LCOW: Support most operations excluding remote filesystem#33241
LCOW: Support most operations excluding remote filesystem#33241johnstep merged 27 commits intomoby:masterfrom
Conversation
lowenna
force-pushed
the
jjh/multi-layerstore
branch
3 times, most recently
from
5507b5d to
931c67d
Compare
lowenna
force-pushed
the
jjh/multi-layerstore
branch
10 times, most recently
from
4c5b3fe to
fc8301b
Compare
|
@dmcgowan @stevvooe @crosbymichael PTAL. @johnstep @thaJeztah FYI. |
lowenna
force-pushed
the
jjh/multi-layerstore
branch
3 times, most recently
from
64e06c6 to
f694446
Compare
lowenna
force-pushed
the
jjh/multi-layerstore
branch
2 times, most recently
from
0e77baf to
7f63c2b
Compare
lowenna
force-pushed
the
jjh/multi-layerstore
branch
4 times, most recently
from
21718fb to
88b47e2
Compare
|
Short of a rebase once 33757 is merged to alleviate the docker-py failures, this is fully reviewable in its current state. @crosbymichael @stevvooe @dmcgowan PTAL @friism, @thaJeztah FYI |
|
Yay, green again 💚 |
|
LGTM |
| type ImageComponent interface { | ||
| SquashImage(from string, to string) (string, error) | ||
| TagImageWithReference(image.ID, reference.Named) error | ||
| TagImageWithReference(image.ID, string, reference.Named) error |
There was a problem hiding this comment.
No, just string is correct :)
| func NewDefaultDirective() *Directive { | ||
| directive := Directive{} | ||
| directive.setEscapeToken(string(DefaultEscapeToken)) | ||
| directive.setPlatformToken(runtime.GOOS) |
There was a problem hiding this comment.
DefaultPlatformToken instead of runtime.GOOS
There was a problem hiding this comment.
Yes, fixing in a nits PR shortly
|
|
||
| var defaultShell = []string{"cmd", "/S", "/C"} | ||
| func defaultShellForPlatform(platform string) []string { | ||
| if platform == "linux" { |
There was a problem hiding this comment.
What about moving defaultShellForPlatform to builder.go, rather than duplicating the Unix shell?
| if err := bt.imageComponent.TagImageWithReference(imageID, rt); err != nil { | ||
| // TODO @jhowardmsft LCOW support. Will need revisiting. | ||
| platform := runtime.GOOS | ||
| if platform == "windows" && system.LCOWSupported() { |
There was a problem hiding this comment.
Remove redundant platform == "windows" check since implicit in system.LCOWSupported? Since this check is duplicated in many places, it might not be worth the effort. It would be nice to have a common function.
There was a problem hiding this comment.
Fixed in nits PR about to be submitted
| // we need to replace the 'env' keys where they match and append anything | ||
| // else. | ||
| //return ReplaceOrAppendEnvValues(linkedEnv, container.Config.Env) | ||
| foo := ReplaceOrAppendEnvValues(env, container.Config.Env) |
There was a problem hiding this comment.
Nit: Remove the commented out return line, and change foo := to env = .
There was a problem hiding this comment.
Fixed in nits PR about to be submitted
| // Make sure layers are created with the correct ACL so that VMs can access them. | ||
| layerPath := d.dir(id) | ||
| logrus.Debugf("lcowdriver: create: id %s: creating layerPath %s", id, layerPath) | ||
| // Make sure the layers are created with the correct ACL so that VMs can access them. |
There was a problem hiding this comment.
Redundant comment, almost identical to comment 3 lines above.
There was a problem hiding this comment.
Fixed in nits PR about to be submitted
| } | ||
|
|
||
| // panicIfUsedByLcow does exactly what it says. | ||
| // TODO @jhowardmsft - this is an temporary measure for the bring-up of |
There was a problem hiding this comment.
Fixed in nits PR about to be submitted
| } | ||
| } | ||
|
|
||
| // TODO @jhowardmsft LCOW support. For now, hard-code the platform shown for the driver status |
There was a problem hiding this comment.
Seems okay for now, but maybe also only list the corresponding driver instead of all (both) drivers?
| logrus.Warnf("libcontainerd: HasPendingUpdates() failed (container may have been killed): %s", err) | ||
| } else { | ||
| si.UpdatePending = updatePending | ||
| // Pending updates is only applicable for WCOW |
There was a problem hiding this comment.
Ha, first time I have seen "WCOW"...
| for _, rt := range bt.repoAndTags { | ||
| if err := bt.imageComponent.TagImageWithReference(imageID, rt); err != nil { | ||
| // TODO @jhowardmsft LCOW support. Will need revisiting. | ||
| platform := runtime.GOOS |
There was a problem hiding this comment.
Even if they are removed, it would be been nice to have separate functions, something like GetEffectivePlatform, IsWindowsPlatform (check if it is WCOW), and something like EnsurePlatform (make sure platform is not empty). This might seem trivial, but would allow comments and reasoning to be in one place.
Also, the request was to always be in Linux or always be in Windows mode, and I think that means platform could have been set once, globally, instead of "computed" all over the place. It was not really about crippling, but about breaking down the work into smaller phases. However, the current changes should make it easier to switch to multiple platform support, so this approach seems okay to me.
|
@johnstep - spoke offline on slack, but yes, all these nits can easily be addressed in a followup. Thanks for reviewing! |
thaJeztah
added
the
area/lcow
Replicate relevant mutations to the in-memory ACID store. Readers will then be able to query container state without locking. Signed-off-by: Fabio Kung <[email protected]> (cherry picked from commit eed4c7b) Signed-off-by: Kir Kolyshkin <[email protected]> Conflicts: - daemon/daemon.go: missing moby#33241 - container/container_unix.go: missing moby#32336 - container/container_windows.go, daemon/container_operations.go: minor conflicts Signed-off-by: Kir Kolyshkin <[email protected]>
Container queries are now served from the consistent in-memory db, and don't need to grab a lock on every container being listed. Signed-off-by: Fabio Kung <[email protected]> (cherry picked from commit 8e425eb) Signed-off-by: Kir Kolyshkin <[email protected]> Conflicts: - daemon/list.go: missing github.com/moby/pull/33241
Reuse existing structures and rely on json serialization to deep copy Container objects. Also consolidate all "save" operations on container.CheckpointTo, which now both saves a serialized json to disk, and replicates state to the ACID in-memory store. Signed-off-by: Fabio Kung <[email protected]> (cherry picked from commit edad527) Signed-off-by: Kir Kolyshkin <[email protected]> Conflicts: - daemon/container_operations.go: missing moby#30117 - daemon/daemon.go: missing moby#32821 - daemon/list.go: missing moby#27557, moby#33241 etc.
Signed-off-by: Fabio Kung <[email protected]> (cherry picked from commit 9134e87) Signed-off-by: Kir Kolyshkin <[email protected]> Conflicts: - container/container.go: missing moby#33241, moby#32687 Signed-off-by: Kir Kolyshkin <[email protected]>
7 participants
Signed-off-by: John Howard [email protected]
This is the start of the Linux Containers on Windows changes and implements a significant chunk of it.
This PR enables pull of a Linux image on Windows, committing a layer, basics of build, import and export. It does NOT include the remote filesystem work that is being tracked separately to allow things such as COPY or ADD to work (which need remoting to a service VM as Windows can't directly read or perform operations on a Linux filesystem).
This PR has been updated based on feedback from @crosbymichael so that when LCOW is enabled, the daemon assumes Linux-mode, and won't be able to run/see Windows containers, or see any Windows images. This update means that no API changes are required while the UX changes are being investigated separately. This is an artificial crippling with no technical reason.
(In memory of Guide Dogs for the Blind puppy-in-training "Park", front left. He sadly passed too young. 1st Jan 2016 - 16th June 2017. Rest in peace, sweet boy 🐶 💛
My two guys in the background, another former GDB puppy-in-training, "Palmetto" front-right )