Storage options are really driver specific and it is when distributions set
defaults, they should not effect the user if he changes the default driver.
By moving the storage options to be driver specific, we can make sure all
drivers only document and support their options.
With this patch we will continue to support the global mountopt but the driver
specific version will override the global mountopt.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
it was an attempt to use OSTree to deduplicate files, at the time we
already had a dependency on OSTree for system containers in
containers/image. Since the feature never really took off, let's just
drop it.
Closes: https://github.com/containers/storage/issues/419
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
Modified patch of Kevin Pelzel.
Also changed ApplyDiff to take new ApplyDiffOpts Struct.
Signed-off-by: Kevin Pelzel <kevinpelzel22@gmail.com>
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
We want to create a containers-storage package which can install the man pages.
This package will be pulled in via containers-common.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
This commit uses internal tools vendoring to switch to golangci-lint. All
working linters have been enabled. The other tools have been vendored as
well into the same tools folder, whereas the corresponding test and
build targets have been adapted as well.
Signed-off-by: Sascha Grunert <sgrunert@suse.com>
On the relabeling instructions, it's quite confusing to use a variable
on the first command, and then a literal location on the second one.
Signed-off-by: Cleber Rosa <crosa@redhat.com>
Fix the sections and their titles in the manpage for containers-storage.conf.
Section titles are all capitalized and don't end with a period.
Signed-off-by: Silvano Cirujano Cuesta <silvano.cirujano-cuesta@siemens.com>
Add to the main manpage the reference to the fact that OSTree will be
used for file deduplication on readonly layers if:
* ostree_repo configured,
* containters-storage build with support for OSTree
That information was missing throughout all the documentation.
Signed-off-by: Silvano Cirujano Cuesta <silvano.cirujano-cuesta@siemens.com>
The manpage of the configuration goes to section 5 instead of 1, like
most of the other manpages. Therefore the existing code wasn't handling
the manpage for 'containers-storage.conf' not appropriately.
Signed-off-by: Silvano Cirujano Cuesta <silvano.cirujano-cuesta@siemens.com>
Manpage for storage.conf is being built as 'container-storage.conf.5'
(notice the missing 's' after 'container'), but it should be
'containers-storage.conf.5' for consistency with the whole project
naming.
Signed-off-by: Silvano Cirujano Cuesta <silvano.cirujano-cuesta@siemens.com>
This helps users figure out where the configuration files are located
and understand how to override them.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Change how we compute digests for BigData items with names that start
with "manifest" so that we use the image library's manifest.Digest()
function, which knows how to preprocess schema1 manifests to get the
right value, instead of just trying to finesse it.
Track the digests of multiple manifest-named items for images.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
The logic that depended on override_kernel_check was changed to test for
the feature at runtime, so we don't need to be suggesting to people that
they need to set this option, or that the option is even a thing.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
People looking to modify storage.conf might be confused as to
what the valid graph drivers and their names are. List all
supported drivers in the manpage to assist them.
Shouldn't be necessary elsewhere, most of the other fields are
just paths.
Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
Add a man-page of subcommand mounted that is added by commit 1075a73cac.
Add new lines to prevent the section SUB-COMMANDS of containers-storage.md
from crushing when previews as markdown.
Signed-off-by: ERAMOTO Masaya <eramoto.masaya@jp.fujitsu.com>
I believe we should be running container images mounted with nodev by default.
This would eliminate the disk of a device sneaking into the container without
being on the approved list. This would give us the same or potentially additional
security over the device cgroup.
It would be nice if this could be passed in on an image by image basis. So users
could also specify if they want nosuid images.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
It is needed to use an OSTree repository (either directly or as a parent
repository) that is not under the storage home directory.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
When specified the mount of the overlay file system is delegated to
the specified command instead of mounting it directly.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
Add integration tests to exercise CopyFileWithTar and CopyWithTar, both
with and without Chown flags.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
Allow users to specify the maximum size of a containers in the
/etc/containers/storage.conf file. This will enable quota checking
in the drivers that support it.
Allowe users to OverrideKernelCheck to tell drivers to ignore kernel
version checks that indicate whether the driver is supported on that
kernel. These checks do not make sense on older RHEL kernels, since
the driver support was back ported.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
We have a conflict on man pages storage.conf man page is owned
by the inn package, so we need to pick a less generic name.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Add an optional *DiffOptions parameter to Diff() methods (which can be
nil), to allow overriding of default behaviors.
At this time, that's just what type of compression is applied, if we
want something other than what was recorded when the diff was applied,
but we can add more later if needed.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
Rename the CLI tool to match the name that we gave the transport that
uses it in containers/image, which affects just about every consumer of
this library.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
Container Storage is going to be shared by multiple tools. Therefore
we don't want each one of these tools setting up its own container
storage. This storage config can be shared between multiple users.
Signed-off-by: Dan Walsh <dwalsh@redhat.com>
Add a method for calling the underlying driver's Cleanup() method,
preferably when it's not going to disrupt another user of the same data
store, and try to give other users of the store a way to notice that the
driver's been cleaned up, so they need to reinitialize things before
continuing to use them.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
Add GetContainerDirectory and GetContainerRunDirectory methods to the
store, for getting the location of a directory in which the caller can
manage data directly.
This breaks the general model of keeping the library's caller from
having to bother with where things are stored once the library is
initialized, but is added so that ocid won't have to manage the
directory in which it's dropping files to be picked up by other
binaries, in particular configuration files that it's leaving for runc.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
Daniel J Walsh