Enable to run containers on IPFS #496
Conversation
|
How can we detect whether the snapshotter is capable of handling IPFS? |
|
IPFS is handled by our special |
ktock
force-pushed
the
ipfs
branch
2 times, most recently
from
53fff07 to
880a4cd
Compare
|
Do we really need our own new annotation key? https://docs.ipfs.io/how-to/address-ipfs-on-web/#native-urls https://github.com/opencontainers/image-spec/blob/main/descriptor.md#properties |
SGTM. I'll try it later. |
| // Resolve resolves the provided ref for IPFS. ref must be a CID. | ||
| // TODO: Allow specifying `/ip[f|n]s`-prefixed path. This requires to modify `reference` pkg of containerd because | ||
| // it's incompatbile to the current reference specification used by containerd. | ||
| func (r *resolver) Resolve(ctx context.Context, ref string) (name string, desc ocispec.Descriptor, err error) { |
There was a problem hiding this comment.
Our remote.Resolver only supports an IPFS CID as an image reference but doesn't supprot /ipfs-prefixed path as of now.
This is because containerd cannot handle IPFS path which is incompatible with the current image reference specification defined in the reference package of containerd.
We need to modify containerd implementation after deciding the image reference format for IPFS (containerd/nerdctl#465 (comment)).
ktock
force-pushed
the
ipfs
branch
2 times, most recently
from
a3fa793 to
0158afa
Compare
ipfs/converter.go
Outdated
| } | ||
|
|
||
| // ConvertDockerMediaTypeToOCI converts a media type string | ||
| func ConvertDockerMediaTypeToOCI(mt string) string { |
There was a problem hiding this comment.
ipfs/converter.go
Outdated
| } | ||
|
|
||
| // ClearGCLabels clears GC labels for the given digest. | ||
| func ClearGCLabels(labels map[string]string, dgst digest.Digest) { |
There was a problem hiding this comment.
| ctr-remote i rpull --snapshotter=overlayfs --ipfs "${CID}" | ||
| ctr-remote run --rm --snapshotter=overlayfs "${CID}" test tar -c /usr | tar -xC "${USR_NORMALSN_IPFS}" | ||
|
|
||
| echo "Diffing bitween two root filesystems(normal vs stargz snapshotter, IPFS rootfs)" |
Signed-off-by: Kohei Tokunaga <[email protected]>
| if err != nil { | ||
| return nil, err | ||
| } | ||
| dstDesc, err := IndexConvertFunc(api, layerConvert, platformMC)(ctx, client.ContentStore(), srcImg.Target) |
There was a problem hiding this comment.
Can we use the existing converter pkg with a simple custom ConvertFunc that just adds IPFS urls?
https://github.com/containerd/containerd/blob/0d0fb6858971e5dd92cb044a744979ccb1e9635a/images/converter/converter.go#L40
https://github.com/containerd/containerd/blob/0d0fb6858971e5dd92cb044a744979ccb1e9635a/images/converter/converter.go#L66
There was a problem hiding this comment.
We need to modify descriptors of all blobs not only layers so we cannot use WithLayerConvertFunc here.
converter.Convert returns *images.Image but containerd drops urls field of OCI descriptor (*images.Image.Target) so we cannot use it for IPFS.
There was a problem hiding this comment.
We need to modify converter.Converter to return the OCI descriptor of the converted image index as-is and to allow injecting a callback hook to modify descriptors.
|
This is highly experimental so mounting IPFS layers should be an opt-in feature of stargz snapshotter. I'll add that configuration option. |
| var f fetcher | ||
| var size int64 | ||
| if ipfs.Supported(desc) { | ||
| if r.blobConfig.IPFS && ipfs.Supported(desc) { |
There was a problem hiding this comment.
The blobConfig.IPFS value should be printed to debug log
Signed-off-by: Kohei Tokunaga <[email protected]>
|
Merging, please propose your |
|
@ktock The IPFS URL protocol seems to support only the CID stargz-snapshotter/ipfs/resolver.go Line 62 in 221ec42 |
|
Thanks. I'll add the description about CID version in ipfs.md.
|
3 participants
See https://github.com/containerd/stargz-snapshotter/blob/main/docs/ipfs.md for the latest spec.
This commit enables to run of containers on IPFS.
OCI image is extended in an OCI-compatible way. Stargz Snapshotter mounts the image from IPFS to the container's rootfs with lazy pulling support.
The image must have the following OCI-compatible extension. This constructs a CID-based DAG of blobs in an OCI image.
containerd.io/snapshot/remote/ipfs/cidThis commit adds
ipfslibrary which includes the basic functionality to make containerd aware of containers on IPFS. These components are eStargz-agnostic and can be used for running non-eStargz images without lazy pulling (e.g. on overlayfs snapshotter).ipfs.IndexConvertFuncprovides containerd'sconverter.ConvertFuncimplementation which converts an image to the IPFS-enabled image format as described above. This also adds the image contents to IPFS.ipfs.NewResolverprovides containerd'sremote.Resovlerimplementation for IPFS. If a descriptor contains the CID annotation, it fetches the pointed content from IPFS.The following component enables lazy pulling of containers from IPFS.
(fs/remote/ipfs).Readerprovides the way to read a range of a file on IPFS. This enables stargz snapshotter to mount the container's rootfs from IPFS with lazy pulling.Examples
Storing image to IPFS and run with stargz snapshotter:
The container can also run with overlayfs snapshotter without lazy pulling but it's slower than stargz snapshotter: