j00bar / cosplay Goto Github PK
View Code? Open in Web Editor NEWCosplay is a tool for making RPMs that distribute and run services packaged in containers
License: GNU General Public License v3.0
cosplay's People
Contributors
Watchers
cosplay's Issues
Installed container missing parent layers
The POC involves building the enclosed pyhelloworld container, based on Fedora 30. One would need a Fedora 30 RPM installed as a dependency to install the pyhelloworld container. Thus a common base image RPM could provide the common layers for any other containers that share that base image, keeping RPM sizes minimal.
This is achieved by some fuckery. The present approach exports a container image using skopeo into a dir: and modifies the exported artifacts - the base image layers are removed from the manifest and deleted from the export. The configuration JSON file is not altered.
Once converted to RPMs and installed, the metadata for the pyhelloworld container looks correct; it includes the references to the image layers for the base OS image. But when instantiated into a container and run, those layers are not present.
Demonstration
[root@localhost ~]# rpm -ql fedora-ubi
/var/cosplay/fedora-30
/var/cosplay/fedora-30/4650c04b851c62897e9c02c6041a0e3127f8253fafa3a09642552a8e77c044c8
/var/cosplay/fedora-30/9754ce14641df7f1f3751d21e14b3037dce7dca2472cf4cdff38d96891703453
/var/cosplay/fedora-30/manifest.json
/var/cosplay/fedora-30/version
[root@localhost ~]# rpm -ql pyhelloworld
/usr/lib/systemd/system/pyhelloworld.service
/var/cosplay/pyhelloworld-1
/var/cosplay/pyhelloworld-1/245fd514e05713512bfac35a81527dbf308d95e78a42e30bcf9530c4199723c8
/var/cosplay/pyhelloworld-1/74b4c93c7a86e966ea2176cb764a6527556347f722b5c69e71f48dc093593c75
/var/cosplay/pyhelloworld-1/7720c1d3f2384b664b1d2e2161dfb98bdbd1ea3252478d607673281a2561a15a
/var/cosplay/pyhelloworld-1/9d9b8a4743a397399adf8ac389750541b39bb38be4bbb000910998ec6ee6f780
/var/cosplay/pyhelloworld-1/manifest.json
/var/cosplay/pyhelloworld-1/version
The Fedora 30 package contains the layer beginning with 4650c0.
[root@localhost ~]# podman inspect fedora:30
[
{
"Id": "9754ce14641df7f1f3751d21e14b3037dce7dca2472cf4cdff38d96891703453",
"Digest": "sha256:c61a5c483e454a4c5585e57304be3cb4ee25302a7336e83cde00c51aef142a27",
"RepoTags": [
"docker.io/library/fedora:30"
],
"RepoDigests": [
"docker.io/library/fedora@sha256:c61a5c483e454a4c5585e57304be3cb4ee25302a7336e83cde00c51aef142a27"
],
"Parent": "",
"Comment": "",
"Created": "2019-04-24T21:20:42.215534802Z",
"Config": {
"Env": [
"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",
"DISTTAG=f30container",
"FGC=f30",
"FBR=f30"
],
"Cmd": [
"/bin/bash"
],
"Labels": {
"maintainer": "Clement Verna <[email protected]>"
}
},
"Version": "18.06.1-ce",
"Author": "",
"Architecture": "amd64",
"Os": "linux",
"Size": 311479633,
"VirtualSize": 311479633,
"GraphDriver": {
"Name": "overlay",
"Data": {
"MergedDir": "/var/lib/containers/storage/overlay/4650c04b851c62897e9c02c6041a0e3127f8253fafa3a09642552a8e77c044c8/merged",
"UpperDir": "/var/lib/containers/storage/overlay/4650c04b851c62897e9c02c6041a0e3127f8253fafa3a09642552a8e77c044c8/diff",
"WorkDir": "/var/lib/containers/storage/overlay/4650c04b851c62897e9c02c6041a0e3127f8253fafa3a09642552a8e77c044c8/work"
}
},
"RootFS": {
"Type": "layers",
"Layers": [
"sha256:4650c04b851c62897e9c02c6041a0e3127f8253fafa3a09642552a8e77c044c8"
]
},
"Labels": {
"maintainer": "Clement Verna <[email protected]>"
},
"Annotations": {},
"ManifestType": "application/vnd.docker.distribution.manifest.v2+json",
"User": "",
"History": [
{
"created": "2019-01-16T21:21:55.569693599Z",
"created_by": "/bin/sh -c #(nop) LABEL maintainer=Clement Verna <[email protected]>",
"empty_layer": true
},
{
"created": "2019-01-16T21:21:55.720736034Z",
"created_by": "/bin/sh -c #(nop) ENV DISTTAG=f30container FGC=f30 FBR=f30",
"empty_layer": true
},
{
"created": "2019-04-24T21:20:41.816382191Z",
"created_by": "/bin/sh -c #(nop) ADD file:8fc6644a6befc976a9195c1535d32a79c61dc66fb75efa6f10b7aa8eaf4b8eee in / "
},
{
"created": "2019-04-24T21:20:42.215534802Z",
"created_by": "/bin/sh -c #(nop) CMD [\"/bin/bash\"]",
"empty_layer": true
}
]
}
]
... which matches the RootFS layer with the same hash, 4650c0. 311MB is the correct size.
[root@localhost ~]# podman inspect pyhelloworld:1
[
{
"Id": "9d9b8a4743a397399adf8ac389750541b39bb38be4bbb000910998ec6ee6f780",
"Digest": "sha256:d6855a6bf6acd92322e44bae75e8a0f26e9b36dd3c2889e5d5bd5e66429105f9",
"RepoTags": [
"docker.io/library/pyhelloworld:1"
],
"RepoDigests": [
"docker.io/library/pyhelloworld@sha256:d6855a6bf6acd92322e44bae75e8a0f26e9b36dd3c2889e5d5bd5e66429105f9"
],
"Parent": "",
"Comment": "",
"Created": "2019-06-03T03:19:55.079003215Z",
"Config": {
"ExposedPorts": {
"8080/tcp": {}
},
"Env": [
"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",
"DISTTAG=f30container",
"FGC=f30",
"FBR=f30"
],
"Cmd": [
"/usr/bin/python3",
"/src/index.py"
],
"Labels": {
"maintainer": "Clement Verna <[email protected]>"
}
},
"Version": "",
"Author": "",
"Architecture": "amd64",
"Os": "linux",
"Size": 6800015,
"VirtualSize": 6800015,
"GraphDriver": {
"Name": "overlay",
"Data": {
"LowerDir": "/var/lib/containers/storage/overlay/65f110ce9db37a3439692752c1a35b2ade7bfb0f9efb20a30c049949c8064dea/diff:/var/lib/containers/storage/overlay/74b4c93c7a86e966ea2176cb764a6527556347f722b5c69e71f48dc093593c75/diff",
"MergedDir": "/var/lib/containers/storage/overlay/1bc65ae24f89b417eef5ed9dc565d4d58d0453d98d8fc132b1614243daf985f4/merged",
"UpperDir": "/var/lib/containers/storage/overlay/1bc65ae24f89b417eef5ed9dc565d4d58d0453d98d8fc132b1614243daf985f4/diff",
"WorkDir": "/var/lib/containers/storage/overlay/1bc65ae24f89b417eef5ed9dc565d4d58d0453d98d8fc132b1614243daf985f4/work"
}
},
"RootFS": {
"Type": "layers",
"Layers": [
"sha256:4650c04b851c62897e9c02c6041a0e3127f8253fafa3a09642552a8e77c044c8",
"sha256:74b4c93c7a86e966ea2176cb764a6527556347f722b5c69e71f48dc093593c75",
"sha256:7720c1d3f2384b664b1d2e2161dfb98bdbd1ea3252478d607673281a2561a15a",
"sha256:245fd514e05713512bfac35a81527dbf308d95e78a42e30bcf9530c4199723c8"
]
},
"Labels": {
"maintainer": "Clement Verna <[email protected]>"
},
"Annotations": {},
"ManifestType": "application/vnd.oci.image.manifest.v1+json",
"User": "",
"History": [
{
"created": "2019-01-16T21:21:55.569693599Z",
"created_by": "/bin/sh -c #(nop) LABEL maintainer=Clement Verna <[email protected]>",
"empty_layer": true
},
{
"created": "2019-01-16T21:21:55.720736034Z",
"created_by": "/bin/sh -c #(nop) ENV DISTTAG=f30container FGC=f30 FBR=f30",
"empty_layer": true
},
{
"created": "2019-04-24T21:20:41.816382191Z",
"created_by": "/bin/sh -c #(nop) ADD file:8fc6644a6befc976a9195c1535d32a79c61dc66fb75efa6f10b7aa8eaf4b8eee in / "
},
{
"created": "2019-04-24T21:20:42.215534802Z",
"created_by": "/bin/sh -c #(nop) CMD [\"/bin/bash\"]",
"empty_layer": true
},
{
"created": "2019-06-03T03:19:50.166665037Z",
"created_by": "/bin/sh -c dnf -y install python3-pip && dnf clean all"
},
{
"created": "2019-06-03T03:19:51.343040228Z",
"created_by": "/bin/sh -c #(nop) ADD . /src"
},
{
"created": "2019-06-03T03:19:53.295833398Z",
"created_by": "/bin/sh -c cd /src; pip3 install -r requirements.txt"
},
{
"created": "2019-06-03T03:19:54.238291689Z",
"created_by": "/bin/sh -c #(nop) EXPOSE 8080",
"empty_layer": true
},
{
"created": "2019-06-03T03:19:55.079003215Z",
"created_by": "/bin/sh -c #(nop) CMD [\"/usr/bin/python3\", \"/src/index.py\"]",
"empty_layer": true
}
]
}
]
The pyhelloworld image has the same layer as its first in the RootFS section. That's good. However, when we try to run the pyhelloworld image, it fails:
[root@localhost ~]# podman run -it --rm=true pyhelloworld:1
Error: container create failed: time="2019-06-04T10:48:23-04:00" level=error msg="container_linux.go:346: starting container process caused \"exec: \\\"/usr/bin/python3\\\": stat /usr/bin/python3: no such file or directory\"\n"
container_linux.go:346: starting container process caused "exec: \"/usr/bin/python3\": stat /usr/bin/python3: no such file or directory"
: internal libpod error
And if we unpack the image using buildah, we find that the base Fedora layer doesn't appear to be a part of what ultimately exists.
[root@localhost ~]$ buildah mount 28
/var/lib/containers/storage/overlay/e652966800a6ed036e92bd93162269c355ddc00edd2398cabab2d9f1a9e8576f/merged
[root@localhost ~]# cd /var/lib/containers/storage/overlay/e652966800a6ed036e92bd93162269c355ddc00edd2398cabab2d9f1a9e8576f/merged
[root@localhost merged]# ls -la
total 0
drwxr-xr-x. 1 root root 62 Jun 2 23:23 .
drwx------. 5 root root 69 Jun 2 23:23 ..
drwxr-xr-x. 2 root root 6 Jun 2 23:23 dev
drwxr-xr-x. 2 root root 54 Jun 2 23:23 etc
drwxr-xr-x. 2 root root 6 Jun 2 23:23 proc
dr-xr-x---. 3 root root 20 Jun 2 23:19 root
drwxr-xr-x. 1 root root 27 Jun 2 23:23 run
drwxr-xr-x. 3 root root 101 Jun 2 23:19 src
drwxr-xr-x. 2 root root 6 Jun 2 23:23 sys
drwxrwxrwt. 1 root root 6 Jun 2 23:19 tmp
drwxr-xr-x. 5 root root 41 Apr 22 15:48 var
[root@localhost merged]# ls usr
ls: cannot access 'usr': No such file or directory
[root@localhost merged]# find .
.
./run
./run/secrets
./run/.containerenv
./tmp
./var
./var/cache
./var/cache/dnf
./var/cache/dnf/.gpgkeyschecked.yum
./var/cache/dnf/expired_repos.json
./var/cache/dnf/fedora-a924e206df91842b
./var/cache/dnf/fedora-a924e206df91842b/repodata
./var/cache/dnf/fedora-modular-ad2f02cac192e3ec
./var/cache/dnf/fedora-modular-ad2f02cac192e3ec/repodata
./var/cache/dnf/fedora-modular-ad2f02cac192e3ec/repodata/2dc47974b6a0fa76e1dc78c7b091b34b5d6dc986519824642401b6cf341446eb-modules.yaml.gz
./var/cache/dnf/updates-d6521d96a82a4d6a
./var/cache/dnf/updates-d6521d96a82a4d6a/repodata
./var/cache/dnf/updates-modular-783da5de2e38c644
./var/cache/dnf/updates-modular-783da5de2e38c644/repodata
./var/cache/dnf/updates-modular-783da5de2e38c644/repodata/5c8855cb9efca1165c075208af7c6d4b8f97fd63f3f31dcdd2f48522310a31ca-modules.yaml.gz
./var/lib
./var/lib/dnf
./var/lib/dnf/history.sqlite
./var/lib/dnf/history.sqlite-shm
./var/lib/dnf/history.sqlite-wal
./var/lib/rpm
./var/lib/rpm/.dbenv.lock
./var/lib/rpm/Group
./var/lib/rpm/Installtid
./var/lib/rpm/Name
./var/lib/rpm/Providename
./var/lib/rpm/Sha1header
./var/lib/rpm/__db.001
./var/lib/rpm/__db.002
./var/lib/rpm/__db.003
./var/log
./var/log/dnf.librepo.log
./var/log/dnf.log
./var/log/dnf.rpm.log
./var/log/hawkey.log
./proc
./dev
./sys
./etc
./etc/hostname
./etc/resolv.conf
./etc/hosts
./root
./root/.cache
./root/.cache/pip
./root/.cache/pip/http
./root/.cache/pip/http/a
./root/.cache/pip/http/a/1
./root/.cache/pip/http/a/1/9
./root/.cache/pip/http/a/1/9/5
./root/.cache/pip/http/a/1/9/5/3
./root/.cache/pip/http/a/1/9/5/3/a19537d3cf37c122db841d6fe4cd322bc10d1a558bb00d146b85cb9a
./root/.cache/pip/selfcheck.json
./src
./src/Dockerfile
./src/index.py
./src/pyhelloworld.spec
./src/requirements.txt
How to reproduce
All of the below commands should be run as root.
- Pull the latest
fedora:30image. - Build the
fedora-ubipackage using:python3 cosplay.py --base scratch --no-service docker.io/library/fedora:30 - Build the
pyhelloworldcontainer usingpodman build --tag pyhelloworld:1 .from thepyhelloworld/directory. - Build the
pyhelloworldpackage usingpython3 cosplay.py --base docker.io/library/fedora:30 --ports 8080 localhost/pyhelloworld:1 - Either copy the RPMs from
/root/rpmbuild/RPMS/x86_64to a fresh system or remove thefedora:30andpyhelloworld:1images usingpodman rmi. - Install the
fedora-ubiRPM and then thepyhelloworldRPM.
You now can reproduce the steps above.
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. ๐๐๐
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google โค๏ธ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.