lib: Add experimental unified storage support for install #1601
Conversation
cgwalters
left a comment
cgwalters
left a comment
There was a problem hiding this comment.
Thanks for working on this!
crates/lib/src/cli.rs
Outdated
| /// Use podman/skopeo to pull image to additionalimagestore, then read from container storage. | ||
| /// This provides a unified approach that leverages existing container tooling. | ||
| #[clap(long)] | ||
| pub(crate) unified: bool, |
There was a problem hiding this comment.
I don't think this should be a CLI flag that operates just once; it should be something like bootc image --set-unified or so and act persistently.
Also we should support setting this at install time so that it happens from the very start.
There was a problem hiding this comment.
(hmm my bad I thought we discussed this but I failed to update the issue #20 or something maybe?)
There was a problem hiding this comment.
Ahh man yeah, we talked about saving the config on the origin file IIRC, I forgot.
crates/lib/src/podman.rs
Outdated
| use bootc_utils::CommandRunExt; | ||
|
|
||
| // Use podman pull with additionalimagestore pointing to bootc storage | ||
| let bootc_storage_path = "/usr/lib/bootc/storage"; |
There was a problem hiding this comment.
Use podstorage.rs instead please
There was a problem hiding this comment.
To elaborate on this, an important aspect here is currently the GC of the bootc/storage instance is rooted in the set of LBIs. That will need to be extended to include the host image.
There was a problem hiding this comment.
Another big task related to this - we'll eventually really want to use the podman HTTP APIs so we can properly monitor progress. Right now we are very crudely relying on doing this synchronously to the existing tty and reusing the podman CLI tty output. But that can't really work if we ever need to render our own progress APIs.
https://lib.rs/crates/bollard might be a good choice for this?
|
Do we get reflinks when importing from the alternate storage into the ostree repo? |
#20 links to containers/container-libs#144 |
Hmm, that's about copying between two container storages, but I was asking about the ostree import. But #20 does say:
Which kinda answers the question. Basically without reflinks into the ostree storage, IMO this makes it a lot less obvious that this new option is objectively better and it instead becomes a discussion of trade-offs. |
jmarrero
force-pushed
the
unified-storage-wip
branch
from
1baf1e8 to
9c3ef81
Compare
jmarrero
changed the title
jmarrero
changed the title
jmarrero
force-pushed
the
unified-storage-wip
branch
2 times, most recently
from
e891e6c to
be75055
Compare
jmarrero
force-pushed
the
unified-storage-wip
branch
from
291fbd7 to
fe10204
Compare
jmarrero
force-pushed
the
unified-storage-wip
branch
3 times, most recently
from
06be8fb to
b801a17
Compare
github-actions
bot
added
the
area/system-reinstall-bootc
jmarrero
force-pushed
the
unified-storage-wip
branch
from
b801a17 to
68b1ba6
Compare
jmarrero
force-pushed
the
unified-storage-wip
branch
3 times, most recently
from
ee300e3 to
50c4f70
Compare
jmarrero
changed the title
|
/gemini review |
![gemini-code-assist[bot]](https://avatars.githubusercontent.com/in/956858?s=60&v=4){kind=small}
There was a problem hiding this comment.
Code Review
This pull request introduces experimental support for unified storage, allowing bootc to pull images into its own container storage before importing them. This is a significant feature that touches installation, upgrade, and switch paths. The changes include new CLI options, a new image set-unified command, and the core logic for the unified pull mechanism.
The implementation is comprehensive and includes new integration tests. My review has identified a few areas for improvement:
- A bug in the image reference formatting for unified storage checks during installation.
- Inconsistent error handling when checking for images in the unified store.
- A potential panic due to an
.unwrap()call on aResult.
Addressing these points will improve the robustness and maintainability of this new feature.
|
On the progress status side maybe we can use https://lib.rs/crates/bollard to talk to podman and I think it should help us get data out of the events? |
jmarrero
force-pushed
the
unified-storage-wip
branch
4 times, most recently
from
3803e4c to
bb9883e
Compare
|
/gemini review |
There was a problem hiding this comment.
Code Review
This pull request introduces experimental support for unified storage in bootc, a significant and well-implemented feature. The changes are comprehensive, adding the --experimental-unified-storage flag to install and switch commands, auto-detection for upgrade, and a new bootc image set-unified command for onboarding existing systems. The implementation correctly handles different sysroot paths and edge cases like localhost images. The inclusion of integration and TMT tests demonstrates a thorough approach to quality assurance. My review includes a few minor suggestions to improve code style and readability.
jmarrero
force-pushed
the
unified-storage-wip
branch
from
04620ac to
7651032
Compare
|
/gemini review |
There was a problem hiding this comment.
Code Review
This pull request introduces experimental unified storage support for bootc install and related commands. The changes are extensive and well-thought-out, adding a new --experimental-unified-storage flag and the bootc image set-unified command. The implementation correctly handles different scenarios, such as install versus upgrade, and the special case of images originating from containers-storage. The addition of comprehensive integration and TMT tests is commendable. I've identified one high-severity logical issue in the implementation of bootc image set-unified where it could operate on a staged image instead of the booted one. I've also noted a correct and important bug fix in the image pruning logic. Overall, this is a solid contribution that adds a valuable feature.
cgwalters
left a comment
cgwalters
left a comment
There was a problem hiding this comment.
Thanks! A first pass review here, this is looking quite plausible!
crates/lib/src/deploy.rs
Outdated
| pub(crate) async fn should_use_unified_storage( | ||
| store: &Storage, | ||
| imgref: &ImageReference, | ||
| explicit_flag: Option<bool>, |
There was a problem hiding this comment.
