Commit graph

122 commits

Author SHA1 Message Date
Sebastiaan van Stijn
0a3336fd7d
Merge pull request #43366 from corhere/finish-identitymapping-refactor
Finish refactor of UID/GID usage to a new struct
2022-03-25 14:51:05 +01:00
Cory Snider
098a44c07f Finish refactor of UID/GID usage to a new struct
Finish the refactor which was partially completed with commit
34536c498d, passing around IdentityMapping structs instead of pairs of
[]IDMap slices.

Existing code which uses []IDMap relies on zero-valued fields to be
valid, empty mappings. So in order to successfully finish the
refactoring without introducing bugs, their replacement therefore also
needs to have a useful zero value which represents an empty mapping.
Change IdentityMapping to be a pass-by-value type so that there are no
nil pointers to worry about.

The functionality provided by the deprecated NewIDMappingsFromMaps
function is required by unit tests to to construct arbitrary
IdentityMapping values. And the daemon will always need to access the
mappings to pass them to the Linux kernel. Accommodate these use cases
by exporting the struct fields instead. BuildKit currently depends on
the UIDs and GIDs methods so we cannot get rid of them yet.

Signed-off-by: Cory Snider <csnider@mirantis.com>
2022-03-14 16:28:57 -04:00
Sebastiaan van Stijn
c28a8e9cf7
layer: remove layerstore.setOS(), layerstore.getOS()
This removes the `setOS()` / `getOS()` functions from the layer store, which were
added in fc21bf280b and 0380fbff37
in support of LCOW.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-03-11 23:14:27 +01:00
Sebastiaan van Stijn
367cd41937
Merge pull request #43302 from thaJeztah/layer_remove_getwithoutlock
layers: remove layerStore.getWithoutLock()
2022-03-05 21:18:26 +01:00
Sebastiaan van Stijn
a0230f3d9a
remove unneeded "digest" alias for "go-digest"
I think this was there for historic reasons (may have been goimports expected
this, and we used to have a linter that wanted it), but it's not needed, so
let's remove it (to make my IDE less complaining about unneeded aliases).

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-03-04 14:49:42 +01:00
Sebastiaan van Stijn
82f96da04d
layer: remove unused ErrActiveMount, ErrNotMounted, ErrNotSupported
These errors were added in 500e77bad0, but were
never used.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-03-02 21:30:41 +01:00
Sebastiaan van Stijn
203fcd6997
layers: remove layerStore.getWithoutLock()
This function was abstracting things a bit too much; the layerStore had a
exported `.Get()` which called `.getWithoutLock()`, but also a non-exported
`.get()`, which also called `.getWithoutLock()`.

While it's common to have a non-exported variant (without locking), the naming
of `.get()` could easily be confused for that variant (which it wasn't).

All locations where `.get()` was called were already handling locks for
`releaseLayer()`, so moving the actual locking inline for `.get()` makes it
more visible where locking happens.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-02-28 19:57:37 +01:00
Sebastiaan van Stijn
32e5fe5099
Merge pull request #43182 from thaJeztah/layer_remove_unused_error
layer: remove unused error return from .Size() and .DiffSize()
2022-02-17 20:51:45 +01:00
Sebastiaan van Stijn
b36d896fce
layer: remove OS from layerstore
This was added in commits fc21bf280b and
0380fbff37 in support of LCOW, but was
now always set to runtime.GOOS.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-01-25 15:23:23 +01:00
Sebastiaan van Stijn
e1ea911aba
layer: remove unused error return from .Size() and .DiffSize()
None of the implementations used return an error, so removing the error
return can simplify using these.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-01-24 18:45:47 +01:00
Eng Zer Jun
c55a4ac779
refactor: move from io/ioutil to io and os package
The io/ioutil package has been deprecated in Go 1.16. This commit
replaces the existing io/ioutil functions with their new definitions in
io and os packages.

Signed-off-by: Eng Zer Jun <engzerjun@gmail.com>
2021-08-27 14:56:57 +08:00
Sebastiaan van Stijn
686be57d0a
Update to Go 1.17.0, and gofmt with Go 1.17
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2021-08-24 23:33:27 +02:00
Kaijie Chen
ae6cf966f9 fix typo in comments
Signed-off-by: Kaijie Chen <chen@kaijie.org>
2021-03-02 23:03:04 +08:00
Sebastiaan van Stijn
5ca758199d
replace pkg/locker with github.com/moby/locker
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-09-10 22:15:40 +02:00
Sebastiaan van Stijn
32e554e681
Remove "could not get checksum with tar-split" debug message
This code was originally written for v1.10 migration where it signified that layers
were recomputed from pre 1.8 layout and could possibly change the tarball checksums.

It's now being repurposed in the BuildKit adapter but there it doesn't have any
warn condition as all data generated by builder is new anyway.

Currently, debug log entries as the one below may appear in the daemon logs:

   [2019-10-02T10:00:06.690674253Z] could not get checksum for "x128nsj79yzfx4j5h6em2w2on" with tar-split: "no tar-split file"

This patch removes the debug log, as it may confuse users ("we couldn't validate
what we downloaded, but we're gonna run it anyway?")

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-03-06 12:45:15 +01:00
Olli Janatuinen
446fe7f263 Make sure that layers are removed from layerdb after succefull layer removal
Signed-off-by: Olli Janatuinen <olli.janatuinen@gmail.com>
2019-11-28 20:06:09 +02:00
Sebastiaan van Stijn
744f1c261c
Remove unused functions, variables, fields
opts/env_test: suppress a linter warning

this one:

> opts/env_test.go:95:4: U1000: field `err` is unused (unused)
> 			err      error
>			^

Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-09-18 12:57:12 +02:00
Sebastiaan van Stijn
07ff4f1de8
goimports: fix imports
Format the source according to latest goimports.

Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-09-18 12:56:54 +02:00
Sebastiaan van Stijn
e894aae2a6
Merge pull request #39715 from olljanat/getorplan-unit-test
Unit test for getOrphan
2019-09-16 13:53:27 +02:00
Vikram bir Singh
ebf12dbda0 Reimplement iteration over fileInfos in getOrphan.
1. Reduce complexity due to nested if blocks by using early
return/continue
2. Improve logging

Changes suggested as a part of code review comments in 39748

Signed-off-by: Vikram bir Singh <vikrambir.singh@docker.com>
2019-09-06 01:50:20 +00:00
Olli Janatuinen
8660330173 Unit test for getOrphan
Signed-off-by: Olli Janatuinen <olli.janatuinen@gmail.com>
2019-08-10 14:48:47 +03:00
Olli Janatuinen
213681b66a First step to implement full garbage collector for image layers
Refactored exiting logic on way that layers are first marked to be under
removal so if actual removal fails they can be found from disk and
cleaned up.

Full garbage collector will be implemented as part of containerd
migration.

Signed-off-by: Olli Janatuinen <olli.janatuinen@gmail.com>
2019-06-05 22:02:42 +03:00
Kir Kolyshkin
af433dd200 layer: protect from same-name races
As pointed out by Tonis, there's a race between ReleaseRWLayer()
and GetRWLayer():

```
----- goroutine 1 -----               ----- goroutine 2 -----
ReleaseRWLayer()
  m := ls.mounts[l.Name()]
  ...
  m.deleteReference(l)
  m.hasReferences()
  ...                                 GetRWLayer()
  ...                                   mount := ls.mounts[id]
  ls.driver.Remove(m.mountID)
  ls.store.RemoveMount(m.name)          return mount.getReference()
  delete(ls.mounts, m.Name())
-----------------------               -----------------------
```

When something like this happens, GetRWLayer will return
an RWLayer without a storage. Oops.

There might be more races like this, and it seems the best
solution is to lock by layer id/name by using pkg/locker.

With this in place, name collision could not happen, so remove
the part of previous commit that protected against it in
CreateRWLayer (temporary nil assigmment and associated rollback).

So, now we have
* layerStore.mountL sync.Mutex to protect layerStore.mount map[]
  (against concurrent access);
* mountedLayer's embedded `sync.Mutex` to protect its references map[];
* layerStore.layerL (which I haven't touched);
* per-id locker, to avoid name conflicts and concurrent operations
  on the same rw layer.

