To prevent the podman remote client from using libimage which causes a
lot of bloat due the c/image and c/storage dependencies add the
`!remote` tag.
This will cause a hard compile time failure if the remote client ends up
pulling in libimage.
Fixes#1702
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
It turns out only counting the layers size is not sufficient for
`podman systemd df` as it excludes the size of the manifests, configs
and potentially attached meta data in the storage.
Instead, sum the image sizes but distract redundant layers. That indeed
gives the expected result and does not yield negative results for
reclaimable space.
Remove the unrelease LayersDiskUsage function again to avoid expensive
recalculation of the layer tree. We are still below 1.0, and I am
convinced the total image size belongs into DiskUsage.
NOTE: The DiskUsage function does not have test coverage in libimage.
This should be addressed at some point but in the interest of
time I leverage podman's system tests.
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
Used `go fmt` rules to migrate away from deprecated functions, for
instance `gofmt -w -s -r 'ioutil.TempDir(a, b) -> os.MkdirTemp(a, b)'`
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
Add an API to query the sum of the layer sizes. This data is needed to
fix containers/podman/issues/16135.
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
Add an InspectOptions struct for inspecting images. This is a breaking
change but I think it's worth it since a considerable amount of CPU time
is spent in computing the image's parent (i.e., computing the layer is
costly) while this data is oftentimes not needed.
This cuts off 10ms of container-creation time in Podman.
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
Make sure to check an image for corruption before running disk usage on
it. Such checks are already applied on various execution paths but not
yet on disk usage.
Further update the corrupted-image error to include that the image
should be removed to resolve the error. This should ultimately guide
users to resolve the issue.
Fixes: containers/common#751
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
We must ignore the platform of a local image when doing lookups. Some
images set an incorrect or even invalid platform (see
containers/podman/issues/10682). Doing the lookup while ignoring the
platform checks prevents redundantly downloading the same image.
Note that this has the consequence that a `--pull-never --arch=hurz` may
chose a local image of another architecture. However, I estimate the
benefit of continuing to allow potentially invalid images higher than
not running them (and breaking workloads).
The changes required to touch the corrupted checks. I used the occasion
to make the corrupted checks a bit cheaper.
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
Commit 7f038138c3 introduced a regression to Exists() which would
return an error if the image does not exist.
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
While various execution paths in libimage already handle corrupted
images, `(*Runtime).Exists()` did not and would list an image to exist
in the storage even if it is corrupted.
Some corruptions can only be detected when accessing the individual
data. A reliable way of accessing such data is to inspect an image.
Hence, an image will only be listed to exist if a) it has been found
and b) can be inspected. If the inspection fails, the image will be
reported to not exists but without an error. That allows for users
of libimage to properly recover and repull.
Further, add a new unit tests that forces a data corruption and
gradually recovers from it.
Podman will now behave as follows:
```
$ ./bin/podman run -d --rm nginx ls
ERRO[0000] Image nginx exists in local storage but may be corrupted: layer not known
ERRO[0000] Looking up nginx in local storage: layer not known
Resolved "nginx" as an alias (/home/vrothberg/.cache/containers/short-name-aliases.conf)
Trying to pull docker.io/library/nginx:latest...
Getting image source signatures
Copying blob 596b1d696923 skipped: already exists
Copying blob 30afc0b18f67 skipped: already exists
Copying blob febe5bd23e98 skipped: already exists
Copying blob 69692152171a skipped: already exists
Copying blob 8283eee92e2f skipped: already exists
Copying blob 351ad75a6cfa done
Copying config d1a364dc54 done
Writing manifest to image destination
Storing signatures
56b65883c3c32b67277bcc173bd9f26c27cbbdbc6d3aacf6c552be796eb7a337
```
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
openshift-merge-bot[bot]
Oleksandr Redko
Paul Holzinger
Valentin Rothberg
OpenShift Merge Robot
Kir Kolyshkin
Valentin Rothberg