Skip to content
This repository has been archived by the owner on Aug 14, 2020. It is now read-only.

Iaguis/squash #6

Merged
merged 40 commits into from
Feb 5, 2015
Merged

Iaguis/squash #6

merged 40 commits into from
Feb 5, 2015

Conversation

iaguis
Copy link
Member

@iaguis iaguis commented Jan 28, 2015

This PR implements squash functionality for ACI images. The last 3 commits are the interesting ones, the rest is covered by #5.

Fixes #2

@iaguis
Ignore dot directory
d977488
@iaguis
Parse docker user and group
6888cca
@iaguis
Make docker2aci a library
d841226
@iaguis
Handle hard links
d2557ab
@iaguis
Add documentation
7f4a1b1
@iaguis
Squash implementation
0cb48b8
@iaguis
Strip trailing slashes when squashing images
c9666e6
@iaguis
Use aci library to get the ImageManifest
2638f0d
@iaguis
Fix error message
1e9f38b
@iaguis
Change comment style
20ec99a
@iaguis
Use path.Join
c976157
@iaguis
Comment parseDockerUser
50cac0e
@iaguis
Use ACI functions
082dcfc
@iaguis
improve comment
40026f6
@iaguis
Remove compression-handling stuff
b74dfd7
@iaguis
Typo
3291372
@iaguis
Revert "Strip trailing slashes when squashing images"
fd2c7ee 
This reverts commit c9666e6.

Conflicts:
	lib/docker2aci.go
@iaguis
strings.Join -> path.Join
b6906a6
@iaguis
Remove outdated TODO comment
e9e91b4
@iaguis
Use defer instead of closing the file at the end
3cd5f80
@iaguis
Add missing error check when seeking
1a414ca
@iaguis
squash: Strip final manifest from dependencies
e2bc29b 
And layer label
@iaguis
gofmt
ee8997f
@iaguis
Copy link
Member Author

iaguis commented Jan 29, 2015

Updated PR

jonboulle
jonboulle reviewed Jan 30, 2015
View reviewed changes
lib/docker2aci.go
endpoints,
// TODO(iaguis) discover if httpsOrHTTP
fmt.Sprintf("https://%s/v1/", strings.TrimSpace(endpointEl)))
layersOutputDir := "."
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

this should just be outputDir no?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ooops, good catch. Thanks!

@iaguis
strings.Index -> strings.Contains
ceae5f4
@iaguis
Clarify squash accumulator name
66f1991
@iaguis
Use docker library to parse the docker URL
f96e002
@iaguis
Embed tar.Writer into the Squash accumulator
560a29d
@iaguis
Ooops, outputDir was being ignored
36c10c0
@iaguis
Lower-case errors
b990648
@iaguis
Handle .wh. files properly
4b4aca7
@iaguis
Update README
969b532
@iaguis
squash: fix extraction order not being preserved
ea01cd6 
The previous approach to squashing would simply go through the layers
from the app layer to the base layer and add the files to the final ACI
image file.

This produced incorrect ACIs because it doesn't preserve the extraction
order. When a file was overwriting a directory present in a previous
layer, the squashed ACI had the directory entry *after* the file.

We now create a map of files to ACI layers and populate it starting from
the base image. If files are repeated we take the last one. Then, we do
a second pass and add the file entry to the output tarball if the
current layer is the correct one.
@iaguis
Refactor tar walker and squashing logic
1349fc2
@iaguis
Remove layerID from the name of the squashed image
ae93e92
@iaguis
Really fix whiteouts ignoring
7b430db 
Since we can have entries like

    rootfs/.wh.what/ever

without having

    rootfs/.wh.what/

the previous solution didn't work
@iaguis
Add rootfs tar entry. Don't use aci.ArchiveWriter
4108421 
The ACI format expects a rootfs entry in the tar file, we now add one
when generating the ACIs.

Also, aci.ArchiveWriter writes the manifest with current date, which
leads to non-reproducable ACIs. I don't think modifying the aci package
is the right thing to do so we write directly to the tar file.
@iaguis
Validate every generated ACI
fe2d4c1
@philips
Copy link
Contributor

philips commented Feb 3, 2015

I think we should just move this and keep moving forward. /cc @jonboulle

@sgotti sgotti mentioned this pull request Feb 4, 2015
Closed
@sgotti
Copy link
Member

sgotti commented Feb 4, 2015

@iaguis I was looking at the patchset. Wouldn't be better to reuse some existing code? Right now I splitted the acirenderer patch in two parts (rkt/rkt#464 and rkt/rkt#465) and the first one should be used also by docker2aci and doesn't need any previous PR.

I was thinking of this code path:

@iaguis
Copy link
Member Author

iaguis commented Feb 4, 2015

I'd like to reuse your code. Right now I see two problems though:

  • acirenderer depends on rocket. It's only ptar so it should be easy to decouple
  • acirenderer extracts the ACIs to disk. This simplifies everything but it requires root which I was trying to avoid.

Any thoughts on that? Maybe requiring root is not a big deal?

@jonboulle
Copy link
Contributor

acirenderer depends on rocket. It's only ptar so it should be easy to decouple

Yep, no need for this to live in Rocket itself

acirenderer extracts the ACIs to disk. This simplifies everything but it requires root which I was trying to avoid.

Hmm, why does it need root (a priori of being applied to a filesystem that needs root)?

@jonboulle
Copy link
Contributor

@iaguis @sgotti I would love to see the acirenderer code reused if at all possible, but I also think we should probably just land this now and follow up with that.

Do you think it makes sense for that code to move "upstream" to appc/spec or so?

@iaguis
Copy link
Member Author

iaguis commented Feb 4, 2015

Hmm, why does it need root (a priori of being applied to a filesystem that needs root)?

Extracting files with the correct permissions/owners or with node files requires root since a regular user can't make the appropriate calls (chown, chmod...)

I also think we should probably just land this now and follow up with that.

I agree

@jonboulle
Copy link
Contributor

Hah, OK, I was thinking completely backwards
On Feb 4, 2015 4:18 PM, "Iago López Galeiras" notifications@github.com
wrote:

Hmm, why does it need root (a priori of being applied to a filesystem that
needs root)?

Extracting files with the correct permissions/owners or with node files
requires root since a regular user can't make the appropriate calls (chown,
chmod...)

I also think we should probably just land this now and follow up with that.

I agree


Reply to this email directly or view it on GitHub
#6 (comment).

@sgotti
Copy link
Member

sgotti commented Feb 4, 2015

@jonboulle @iaguis You're right!

In the meantime I just changed acirenderer with a better algo so now it will create a list of files to extract for every aci.
This list can be used by another function to directly create a tar (like needed by docker2aci, or to extract it to a filesystem, like the original acirenderer).

The extraction part is in its file (extract.go) so this can also be splitted and the acirenderer core (acirenderer.go and the tests) can be moved.
@jonboulle appc/spec can be ok as the place to move it.

PTAL (rkt/rkt#464)

@iaguis
Copy link
Member Author

iaguis commented Feb 4, 2015

That's awesome! I'll try to use it in docker2aci and let you know any issues I find.

@philips
Copy link
Contributor

philips commented Feb 4, 2015

I just found this library: https://github.com/winchman/libsquash

@jonboulle jonboulle mentioned this pull request Feb 5, 2015
Closed
@jonboulle
Copy link
Contributor

Landing this and we can roll forward with the follow ups: #9 #10

jonboulle added a commit that referenced this pull request Feb 5, 2015
@jonboulle
Merge pull request #6 from endocode/iaguis/squash
bb72ee5 
Iaguis/squash
@jonboulle jonboulle merged commit bb72ee5 into appc:master Feb 5, 2015
@jonboulle jonboulle mentioned this pull request Feb 5, 2015
Closed
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

docker2aci: support squashing images
4 participants
@iaguis @philips @sgotti @jonboulle