Test Mount manager #6

dmcgowan · 2024-12-07T00:37:12Z

For testing and early feedback

I'll open a draft in main repo once I have a first draft of documentation written and some integration.

Still needs:

API definition and bindings
Integration with client and CRI
Documentation
GC tests
Info/Update/List implementation

Note:
I am thinking the best point of integration is directly in the client and CRI. Integrating in the task manager would make it hard to track the mount for garbage collection since it would need the ID passed all the way through. We should also activate the mounts before doing any other sort of mount processing in the task manager.

hsiangkao · 2024-12-19T17:06:47Z

core/mount/manager/manager_linux_test.go

+					{
+						Type:    "xfs",
+						Source:  b1,
+						Options: []string{"loop"},


one important thing I just have thought out is that
If one of the design goals is "to avoid snapshotters to mount filesystems theirselves", so that "mounts[] will be passed to mount handlers to parse".

If my understanding above is correct: I guess loop should not be decided by the snapshotter itself since (take EROFS for example):
[runC] for linux versions without file-backed mounts (typically Linux < 6.12, but I think we should also consider this feature could be backported to old downstream kernel versions): we should try to mount files with file-backed mounts, if -ENOTBLK is returned, use loopback devices; also see util-linux mount logic:
https://github.com/util-linux/util-linux/pull/3317/files#diff-ae74bd215cd470d68e72bf40ebc5f300c9aa5a2f9f1b0ed8ca8b4d519b25ebc6R1088
[runC] for linux versions with file-backed mounts: we should try to mount files with file-backed mounts, it should mount succeed;
[secure containers like Kata]: we should use virtio-blk to pass through files rather than generating loops too;
[gVisor]: they should mount files directly.

So I think the same file should be handled according to different shims, like runc-shim and kata-shim, etc.

And the file might be better to be parsed as:

[]mount.Mount{ { Type: "erofs", Source: <fsmeta> Options: []string { "device=<layer0>,device=<layer1>,...,device=<layern-1> } },

, , ... are all files, it's up to mount managers to decide how to setup devices to mount these....

akhilerm · 2025-05-25T17:19:28Z

api/services/mounts/v1/mounts.proto

+}
+
+message ActivateRequest {
+	string name = 1;


name or ID ?

akhilerm · 2025-05-25T17:21:23Z

api/types/mount.proto

+
+	google.protobuf.Timestamp mounted_at = 2;
+
+	string mount_point = 3;


This will be already part of the Mount.target right?

The target is used as a path in the container or filesystem root, the mount point is the absolute host path

akhilerm · 2025-05-25T17:27:42Z

cmd/ctr/commands/images/mount.go

+			t := time.Now()
+			var b [3]byte
+			rand.Read(b[:])
+			key = fmt.Sprintf("ctr-images-mount-%d-%s", t.Nanosecond(), base64.URLEncoding.EncodeToString(b[:]))


This will always mount to the current directory right? Do we want that??

akhilerm · 2025-05-26T17:05:21Z

core/metadata/boltutil/context.go

+
+// Transaction returns the transaction from the context
+// if it has one.
+func Transaction(ctx context.Context) (tx *bolt.Tx, ok bool) {


Suggested change

func Transaction(ctx context.Context) (tx *bolt.Tx, ok bool) {

func GetTransaction(ctx context.Context) (tx *bolt.Tx, ok bool) {

WDYT?

Add GitHub Action for k8s node e2e tests

Bumps [golangci/golangci-lint-action](https://github.com/golangci/golangci-lint-action) from 6.5.2 to 8.0.0. - [Release notes](https://github.com/golangci/golangci-lint-action/releases) - [Commits](golangci/golangci-lint-action@55c2c14...4afd733) --- updated-dependencies: - dependency-name: golangci/golangci-lint-action dependency-version: 8.0.0 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>

erofs-differ: fix filesystem UUID for tar-converted layers

fix(cri): Correct Commit Memory Aggregation for Windows Containers

This change removes the additional AdamKorcz/instrumentation fuzzers from CI until the oss-fuzz can implement a mechanism to specify the project branch as an argument through its GitHub Actions package. Signed-off-by: Austin Vazquez <austin.vazquez.dev@gmail.com>

…specific-code chore: remove go version specific code

When using blockfile snapshotter and passing specific filesystem mount options, the users may be caught by surprise by the fact that some options are required but not documented anywhere. The easiest way to solve this is by ensuring that the "loop" required option is always added to the mount options. Signed-off-by: Fabiano Fidêncio <fidencio@northflank.com>

Bumps [github.com/tchap/go-patricia/v2](https://github.com/tchap/go-patricia) from 2.3.2 to 2.3.3. - [Commits](tchap/go-patricia@v2.3.2...v2.3.3) --- updated-dependencies: - dependency-name: github.com/tchap/go-patricia/v2 dependency-version: 2.3.3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>

We updated the vendored dependency, but the binary was still left on an older version. full diff: cpuguy83/go-md2man@v2.0.2...v2.0.7 Signed-off-by: Sebastiaan van Stijn <github@gone.nl>

…ure-loop-is-part-of-the-mount-options blockfile: Ensure required options are always set

Signed-off-by: Aadhar Agarwal <aadagarwal@microsoft.com> Minor style updates to erofs.md and differ_linux.go Signed-off-by: Aadhar Agarwal <aadagarwal@microsoft.com> Add use case for tar index in erofs.md Signed-off-by: Aadhar Agarwal <aadagarwal@microsoft.com>

update go-md2man binary to v2.0.7

…d_tar_index_mode erofs snapshotter: Add tar index mode

ctr:add sandbox info command to print sandbox info

…ules/github.com/tchap/go-patricia/v2-2.3.3 build(deps): bump github.com/tchap/go-patricia/v2 from 2.3.2 to 2.3.3