-
Notifications
You must be signed in to change notification settings - Fork 98
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
oci: support for writable extfs img overlay via fuse-overlayfs #1740
oci: support for writable extfs img overlay via fuse-overlayfs #1740
Conversation
2487bf7
to
1e682e3
Compare
1c0c979
to
8b86f45
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'm afraid that this isn't operating in the same way as the native mode, in two significant ways. For the examples below, the overlay was created with:
singularity overlay create --size 1024 /tmp/test.img
- Permissions in effect are such that in
--oci
mode I cannot create a file in the root directory/
, which I should be able to do.
$ singularity run --oci --overlay /tmp/test.img:rw docker://alpine
2023/06/07 09:24:16 info unpack layer: sha256:8a49fdb3b6a5ff2bd8ec6a86c05b2922a0f7454579ecc07637e94dfd1d0639b6
unknown argument ignored: lazytime
~ $ touch /bob
touch: /bob: Permission denied
$ singularity run --overlay /tmp/test.img:rw docker://alpine
INFO: Using cached SIF image
Singularity> touch /bob
Singularity>
Note that in --oci
mode this does work for directories, so it's not a generic issue for all rw overlays.. so is definitely within the scope of this PR.
$ singularity run --oci --overlay overlaydir:rw docker://alpine
2023/06/07 09:28:26 info unpack layer: sha256:8a49fdb3b6a5ff2bd8ec6a86c05b2922a0f7454579ecc07637e94dfd1d0639b6
~ $ touch /bob
~ $
- If I use an overlay
rw
and then later use itro
I expect to see the created contents overlayed. In--oci
mode, theupper
/work
are visible:
# In native mode... note the `/bob` file present.
$ singularity exec --overlay /tmp/test.img:ro docker://alpine ls /
INFO: Using cached SIF image
bin environment lib opt run srv usr
bob etc media proc sbin sys var
dev home mnt root singularity tmp
# In --oci mode, note the upper / work directories, and `/bob` is inside `/upper`
$ singularity exec --oci --overlay /tmp/test.img:ro docker://alpine ls /
2023/06/07 09:33:10 info unpack layer: sha256:8a49fdb3b6a5ff2bd8ec6a86c05b2922a0f7454579ecc07637e94dfd1d0639b6
bin lib opt sbin upper
dev lost+found proc srv usr
etc media root sys var
home mnt run tmp work
This is actually a generic issue that applies to --oci
overlays in general. Apologies I didn't catch it with the directory overlay. It is up to you whether to address it here, or as a separate issue / PR.
89d2395
to
1656ef9
Compare
497d69a
to
18b045b
Compare
e519a85
to
1daed8e
Compare
(sylabs/singularity#1740) * oci: support for writable extfs img overlay via fuse-overlayfs * added unit- and e2e-tests * fixed exposure of "upper" & "work" subdir in readonly overlays * added fix for file-ownership in FUSE-mounted images + e2e test of fix * fix handling of "upper" in :ro overlay dirs, adjust e2e tests Signed-off-by: Edita Kizinevic <edita.kizinevic@cern.ch>
(sylabs/singularity#1740) * oci: support for writable extfs img overlay via fuse-overlayfs * added unit- and e2e-tests * fixed exposure of "upper" & "work" subdir in readonly overlays * added fix for file-ownership in FUSE-mounted images + e2e test of fix * fix handling of "upper" in :ro overlay dirs, adjust e2e tests Signed-off-by: Edita Kizinevic <edita.kizinevic@cern.ch>
(sylabs/singularity#1740) * oci: support for writable extfs img overlay via fuse-overlayfs * added unit- and e2e-tests * fixed exposure of "upper" & "work" subdir in readonly overlays * added fix for file-ownership in FUSE-mounted images + e2e test of fix * fix handling of "upper" in :ro overlay dirs, adjust e2e tests Signed-off-by: Edita Kizinevic <edita.kizinevic@cern.ch>
(sylabs/singularity#1740) * oci: support for writable extfs img overlay via fuse-overlayfs * added unit- and e2e-tests * fixed exposure of "upper" & "work" subdir in readonly overlays * added fix for file-ownership in FUSE-mounted images + e2e test of fix * fix handling of "upper" in :ro overlay dirs, adjust e2e tests Signed-off-by: Edita Kizinevic <edita.kizinevic@cern.ch>
(sylabs/singularity#1740) * oci: support for writable extfs img overlay via fuse-overlayfs * added unit- and e2e-tests * fixed exposure of "upper" & "work" subdir in readonly overlays * added fix for file-ownership in FUSE-mounted images + e2e test of fix * fix handling of "upper" in :ro overlay dirs, adjust e2e tests Signed-off-by: Edita Kizinevic <edita.kizinevic@cern.ch>
(sylabs/singularity#1740) * oci: support for writable extfs img overlay via fuse-overlayfs * added unit- and e2e-tests * fixed exposure of "upper" & "work" subdir in readonly overlays * added fix for file-ownership in FUSE-mounted images + e2e test of fix * fix handling of "upper" in :ro overlay dirs, adjust e2e tests Signed-off-by: Edita Kizinevic <edita.kizinevic@cern.ch>
(sylabs/singularity#1740) * oci: support for writable extfs img overlay via fuse-overlayfs * added unit- and e2e-tests * fixed exposure of "upper" & "work" subdir in readonly overlays * added fix for file-ownership in FUSE-mounted images + e2e test of fix * fix handling of "upper" in :ro overlay dirs, adjust e2e tests Signed-off-by: Edita Kizinevic <edita.kizinevic@cern.ch>
(sylabs/singularity#1740) * oci: support for writable extfs img overlay via fuse-overlayfs * added unit- and e2e-tests * fixed exposure of "upper" & "work" subdir in readonly overlays * added fix for file-ownership in FUSE-mounted images + e2e test of fix * fix handling of "upper" in :ro overlay dirs, adjust e2e tests Signed-off-by: Edita Kizinevic <edita.kizinevic@cern.ch>
Description of the Pull Request (PR):
Adds support for mounting extfs images as read-write overlays, by using
fuse2fs
(if available) to mount the image followed byfuse-overlayfs
(if available) to mount it as a read-write overlay.This fixes or addresses the following GitHub issues: