comment on CVMFS

Question

comment on CVMFS

rptaylor opened this issue 5 years ago · comments

FYI maybe you have already heard about it before, but this seems similar to using CVMFS for container distribution.

General information on CVMFS:
https://cvmfs.readthedocs.io/en/stable/
https://cernvm.cern.ch/portal/filesystem
https://github.com/cvmfs/cvmfs

Information about loading docker images on demand from CVMFS:
https://cvmfs.readthedocs.io/en/stable/cpt-graphdriver.html

Information about automatically converting container images and publishing them to CVMFS (with DUCC)
https://cvmfs.readthedocs.io/en/stable/cpt-ducc.html

Brad Fitzpatrick · Answer 1 · Fri Oct 18 2019 01:10:45 GMT+0800 (China Standard Time)

Thanks, I hadn't seen that before.

I see it's alike in that they both make outbound HTTP requests to fault in data as needed. I'm guessing it's different in that they have a specialized server, where CRFS's goal is to use existing Container Registry servers, and still be compatible with normal "docker pull" etc workflows.

R. P. Taylor · Answer 2 · Sat Oct 19 2019 06:51:46 GMT+0800 (China Standard Time)

Yes, CVMFS has a hierarchical stratum model of servers (a single authoritative stratum 0, and multiple stratum 1 servers replicate from it). So this handles the load balancing and distribution part, like a CDN. The same infrastructure can be used to serve repositories of container images as well as repositories of any other content/software. The stratum servers are based on Apache httpd.

R. P. Taylor · Answer 3 · Sat Oct 19 2019 06:55:57 GMT+0800 (China Standard Time)

When using CVMFS, DUCC (the last URL in the post) is sort of like a shim layer that takes the images from the existing container registry servers and automates publishing them onto CVMFS.

It would be very nice indeed to just do the usual 'docker pull library/fedora' etc. and have the lazy fetching and caching work transparently.
On the other hand, one other benefit of CVMFS is that all content is block-level deduplicated and cached locally with a CAS scheme, so if a new user wants to run a public container image with similar content to another one that has already started, that content will already be present in the local cache, even if the tar.gz files in the container images are completely different.

R. P. Taylor · Answer 4 · Wed Jul 14 2021 08:32:12 GMT+0800 (China Standard Time)

Now the containerd remote snapshotter exists and can be used by CVMFS and other remote filesystems.

Nomi Ferro · Answer 5 · Wed Jul 14 2021 08:33:00 GMT+0800 (China Standard Time)

Omg Get Outlook for iOS<https://aka.ms/o0ukef>

…

________________________________ From: rptaylor ***@***.***> Sent: Tuesday, July 13, 2021 7:32:24 PM To: google/crfs ***@***.***> Cc: Subscribed ***@***.***> Subject: Re: [google/crfs] comment on CVMFS (#13) Now the containerd remote snapshotter exists and can be used by CVMFS and other remote filesystems. — You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub<https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fgoogle%2Fcrfs%2Fissues%2F13%23issuecomment-879492261&data=04%7C01%7C%7C8815bd4b4a7a4b7e3ea808d9465ed9e8%7C84df9e7fe9f640afb435aaaaaaaaaaaa%7C1%7C0%7C637618195455708034%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=OQ5EQZfSSPS5N1lDHW%2BthoEjwHT7ULny6Ykii2W%2Bols%3D&reserved=0>, or unsubscribe<https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fnotifications%2Funsubscribe-auth%2FAQ7LXMIDBENQXRQV4OEV5EDTXTLJRANCNFSM4H6BEYGA&data=04%7C01%7C%7C8815bd4b4a7a4b7e3ea808d9465ed9e8%7C84df9e7fe9f640afb435aaaaaaaaaaaa%7C1%7C0%7C637618195455708034%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=3fGnw9EYYUofEhaApLsmJxMrmDlyFyGFkMkf9h0APXM%3D&reserved=0>.