Commit graph

960 commits

Author SHA1 Message Date
Stephen J Day
3e0238612b
dist: provide apply command to build rootfs
This changeset adds the simple apply command. It consumes a tar layer
and applies that layer to the specified directory. For the most part, it
is a direct call into Docker's `pkg/archive.ApplyLayer`.

The following demonstrates unpacking the wordpress rootfs into a local
directory `wordpress`:

```
$ ./dist fetch docker.io/library/wordpress 4.5 mediatype:application/vnd.docker.distribution.manifest.v2+json | \
    jq -r '.layers[] | "sudo ./dist apply ./wordpress < $(./dist path -n "+.digest+")"' | xargs -I{} -n1 sh -c "{}"
```

Note that you should have fetched the layers into the local content
store before running the above. Alternatively, you can just read the
manifest from the content store, rather than fetching it. We use fetch
above to avoid having to lookup the manifest digest for our demo.

This tool has a long way to go. We still need to incorporate
snapshotting, as well as the ability to calculate the `ChainID` under
subsequent unpacking. Once we have some tools to play around with
snapshotting, we'll be able to incorporate our `rootfs.ApplyLayer`
algorithm that will get us a lot closer to a production worthy system.

Signed-off-by: Stephen J Day <stephen.day@docker.com>
2017-01-27 11:00:29 -08:00
Stephen J Day
4d51c553c8
MAINTAINERS: add dmcgowan
Derek McGowan will be joining as a maintainer of containerd. He will
bring his extensive experience in graphdrivers and distribution to
ensure success in this project.

Please welcome him!

Signed-off-by: Stephen J Day <stephen.day@docker.com>
2017-01-27 10:43:29 -08:00
Stephen Day
594dca9e31 Merge pull request #472 from stevvooe/expanding-dist-tool
dist: expand functionality of the dist tool
2017-01-27 10:34:54 -08:00
Stephen J Day
f9cd9be61a
dist: expand functionality of the dist tool
With this change, we add the following commands to the dist tool:

- `ingest`: verify and accept content into storage
- `active`: display active ingest processes
- `list`: list content in storage
- `path`: provide a path to a blob by digest
- `delete`: remove a piece of content from storage

We demonstrate the utility with the following shell pipeline:

```
$ ./dist fetch docker.io/library/redis latest mediatype:application/vnd.docker.distribution.manifest.v2+json | \
    jq -r '.layers[] | "./dist fetch docker.io/library/redis "+.digest + "| ./dist ingest --expected-digest "+.digest+" --expected-size "+(.size | tostring) +" docker.io/library/redis@"+.digest' | xargs -I{} -P10 -n1 sh -c "{}"
```

The above fetches a manifest, pipes it to jq, which assembles a shell
pipeline to ingest each layer into the content store. Because the
transactions are keyed by their digest, concurrent downloads and
downloads of repeated content are ignored. Each process is then executed
parallel using xargs.

Put shortly, this is a parallel layer download.

In a separate shell session, could monitor the active downloads with the
following:

```
$ watch -n0.2 ./dist active
```

For now, the content is downloaded into `.content` in the current
working directory. To watch the contents of this directory, you can use
the following:

```
$ watch -n0.2 tree .content
```

This will help to understand what is going on internally.

To get access to the layers, you can use the path command:

```
$./dist path sha256:010c454d55e53059beaba4044116ea4636f8dd8181e975d893931c7e7204fffa
sha256:010c454d55e53059beaba4044116ea4636f8dd8181e975d893931c7e7204fffa /home/sjd/go/src/github.com/docker/containerd/.content/blobs/sha256/010c454d55e53059beaba4044116ea4636f8dd8181e975d893931c7e7204fffa
```

When you are done, you can clear out the content with the classic xargs
pipeline:

```
$ ./dist list -q | xargs ./dist delete
```

Note that this is mostly a POC. Things like failed downloads and
abandoned download cleanup aren't quite handled. We'll probably make
adjustments around how content store transactions are handled to address
this.

From here, we'll build out full image pull and create tooling to get
runtime bundles from the fetched content.

