Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

image-layout: add an initial image layout spec #94

Merged
merged 1 commit into from
Jun 9, 2016

Conversation

philips
Copy link
Contributor

@philips philips commented May 27, 2016

In order to build tooling that converts the set of OCI Image objects
into an OCI Runtime object we need an Image Layout that test tools can
be built around.

Longer term this Image Layout could be used to define a "single object
image" that is a tar/zip/etc that could be posted over https/ftp/etc.

The layout comes from several different discussions:

#23
#92

Signed-off-by: Brandon Philips brandon.philips@coreos.com

@philips philips force-pushed the add-image-layout branch from 730ed2a to 5616a30 Compare May 27, 2016 02:36
@philips philips changed the title image-layout: initial commit image-layout: add an initial image layout spec May 27, 2016
@@ -0,0 +1,45 @@
## Open Container Initiative Image Layout Specification

The OCI Image Layout is a slash separated layout of OCI content-addressable
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

"content-adressable ..."? I think you're missing"objects." or similar.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

fixed!

@philips
Copy link
Contributor Author

philips commented May 27, 2016

Any other @opencontainers/image-spec-maintainers want to chime in?

```

Object names in the refs and blobs MUST NOT include characters outside of the set of "A" to "Z", "a" to "z", the hyphen (-), the colon (:), the dot (.), and the underscore (_).
The blobs directory MAY contain objects which are not referenced by any of the refs.
Copy link
Contributor

@wking wking May 27, 2016

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks like GitHub wants you to quote your single-characters, otherwise the underscore leads to a lot of italics (at least in the /pull/94/files view).

And while I'm generally against explicit charset restrictions, in this case I'm fine with them, because the “real” name (i.e. whatever is used for crypo-verification) is going to have to be stored in the contents of a blob. The refs/{nick} entries are just convenient nicknames.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

done, thanks.

philips pushed a commit to philips/image-spec that referenced this pull request May 27, 2016
The combined spec isn't really part of the image format and introduces
new objects that we don't have a schema for. Largely I think that it
should be replaced by something like the image layout.

opencontainers#94
Signed-off-by: Brandon Philips <brandon.philips@coreos.com>

The image layout has two top level directories:

- "blobs" contains content-addressable blobs
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm not sure I have an opinion either way, I'll regret not bringing this up: we use the term "blobs" because these are free-form binary data. They are not "objects" because they have no required structure, other than that imposed by their access path (ie, through a descriptor).

Using something like "objects" would imply structure or a header, similar to git.

I'm not sure if we include this distinction in the spec.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

On Fri, May 27, 2016 at 12:28:05PM -0700, Stephen Day wrote:

+- "blobs" contains content-addressable blobs

I'm not sure I have an opinion either way, I'll regret not bringing
this up: we use the term "blobs" because these are free-form binary
data. They are not "objects" because they have no required
structure, other than that imposed by their access path (ie, through
a descriptor).

I'm not sure what your comment is in response to, but I'm ok with
“objects” → “blobs” throughout this PR.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I am defending the use of the term "blobs" and wondering if we should enshrine said defense. Up until, we've just used it because that is what we've used, whereas there is a deliberate difference between an "object" and a "blob".

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

On Fri, May 27, 2016 at 12:35:56PM -0700, Stephen Day wrote:

+- "blobs" contains content-addressable blobs

I am defending the use of the term "blobs" and wondering if we
should enshrine said defense…

How about:

The image layout does not specify an internal structure for blobs;
any semantics must be inferred from the blob content or the context
from which the blob was referenced.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I will add some blobs are opaque language.

On Fri, May 27, 2016 at 1:25 PM W. Trevor King notifications@github.com
wrote:

In image-layout.md
#94 (comment)
:

@@ -0,0 +1,47 @@
+## Open Container Initiative Image Layout Specification
+
+The OCI Image Layout is a slash separated layout of OCI content-addressable objects and human significant references (refs)
+This layout MAY be used in a variety of different transport mechanisms from archive formats (e.g. tar, zip) or used in shared filesystem environments (e.g. nfs) or in networked file fetching systems (e.g. http, ftp, rsync).
+Given an image layout a tool can convert a given ref into a runnable OCI Image Format by finding an appopriate manifest from the manifest list, unpacking the filesystem serializations in the correct order, and then converting the image configuration into an OCI Runtime config.json.
+
+The image layout has two top level directories:
+
+- "blobs" contains content-addressable blobs

On Fri, May 27, 2016 at 12:35:56PM -0700, Stephen Day wrote: > +- "blobs"
contains content-addressable blobs I am defending the use of the term
"blobs" and wondering if we should enshrine said defense…
How about: The image layout does not specify an internal structure for
blobs; any semantics must be inferred from the blob content or the context
from which the blob was referenced.


You are receiving this because you authored the thread.
Reply to this email directly, view it on GitHub
/~https://github.com/opencontainers/image-spec/pull/94/files/f6de720992cbc2db439b91d4bd1442cd44693e91#r64962020,
or mute the thread
/~https://github.com/notifications/unsubscribe/AACDCHGQigCzyqz8tPTcuP4y3DJm1gbHks5qF1NAgaJpZM4IoHyx
.

@wking
Copy link
Contributor

wking commented May 27, 2016

Thinking over the backwards-compat discussion in #95, I think we want
to say something here about how we see that working with this layout.
Basically, we want to make it easy and extremely unambiguous to
identify content following this layout from content following some
other layout.

My guess is that we want to give this format a specific name
(application/vnd.oci.image.layout.v1?) in this PR, but punt exposing
that name to the transport mechanisms (e.g. file-based transports can
put it in a magic header, HTTP-based transport can have have a
/version path, etc.). Or maybe we want to require a ‘version’ file
holding the name, and folks who want to also add a magic header are
free to do so?

@philips
Copy link
Contributor Author

philips commented May 27, 2016

I am fine adding a /oci-layout file with contents like:

{"ociLayoutVersion": "1.0.0"}

@wking
Copy link
Contributor

wking commented May 27, 2016

On Fri, May 27, 2016 at 02:16:17PM -0700, Brandon Philips wrote:

I am fine adding a root /oci-layout file with contents like:

{"ociLayoutVersion": "1.0.0"}

Sounds fine to me, although I don't see a point to putting ‘oci’ in
both the filename and JSON content.

@philips
Copy link
Contributor Author

philips commented May 31, 2016

@wking @stevvooe all feedback addressed.

@vbatts can you give this a review?

@@ -0,0 +1,55 @@
## Open Container Initiative Image Layout Specification

The OCI Image Layout is a slash separated layout of OCI content-addressable blobs and human significant [location-addressable](https://en.wikipedia.org/wiki/Content-addressable_storage#Content-addressed_vs._location-addressed) references (refs).
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I still don't see much point in the hard-to-define “human significant”, especially since location-addressable is sufficient to distinguish refs from blobs.

@vbatts
Copy link
Member

vbatts commented May 31, 2016

Would this be an alternative to the combined layout?

@philips
Copy link
Contributor Author

philips commented May 31, 2016

@vbatts yes, combined has been removed because it is based on a bunch of organically grown schemas that aren't super documented. See #95

@wking
Copy link
Contributor

wking commented May 31, 2016

On Tue, May 31, 2016 at 02:18:46PM -0700, Vincent Batts wrote:

Would this be an alternative to the combined layout?

A replacement (see #95).

@vbatts
Copy link
Member

vbatts commented May 31, 2016

oh wow. I'll move on from protecting the combined format then, once this is incorporated.

So definitely a shim or docker load --format=oci.v1 .. will be needed.

@philips
Copy link
Contributor Author

philips commented May 31, 2016

@vbatts yes.

@philips
Copy link
Contributor Author

philips commented Jun 8, 2016

@stevvooe @wking lets discuss companion data on #129

@philips
Copy link
Contributor Author

philips commented Jun 9, 2016

The only thing blocking this is the continued discussion on some sort of prefix sharding: #94 (comment)

I personally feel like we should punt on the sharding. But, if someone can come up with some benchmarks or other evidence that it is necessary for performance or other reasons I am happy to add the language.

@stevvooe
Copy link
Contributor

stevvooe commented Jun 9, 2016

“Content-addressable violation” warning lights started flashing all
over at my house once I read “companion data” ;).

Yep. That is somewhat the point.

Let's say that you want to put something next to the target:

sha256/aa/aaaaaa/
   data

This allows you to later place something next to it:

sha256/aa/aaaaaa/
   data
   references

Its unverified in the default access path, but it can be handy for optimizations. Leaving the extra path component leaves space to add something here in the future.

The best argument against doing this is that most of this should be in the descriptor or other secured data.

I personally feel like we should punt on the sharding. But, if someone can come up with some benchmarks or other evidence that it is necessary for performance or other reasons I am happy to add the language.

This is a best practice. I do admit, there may be a cargo-cult aspect to it.

@wking
Copy link
Contributor

wking commented Jun 9, 2016

On Wed, Jun 08, 2016 at 06:51:59PM -0700, Brandon Philips wrote:

The only thing blocking this is the continued discussion on some
sort of prefix sharding…

I also think it should be rebased around #111 so it can link to the
new descriptor docs.

@stevvooe
Copy link
Contributor

stevvooe commented Jun 9, 2016

@philips Let's not block on the directory layout.

LGTM

Approved with PullApprove

@vbatts
Copy link
Member

vbatts commented Jun 9, 2016

LGTM
Though I feel like the structure will come up again

Approved with PullApprove

@vbatts vbatts merged commit ecdaaaf into opencontainers:master Jun 9, 2016
wking referenced this pull request in sgotti/oci-store Jul 3, 2016
wking added a commit to wking/image-spec that referenced this pull request Nov 3, 2016
To match the descriptor property, fixing a typo from 9bb56d8
(image-layout: add an initial image layout spec, 2016-05-26, opencontainers#94),
although that was developed in parallel with the descriptor spec.

Signed-off-by: W. Trevor King <wking@tremily.us>
wking added a commit to wking/oci-discovery that referenced this pull request Sep 7, 2017
For folks who want to diverge as little as possible from things
already in image-spec.  Downsides to this approach include:

* Non-sharded blobs [1], although it's not clear to me that modern
  filesystems suffer from having many entries in one directory [2].

* Possible duplicate blobs between two layouts.  You can address this
  with symlinks or similar, but you'd need extra tooling to do that.
  With a single CAS bucket, there's only one place that the blob could
  be, so deduping is free (but garbage collection becomes more
  complicated).

[1]: opencontainers/image-spec#449
[2]: opencontainers/image-spec#94 (comment)
wking added a commit to wking/oci-discovery that referenced this pull request Sep 7, 2017
For folks who want to diverge as little as possible from things
already in image-spec.  Downsides to this approach include:

* Non-sharded blobs [1], although it's not clear to me that modern
  filesystems suffer from having many entries in one directory [2].

* Possible duplicate blobs between two layouts.  You can address this
  with symlinks or similar, but you'd need extra tooling to do that.
  With a single CAS bucket, there's only one place that the blob could
  be, so deduping is free (but garbage collection becomes more
  complicated).

[1]: opencontainers/image-spec#449
[2]: opencontainers/image-spec#94 (comment)
wking added a commit to wking/oci-discovery that referenced this pull request Sep 7, 2017
For folks who want to diverge as little as possible from things
already in image-spec.  Downsides to this approach include:

* Non-sharded blobs [1], although it's not clear to me that modern
  filesystems suffer from having many entries in one directory [2].

* Possible duplicate blobs between two layouts.  You can address this
  with symlinks or similar, but you'd need extra tooling to do that.
  With a single CAS bucket, there's only one place that the blob could
  be, so deduping is free (but garbage collection becomes more
  complicated).

[1]: opencontainers/image-spec#449
[2]: opencontainers/image-spec#94 (comment)
wking added a commit to wking/oci-discovery that referenced this pull request Sep 7, 2017
For folks who want to diverge as little as possible from things
already in image-spec.  Downsides to this approach include:

* Non-sharded blobs [1], although it's not clear to me that modern
  filesystems suffer from having many entries in one directory [2].

* Possible duplicate blobs between two layouts.  You can address this
  with symlinks or similar, but you'd need extra tooling to do that.
  With a single CAS bucket, there's only one place that the blob could
  be, so deduping is free (but garbage collection becomes more
  complicated).

[1]: opencontainers/image-spec#449
[2]: opencontainers/image-spec#94 (comment)
wking added a commit to wking/oci-discovery that referenced this pull request Sep 7, 2017
For folks who want to diverge as little as possible from things
already in image-spec.  Downsides to this approach include:

* Non-sharded blobs [1], although it's not clear to me that modern
  filesystems suffer from having many entries in one directory [2].

* Possible duplicate blobs between two layouts.  You can address this
  with symlinks or similar, but you'd need extra tooling to do that.
  With a single CAS bucket, there's only one place that the blob could
  be, so deduping is free (but garbage collection becomes more
  complicated).

[1]: opencontainers/image-spec#449
[2]: opencontainers/image-spec#94 (comment)
wking added a commit to wking/oci-discovery that referenced this pull request Sep 8, 2017
For folks who want to diverge as little as possible from things
already in image-spec.  Downsides to this approach include:

* Non-sharded blobs [1], although it's not clear to me that modern
  filesystems suffer from having many entries in one directory [2].

* Possible duplicate blobs between two layouts.  You can address this
  with symlinks or similar, but you'd need extra tooling to do that.
  With a single CAS bucket, there's only one place that the blob could
  be, so deduping is free (but garbage collection becomes more
  complicated).

[1]: opencontainers/image-spec#449
[2]: opencontainers/image-spec#94 (comment)
wking added a commit to wking/oci-discovery that referenced this pull request Sep 8, 2017
For folks who want to diverge as little as possible from things
already in image-spec.  Downsides to this approach include:

* Non-sharded blobs [1], although it's not clear to me that modern
  filesystems suffer from having many entries in one directory [2].

* Possible duplicate blobs between two layouts.  You can address this
  with symlinks or similar, but you'd need extra tooling to do that.
  With a single CAS bucket, there's only one place that the blob could
  be, so deduping is free (but garbage collection becomes more
  complicated).

[1]: opencontainers/image-spec#449
[2]: opencontainers/image-spec#94 (comment)
wking added a commit to wking/oci-discovery that referenced this pull request Sep 8, 2017
For folks who want to diverge as little as possible from things
already in image-spec.  Downsides to this approach include:

* Non-sharded blobs [1], although it's not clear to me that modern
  filesystems suffer from having many entries in one directory [2].

* Possible duplicate blobs between two layouts.  You can address this
  with symlinks or similar, but you'd need extra tooling to do that.
  With a single CAS bucket, there's only one place that the blob could
  be, so deduping is free (but garbage collection becomes more
  complicated).

[1]: opencontainers/image-spec#449
[2]: opencontainers/image-spec#94 (comment)
dattgoswami9lk5g added a commit to dattgoswami9lk5g/bremlinr that referenced this pull request Jun 6, 2022
The combined spec isn't really part of the image format and introduces
new objects that we don't have a schema for. Largely I think that it
should be replaced by something like the image layout.

opencontainers/image-spec#94
Signed-off-by: Brandon Philips <brandon.philips@coreos.com>
7c00d pushed a commit to 7c00d/J1nHyeockKim that referenced this pull request Jun 6, 2022
The combined spec isn't really part of the image format and introduces
new objects that we don't have a schema for. Largely I think that it
should be replaced by something like the image layout.

opencontainers/image-spec#94
Signed-off-by: Brandon Philips <brandon.philips@coreos.com>
7c00d added a commit to 7c00d/J1nHyeockKim that referenced this pull request Jun 6, 2022
The combined spec isn't really part of the image format and introduces
new objects that we don't have a schema for. Largely I think that it
should be replaced by something like the image layout.

opencontainers/image-spec#94
Signed-off-by: Brandon Philips <brandon.philips@coreos.com>
laventuraw added a commit to laventuraw/Kihara-tony0 that referenced this pull request Jun 6, 2022
The combined spec isn't really part of the image format and introduces
new objects that we don't have a schema for. Largely I think that it
should be replaced by something like the image layout.

opencontainers/image-spec#94
Signed-off-by: Brandon Philips <brandon.philips@coreos.com>
tomalopbsr0tt added a commit to tomalopbsr0tt/fabiojosej that referenced this pull request Oct 6, 2022
The combined spec isn't really part of the image format and introduces
new objects that we don't have a schema for. Largely I think that it
should be replaced by something like the image layout.

opencontainers/image-spec#94
Signed-off-by: Brandon Philips <brandon.philips@coreos.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

4 participants