Support for exporting nydus compression type #2581
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
imeoer
force-pushed
the
nydus-compression-type
branch
4 times, most recently
from
6e3e5de
to
6dbd90a
Compare
imeoer
force-pushed
the
nydus-compression-type
branch
from
6dbd90a
to
1cac153
Compare
imeoer
force-pushed
the
nydus-compression-type
branch
from
1cac153
to
73d370b
Compare
|
@ktock @AkihiroSuda PTAL |
ktock
reviewed
Feb 8, 2022
|
BuildKit doesn't seem to be able to use the exported nydus-compressed image and cache. # mkdir -p /tmp/ctx
cat <<EOF > /tmp/ctx/Dockerfile
FROM registry2-buildkit:5000/ubuntu:20.04
RUN echo hello > /hello
EOF
# buildctl build --progress=plain --frontend=dockerfile.v0 --local context=/tmp/ctx --local dockerfile=/tmp/ctx \
--output type=image,name=registry2-buildkit:5000/ubuntu:20.04-hello,push=true,compression=nydus,oci-mediatypes=true \
--export-cache type=inline
# buildctl build --progress=plain --frontend=dockerfile.v0 --local context=/tmp/ctx --local dockerfile=/tmp/ctx \
--output type=image,name=registry2-buildkit:5000/ubuntu:20.04-hello-zstd,push=true,compression=zstd,oci-mediatypes=true \
--import-cache type=registry,ref=registry2-buildkit:5000/ubuntu:20.04-hello
...
panic: runtime error: index out of range [4] with length 4
goroutine 748 [running]:
github.com/moby/buildkit/cache/remotecache.(*contentCacheImporter).importInlineCache.func1.1()
/go/src/github.com/moby/buildkit/cache/remotecache/import.go:188 +0xda5
golang.org/x/sync/errgroup.(*Group).Go.func1()
/go/src/github.com/moby/buildkit/vendor/golang.org/x/sync/errgroup/errgroup.go:57 +0x67
created by golang.org/x/sync/errgroup.(*Group).Go
/go/src/github.com/moby/buildkit/vendor/golang.org/x/sync/errgroup/errgroup.go:54 +0x92 |
imeoer
force-pushed
the
nydus-compression-type
branch
from
73d370b
to
bd9ae80
Compare
@ktock Thanks for the testing, the panic indeed occurs. This seems to be a tricky problem. Nydus image consists of multiple blobs and a bootstrap (one more layer than the cache records), and the blob does not correspond to the cache record one by one (probably fewer layers than the cache record). Is it possible to consider not supporting the inline cache export for nydus image? Will submit a new commit to do this. |
imeoer
changed the title
imeoer
force-pushed
the
nydus-compression-type
branch
5 times, most recently
from
798a223
to
a9362be
Compare
imeoer
changed the title
imeoer
force-pushed
the
nydus-compression-type
branch
4 times, most recently
from
3b53729
to
8c2ce98
Compare
ktock
reviewed
Feb 22, 2022
There was a problem hiding this comment.
Now we seem to have 2 implementation of computeBlobChain(computeBlobChain and computeNydusBlobChain).
Some concerns about maintainability:
- How can guarantee/keep the compatibility of these implementations?
- Will we need 2 duplicated patches on these implementations for 1 futural change?
ktock
reviewed
Feb 22, 2022
imeoer
force-pushed
the
nydus-compression-type
branch
from
8c2ce98
to
6b2f9e8
Compare
imeoer
changed the title
imeoer
force-pushed
the
nydus-compression-type
branch
6 times, most recently
from
56a951b
to
f26808c
Compare
imeoer
changed the title
|
@AkihiroSuda @ktock @tonistiigi With #3136 merged, this PR is pretty clean in terms of code invasion in the general code path. Could you give it another spin and see if it is suitable for merging? As discussed earlier, we'll continue improving the nydus functionality in buildkit and we look forward to putting it into large-scale production use. |
Nydus image is a container accelerated image format provided by the Dragonfly image-service project, which offers the ability to pull image data on demand, without waiting for the entire image pull to complete and then start the container. It has been put in production usage and shown vast improvements over the old OCI image format in terms of container launching speed, image space, and network bandwidth efficiency, as well as data integrity. Nydus image can be flexibly configured as a FUSE-based user-space filesystem or in-kernel EROFS (from Linux kernel v5.16) with Nydus daemon in user-space, integrating with VM-based container runtime like KataContainers is much easier. Nydus has provided a conversion tool Nydusify for converting OCIv1 image to Nydus image and integrated into Harbor Acceld as a conversion driver, which assumes that the OCI image is already available in the registry, but a better way would be to build the Nydus images directly from the build system instead of using the conversion tool, which would increase the speed of the image export, so we experimentally integrated the Nydus export in Buildkit. Unlike other compression formats (gzip, estargz, etc.) in OCI image, nydus is divided into two types of layer, blob, and bootstrap, where blob serves as the data part of each layer of the image, and bootstrap serves as the metadata of the whole image, the bootstrap is equivalent to the view of the whole image filesystem after all layers overlay. For example, for an OCI image with 3 layers, the corresponding nydus image is 4 layers (3 layers of blob + 1 layer of bootstrap). The nydus-snapshotter project provides a package to do the actual layer compression, this commit imports the package to implement the export of nydus compression type. Signed-off-by: Yan Song <imeoer@linux.alibaba.com>
For nydus image, appending an extra nydus bootstrap layer to the manifest, this layer represents the whole metadata of filesystem view for the entire image. Nydus uses this extra boostrap layer to reduce the number of HTTP request and FUSE overlay's overhead on preparing the container's rootfs. For now we just support this in image type exporter. Signed-off-by: Yan Song <imeoer@linux.alibaba.com>
Signed-off-by: Yan Song <imeoer@linux.alibaba.com>
Signed-off-by: Yan Song <imeoer@linux.alibaba.com>
imeoer
force-pushed
the
nydus-compression-type
branch
from
f26808c
to
bfcec56
Compare
ktock
reviewed
Nov 1, 2022
ktock
reviewed
Nov 1, 2022
imeoer
force-pushed
the
nydus-compression-type
branch
from
4f4412d
to
126e994
Compare
Introduce nydus image and show that how to export nydus image, and add known limitations. Signed-off-by: Yan Song <imeoer@linux.alibaba.com>
imeoer
force-pushed
the
nydus-compression-type
branch
from
126e994
to
9f603b4
Compare
Signed-off-by: Yan Song <imeoer@linux.alibaba.com>
imeoer
force-pushed
the
nydus-compression-type
branch
from
9f603b4
to
3e9e898
Compare
|
@ktock @AkihiroSuda Updated, please help to take a glance again, thanks! |
AkihiroSuda
approved these changes
Nov 7, 2022
ktock
approved these changes
Nov 7, 2022
|
Thanks for all! cc @tonistiigi Please help to take a final look, thanks! |
|
Thanks all for considering Nydus! |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Related issue: #2046
Nydus image is a container accelerated image format provided by the Dragonfly image-service project, which offers the ability to pull image data on demand, without waiting for the entire image pull to complete and then start the container. It has been put in production usage and shown vast improvements over the OCI v1 image format in terms of container launching speed, image space, and network bandwidth efficiency, as well as data integrity. Nydus image can be flexibly configured as a FUSE-based user-space filesystem or in-kernel FS with nydus daemon in user-space:
Nydus has provided a conversion tool Nydusify for converting OCIv1 image to Nydus image and integrated into Harbor Acceld as a conversion driver, which assumes that the OCI image is already available in the registry, but a better way would be to build the Nydus images directly from the build system instead of using the conversion tool, which would increase the speed of the image export, so we experimentally integrated the Nydus export in Buildkit.
A manifest example of nydus image can be found here. Unlike other compression formats (gzip, zstd, eStargz, etc.) in OCI image, nydus is divided into two types of layer, blob and bootstrap, where blob serves as the data and metadata for all files of each layer of the image, and bootstrap serves as the metadata of the whole image, the bootstrap is equivalent to the view of the whole image filesystem after all layers overlay, nydus use this layer form to reduce the number of HTTP request and FUSE overlay's overhead on preparing the container's rootfs. For example, for an OCI image with 3 layers, the corresponding nydus image is 4 layers (3 layers of blob + 1 layer of bootstrap).
The converter package in nydus-snapshotter do the actual layer compression, this PR imports the package to implement the export of nydus compression type.