-
Notifications
You must be signed in to change notification settings - Fork 27
Conversation
9d256af
to
d90a1b1
Compare
a88589c
to
506d2bd
Compare
531715f
to
8ce5b41
Compare
One thing that's clear to me now is that we will need to inject metadata to differentiate between the layers comprising the "ostree base" and all the remaining layers. Because in order to perform SELinux labeling on derived content, we need to know the base. Alternatively, we just go for #159 which obviates this problem. I am leaning in that direction more and more strongly. |
If we don't do #159 then instead what I am now realizing is that because docker schema 2 doesn't have any "annotations" unlike oci we'd need to stick that data on the config object. Which in turn blocks on containers/containers-image-proxy-rs#14 |
2feec21
to
9525086
Compare
4745d93
to
fa957bf
Compare
OK, this is finally in a state where it seems to work! Lifting draft, but it's a huge change so we need careful review and thought. At least the core logic today is only opt-in, you have to |
8e86c9a
to
4fe97f1
Compare
Depends ostreedev/ostree-rs-ext#123 We gain a new `rpm-ostree container-encapsulate` option which is like `ostree container encapsulate`, but generates chunked images using the RPM database. And on the client side, we now know how to handle incremental updates - chunks that haven't changed won't be redownloaded.
Depends ostreedev/ostree-rs-ext#123 We gain a new `rpm-ostree container-encapsulate` option which is like `ostree container encapsulate`, but generates chunked images using the RPM database. And on the client side, we now know how to handle incremental updates - chunks that haven't changed won't be redownloaded.
Depends ostreedev/ostree-rs-ext#123 We gain a new `rpm-ostree container-encapsulate` option which is like `ostree container encapsulate`, but generates chunked images using the RPM database. And on the client side, we now know how to handle incremental updates - chunks that haven't changed won't be redownloaded.
Depends ostreedev/ostree-rs-ext#123 We gain a new `rpm-ostree container-encapsulate` option which is like `ostree container encapsulate`, but generates chunked images using the RPM database. And on the client side, we now know how to handle incremental updates - chunks that haven't changed won't be redownloaded.
Depends ostreedev/ostree-rs-ext#123 We gain a new `rpm-ostree container-encapsulate` option which is like `ostree container encapsulate`, but generates chunked images using the RPM database. And on the client side, we now know how to handle incremental updates - chunks that haven't changed won't be redownloaded.
Closes: ostreedev#69 This is initial basic support for splitting files (objects) from a commit into separate container image layers, and reassembling those layers into a commit on the client. We retain our present logic around e.g. GPG signature verification. There's a new `chunking.rs` file which has logic to automatically factor out things like the kernel/initramfs and large files. In order to fetch these images client side, we now heavily intermix/cross the previous code for fetching non-ostree layers.
Depends ostreedev/ostree-rs-ext#123 We gain a new `rpm-ostree container-encapsulate` option which is like `ostree container encapsulate`, but generates chunked images using the RPM database. And on the client side, we now know how to handle incremental updates - chunks that haven't changed won't be redownloaded.
OK, CI on coreos/rpm-ostree#3478 is passing! I'd like to merge this now, I've fixed the bugs that caused it break the current v0 container format, so while it's a lot of new code, I think the risk is pretty low because most of the new bits are opt-in. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Very cool! I've only skimmed this, but it looks sane overall.
Depends ostreedev/ostree-rs-ext#123 We gain a new `rpm-ostree container-encapsulate` option which is like `ostree container encapsulate`, but generates chunked images using the RPM database. And on the client side, we now know how to handle incremental updates - chunks that haven't changed won't be redownloaded.
Depends ostreedev/ostree-rs-ext#123 We gain a new `rpm-ostree container-encapsulate` option which is like `ostree container encapsulate`, but generates chunked images using the RPM database. And on the client side, we now know how to handle incremental updates - chunks that haven't changed won't be redownloaded.
The biggest thing here was the merge of "chunked ostree" support in ostreedev#123 cascading into various API changes. But I think it's working, let's cut 0.7 so the next rpm-ostree can roll in the support.
Depends ostreedev/ostree-rs-ext#123 We gain a new `rpm-ostree container-encapsulate` option which is like `ostree container encapsulate`, but generates chunked images using the RPM database. And on the client side, we now know how to handle incremental updates - chunks that haven't changed won't be redownloaded.
Depends ostreedev/ostree-rs-ext#123 We gain a new `rpm-ostree container-encapsulate` option which is like `ostree container encapsulate`, but generates chunked images using the RPM database. And on the client side, we now know how to handle incremental updates - chunks that haven't changed won't be redownloaded.
The headlining feature here is ostreedev/ostree-rs-ext#123 which adds support for "chunked ostree". We gain a new `rpm-ostree container-encapsulate` option which is like `ostree container encapsulate`, but generates chunked images using the RPM database. And on the client side, we now know how to handle incremental updates - chunks that haven't changed won't be redownloaded.
The headlining feature here is ostreedev/ostree-rs-ext#123 which adds support for "chunked ostree". We gain a new `rpm-ostree container-encapsulate` option which is like `ostree container encapsulate`, but generates chunked images using the RPM database. And on the client side, we now know how to handle incremental updates - chunks that haven't changed won't be redownloaded.
Support for split layers
Closes: #69
This is initial basic support for splitting files (objects) from
a commit into separate container image layers, and reassembling
those layers into a commit on the client.
We retain our present logic around e.g. GPG signature verification.
There's a new
chunking.rs
file which has logic to automaticallyfactor out things like the kernel/initramfs and large files.
In order to fetch these images client side, we now heavily
intermix/cross the previous code for fetching non-ostree layers.