This seems strange to me; nothing AFAICS passes Some(false). And if Some(true) is passed the caller will just get back true. So why even call this?
crates/lib/src/image.rs
Outdated
| // Check if the image already exists in the default containers-storage. | ||
| // This can happen if someone did a local build (e.g., podman build) and | ||
| // we don't want to overwrite it with an export from ostree. | ||
| ensure_floating_c_storage_initialized(); |
There was a problem hiding this comment.
I think we can put this global init somewhere farther up?
jmarrero
force-pushed
the
unified-storage-wip
branch
from
7651032 to
ddbba51
Compare
|
/gemini review |
There was a problem hiding this comment.
Code Review
This pull request introduces experimental support for unified storage in bootc install, which allows sharing container images with podman's storage to reduce disk usage and enable offline installations. The changes include a new --experimental-unified-storage flag, modifications to upgrade and switch to auto-detect and use unified storage, and special handling for localhost images. New integration and TMT tests are also added to cover these new code paths.
My review focuses on correctness and maintainability. I've identified a couple of areas for improvement:
- An inconsistency in the image pulling strategy for unified storage, which could lead to unnecessary network operations.
- A small opportunity to simplify code by removing a redundant check, improving readability and reflecting the guarantees provided by other functions.
Overall, the changes are well-structured and the addition of tests is great. Addressing these points will improve the robustness and maintainability of the new feature.
jmarrero
force-pushed
the
unified-storage-wip
branch
3 times, most recently
from
ba8e4ef to
7f11db8
Compare
|
Hmm the failure of test-install is weird; I'm not seeing the job fail in e.g. #1846 or other PRs. |
| // During install, this is the target disk's mount point; otherwise default to /sysroot | ||
| let sysroot_base = sysroot_path | ||
| .map(|p| p.to_string()) | ||
| .unwrap_or_else(|| "/sysroot".to_string()); |
There was a problem hiding this comment.
Let's clean this up post merge - should get this stuff from the Storage
crates/lib/src/install.rs
Outdated
| // We must really be in a rootless container, or in some way | ||
| // we're not part of the host user namespace. | ||
| ensure!(pid1_uid == 0, "{proc1} is owned by {pid1_uid}, not zero; this command must be run in the root user namespace (e.g. not rootless podman)"); | ||
| ensure!( |
There was a problem hiding this comment.
Ideally we wouldn't reformat these - I have a suspicion that the test install failure is because we changed message output and that might have broken the expect() statements
cgwalters
left a comment
cgwalters
left a comment
There was a problem hiding this comment.
Marking as requested changes per incompatible change to install flow
jmarrero
force-pushed
the
unified-storage-wip
branch
from
7f11db8 to
a3aea8e
Compare
jmarrero
force-pushed
the
unified-storage-wip
branch
2 times, most recently
from
013df9f to
62d48ab
Compare
Add an experimental --experimental-unified-storage flag to bootc install that uses bootc's container storage (/usr/lib/bootc/storage) to pull images first, then imports from there. This is the same approach used for logically bound images (LBIs). Background: The unified storage approach allows bootc to share container images with podman's storage, reducing disk space and enabling better integration with podman. Changes: - Add --experimental-unified-storage CLI flag to install subcommands - Add sysroot_path parameter to prepare_for_pull_unified() and pull_unified() to handle the different mount points during install vs upgrade/switch - Handle container-storage transport - Skip pull in prepare_for_pull_unified() if image already exists in bootc storage - Add TMT test for install with unified storage flag - Add TMT test for switching to unified storage on running system The sysroot_path fix is needed because during install the target disk is mounted at a specific path (e.g., /var/mnt), not /sysroot. Skopeo needs the actual filesystem path to find the bootc storage. Relates: bootc-dev#20 Assisted-by: Claude Code (Sonnet 4.5) Signed-off-by: Joseph Marrero Corchado <[email protected]>
jmarrero
force-pushed
the
unified-storage-wip
branch
from
62d48ab to
52f5e25
Compare
|
Failures on rawhide are the same we saw in another PR yesterday: #1849 |
|
|
||
| Verify the image can be fetched from the bootc image. Updates may fail when the installation host is authenticated with the registry but the pull secret is not in the bootc image | ||
|
|
||
| **--experimental-unified-storage** |
There was a problem hiding this comment.
Hmm why did this show up in the man pages? Is our man page not handling hide = true? Or did you forget to regenerate? (We probably need a CI gate for this too)
|
|
||
| /// Parse the transport string into a Transport enum. | ||
| pub fn transport(&self) -> Transport { | ||
| Transport::try_from(self.transport.as_str()).unwrap_or(Transport::Registry) |
There was a problem hiding this comment.
Under what scenarios would we want to silently fall back to registry if we fail to parse the input string? I think parsing should usually error out and not have silent fallbacks.
In the function just above this we do let transport = Transport::try_from(self.transport.as_str())?; which feels more correct to me.
(This shouldn't fail of course and per that TODO it'd be better to represent with a proper enum in this code too)
3 participants
lib: Add experimental unified storage support for install
Add an experimental --experimental-unified-storage flag to bootc install
that uses bootc's container storage (/usr/lib/bootc/storage) to pull
images first, then imports from there. This is the same approach used
for logically bound images (LBIs).
Background:
The unified storage approach allows bootc to share container images with
podman's storage, reducing disk space and enabling further integration
with the Podman ecosystem.
Changes:
to handle the different mount points during install vs upgrade/switch
storage first (these can't be pulled from a registry)
bootc storage
The sysroot_path fix is needed because during install the target disk
is mounted at a specific path (e.g., /var/mnt), not /sysroot. Skopeo
needs the actual filesystem path to find the bootc storage.
Relates: #20
Assisted-by: Claude Code (Sonnet 4.5 & Opus 4.5)