search

cirruslabs / tart

macOS and Linux VMs on Apple Silicon to use in CI and other automations
https://tart.run
Other
3.65k stars 102 forks source link

Pushing images to OCI registry doesn't reuse existing layers #771

Closed torarnv closed 3 months ago

torarnv commented 3 months ago

I've set up a local registry, and trying to push a local image:

tart push --populate-cache --insecure macos:14.4.1 localhost:5500/test/macos:sonoma

Which works fine.

But if I then do

tart push --populate-cache --insecure macos:14.4.1 localhost:5500/test/macos:14

The layers are all uploaded again. Should Tart do something to check if the layers are already present before uploading them? Or is this an issue on the registry side?

torarnv commented 3 months ago

The sha256 digest of the resulting images in the registry are all the same, and on disk they all share the data:

❯ du -h /var/lib/registry/docker/registry/v2/blobs/sha256
 16G    /var/lib/registry/docker/registry/v2/blobs/sha256
 16G    total
fkorotkov commented 3 months ago

We now only support passing multiple remote tags to tart push e.g.

tart push --populate-cache --insecure macos:14.4.1 localhost:5500/test/macos:14 localhost:5500/test/macos:sonoma

I think we talked with @edigaryev about having tart tag command to allow tagging one remote image to a new tag but don't remember why we decided to not do it. Probably because there was no use case.

torarnv commented 3 months ago

We now only support passing multiple remote tags to tart push

Yepp, this one works, it only pushes the image once, which is great :)

A tart tag would overlap a bit with tart clone I guess, as both would make a VM available under a different name. Or did you imagine it to only work for remote images? As far as I know docker tag allows tagging local images too, so there might be value in staying close to docker in that behavior?

Even if we allow local tagging of an image we'd still want to support something like this:

tart tag foo bar
tart push bar somewhere/bar
tart tag foo baz
tart push baz somewhere/baz

without having to upload twice? So I guess the root issue of the push not checking if the layers already exist (?) needs to be solved either way?

edigaryev commented 3 months ago

So I guess the root issue of the push not checking if the layers already exist (?) needs to be solved either way?

Pretty much this.

We store the OCI VMs in "local" format (and not in the OCI Image Layout format, for example) in order to benefit from copy-on-write feature provided by the APFS filesystem, which in turn allows for incredibly fast tart clone's.

Without this, we'd need to uncompress the OCI VM each time the user wants to tart clone it.