[WIP] Add utility functions for managing containers and images using containers/storage #210
Conversation
|
Could we move this under ./pkg/storage? Thet pkg directory will be the house for future refactor to abstract useful code (instead of cluttering the main directory layout). Wdyt? |
|
Okay, moved it. |
|
Make lint and tests are failing, also we should probably remove linting vendors here. |
|
I have created #216 for skipping vendor but there are still lint errors. |
pkg/storage/utils.go
Outdated
| return true | ||
| } | ||
| for _, name := range names { | ||
| if filter == "" || filter == name { |
There was a problem hiding this comment.
Why add a condition filter == "" here? I mean you have checked filter is not empty string in ListImage, and if we really need to check it here, why not together with filter == ID, IIRC filter == "" means no filter at all, maybe don't need to check it for every name.
There was a problem hiding this comment.
Good point. Updating.
pkg/storage/utils.go
Outdated
| return true | ||
| } | ||
| } | ||
| if len(filter) < 7 { |
There was a problem hiding this comment.
Is there any constrain for "7"?
There was a problem hiding this comment.
It's a placeholder value, chosen mainly because that's the length that container and image IDs are often truncated for display by dockerd. A longer version would probably use a truncindex, since all we're really looking for is a sufficiently-long value to be unambiguous about which image or container or pod the caller is referring to. I'll see about switching to doing that.
Spotted in review of cri-o/cri-o#210 by Crazykev. Signed-off-by: Nalin Dahyabhai <[email protected]>
Spotted in review of cri-o/cri-o#210 by Crazykev. Signed-off-by: Nalin Dahyabhai <[email protected]>
|
Okay, updated the ListImages() logic to assume that the store's GetImage() method will begin to accept truncated IDs, which is where adding a truncIndex to it will lead (essentially, it'll treat truncated IDs as a different sort of name, resolving the passed-in value to a full-length image ID before proceeding). A non-empty filter will now select the image with an exactly-matching name or ID, or truncated ID once that feature lands there, and an empty filter will continue to return a list of all images. |
Spotted in review of cri-o/cri-o#210 by Crazykev. Signed-off-by: Nalin Dahyabhai <[email protected]>
Spotted in review of cri-o/cri-o#210 by Crazykev. Signed-off-by: Nalin Dahyabhai <[email protected]>
|
make fails for me locally: |
pkg/storage/image.go
Outdated
| GetStore() storage.Store | ||
| } | ||
|
|
||
| func (svc *imageService) ListImages(ctx context.Context, filter string) ([]ImageResult, error) { |
There was a problem hiding this comment.
ctx isn't used in this function.
pkg/storage/image.go
Outdated
| return results, nil | ||
| } | ||
|
|
||
| func (svc *imageService) ImageStatus(ctx context.Context, nameOrID string) (*ImageResult, error) { |
There was a problem hiding this comment.
ctx isn't used in this function.
pkg/storage/image.go
Outdated
| return nil | ||
| } | ||
|
|
||
| func (svc *imageService) PullImageUsingContexts(ctx context.Context, imageName string, policyContext *signature.PolicyContext, options *copy.Options) (types.ImageReference, error) { |
There was a problem hiding this comment.
ctx isn't used in this function.
pkg/storage/image.go
Outdated
| return nil, err | ||
| } | ||
| options := copy.Options{} | ||
| ref, err := svc.PullImageUsingContexts(ctx, imageName, policyContext, &options) |
There was a problem hiding this comment.
ctx passed down but not used in the function being called.
pkg/storage/image.go
Outdated
| return ref, nil | ||
| } | ||
|
|
||
| func (svc *imageService) RemoveImage(ctx context.Context, nameOrID string) error { |
There was a problem hiding this comment.
ctx isn't used in this function.
There was a problem hiding this comment.
Right, that's a leftover from when I thought we'd need to pass it to the image library. Removing it.
pkg/storage/runtime.go
Outdated
| layerName := metadata.ContainerName + "-layer" | ||
| names, err = r.image.GetStore().GetNames(container.LayerID) | ||
| if err != nil { | ||
| cleanup(container) |
There was a problem hiding this comment.
Should the cleanup function be deferred instead so it is called on all subsequent error exits?
There was a problem hiding this comment.
Might as well. Changing.
| PullImage(ctx context.Context, imageName string) (types.ImageReference, error) | ||
| // RemoveImage deletes the specified image. | ||
| RemoveImage(ctx context.Context, imageName string) error | ||
| GetStore() storage.Store |
|
@mrunalp I'm not getting any errors 😕 |
|
BTW, this looks good to me overall (when mrunal's comments are addressed also) - I'm testing the whole storage PRs with k8s and so far they looks great. We can always reiterate when we have those merged I guess. |
Based on review comments from cri-o/cri-o#210: * use a deferred anonymous function to do cleanup if creating a container fails, instead of explicitly calling a local function * add missing godoc string for ImageServer.GetStore * remove context.Context arguments for ImageServer and RuntimeServer methods, which we ended up never using anyway Signed-off-by: Nalin Dahyabhai <[email protected]>
Based on review comments from cri-o#210: * use a deferred anonymous function to do cleanup if creating a container fails, instead of explicitly calling a local function * add missing godoc string for ImageServer.GetStore * remove context.Context arguments for ImageServer and RuntimeServer methods, which we ended up never using anyway Signed-off-by: Nalin Dahyabhai <[email protected]>
Based on review comments from cri-o#210: * use a deferred anonymous function to do cleanup if creating a container fails, instead of explicitly calling a local function * add missing godoc string for ImageServer.GetStore * remove context.Context arguments for ImageServer and RuntimeServer methods, which we ended up never using anyway Signed-off-by: Nalin Dahyabhai <[email protected]>
|
Updated to pull in the current versions of containers/storage and containers/image. |
|
I'll test this out soon /cc @mrunalp |
|
@kubernetes-incubator/maintainers-cri-o PTAL as well |
|
@nalind Could you clean up the commit history? |
|
@mrunalp Sure. Do you mean by squashing to a single patch, or expanding in commit logs, or something else? |
|
@nalind I don't mind multiple commits but with a clean history such that we don't change code added in an earlier commit to fix something within the same PR. Also, we are trying to keep the history bisectable so tests could pass on each commit. |
|
Okay, that's going to take some time, but I'll work on it. |
|
@nalind okay, thanks! |
|
@mrunalp That basically entailed squashing most of the code changes into one patch, and reordering a couple of things. Hopefully it's not too spare. |
|
No worries. Thanks!
… On Dec 17, 2016, at 8:45 PM, Nalin Dahyabhai ***@***.***> wrote:
@mrunalp That basically entailed squashing most of the code changes into one patch, and reordering a couple of things. Hopefully it's not too spare.
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub, or mute the thread.
|
Add the necessary build tags and configuration so that integration tests can properly build against device mapper and btrfs libraries. Signed-off-by: Nalin Dahyabhai <[email protected]>
Update the versions of containers/storage and containers/image, and add new dependencies that they pull in. Signed-off-by: Nalin Dahyabhai <[email protected]>
Any binary that will be managing storage needs to initialize the reexec package in order to be able to apply or read image layers. Signed-off-by: Nalin Dahyabhai <[email protected]>
Add an intermediate API layer that uses containers/storage, and a containers/image that has been patched to use it, to manage images and containers, storing the data that we need to know about containers and pods in the metadata fields provided by containers/storage. While ocid manages pods and containers as different types of items, with disjoint sets of IDs and names, it remains true that every pod includes at least one container. When a container's only purpose is to serve as a home for namespaces that are shared with the other containers in the pod, it is referred to as the pod's infrastructure container. At the storage level, a pod is stored as its set of containers. We keep track of both pod IDs and container IDs in the metadata field of Container objects that the storage library manages for us. Containers which bear the same pod ID are members of the pod which has that ID. Other information about the pod, which ocid needs to remember in order to answer requests for information about the pod, is also kept in the metadata field of its member containers. The container's runtime configuration should be stored in the container's ContainerDirectory, and used as a template. Each time the container is about to be started, its layer should be mounted, that configuration template should be read, the template's rootfs location should be replaced with the mountpoint for the container's layer, and the result should be saved to the container's ContainerRunDirectory, for use as the configuration for the container. Signed-off-by: Nalin Dahyabhai <[email protected]>
|
Okay, rebased. |
|
LGTM |
|
let's get this in 🎉 |
|
Great work Nalin |
We've been hardcoding it since 0e4af6d (*: add seccomp buildtag, 2016-11-29, cri-o#219), but that predates the hack/* approach which landed in f893e38 (Add build tags for integration tests, 2016-12-07, cri-o#210). I'm not sure why cri-o#210 skipped libseccomp (possibly because we always install it on Linux in .travis.yml), but now that we are trying to build on OS X too we need to be more flexible.
We've been hardcoding it since 0e4af6d (*: add seccomp buildtag, 2016-11-29, cri-o#219), but that predates the hack/* approach which landed in f893e38 (Add build tags for integration tests, 2016-12-07, cri-o#210). I'm not sure why cri-o#210 skipped libseccomp (possibly because we always install it on Linux in .travis.yml), but now that we are trying to build on OS X too we need to be more flexible. Signed-off-by: W. Trevor King <[email protected]>
Update variables needed by osbuilder. Also fix query to get the initrd base OS. Fixes: cri-o#210 Signed-off-by: Jose Carlos Venegas Munoz <[email protected]>
To help clean up some of the dependency mess caused by having containers/storage#3 and containers/image#63 calling into each other, this PR takes some of the logic from containers/storage#3 and moves it here. If we merge it, we'll want to adapt #189 to call those routines from here.