The whole rig seems to look more readable now (mutexes use is
straightforward, no nested locks).

Reported-by: Tonis Tiigi <tonistiigi@gmail.com>
Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>

Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
2019-05-21 10:54:28 -07:00
Kir Kolyshkin
b4e9b50765 layer/CreateRWLayerByGraphID: remove
This is an additon to commit 1fea38856a ("Remove v1.10 migrator")
aka PR #38265. Since that one, CreateRWLayerByGraphID() is not
used anywhere, so let's drop it.

Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
2019-05-21 10:54:28 -07:00
Xinfeng Liu
05250a4f00 layer: optimize layerStore mountL
Goroutine stack analisys shown some lock contention
while doing massively (100 instances of `docker rm`)
parallel image removal, with many goroutines waiting
for the mountL mutex. Optimize it.

With this commit, the above operation is about 3x
faster, with no noticeable change to container
creation times (tested on aufs and overlay2).

kolyshkin@:
- squashed commits
- added description
- protected CreateRWLayer against name collisions by
temporary assiging nil to ls.mounts[name], and treating
nil as "non-existent" in all the other functions.

Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
2019-05-09 11:05:16 -07:00
Kir Kolyshkin
f73b5cb4e8 layer: protect mountedLayer.references
Add a mutex to protect concurrent access to mountedLayer.references map.

Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
2019-05-06 10:49:59 -07:00
Evan Hazlett
794e8111b6 add ApplyDiff to RWLayer
Signed-off-by: Evan Hazlett <ejhazlett@gmail.com>
2019-04-25 11:25:22 -04:00
Sergio Lopez
5846db10af layer/layer_store: ensure NewInputTarStream resources are released
In applyTar, if the driver's ApplyDiff returns an error, the function
returns early without calling io.Copy.

As a consequence, the resources (a goroutine and some buffers holding
the uncompressed image, the digest, etc...) allocated or referenced by
NewInputTarStream above aren't released, as the worker goroutine only
finishes when it finds EOF or a closed pipe.

Signed-off-by: Sergio Lopez <slp@redhat.com>
2018-12-21 09:30:09 +01:00
zhenhai gao
7c5cf58328 Fix a typos in layer_windows.go
Signed-off-by: zhenhai gao <gaozh1988@live.com>
2018-11-18 18:45:06 +08:00
Salahuddin Khan
763d839261 Add ADD/COPY --chown flag support to Windows
This implements chown support on Windows. Built-in accounts as well
as accounts included in the SAM database of the container are supported.

NOTE: IDPair is now named Identity and IDMappings is now named
IdentityMapping.

The following are valid examples:
ADD --chown=Guest . <some directory>
COPY --chown=Administrator . <some directory>
COPY --chown=Guests . <some directory>
COPY --chown=ContainerUser . <some directory>

On Windows an owner is only granted the permission to read the security
descriptor and read/write the discretionary access control list. This
fix also grants read/write and execute permissions to the owner.

Signed-off-by: Salahuddin Khan <salah@docker.com>
2018-08-13 21:59:11 -07:00
Tonis Tiigi
9a0eb8d330 layer: relax graphdriver ID format
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2018-06-10 10:05:26 -07:00
Tonis Tiigi
ea36c3cbaf daemon: access to distribution internals
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2018-06-10 10:05:26 -07:00
Derek McGowan
0aebcbc32d
Remove metadata store interface
Layer metadata storage has not been implemented outside of the layer
store and will be deprecated by containerd metadata storage. To prepare
for this and freeze the current metadata storage, remove the exported
interface and make it internal to the layer store.

Signed-off-by: Derek McGowan <derek@mcgstyle.net>
2018-03-06 10:42:00 -08:00
Daniel Nephin
4f0d95fa6e Add canonical import comment
Signed-off-by: Daniel Nephin <dnephin@docker.com>
2018-02-05 16:51:57 -05:00
Yong Tang
19918b88b7 Golint fix with ro_layer.go
A small golint fix with ro_layer.go.

Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
2018-01-24 18:24:03 +00:00
John Howard
c94d34f783 Remove OS() from layer interface
Signed-off-by: John Howard <jhoward@microsoft.com>
2018-01-18 12:56:28 -08:00
John Howard
0cba7740d4 Address feedback from Tonis
Signed-off-by: John Howard <jhoward@microsoft.com>
2018-01-18 12:30:39 -08:00
John Howard
afd305c4b5 LCOW: Refactor to multiple layer-stores based on feedback
Signed-off-by: John Howard <jhoward@microsoft.com>
2018-01-18 08:31:05 -08:00
John Howard
ce8e529e18 LCOW: Re-coalesce stores
Signed-off-by: John Howard <jhoward@microsoft.com>

The re-coalesces the daemon stores which were split as part of the
original LCOW implementation.

This is part of the work discussed in https://github.com/moby/moby/issues/34617,
in particular see the document linked to in that issue.
2018-01-18 08:29:19 -08:00
Sebastiaan van Stijn
b4a6313969
Golint: remove redundant ifs
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2018-01-15 00:42:25 +01:00
Sargun Dhillon
d2b71b2660 Have VFS graphdriver use accelerated in-kernel copy
This change makes the VFS graphdriver use the kernel-accelerated
(copy_file_range) mechanism of copying files, which is able to
leverage reflinks.

Signed-off-by: Sargun Dhillon <sargun@sargun.me>
2017-11-28 14:59:56 -08:00
Yong Tang
4785f1a7ab Remove solaris build tag and `contrib/mkimage/solaris
Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
2017-11-02 00:01:46 +00:00
John Howard
0380fbff37 LCOW: API: Add platform to /images/create and /build
Signed-off-by: John Howard <jhoward@microsoft.com>

This PR has the API changes described in https://github.com/moby/moby/issues/34617.
Specifically, it adds an HTTP header "X-Requested-Platform" which is a JSON-encoded
OCI Image-spec `Platform` structure.

In addition, it renames (almost all) uses of a string variable platform (and associated)
methods/functions to os. This makes it much clearer to disambiguate with the swarm
"platform" which is really os/arch. This is a stepping stone to getting the daemon towards
fully multi-platform/arch-aware, and makes it clear when "operating system" is being
referred to rather than "platform" which is misleadingly used - sometimes in the swarm
meaning, but more often as just the operating system.
2017-10-06 11:44:18 -07:00
Victor Vieux
a5f9783c93 Merge pull request #34252 from Microsoft/akagup/lcow-remotefs-sandbox
LCOW: Support for docker cp, ADD/COPY on build
2017-09-15 16:49:48 -07:00
chchliang
c72112b171 add testcase in layer/empty_test.go with Metadata()
Signed-off-by: chchliang <chen.chuanliang@zte.com.cn>
2017-09-15 14:13:48 +08:00
Akash Gupta
7a7357dae1 LCOW: Implemented support for docker cp + build
This enables docker cp and ADD/COPY docker build support for LCOW.
Originally, the graphdriver.Get() interface returned a local path
to the container root filesystem. This does not work for LCOW, so
the Get() method now returns an interface that LCOW implements to
support copying to and from the container.

Signed-off-by: Akash Gupta <akagup@microsoft.com>
2017-09-14 12:07:52 -07:00
Derek McGowan
1009e6a40b
Update logrus to v1.0.1
Fixes case sensitivity issue

Signed-off-by: Derek McGowan <derek@mcgstyle.net>
2017-07-31 13:16:46 -07:00
Aaron Lehmann
3be2273d03 Merge pull request #33713 from x1022as/error_fd
fd leak and error handling
2017-07-06 16:47:34 -07:00
John Howard
4ec9766a27 LCOW: Fix nits from 33241
Signed-off-by: John Howard <jhoward@microsoft.com>
2017-06-27 11:59:49 -07:00
Deng Guangxing
0042f992d8 fd leak and error handling
Signed-off-by: Deng Guangxing <dengguangxing@huawei.com>
2017-06-23 15:38:35 +08:00