-
Notifications
You must be signed in to change notification settings - Fork 5
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Proposal I - compatibilities extension in image index platform and image manifest config #19
base: main
Are you sure you want to change the base?
Conversation
64ae3a0
to
4eb6b43
Compare
This proposal is born from proposal A to H. The purpose of the proposal, based on the maintainers feedback, is to address the concern maintaining standalone artifact in OCI. Signed-off-by: joehuang <[email protected]>
docs/proposals/PROPOSAL_I.md
Outdated
@@ -0,0 +1,235 @@ | |||
# Proposal I - compatibilities extention in platform object |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
s/extention/extension/g
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
OK, update in next commit
Definetely the idea of adding a new I also like the idea because compatibility would be under the image spec. If container runtimes want to support it they would not have a lot of additional API calls. |
docs/proposals/PROPOSAL_I.md
Outdated
|
||
This proposal is born from proposal A to H. | ||
|
||
The purpose of the proposal, based on the maintainers feedback, is to address the concern maintaining standalone artifact in OCI. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The purpose of the proposal, based on the maintainers feedback, is to address the concern maintaining standalone artifact in OCI. | |
The purpose of the proposal, based on the maintainers feedback, is to address the concern maintaining a standalone artifact in OCI. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
ok, will update in next commit
docs/proposals/PROPOSAL_I.md
Outdated
|
||
The purpose of the proposal, based on the maintainers feedback, is to address the concern maintaining standalone artifact in OCI. | ||
|
||
## image spec platform object extention |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
## image spec platform object extention | |
## image spec platform object extension |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
yeah, spelling issue. will fix
|
||
### add platform.compatibilities descriptor | ||
|
||
Add a new descriptor in platform object in [image index](https://github.com/opencontainers/image-spec/blob/main/image-index.md#image-index-property-descriptions). |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Doesn't this still imply another artifact, it's just linked to differently, directly from a manifest list?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The idea here is to address our concerns in current OCI specifications, avoid introduing a new standalone spec ( maintainers worried about new standard to maintain). so just add new descriptor in manifest entry's platform objector in image index, the descriptor will point to a manifest, in which the compatibilities could reside in config(the current commit), or in a new mediatype layer(another option).
it can be handled quite similar to artifact, but no need to use referrers api anymore.
the compatibilities now can be decoupled from container lifecycle,and optional for runtime engine, runtime engine can be configured to use the compatibilities or not, in sync or async order, it's easy for runtime engine to evolve.
docs/proposals/PROPOSAL_I.md
Outdated
|
||
- **`features`** _array of strings_ | ||
|
||
- **`compatibilities`** _[descriptor](https://github.com/opencontainers/image-spec/blob/main/descriptor.md)_ |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This is confusing because now I'm thinking the field "compatibilities" is part of a descriptor.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
maybe another term would be better. your suggestion?
|
||
## Compatibilities Manifest | ||
|
||
The compatibilities manifest is a special image manifest, contains only config and no blob layer. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
So this is another link / redirection to get to the compatibilities? If I understand:
image manifest list -> descriptor -> image manifest -> config (which has them)?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
So this is another link / redirection to get to the compatibilities? If I understand:
image manifest list -> descriptor -> image manifest -> config (which has them)?
yes, this is the path to get the compatibilities content.
will submit another proposal to short the path by adding a new mediatype, as commented by Marcin
|
||
### Config Extention | ||
|
||
The config object will be extened with compatibilities field. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Does this mean we need to do diffs and similar if you are combining layers from multiple images / multiple configs?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
no need. in this config, only compatibilities is valid content.
#### Example - image is compatible with different hardware combinations | ||
|
||
```json | ||
{ |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This looks like just slightly changing the format / structure to look like a config over an artifact. There are still many jumps to get here - I'm not sure why this approach is better? It has more down sides, like requiring the person own the image / registry URI to be able to update or define the compatibilities. And then the issue of changing digests.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
for jump, it's similar as artifact.
It has more down sides, like requiring the person own the image / registry URI to be able to update or define the compatibilities. And then the issue of changing digests.
it's quite easy to update compatibilites, just replace the descriptor in the image index manifest entry. and the image manifest and blob layes itself doesn't need to update (no rebuild and redistribution), the image manifest digest didnot change. it's very flexible while keep current flow unchanged.
…config This proposal is born from proposal A to H. Based on the maintainers feedback, The purpose of the proposal, is to address the concern maintaining standalone artifact in OCI. Spec update is done on image index platform and image manifest config. Signed-off-by: joehuang <[email protected]>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Putting this on hold until we can discuss the risk of unexpected data loss.
|
||
### add platform.compatibilities descriptor | ||
|
||
Add a new descriptor in platform object in [image index](https://github.com/opencontainers/image-spec/blob/main/image-index.md#image-index-property-descriptions). |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Same issue that I raised on J
: I have concerns that this descriptor would not be known to existing registries and client tooling. As a result, registries would accept an incomplete manifest, or silently delete the compatibility blob in a later GC cycle. And client tooling to copy images would fail to include the compatibility blobs.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@sudo-bmitch is right, so far I confirmed that with regclient and zot registry.
For this proposal we would have to add a descriptor support to regclient and zot.
Didn't test other registries and tools yet.
This proposal is born from proposal A to H.
The purpose of the proposal, based on the maintainers feedback, is to address the concern maintaining standalone artifact in OCI.