Signed-off-by: Stephen J Day <stephen.day@docker.com>
2017-01-27 10:29:10 -08:00
Qiang Huang
7e4a7402f9 Add some logrus info for containerd
Signed-off-by: Qiang Huang <h.huangqiang@huawei.com>
2017-01-27 22:12:52 +08:00
Kenfe-Mickaël Laventure
24c2810899 Merge pull request #462 from crosbymichael/shim
shim: GRPC service
2017-01-26 16:11:45 -08:00
Michael Crosby
10c5a0ab3d Add exec io copy
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
2017-01-26 16:07:43 -08:00
Michael Crosby
f70d485d72 Merge pull request #468 from jzwlqx/master
optimal help info for ctr cli.
2017-01-26 15:34:31 -08:00
Michael Crosby
f431bf4ad4 Add state rpc to shim
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
2017-01-26 15:09:59 -08:00
Michael Crosby
ead53658cc bump go-runc to 706de6f422f397fb70b8c98f9b8c8eab2de32ae2
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
2017-01-26 14:31:20 -08:00
Michael Crosby
b59bd59d8a Working tty and io support in shim
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
2017-01-26 11:31:17 -08:00
Michael Crosby
8e5e9ae70e Add console pkg and update go-runc
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
2017-01-26 11:31:17 -08:00
Michael Crosby
07c81ccac4 Add events api to shim
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
2017-01-26 11:31:17 -08:00
Michael Crosby
462bdd7669 Update go-runc to f36917a18b3d962aee066063cba0bcff44e338ca
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
2017-01-26 11:31:17 -08:00
Michael Crosby
d619954a2b Move shim service into top lvl package
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
2017-01-26 11:31:17 -08:00
Michael Crosby
fe280d2df0 Fix logrus import in shim
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
2017-01-26 11:31:17 -08:00
Michael Crosby
271cac8634 Update runc to ce450bcc6c135cae93ee2a99d41a308c179ff6dc
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
2017-01-26 11:31:17 -08:00
Michael Crosby
e09b0b0c35 Add exec functionality to shim
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
2017-01-26 11:31:17 -08:00
Michael Crosby
d5d2e586cd Refactor shim terminal and io handling
This also finishes the service implementation of the shim behind GRPC

Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
2017-01-26 11:31:17 -08:00
Michael Crosby
6e9e0a895a Update go-runc to 7b66c5da30493c5eb9c655cab67ba88071891ac5
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
2017-01-26 11:31:17 -08:00
Michael Crosby
911bc57483 Update go-runc to abd8eada6a98acdf415d47a8d372dc314494c07f
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
2017-01-26 11:31:17 -08:00
Michael Crosby
bf036b9d78 Add ctr shim command
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
2017-01-26 11:31:17 -08:00
Michael Crosby
c08e0e610c Add grpc service to shim
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
2017-01-26 11:31:17 -08:00
Michael Crosby
e6de7ea4b5 Add shim proto generation
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
2017-01-26 11:30:54 -08:00
Gábor Lipták
19ca156c91 Enable codecov.io
Signed-off-by: Gábor Lipták <gliptak@gmail.com>
2017-01-26 06:31:38 -05:00
Phil Estes
3c44ec5dbc Merge pull request #470 from samuelkarp/root-test
snapshot: Separate tests using root from non-root
2017-01-25 18:14:51 -08:00
Samuel Karp
cacda40317 snapshot: Separate tests using root from non-root
Signed-off-by: Samuel Karp <skarp@amazon.com>
2017-01-25 17:13:29 -08:00
Kenfe-Mickaël Laventure
b5ee0b1bd4 Merge pull request #451 from AkihiroSuda/trivial-cleanup
*: clean up
2017-01-25 11:02:38 -08:00
Jizhong Jiang
f5615b0225 optimal help info for ctr cli.
Signed-off-by: Jizhong Jiang <jiangjizhong@gmail.com>
2017-01-25 14:16:13 +08:00
Kenfe-Mickaël Laventure
682a37f25c Merge pull request #453 from AkihiroSuda/fix-state-dir
shim executor: fix an issue about empty stateDir
2017-01-24 11:06:16 -08:00
Stephen Day
69d0323fa3 Merge pull request #464 from kunalkushwaha/dist-makefile
Adding dist to Makefile
2017-01-24 10:36:36 -08:00
Michael Crosby
0f0fb59cd1 Merge pull request #463 from stevvooe/cleanup-content-store
content: cleanup package exports
2017-01-24 09:52:16 -08:00
Kunal Kushwaha
2a5f51ecf9 Adding dist to Makefiley
Signed-off-by: Kunal Kushwaha <kushwaha_kunal_v7@lab.ntt.co.jp>
2017-01-24 13:26:19 +09:00
Stephen J Day
f27d43285a
content: cleanup package exports
The package exports are now cleaned up to remove a lot of stuttering in
the API. We also remove direct mapping of refs to the filesystem, opting
for a hash-based approach. This *does* affect insertion performance,
since it requires more individual file ios. A benchmark baseline has
been added and we can fix this later.

Signed-off-by: Stephen J Day <stephen.day@docker.com>
2017-01-23 20:11:35 -08:00
Akihiro Suda
36bd3cae27 shim executor: fix an issue about empty stateDir
A new process could not be created because of an error caused by an empty
stateDir string

  $ ctr exec ...
  rpc error: code = 2 desc = failed to create process state dir: mkdir : no such file or directory

Signed-off-by: Akihiro Suda <suda.akihiro@lab.ntt.co.jp>
2017-01-24 04:06:55 +00:00
Stephen Day
3b79682548 Merge pull request #455 from Mashimiao/bundle-add-check-before-Load
bundle: add check before Load return
2017-01-23 15:48:56 -08:00
Michael Crosby
edcf44ea57 Merge pull request #452 from stevvooe/dist-tool-poc
cmd/dist: POC implementation of dist fetch
2017-01-23 15:18:04 -08:00
Stephen J Day
19eecaab12
cmd/dist: POC implementation of dist fetch
With this changeset we introduce several new things. The first is the
top-level dist command. This is a toolkit that implements various
distribution primitives, such as fetching, unpacking and ingesting.

