feat(view): add per-container snapshot views for boot artifacts#639
Draft
sidneychang wants to merge 3 commits into
Draft
feat(view): add per-container snapshot views for boot artifacts#639sidneychang wants to merge 3 commits into
sidneychang wants to merge 3 commits into
Conversation
✅ Deploy Preview for urunc ready!
To edit notification comments on pull requests, go to your Netlify project configuration. |
sidneychang
force-pushed
the
feat/per-container-view-reliable
branch
from
b529bb2 to
af30554
Compare
Wrap the containerd task service so snapshot views are prepared before Create and cleaned up after Delete. Persist bundle state with the view key, lease, and mounts so the runtime can reuse the prepared view without dialing containerd again. Resolve snapshot parents to committed layers and gate the feature through runtime annotations and mountRootfs metadata. Signed-off-by: sidneychang <2190206983@qq.com>
Load shim-written snapshot view state from the bundle and mount the read-only view when extracting boot artifacts for block-backed guests. Bind kernel, initrd, and urunc.json from the prepared view into the monitor rootfs, while keeping the existing block extraction path as the fallback when no per-container view is available. Add the snapshotView annotation to unikernel config parsing and log the selected rootfs configuration for debugging. Signed-off-by: sidneychang <2190206983@qq.com>
Document the snapshotView annotation in both the package overview and rootfs guide. Explain how to enable the feature from config.json or urunc.json and clarify that it is used together with mountRootfs on supported block-based snapshotters. Signed-off-by: sidneychang <2190206983@qq.com>
4 tasks
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Description
Add a shim-managed per-container snapshot-view path for block-backed rootfs setups so urunc can reuse a prepared read-only view of the container image when retrieving boot artifacts.
The shim now wraps task Create/Delete to prepare a snapshot view ahead of container startup, persist the view metadata and mounts into the bundle, and clean up the containerd view and lease during deletion. On the runtime side, unikontainers consume that shim-written state to bind the unikernel binary, initrd, and
urunc.jsonfrom the prepared view into the monitor rootfs, while keeping the legacy extraction path as a fallback when no per-container view is available.The PR also documents the new
com.urunc.unikernel.snapshotViewruntime annotation and its interaction withmountRootfsfor supported block snapshotters.Related issues
How was this tested?
LLM usage
Codex
Checklist
make lint).make test_ctr,make test_nerdctl,make test_docker,make test_crictl).