/* Copyright The containerd Authors. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License. */ package containerd import ( "context" "fmt" "strings" "sync/atomic" "github.com/containerd/containerd/content" "github.com/containerd/containerd/diff" "github.com/containerd/containerd/errdefs" "github.com/containerd/containerd/images" "github.com/containerd/containerd/platforms" "github.com/containerd/containerd/rootfs" "github.com/containerd/containerd/snapshots" "github.com/opencontainers/go-digest" "github.com/opencontainers/image-spec/identity" ocispec "github.com/opencontainers/image-spec/specs-go/v1" "github.com/pkg/errors" "golang.org/x/sync/semaphore" ) // Image describes an image used by containers type Image interface { // Name of the image Name() string // Target descriptor for the image content Target() ocispec.Descriptor // Labels of the image Labels() map[string]string // Unpack unpacks the image's content into a snapshot Unpack(context.Context, string, ...UnpackOpt) error // RootFS returns the unpacked diffids that make up images rootfs. RootFS(ctx context.Context) ([]digest.Digest, error) // Size returns the total size of the image's packed resources. Size(ctx context.Context) (int64, error) // Usage returns a usage calculation for the image. Usage(context.Context, ...UsageOpt) (int64, error) // Config descriptor for the image. Config(ctx context.Context) (ocispec.Descriptor, error) // IsUnpacked returns whether or not an image is unpacked. IsUnpacked(context.Context, string) (bool, error) // ContentStore provides a content store which contains image blob data ContentStore() content.Store } type usageOptions struct { manifestLimit *int manifestOnly bool snapshots bool } // UsageOpt is used to configure the usage calculation type UsageOpt func(*usageOptions) error // WithUsageManifestLimit sets the limit to the number of manifests which will // be walked for usage. Setting this value to 0 will require all manifests to // be walked, returning ErrNotFound if manifests are missing. // NOTE: By default all manifests which exist will be walked // and any non-existent manifests and their subobjects will be ignored. func WithUsageManifestLimit(i int) UsageOpt { // If 0 then don't filter any manifests // By default limits to current platform return func(o *usageOptions) error { o.manifestLimit = &i return nil } } // WithSnapshotUsage will check for referenced snapshots from the image objects // and include the snapshot size in the total usage. func WithSnapshotUsage() UsageOpt { return func(o *usageOptions) error { o.snapshots = true return nil } } // WithManifestUsage is used to get the usage for an image based on what is // reported by the manifests rather than what exists in the content store. // NOTE: This function is best used with the manifest limit set to get a // consistent value, otherwise non-existent manifests will be excluded. func WithManifestUsage() UsageOpt { return func(o *usageOptions) error { o.manifestOnly = true return nil } } var _ = (Image)(&image{}) // NewImage returns a client image object from the metadata image func NewImage(client *Client, i images.Image) Image { return &image{ client: client, i: i, platform: client.platform, } } // NewImageWithPlatform returns a client image object from the metadata image func NewImageWithPlatform(client *Client, i images.Image, platform platforms.MatchComparer) Image { return &image{ client: client, i: i, platform: platform, } } type image struct { client *Client i images.Image platform platforms.MatchComparer } func (i *image) Name() string { return i.i.Name } func (i *image) Target() ocispec.Descriptor { return i.i.Target } func (i *image) Labels() map[string]string { return i.i.Labels } func (i *image) RootFS(ctx context.Context) ([]digest.Digest, error) { provider := i.client.ContentStore() return i.i.RootFS(ctx, provider, i.platform) } func (i *image) Size(ctx context.Context) (int64, error) { return i.Usage(ctx, WithUsageManifestLimit(1), WithManifestUsage()) } func (i *image) Usage(ctx context.Context, opts ...UsageOpt) (int64, error) { var config usageOptions for _, opt := range opts { if err := opt(&config); err != nil { return 0, err } } var ( provider = i.client.ContentStore() handler = images.ChildrenHandler(provider) size int64 mustExist bool ) if config.manifestLimit != nil { handler = images.LimitManifests(handler, i.platform, *config.manifestLimit) mustExist = true } var wh images.HandlerFunc = func(ctx context.Context, desc ocispec.Descriptor) ([]ocispec.Descriptor, error) { var usage int64 children, err := handler(ctx, desc) if err != nil { if !errdefs.IsNotFound(err) || mustExist { return nil, err } if !config.manifestOnly { // Do not count size of non-existent objects desc.Size = 0 } } else if config.snapshots || !config.manifestOnly { info, err := provider.Info(ctx, desc.Digest) if err != nil { if !errdefs.IsNotFound(err) { return nil, err } if !config.manifestOnly { // Do not count size of non-existent objects desc.Size = 0 } } else if info.Size > desc.Size { // Count actual usage, Size may be unset or -1 desc.Size = info.Size } for k, v := range info.Labels { const prefix = "containerd.io/gc.ref.snapshot." if !strings.HasPrefix(k, prefix) { continue } sn := i.client.SnapshotService(k[len(prefix):]) if sn == nil { continue } u, err := sn.Usage(ctx, v) if err != nil { if !errdefs.IsNotFound(err) && !errdefs.IsInvalidArgument(err) { return nil, err } } else { usage += u.Size } } } // Ignore unknown sizes. Generally unknown sizes should // never be set in manifests, however, the usage // calculation does not need to enforce this. if desc.Size >= 0 { usage += desc.Size } atomic.AddInt64(&size, usage) return children, nil } l := semaphore.NewWeighted(3) if err := images.Dispatch(ctx, wh, l, i.i.Target); err != nil { return 0, err } return size, nil } func (i *image) Config(ctx context.Context) (ocispec.Descriptor, error) { provider := i.client.ContentStore() return i.i.Config(ctx, provider, i.platform) } func (i *image) IsUnpacked(ctx context.Context, snapshotterName string) (bool, error) { sn, err := i.client.getSnapshotter(ctx, snapshotterName) if err != nil { return false, err } cs := i.client.ContentStore() diffs, err := i.i.RootFS(ctx, cs, i.platform) if err != nil { return false, err } chainID := identity.ChainID(diffs) _, err = sn.Stat(ctx, chainID.String()) if err == nil { return true, nil } else if !errdefs.IsNotFound(err) { return false, err } return false, nil } // UnpackConfig provides configuration for the unpack of an image type UnpackConfig struct { // ApplyOpts for applying a diff to a snapshotter ApplyOpts []diff.ApplyOpt // SnapshotOpts for configuring a snapshotter SnapshotOpts []snapshots.Opt } // UnpackOpt provides configuration for unpack type UnpackOpt func(context.Context, *UnpackConfig) error func (i *image) Unpack(ctx context.Context, snapshotterName string, opts ...UnpackOpt) error { ctx, done, err := i.client.WithLease(ctx) if err != nil { return err } defer done(ctx) var config UnpackConfig for _, o := range opts { if err := o(ctx, &config); err != nil { return err } } layers, err := i.getLayers(ctx, i.platform) if err != nil { return err } var ( a = i.client.DiffService() cs = i.client.ContentStore() chain []digest.Digest unpacked bool ) snapshotterName, err = i.client.resolveSnapshotterName(ctx, snapshotterName) if err != nil { return err } sn, err := i.client.getSnapshotter(ctx, snapshotterName) if err != nil { return err } for _, layer := range layers { unpacked, err = rootfs.ApplyLayerWithOpts(ctx, layer, chain, sn, a, config.SnapshotOpts, config.ApplyOpts) if err != nil { return err } if unpacked { // Set the uncompressed label after the uncompressed // digest has been verified through apply. cinfo := content.Info{ Digest: layer.Blob.Digest, Labels: map[string]string{ "containerd.io/uncompressed": layer.Diff.Digest.String(), }, } if _, err := cs.Update(ctx, cinfo, "labels.containerd.io/uncompressed"); err != nil { return err } } chain = append(chain, layer.Diff.Digest) } desc, err := i.i.Config(ctx, cs, i.platform) if err != nil { return err } rootfs := identity.ChainID(chain).String() cinfo := content.Info{ Digest: desc.Digest, Labels: map[string]string{ fmt.Sprintf("containerd.io/gc.ref.snapshot.%s", snapshotterName): rootfs, }, } _, err = cs.Update(ctx, cinfo, fmt.Sprintf("labels.containerd.io/gc.ref.snapshot.%s", snapshotterName)) return err } func (i *image) getLayers(ctx context.Context, platform platforms.MatchComparer) ([]rootfs.Layer, error) { cs := i.client.ContentStore() manifest, err := images.Manifest(ctx, cs, i.i.Target, platform) if err != nil { return nil, err } diffIDs, err := i.i.RootFS(ctx, cs, platform) if err != nil { return nil, errors.Wrap(err, "failed to resolve rootfs") } if len(diffIDs) != len(manifest.Layers) { return nil, errors.Errorf("mismatched image rootfs and manifest layers") } layers := make([]rootfs.Layer, len(diffIDs)) for i := range diffIDs { layers[i].Diff = ocispec.Descriptor{ // TODO: derive media type from compressed type MediaType: ocispec.MediaTypeImageLayer, Digest: diffIDs[i], } layers[i].Blob = manifest.Layers[i] } return layers, nil } func (i *image) ContentStore() content.Store { return i.client.ContentStore() }