The first component to this is a simple `fetch` command. It is a
low-level command that takes a "remote", identified by a `locator`, and
an object identifier. Keyed by the locator, this tool can identify a
remote implementation to fetch the content and write it back to standard
out. By allowing this to be the unit of pluggability in fetching
content, we can have quite a bit of flexibility in how we retrieve
images.

The current `fetch` implementation provides anonymous access to docker
hub images, through the namespace `docker.io`. As an example, one can
fetch the manifest for `redis` with the following command:

```
$ ./dist fetch docker.io/library/redis latest mediatype:application/vnd.docker.distribution.manifest.v2+json
```

Note that we have provided a mediatype "hint", nudging the fetch
implementation to grab the correct endpoint. We can hash the output of
that to fetch the same content by digest:

```
$ ./dist fetch docker.io/library/redis sha256:$(./dist fetch docker.io/library/redis latest mediatype:application/vnd.docker.distribution.manifest.v2+json | shasum -a256)
```

Note that the hint is now elided, since we have affixed the content to a
particular hash.

If you are not yet entertained, let's bring `jq` and `xargs` into the
mix for maximum fun. The following incantation fetches the same manifest
and downloads all layers into the convenience of `/dev/null`:

```
$ ./dist fetch docker.io/library/redis sha256:a027a470aa2b9b41cc2539847a97b8a14794ebd0a4c7c5d64e390df6bde56c73 | jq -r '.layers[] | .digest' | xargs -n1 -P10 ./dist fetch docker.io/library/redis > /dev/null
```

This is just the beginning. We should be able to centralize
configuration around fetch to implement a number of distribution
methodologies that have been challenging or impossible up to this point.
The `locator`, mentioned earlier, is a schemaless URL that provides a
host and path that can be used to resolve the remote. By dispatching on
this common identifier, we should be able to support almost any protocol
and discovery mechanism imaginable.

When this is more solidified, we can roll these up into higher-level
operations that can be orchestrated through the `dist` tool or via GRPC.

What a time to be alive!

Signed-off-by: Stephen J Day <stephen.day@docker.com>
2017-01-23 13:27:07 -08:00
Kenfe-Mickaël Laventure
4180eebf27 Merge pull request #448 from AkihiroSuda/cleanup
rootfs: fix compilation error (includes sirupsen->Sirupsen fix)
2017-01-23 12:00:51 -08:00
Akihiro Suda
7fed38881d rootfs: fix compilation error
Signed-off-by: Akihiro Suda <suda.akihiro@lab.ntt.co.jp>
2017-01-23 08:54:57 +00:00
Akihiro Suda
727f0a536e vendor: sirupsen/logrus -> Sirupsen/logrus
github.com/docker/docker/pkg/archive requires Sirupsen/logrus.
So let's remove sirupsen/logrus at the moment.

Signed-off-by: Akihiro Suda <suda.akihiro@lab.ntt.co.jp>
2017-01-23 08:50:08 +00:00
Ma Shimiao
ffc4c570af bundle: add check before Load return
Signed-off-by: Ma Shimiao <mashimiao.fnst@cn.fujitsu.com>
2017-01-23 09:09:03 +08:00
Michael Crosby
523bb8d992 Merge pull request #456 from crosbymichael/report-jan-20
Add Development Report for Jan 20
2017-01-20 15:48:20 -08:00
Kenfe-Mickaël Laventure
8228996a4a Merge pull request #457 from crosbymichael/update-go-runc
Update go-runc to afca56d262e694d9056e937a0877a39ab879aeb4
2017-01-20 13:52:39 -08:00
Michael Crosby
b895c98358 Update go-runc to afca56d262e694d9056e937a0877a39ab879aeb4
This includes fixes for --console-socket in runc as well as additional
APIs for runc commands.

Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
2017-01-20 13:42:14 -08:00
Michael Crosby
64d398d1cc Add report for jan 20
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
2017-01-20 13:13:06 -08:00
Stephen Day
7101c7a9e2 Merge pull request #434 from AkihiroSuda/terminology
snapshot: fix terminology inconsistency
2017-01-19 19:33:34 -08:00
Akihiro Suda
1f763301a6 snapshot: fix terminology inconsistency
LayerManipulator, SnapshotManipulator -> SnapshotManager

Signed-off-by: Akihiro Suda <suda.akihiro@lab.ntt.co.jp>
2017-01-20 02:02:29 +00:00
Akihiro Suda
e9bfed4cf2 *: clean up
Signed-off-by: Akihiro Suda <suda.akihiro@lab.ntt.co.jp>
2017-01-20 01:50:08 +00:00
Michael Crosby
7c975e37a9 Merge pull request #450 from crosbymichael/makefile
Fix makefile install
2017-01-19 11:17:55 -08:00