows_test.go as Windows only Signed-off-by: Darren Stahl <[email protected]> commit 796e60a Author: Darren Stahl <[email protected]> Date: Tue May 8 11:29:30 2018 -0700 Fix building on Linux Signed-off-by: Darren Stahl <[email protected]> commit c3730f3 Author: Darren Stahl <[email protected]> Date: Mon May 7 18:27:28 2018 -0700 revert test Signed-off-by: Darren Stahl <[email protected]> commit e87ba1f Author: Darren Stahl <[email protected]> Date: Mon May 7 18:10:37 2018 -0700 test Signed-off-by: Darren Stahl <[email protected]> commit 6a1bf21 Author: Darren Stahl <[email protected]> Date: Mon May 7 17:52:48 2018 -0700 fix build constraints Signed-off-by: Darren Stahl <[email protected]> commit df0d9cf Author: Darren Stahl <[email protected]> Date: Mon May 7 17:29:03 2018 -0700 fix unmount Signed-off-by: Darren Stahl <[email protected]> commit f1ca1f9 Author: Darren Stahl <[email protected]> Date: Mon May 7 17:10:21 2018 -0700 fix containers Signed-off-by: Darren Stahl <[email protected]> commit f34d796 Author: Darren Stahl <[email protected]> Date: Mon May 7 17:01:27 2018 -0700 Fix Linux build? Signed-off-by: Darren Stahl <[email protected]> commit 36e773a Author: Darren Stahl <[email protected]> Date: Mon May 7 16:41:33 2018 -0700 Workaround for CI failure due to empty folder Signed-off-by: Darren Stahl <[email protected]> commit 0089489 Author: Darren Stahl <[email protected]> Date: Mon May 7 16:41:18 2018 -0700 Add TODO for recycle bin contents Signed-off-by: Darren Stahl <[email protected]> commit 22c981d Author: Darren Stahl <[email protected]> Date: Fri May 4 15:08:48 2018 -0700 Removed unused forked code Signed-off-by: Darren Stahl <[email protected]> commit 0327913 Author: Darren Stahl <[email protected]> Date: Fri May 4 15:05:42 2018 -0700 WIP: Forked ReadLink and EvalSymlinks Signed-off-by: Darren Stahl <[email protected]> commit 249f2d5 Author: Darren Stahl <[email protected]> Date: Wed Apr 18 17:07:22 2018 -0700 Add TODOs Signed-off-by: Darren Stahl <[email protected]> commit c264ea2 Author: Darren Stahl <[email protected]> Date: Wed Apr 18 11:56:35 2018 -0700 WIP: Enable more snapshotter tests on Windows Signed-off-by: Darren Stahl <[email protected]> commit 699f2d2 Author: Darren Stahl <[email protected]> Date: Wed Apr 18 11:56:18 2018 -0700 WIP: fixing view layers to create a new sandbox Signed-off-by: Darren Stahl <[email protected]> commit edec71c Author: Darren Stahl <[email protected]> Date: Wed Apr 18 11:54:45 2018 -0700 Use filepath.Clean to remove trailing slashes Signed-off-by: Darren Stahl <[email protected]> commit f216d8a Author: Darren Stahl <[email protected]> Date: Wed Apr 18 11:54:08 2018 -0700 Ignore Windows layer metadata in tests Signed-off-by: Darren Stahl <[email protected]> commit bcb73e8 Author: Darren Stahl <[email protected]> Date: Wed Apr 18 11:52:41 2018 -0700 Fork filepath.Walk to follow symlinks on the root Signed-off-by: Darren Stahl <[email protected]> commit 2126d64 Author: Darren Stahl <[email protected]> Date: Wed Apr 11 18:07:09 2018 -0700 WIP: mounting Windows volumes using SetVolumeMountPath Signed-off-by: Darren Stahl <[email protected]> commit e10a628 Author: Darren Stahl <[email protected]> Date: Wed Feb 14 12:40:42 2018 -0800 Update /x/sys/windows vendor to include volume mounting Signed-off-by: Darren Stahl <[email protected]> Signed-off-by: Michael Crosby <[email protected]>
crosbymichael
force-pushed
the
mountvol
branch
from
e96da84 to
8913416
Compare
Member
Author
|
This one is rebased |
Member
|
Is this change still needed/valid? @jterry75 |
Contributor
|
@estesp - We can close this out we no longer need this work. |
Contributor
|
Was there a replacement for this work? Right now, on Windows |
Contributor
|
@kevpar - PTAL. I was my understanding that we didnt need this code anymore after talking with John. But we do in order to support build kit. Should we pull in just the support for the mount target symlink or volume mount point? |
Contributor
|
For context, my currently-proposed work-around in BuildKit for lack of this is moby/buildkit@9dca2db, which is a bit messy, and unlike the same behaviour for bind-mounts, cannot fall-back usefully for multiple-mounts or read-only mounts. Edit: I note that it seems we're not dealing with read-only mounts in this code either, and it's not 100% clear to me how they're supposed to work with hcsshim, since |
12 tasks
Contributor
|
@kevpar @jterry75 Any movement on this? I assume this won't happen in containerd 1.3, but it'd be nice to know if a workaround in BuildKit is going to be a temporary or permanent fixture. It also might be useful in general to clarify the expected semantic of |
This was referenced Jul 16, 2020
TBBle
added a commit
to TBBle/containerd
that referenced
this pull request
Sep 24, 2021
Using symlinks for bind mounts means we are not protecting an RO-mounted layer against modification. Windows doesn't currently appear to offer a better approach though, as we cannot create arbitrary empty WCOW scratch layers at this time. For windows-layer mounts, Unmount does not have access to the mounts used to create it. So we store the relevant data in an Alternate Data Stream on the mountpoint in order to be able to Unmount later. Based on approach in containerd#2366, with sign-offs recorded as 'Based-on-work-by' trailers below. Signed-off-by: Paul "TBBle" Hampson <[email protected]> Based-on-work-by: Michael Crosby <[email protected]> Based-on-work-by: Darren Stahl <[email protected]>
TBBle
added a commit
to TBBle/containerd
that referenced
this pull request
Apr 26, 2022
Using symlinks for bind mounts means we are not protecting an RO-mounted layer against modification. Windows doesn't currently appear to offer a better approach though, as we cannot create arbitrary empty WCOW scratch layers at this time. For windows-layer mounts, Unmount does not have access to the mounts used to create it. So we store the relevant data in an Alternate Data Stream on the mountpoint in order to be able to Unmount later. Based on approach in containerd#2366, with sign-offs recorded as 'Based-on-work-by' trailers below. Signed-off-by: Paul "TBBle" Hampson <[email protected]> Based-on-work-by: Michael Crosby <[email protected]> Based-on-work-by: Darren Stahl <[email protected]>
TBBle
added a commit
to TBBle/containerd
that referenced
this pull request
Apr 26, 2022
Using symlinks for bind mounts means we are not protecting an RO-mounted layer against modification. Windows doesn't currently appear to offer a better approach though, as we cannot create arbitrary empty WCOW scratch layers at this time. For windows-layer mounts, Unmount does not have access to the mounts used to create it. So we store the relevant data in an Alternate Data Stream on the mountpoint in order to be able to Unmount later. Based on approach in containerd#2366, with sign-offs recorded as 'Based-on-work-by' trailers below. Signed-off-by: Paul "TBBle" Hampson <[email protected]> Based-on-work-by: Michael Crosby <[email protected]> Based-on-work-by: Darren Stahl <[email protected]>
TBBle
added a commit
to TBBle/containerd
that referenced
this pull request
Apr 26, 2022
Using symlinks for bind mounts means we are not protecting an RO-mounted layer against modification. Windows doesn't currently appear to offer a better approach though, as we cannot create arbitrary empty WCOW scratch layers at this time. For windows-layer mounts, Unmount does not have access to the mounts used to create it. So we store the relevant data in an Alternate Data Stream on the mountpoint in order to be able to Unmount later. Based on approach in containerd#2366, with sign-offs recorded as 'Based-on-work-by' trailers below. Signed-off-by: Paul "TBBle" Hampson <[email protected]> Based-on-work-by: Michael Crosby <[email protected]> Based-on-work-by: Darren Stahl <[email protected]>
TBBle
added a commit
to TBBle/containerd
that referenced
this pull request
Apr 26, 2022
Using symlinks for bind mounts means we are not protecting an RO-mounted layer against modification. Windows doesn't currently appear to offer a better approach though, as we cannot create arbitrary empty WCOW scratch layers at this time. For windows-layer mounts, Unmount does not have access to the mounts used to create it. So we store the relevant data in an Alternate Data Stream on the mountpoint in order to be able to Unmount later. Based on approach in containerd#2366, with sign-offs recorded as 'Based-on-work-by' trailers below. Signed-off-by: Paul "TBBle" Hampson <[email protected]> Based-on-work-by: Michael Crosby <[email protected]> Based-on-work-by: Darren Stahl <[email protected]>
TBBle
added a commit
to TBBle/containerd
that referenced
this pull request
Apr 26, 2022
Using symlinks for bind mounts means we are not protecting an RO-mounted layer against modification. Windows doesn't currently appear to offer a better approach though, as we cannot create arbitrary empty WCOW scratch layers at this time. For windows-layer mounts, Unmount does not have access to the mounts used to create it. So we store the relevant data in an Alternate Data Stream on the mountpoint in order to be able to Unmount later. Based on approach in containerd#2366, with sign-offs recorded as 'Based-on-work-by' trailers below. This also partially-reverts some changes made in containerd#6034 as they are not needed with this mounting implmentation, which no longer needs to be handled specially by the caller compared to non-Windows mounts. Signed-off-by: Paul "TBBle" Hampson <[email protected]> Based-on-work-by: Michael Crosby <[email protected]> Based-on-work-by: Darren Stahl <[email protected]>
TBBle
added a commit
to TBBle/containerd
that referenced
this pull request
Jul 23, 2022
Using symlinks for bind mounts means we are not protecting an RO-mounted layer against modification. Windows doesn't currently appear to offer a better approach though, as we cannot create arbitrary empty WCOW scratch layers at this time. For windows-layer mounts, Unmount does not have access to the mounts used to create it. So we store the relevant data in an Alternate Data Stream on the mountpoint in order to be able to Unmount later. Based on approach in containerd#2366, with sign-offs recorded as 'Based-on-work-by' trailers below. This also partially-reverts some changes made in containerd#6034 as they are not needed with this mounting implmentation, which no longer needs to be handled specially by the caller compared to non-Windows mounts. Signed-off-by: Paul "TBBle" Hampson <[email protected]> Based-on-work-by: Michael Crosby <[email protected]> Based-on-work-by: Darren Stahl <[email protected]>
aznashwan
pushed a commit
to aznashwan/containerd
that referenced
this pull request
Aug 1, 2022
Using symlinks for bind mounts means we are not protecting an RO-mounted layer against modification. Windows doesn't currently appear to offer a better approach though, as we cannot create arbitrary empty WCOW scratch layers at this time. For windows-layer mounts, Unmount does not have access to the mounts used to create it. So we store the relevant data in an Alternate Data Stream on the mountpoint in order to be able to Unmount later. Based on approach in containerd#2366, with sign-offs recorded as 'Based-on-work-by' trailers below. This also partially-reverts some changes made in containerd#6034 as they are not needed with this mounting implmentation, which no longer needs to be handled specially by the caller compared to non-Windows mounts. Signed-off-by: Paul "TBBle" Hampson <[email protected]> Based-on-work-by: Michael Crosby <[email protected]> Based-on-work-by: Darren Stahl <[email protected]>
TBBle
added a commit
to TBBle/containerd
that referenced
this pull request
Aug 10, 2022
Using symlinks for bind mounts means we are not protecting an RO-mounted layer against modification. Windows doesn't currently appear to offer a better approach though, as we cannot create arbitrary empty WCOW scratch layers at this time. For windows-layer mounts, Unmount does not have access to the mounts used to create it. So we store the relevant data in an Alternate Data Stream on the mountpoint in order to be able to Unmount later. Based on approach in containerd#2366, with sign-offs recorded as 'Based-on-work-by' trailers below. This also partially-reverts some changes made in containerd#6034 as they are not needed with this mounting implmentation, which no longer needs to be handled specially by the caller compared to non-Windows mounts. Signed-off-by: Paul "TBBle" Hampson <[email protected]> Based-on-work-by: Michael Crosby <[email protected]> Based-on-work-by: Darren Stahl <[email protected]>
TBBle
added a commit
to TBBle/containerd
that referenced
this pull request
Aug 11, 2022
Using symlinks for bind mounts means we are not protecting an RO-mounted layer against modification. Windows doesn't currently appear to offer a better approach though, as we cannot create arbitrary empty WCOW scratch layers at this time. For windows-layer mounts, Unmount does not have access to the mounts used to create it. So we store the relevant data in an Alternate Data Stream on the mountpoint in order to be able to Unmount later. Based on approach in containerd#2366, with sign-offs recorded as 'Based-on-work-by' trailers below. This also partially-reverts some changes made in containerd#6034 as they are not needed with this mounting implmentation, which no longer needs to be handled specially by the caller compared to non-Windows mounts. Signed-off-by: Paul "TBBle" Hampson <[email protected]> Based-on-work-by: Michael Crosby <[email protected]> Based-on-work-by: Darren Stahl <[email protected]>
TBBle
added a commit
to TBBle/containerd
that referenced
this pull request
Aug 11, 2022
Using symlinks for bind mounts means we are not protecting an RO-mounted layer against modification. Windows doesn't currently appear to offer a better approach though, as we cannot create arbitrary empty WCOW scratch layers at this time. For windows-layer mounts, Unmount does not have access to the mounts used to create it. So we store the relevant data in an Alternate Data Stream on the mountpoint in order to be able to Unmount later. Based on approach in containerd#2366, with sign-offs recorded as 'Based-on-work-by' trailers below. This also partially-reverts some changes made in containerd#6034 as they are not needed with this mounting implmentation, which no longer needs to be handled specially by the caller compared to non-Windows mounts. Signed-off-by: Paul "TBBle" Hampson <[email protected]> Based-on-work-by: Michael Crosby <[email protected]> Based-on-work-by: Darren Stahl <[email protected]>
gabriel-samfira
pushed a commit
to gabriel-samfira/containerd
that referenced
this pull request
Feb 2, 2023
Using symlinks for bind mounts means we are not protecting an RO-mounted layer against modification. Windows doesn't currently appear to offer a better approach though, as we cannot create arbitrary empty WCOW scratch layers at this time. For windows-layer mounts, Unmount does not have access to the mounts used to create it. So we store the relevant data in an Alternate Data Stream on the mountpoint in order to be able to Unmount later. Based on approach in containerd#2366, with sign-offs recorded as 'Based-on-work-by' trailers below. This also partially-reverts some changes made in containerd#6034 as they are not needed with this mounting implmentation, which no longer needs to be handled specially by the caller compared to non-Windows mounts. Signed-off-by: Paul "TBBle" Hampson <[email protected]> Based-on-work-by: Michael Crosby <[email protected]> Based-on-work-by: Darren Stahl <[email protected]>
gabriel-samfira
pushed a commit
to gabriel-samfira/containerd
that referenced
this pull request
Feb 28, 2023
Using symlinks for bind mounts means we are not protecting an RO-mounted layer against modification. Windows doesn't currently appear to offer a better approach though, as we cannot create arbitrary empty WCOW scratch layers at this time. For windows-layer mounts, Unmount does not have access to the mounts used to create it. So we store the relevant data in an Alternate Data Stream on the mountpoint in order to be able to Unmount later. Based on approach in containerd#2366, with sign-offs recorded as 'Based-on-work-by' trailers below. This also partially-reverts some changes made in containerd#6034 as they are not needed with this mounting implmentation, which no longer needs to be handled specially by the caller compared to non-Windows mounts. Signed-off-by: Paul "TBBle" Hampson <[email protected]> Based-on-work-by: Michael Crosby <[email protected]> Based-on-work-by: Darren Stahl <[email protected]>
gabriel-samfira
pushed a commit
to gabriel-samfira/containerd
that referenced
this pull request
Mar 7, 2023
Using symlinks for bind mounts means we are not protecting an RO-mounted layer against modification. Windows doesn't currently appear to offer a better approach though, as we cannot create arbitrary empty WCOW scratch layers at this time. For windows-layer mounts, Unmount does not have access to the mounts used to create it. So we store the relevant data in an Alternate Data Stream on the mountpoint in order to be able to Unmount later. Based on approach in containerd#2366, with sign-offs recorded as 'Based-on-work-by' trailers below. This also partially-reverts some changes made in containerd#6034 as they are not needed with this mounting implmentation, which no longer needs to be handled specially by the caller compared to non-Windows mounts. Signed-off-by: Paul "TBBle" Hampson <[email protected]> Based-on-work-by: Michael Crosby <[email protected]> Based-on-work-by: Darren Stahl <[email protected]>
gabriel-samfira
pushed a commit
to gabriel-samfira/containerd
that referenced
this pull request
Mar 7, 2023
Using symlinks for bind mounts means we are not protecting an RO-mounted layer against modification. Windows doesn't currently appear to offer a better approach though, as we cannot create arbitrary empty WCOW scratch layers at this time. For windows-layer mounts, Unmount does not have access to the mounts used to create it. So we store the relevant data in an Alternate Data Stream on the mountpoint in order to be able to Unmount later. Based on approach in containerd#2366, with sign-offs recorded as 'Based-on-work-by' trailers below. This also partially-reverts some changes made in containerd#6034 as they are not needed with this mounting implmentation, which no longer needs to be handled specially by the caller compared to non-Windows mounts. Signed-off-by: Paul "TBBle" Hampson <[email protected]> Based-on-work-by: Michael Crosby <[email protected]> Based-on-work-by: Darren Stahl <[email protected]>
gabriel-samfira
pushed a commit
to gabriel-samfira/containerd
that referenced
this pull request
Mar 8, 2023
Using symlinks for bind mounts means we are not protecting an RO-mounted layer against modification. Windows doesn't currently appear to offer a better approach though, as we cannot create arbitrary empty WCOW scratch layers at this time. For windows-layer mounts, Unmount does not have access to the mounts used to create it. So we store the relevant data in an Alternate Data Stream on the mountpoint in order to be able to Unmount later. Based on approach in containerd#2366, with sign-offs recorded as 'Based-on-work-by' trailers below. This also partially-reverts some changes made in containerd#6034 as they are not needed with this mounting implmentation, which no longer needs to be handled specially by the caller compared to non-Windows mounts. Signed-off-by: Paul "TBBle" Hampson <[email protected]> Based-on-work-by: Michael Crosby <[email protected]> Based-on-work-by: Darren Stahl <[email protected]>
gabriel-samfira
pushed a commit
to gabriel-samfira/containerd
that referenced
this pull request
Mar 31, 2023
Using symlinks for bind mounts means we are not protecting an RO-mounted layer against modification. Windows doesn't currently appear to offer a better approach though, as we cannot create arbitrary empty WCOW scratch layers at this time. For windows-layer mounts, Unmount does not have access to the mounts used to create it. So we store the relevant data in an Alternate Data Stream on the mountpoint in order to be able to Unmount later. Based on approach in containerd#2366, with sign-offs recorded as 'Based-on-work-by' trailers below. This also partially-reverts some changes made in containerd#6034 as they are not needed with this mounting implmentation, which no longer needs to be handled specially by the caller compared to non-Windows mounts. Signed-off-by: Paul "TBBle" Hampson <[email protected]> Based-on-work-by: Michael Crosby <[email protected]> Based-on-work-by: Darren Stahl <[email protected]>
gabriel-samfira
pushed a commit
to gabriel-samfira/containerd
that referenced
this pull request
May 30, 2023
Using symlinks for bind mounts means we are not protecting an RO-mounted layer against modification. Windows doesn't currently appear to offer a better approach though, as we cannot create arbitrary empty WCOW scratch layers at this time. For windows-layer mounts, Unmount does not have access to the mounts used to create it. So we store the relevant data in an Alternate Data Stream on the mountpoint in order to be able to Unmount later. Based on approach in containerd#2366, with sign-offs recorded as 'Based-on-work-by' trailers below. This also partially-reverts some changes made in containerd#6034 as they are not needed with this mounting implmentation, which no longer needs to be handled specially by the caller compared to non-Windows mounts. Signed-off-by: Paul "TBBle" Hampson <[email protected]> Based-on-work-by: Michael Crosby <[email protected]> Based-on-work-by: Darren Stahl <[email protected]>
gabriel-samfira
pushed a commit
to gabriel-samfira/containerd
that referenced
this pull request
May 30, 2023
Using symlinks for bind mounts means we are not protecting an RO-mounted layer against modification. Windows doesn't currently appear to offer a better approach though, as we cannot create arbitrary empty WCOW scratch layers at this time. For windows-layer mounts, Unmount does not have access to the mounts used to create it. So we store the relevant data in an Alternate Data Stream on the mountpoint in order to be able to Unmount later. Based on approach in containerd#2366, with sign-offs recorded as 'Based-on-work-by' trailers below. This also partially-reverts some changes made in containerd#6034 as they are not needed with this mounting implmentation, which no longer needs to be handled specially by the caller compared to non-Windows mounts. Signed-off-by: Paul "TBBle" Hampson <[email protected]> Based-on-work-by: Michael Crosby <[email protected]> Based-on-work-by: Darren Stahl <[email protected]>
gabriel-samfira
pushed a commit
to gabriel-samfira/containerd
that referenced
this pull request
May 30, 2023
Using symlinks for bind mounts means we are not protecting an RO-mounted layer against modification. Windows doesn't currently appear to offer a better approach though, as we cannot create arbitrary empty WCOW scratch layers at this time. For windows-layer mounts, Unmount does not have access to the mounts used to create it. So we store the relevant data in an Alternate Data Stream on the mountpoint in order to be able to Unmount later. Based on approach in containerd#2366, with sign-offs recorded as 'Based-on-work-by' trailers below. This also partially-reverts some changes made in containerd#6034 as they are not needed with this mounting implmentation, which no longer needs to be handled specially by the caller compared to non-Windows mounts. Signed-off-by: Paul "TBBle" Hampson <[email protected]> Based-on-work-by: Michael Crosby <[email protected]> Based-on-work-by: Darren Stahl <[email protected]>
gabriel-samfira
pushed a commit
to gabriel-samfira/containerd
that referenced
this pull request
May 30, 2023
Using symlinks for bind mounts means we are not protecting an RO-mounted layer against modification. Windows doesn't currently appear to offer a better approach though, as we cannot create arbitrary empty WCOW scratch layers at this time. For windows-layer mounts, Unmount does not have access to the mounts used to create it. So we store the relevant data in an Alternate Data Stream on the mountpoint in order to be able to Unmount later. Based on approach in containerd#2366, with sign-offs recorded as 'Based-on-work-by' trailers below. This also partially-reverts some changes made in containerd#6034 as they are not needed with this mounting implmentation, which no longer needs to be handled specially by the caller compared to non-Windows mounts. Signed-off-by: Paul "TBBle" Hampson <[email protected]> Based-on-work-by: Michael Crosby <[email protected]> Based-on-work-by: Darren Stahl <[email protected]>
jsturtevant
pushed a commit
to jsturtevant/containerd
that referenced
this pull request
Sep 21, 2023
Using symlinks for bind mounts means we are not protecting an RO-mounted layer against modification. Windows doesn't currently appear to offer a better approach though, as we cannot create arbitrary empty WCOW scratch layers at this time. For windows-layer mounts, Unmount does not have access to the mounts used to create it. So we store the relevant data in an Alternate Data Stream on the mountpoint in order to be able to Unmount later. Based on approach in containerd#2366, with sign-offs recorded as 'Based-on-work-by' trailers below. This also partially-reverts some changes made in containerd#6034 as they are not needed with this mounting implmentation, which no longer needs to be handled specially by the caller compared to non-Windows mounts. Signed-off-by: Paul "TBBle" Hampson <[email protected]> Based-on-work-by: Michael Crosby <[email protected]> Based-on-work-by: Darren Stahl <[email protected]>
juliusl
pushed a commit
to juliusl/containerd
that referenced
this pull request
Jan 26, 2024
Using symlinks for bind mounts means we are not protecting an RO-mounted layer against modification. Windows doesn't currently appear to offer a better approach though, as we cannot create arbitrary empty WCOW scratch layers at this time. For windows-layer mounts, Unmount does not have access to the mounts used to create it. So we store the relevant data in an Alternate Data Stream on the mountpoint in order to be able to Unmount later. Based on approach in containerd#2366, with sign-offs recorded as 'Based-on-work-by' trailers below. This also partially-reverts some changes made in containerd#6034 as they are not needed with this mounting implmentation, which no longer needs to be handled specially by the caller compared to non-Windows mounts. Signed-off-by: Paul "TBBle" Hampson <[email protected]> Based-on-work-by: Michael Crosby <[email protected]> Based-on-work-by: Darren Stahl <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
7 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Carry and rebase of #2287
Closes #2287
Squashed commit of the following:
commit 126a6eafe8ec9e9e04ba5865ada3ccc0b77f5602
Merge: 7f800e0 a12b082
Author: Michael Crosby [email protected]
Date: Tue May 29 10:55:18 2018 -0400
commit a12b082
Author: Darren Stahl [email protected]
Date: Thu May 10 17:04:09 2018 -0700
commit 4844ea1
Author: Darren Stahl [email protected]
Date: Wed May 9 15:51:30 2018 -0700
commit 845b2b3
Author: Darren Stahl [email protected]
Date: Wed May 9 12:03:20 2018 -0700
commit 8cb63cc
Author: Darren Stahl [email protected]
Date: Tue May 8 18:34:44 2018 -0700
commit b36adf2
Author: Darren Stahl [email protected]
Date: Tue May 8 16:14:09 2018 -0700
commit 796e60a
Author: Darren Stahl [email protected]
Date: Tue May 8 11:29:30 2018 -0700
commit c3730f3
Author: Darren Stahl [email protected]
Date: Mon May 7 18:27:28 2018 -0700
commit e87ba1f
Author: Darren Stahl [email protected]
Date: Mon May 7 18:10:37 2018 -0700
commit 6a1bf21
Author: Darren Stahl [email protected]
Date: Mon May 7 17:52:48 2018 -0700
commit df0d9cf
Author: Darren Stahl [email protected]
Date: Mon May 7 17:29:03 2018 -0700
commit f1ca1f9
Author: Darren Stahl [email protected]
Date: Mon May 7 17:10:21 2018 -0700
commit f34d796
Author: Darren Stahl [email protected]
Date: Mon May 7 17:01:27 2018 -0700
commit 36e773a
Author: Darren Stahl [email protected]
Date: Mon May 7 16:41:33 2018 -0700
commit 0089489
Author: Darren Stahl [email protected]
Date: Mon May 7 16:41:18 2018 -0700
commit 22c981d
Author: Darren Stahl [email protected]
Date: Fri May 4 15:08:48 2018 -0700
commit 0327913
Author: Darren Stahl [email protected]
Date: Fri May 4 15:05:42 2018 -0700
commit 249f2d5
Author: Darren Stahl [email protected]
Date: Wed Apr 18 17:07:22 2018 -0700
commit c264ea2
Author: Darren Stahl [email protected]
Date: Wed Apr 18 11:56:35 2018 -0700
commit 699f2d2
Author: Darren Stahl [email protected]
Date: Wed Apr 18 11:56:18 2018 -0700
commit edec71c
Author: Darren Stahl [email protected]
Date: Wed Apr 18 11:54:45 2018 -0700
commit f216d8a
Author: Darren Stahl [email protected]
Date: Wed Apr 18 11:54:08 2018 -0700
commit bcb73e8
Author: Darren Stahl [email protected]
Date: Wed Apr 18 11:52:41 2018 -0700
commit 2126d64
Author: Darren Stahl [email protected]
Date: Wed Apr 11 18:07:09 2018 -0700
commit e10a628
Author: Darren Stahl [email protected]
Date: Wed Feb 14 12:40:42 2018 -0800
Signed-off-by: Michael Crosby [email protected]