reject a layer if it contains both a zstd:chunked and an eStargz TOC
since there are no guarantees that the two TOCs are consistent.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
drop the rootless argument from DefaultStoreOptions and
UpdateStoreOptions since this can be retrieved internally through the
unshare package.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
so that the users of the function can get access to the already
unmarshalled TOC instead of having to unmarshal it again.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
if the "convert_images" option is set in the configuration file, then
convert traditional images to the chunked format on the fly.
This is very expensive at the moment since the entire zstd:chunked
file is created and then processed.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
change the file format to store the tar-split as part of the
zstd:chunked image. This will allow clients to rebuild the entire
tarball without having to download it fully.
also store the uncompressed digest for the tarball, so that it can be
stored into the storage database.
Needs: https://github.com/containers/image/pull/1976
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
gofumpt is a superset of gofmt, enabling some more code formatting
rules.
This commit is brought to you by
gofumpt -w .
Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
Two error messages suggest that podman-system-migrate is a binary that
can be run, when the command is "podman system migrate".
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
We now use the golang error wrapping format specifier `%w` instead of the
deprecated github.com/pkg/errors package.
Signed-off-by: Sascha Grunert <sgrunert@redhat.com>
drop host deduplication by just looking at the file path. It could be
useful in very specific use cases, but it is too expensive for generic
images. If the need arises, we first need to create an index of the
files that we can deduplicate so there is no need to calculate the
checksum on the fly.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
after the missing parts are merged, it is necessary to recalculate the
chunks to ask to the server.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
Based on a conversation on the Podman mailing list:
Mentioning podman-system-migrate in the error message may help users
resolve their issues faster.
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
automatically detect holes in sparse files (the threshold is hardcoded
at 1kb for now) and add this information to the manifest file.
The receiver will create a hole (using unix.Seek and unix.Ftruncate)
instead of writing the actual zeros.
Closes: https://github.com/containers/storage/issues/1091
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
avoid parsing each json TOC file for the layers in the local storage,
but attempt to create a lookaside cache in a custom format faster to
load (and potentially be mmap'able).
The same cache is used to lookup files, chunks and candidates for
deduplication with hard links.
There are 3 kind of digests stored:
- digest(file.payload))
- digest(digest(file.payload) + file.UID + file.GID + file.mode + file.xattrs)
- digest(i) for each i in chunks(file payload)
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
try to reuse an existing cache object, instead of creating it for
every layer.
Set a time limit on how long it can be reused so to clean up stale
references.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
it solves a problem where the discard could be performed before the
compression handler was closed (through a deferred call).
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
add a fallback mechanism when openat2 is not supported by the
underlying kernel.
If a call to openat2 fails with ENOSYS, then fallback to a user space
lookup. Generally the user space lookup is not safe, since symlinks
lookups are vulnerable to TOCTOU attacks, but in this case where the
rootfs is being created, there are no other processes modifying it
thus such lookups can be considered safe.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
when dealing with symlink, open the parent directory and use the
symlink basename to set its attributes.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
when creating a new file, handle the case where any of the parent
directories are missing and create them automatically if needed.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
since we now support reading additional IDs with libsubid, clarify
that the /etc/subuid and /etc/subgid files are honored only when
shadow-utils is configured to use them.
[NO TESTS NEEDED]
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
Using unix.AT_EMPTY_PATH requires CAP_DAC_READ_SEARCH. Use an
equivalent variant that uses /proc/self/fd that can be used with
rootless.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
if the option ostree_repos is set:
[storage.options]
pull_options = {enable_partial_images = "true", ostree_repos = "/foo:/bar"}
then attempt to deduplicate from the specified list of OSTree repositories.
In order to be usable, an OSTree repository must be configured to track
the checksum for its files payload (payload link), that is disabled by
default:
ostree config --repo=/path/to/repo set core.payload-link-threshold N
Where N is the minimum size for files to be tracked by their payload
and must be a nonzero value.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
Using unix.AT_EMPTY_PATH requires CAP_DAC_READ_SEARCH. Use an
equivalent variant that uses /proc/self/fd that can be used with
rootless.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
before deduplicating with hard links make sure the two files share the
same UID, GID, file mode and extended attributes.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
in addition to zstd:chunked, add support for the estargz format.
estargz is maintained at github.com/containerd/stargz-snapshotter
Images using estargz can be used on old clients and registries that
have no support for the zstd compression algorithm.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
if the option use_hard_links is set:
[storage.options]
pull_options = {use_hard_links = "true"}
then attempt to deduplicate files using hard links first.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
enable partial pulls only when it is explicitely configured in the
storage.conf file:
[storage.options]
pull_options = {enable_partial_images = "true"}
This is to prevent the experimental feature to leak into CRI-O.
The default value will change in future once the feature is stable.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
containers/image/pkg/compression depends on that function, so it's
highly undesirable for it to drag in all of containers/storage.
So, move it into a separate subpackage, along with its exclusive
dependency tree.
Code that is called both from the new pkg/chunked/compressor
and the original pkg/chunked has been moved into pkg/chunked/internal ,
so that we don't expose any new public API. That move was made
purely mechanically without any concern for conceptual consistency,
to minimize the size of the dependency (and not to spend time on
that until the concept is proven to be useful).
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
Giuseppe Scrivano