Handle Wasm Images with wasm media types #147
Conversation
jsturtevant
force-pushed
the
handle-oci-artifacts
branch
4 times, most recently
from
e0d742d
to
023e1da
Compare
jsturtevant
force-pushed
the
handle-oci-artifacts
branch
2 times, most recently
from
cbf81c8
to
bf84bcc
Compare
|
This should likely go in after #142, will need some refactoring to support the executor. But wanted to get some eyes on the general direction. |
jsturtevant
force-pushed
the
handle-oci-artifacts
branch
5 times, most recently
from
fbf9af5
to
dbf29de
Compare
jsturtevant
force-pushed
the
handle-oci-artifacts
branch
5 times, most recently
from
c75ba5b
to
b237264
Compare
jsturtevant
force-pushed
the
handle-oci-artifacts
branch
2 times, most recently
from
eeeac18
to
5e29933
Compare
|
not sure why the kind-oci test is failing, I ran into #362 when trying locally and will revisit tomorrow now that it is fixed |
| let arch = manifest | ||
| .config() | ||
| .platform() | ||
| .as_ref() | ||
| .ok_or_else(|| ShimError::Others("failed to extract platform".to_string()))? | ||
| .architecture(); |
There was a problem hiding this comment.
It would be great to expose the platform in the WasiContext.
We could use the os part (wasip1/wasip2) to choose between modules or components, and os_features might be useful to know what components we need.
Also, that could also be used to choose between wasm container vs native container, right?
There was a problem hiding this comment.
Like this idea of passing OS and Arch to the wasicontext. For features, my understanding is we have some flexibility and we should follow up on how we decide to hand those.
There was a problem hiding this comment.
To be clear, I'm not implying we should start using os_features right now.
The details on that would need wider concensus and review.
But if we expose the Platform object (instead of just the OS / Arch strings), we open the door to that option.
There was a problem hiding this comment.
I've passed this on to the WasiContext, but not sure I like it the current way I did it. input welcome
jsturtevant
force-pushed
the
handle-oci-artifacts
branch
2 times, most recently
from
a06068a
to
eda04b0
Compare
|
CI is failling with which indicates we are hitting this line. |
| MediaType::ImageLayer | ||
| | MediaType::ImageLayerGzip | ||
| | MediaType::ImageLayerNonDistributable | ||
| | MediaType::ImageLayerNonDistributableGzip | ||
| | MediaType::ImageLayerNonDistributableZstd | ||
| | MediaType::ImageLayerZstd => true, | ||
| MediaType::Other(s) | ||
| if s.as_str() | ||
| .starts_with("application/vnd.docker.image.rootfs.") => | ||
| { | ||
| true | ||
| } | ||
| _ => false, | ||
| } |
There was a problem hiding this comment.
I am not a big fan of this. We would have to keep maintaining this every time the spec is updated.
Moreover, we are only interested in Wasm layers, why not probe for wasm layers only?
IIUC, this would let things like MediaType::ImageIndex, MediaType::ImageManifest, MediaType::ArtifactManifest to get through.
Could we use something like this instead?
.filter_map(|config| match config.media_type() {
MediaType::Other(s) if s.starts_with("application/vnd.bytecodealliance.wasm.") => {
Some(self.read_content(config.digest()).map(|module| WasmLayer {
config: config.clone(),
layer: module,
}))
}
_ => None,
})I can also imagine evolving WasmLayer into an enum that can tell apart different types of wasm layers (modules, components, etc), but not for this PR.
There was a problem hiding this comment.
The reason I didn't do just wasm layer types is because runtimes like spin/slight (probably others) will need to pass there configuration files. By leaving this more open ended, initially, we allow for those other types. In the case of spin they also have a media type for a module that doesn't match the application/vnd.bytecodealliance.wasm format.
I would like to tighten this up in the future once we get to the point where "everything is component" approach. The extra config files, static files, etc would just be component that the runtime knows how to use. But feels to early to be restrictive here.
I am not too concerned about this logic change all that often. It is a borrowed, idea from containerd's IsLayerType and that hasn't had a change in 4 years.
There was a problem hiding this comment.
We could add in the Instance trait a method to declare what layers it cares about (with a reasonable default impl).
Something like:
fn supported_layers_types() -> &'static [&'static str] {
&["application/vnd.bytecodealliance.wasm.component.layer.v0+wasm"]
}or maybe something like:
fn supports_layer_type(ty: MediaType) -> bool {
match ty {
MediaType::Other(s) => s.starts_with("application/vnd.bytecodealliance.wasm."),
_ => false,
}
}If you think the current approach is better I'm happy with that as well, I don't want to block it over this :-)
jsturtevant
force-pushed
the
handle-oci-artifacts
branch
from
ab26535
to
7976bfd
Compare
|
|
jsturtevant
changed the title
jsturtevant
force-pushed
the
handle-oci-artifacts
branch
from
7976bfd
to
6360e13
Compare
I dropped it, as it shouldn't be needed. |
jsturtevant
force-pushed
the
handle-oci-artifacts
branch
from
6360e13
to
d1b21fb
Compare
Signed-off-by: James Sturtevant <jstur@microsoft.com>
Signed-off-by: James Sturtevant <jstur@microsoft.com>
jsturtevant
force-pushed
the
handle-oci-artifacts
branch
from
d1b21fb
to
94a7fdb
Compare
fixes: #108 (requires changes in containerd)
This adds the ability to handle oci artifacts as described in the proposal in https://docs.google.com/document/d/11shgC3l6gplBjWF1VJCWvN_9do51otscAm0hBDGSSAc.
Containerd doesn't currently support passing the annotations for the OCI artifact format and needs the following PR: containerd/containerd#8699This pr relies on containerd/containerd#9142 which has been merged upstream