Do not use overlayfs to debug container layers #679
Assignees
Labels
Milestone
Comments
nishakm
added
feature
|
|
|
One possible implementation:
Caveats for this method:
The unfortunate thing about this method is that after analysis of |
rnjudge
added a commit
to rnjudge/tern
that referenced
this issue
Jul 17, 2020
Tern does not currently run within a container image without an external mount to a linux host. This commit updates the Dockerfile to install fuse-overlayfs which will allow Tern to run in a container on a non-linux host. This commit also updates the Dockerfile used for continuous integration testing. A few notable changes in the Dockerfile include: - Change base OS from photon to debian. This is a requirement of fuse-overlayfs. - Remove the creation of the hostmount directory, as it is no longer required for mounting outside of the container. - Removes the --quiet option in the ENTRYPOINT so the user can see the default logging behavior. - Adds the --non-linux command line option to the ENTRYPOINT to enable fuse-overlayfs as the default mounting behavior. This commit also updates the docker_run.sh script to no longer mount to the hostmount directory and adds /dev/fuse as a host device to enable fuse-overlayfs. Works towards tern-tools#679 Signed-off-by: Rose Judge <rjudge@vmware.com>
rnjudge
added a commit
to rnjudge/tern
that referenced
this issue
Jul 17, 2020
Tern currently cannot run within a container image without an external mount to a Linux host. This is due to the dependency on the Linux filesystem's overlayfs driver that is used to mount the layers which does not natively exist on Mac or Windows. This commit makes changes to enable Tern to run on a non-Linux host by using the FUSE implementation for overlayfs. It does so by adding a --non-linux command line option. When that option is envoked, instead of mounting to an external mount point specified by the user, Tern will set the mount point as the working directory, which happens to be inside the container when being run on a non-Linux host. When it comes time to mount the diff layers, Tern will use the non-linux flag to determine if it should use the fuse-overlayfs or default overlayfs implementation for the mount. Resolves tern-tools#679 Signed-off-by: Rose Judge <rjudge@vmware.com>
rnjudge
added a commit
to rnjudge/tern
that referenced
this issue
Jul 17, 2020
Tern does not currently run within a container image without an external mount to a linux host. This commit updates the Dockerfile to install fuse-overlayfs which will allow Tern to run in a container on a non-linux host. This commit also updates the Dockerfile used for continuous integration testing. A few notable changes in the Dockerfile include: - Change base OS from photon to debian. This is a requirement of fuse-overlayfs. - Remove the creation of the hostmount directory, as it is no longer required for mounting outside of the container. - Removes the --quiet option in the ENTRYPOINT so the user can see the default logging behavior. - Adds the --non-linux command line option to the ENTRYPOINT to enable fuse-overlayfs as the default mounting behavior. This commit also updates the docker_run.sh script to no longer mount to the hostmount directory and adds /dev/fuse as a host device to enable fuse-overlayfs. Lastly, test_files_touched.py is updated to account for the changes in how the docker_run script should be invoked. Works towards tern-tools#679 Signed-off-by: Rose Judge <rjudge@vmware.com>
rnjudge
added a commit
to rnjudge/tern
that referenced
this issue
Jul 17, 2020
Tern currently cannot run within a container image without an external mount to a Linux host. This is due to the dependency on the Linux filesystem's overlayfs driver that is used to mount the layers which does not natively exist on Mac or Windows. This commit makes changes to enable Tern to run on a non-Linux host by using the FUSE implementation for overlayfs. It does so by adding a --non-linux command line option. When that option is envoked, instead of mounting to an external mount point specified by the user, Tern will set the mount point as the working directory, which happens to be inside the container when being run on a non-Linux host. When it comes time to mount the diff layers, Tern will use the non-linux flag to determine if it should use the fuse-overlayfs or default overlayfs implementation for the mount. Resolves tern-tools#679 Signed-off-by: Rose Judge <rjudge@vmware.com>
rnjudge
added a commit
to rnjudge/tern
that referenced
this issue
Jul 24, 2020
Tern does not currently run within a container image without an external mount to a Linux host. This commit updates the Dockerfile to install fuse-overlayfs which will allow Tern to run in a container on a non-Linux host. This commit also updates the Dockerfile used for continuous integration testing. A few notable changes in the Dockerfile include: - Change base OS from photon to debian. This is a requirement of fuse-overlayfs. - Remove the creation of the hostmount directory, as it is no longer required for mounting outside of the container. - Removes the --quiet option in the ENTRYPOINT so the user can see the default logging behavior. - Adds the '--driver fuse' command line option to the ENTRYPOINT to enable fuse-overlayfs as the default mounting driver. This commit also updates the docker_run.sh script to no longer mount to the hostmount directory and adds /dev/fuse as a host device to enable fuse-overlayfs. test_files_touched.py is updated to account for the changes in how the docker_run script should be invoked. Lastly, there is an update to the README that reflects the changes to commands required to run Tern in a Docker container. Works towards tern-tools#679 Signed-off-by: Rose Judge <rjudge@vmware.com>
rnjudge
added a commit
to rnjudge/tern
that referenced
this issue
Jul 24, 2020
Tern currently cannot run within a container image without an external mount to a Linux host. This is due to the dependency on the Linux filesystem's overlayfs driver that is used to mount the layers which does not natively exist on Mac or Windows. This commit makes changes to enable Tern to run on a non-Linux host by using the FUSE implementation for overlayfs when Tern is being run in a container. First, this commit deprecates the --bind-mount CLI option. Instead, a --driver CLI option is added that will use the FUSE implementation of overlayfs to do any mounting in a container, regardless of the host OS. Since the --bind-mount CLI option is now deprecated, this commit also makes the necessary updates in cache.py to any mount_dir references and instead uses the correct working_dir. Resolves tern-tools#679 Signed-off-by: Rose Judge <rjudge@vmware.com>
rnjudge
added a commit
to rnjudge/tern
that referenced
this issue
Jul 29, 2020
Tern currently cannot run within a container image without an external mount to a Linux host. This is due to the dependency on the Linux filesystem's overlayfs driver that is used to mount the layers which does not natively exist on Mac or Windows. This commit makes changes to enable Tern to run on a non-Linux host by using the FUSE implementation for overlayfs when Tern is being run in a container. First, this commit deprecates the --bind-mount CLI option. Instead, a --driver CLI option is added that will use the FUSE implementation of overlayfs to do any mounting in a container, regardless of the host OS. Since the --bind-mount CLI option is now deprecated, this commit also makes the necessary updates in cache.py to any mount_dir references and instead uses the correct working_dir. Resolves tern-tools#679 Signed-off-by: Rose Judge <rjudge@vmware.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Describe the Feature
Since tern uses the overlayfs driver to analyze packages layer by layer, it cannot run within a container image without an external mount to a Linux host. Not all hosts are Linux and Docker runs on MacOS and Windows. Hence using an alternative for "debugging" container image filesystems would allow the full operation to take place in a running container.
Use Cases
This is so developers using Windows and MacOS can run tern without needing to install Vagrant.
Implementation Changes
We have to experiment with other methods of combining layers other than using a CoW storage driver.
The text was updated successfully, but these errors were encountered: