(Alternative to 1140): Record layers as incomplete before trying to create them #1148
Conversation
mtrmac
force-pushed
the
create-incomplete
branch
from
030d910 to
2593baf
Compare
|
Should we open a PR against this in Podman to get its test suite to run against it? |
mtrmac
force-pushed
the
create-incomplete
branch
from
2593baf to
19bff8a
Compare
|
|
||
| succeeded := false | ||
| cleanupFailureContext := "" | ||
| defer func() { |
There was a problem hiding this comment.
Note that using defer means that we would try to delete the WIP layer even on a panic. That’s probably correct for some banal nil dereference, but might make things worse if the in-memory state were significantly corrupt.
mtrmac
changed the title
Tested now, at least for success and observing the intermediate states. Note that any ambition to being crash-resilient requires a solution to #1136 . |
Signed-off-by: Miloslav Trmač <[email protected]>
Good idea, containers/podman#13316 . (And similarly for the other PR.) |
mtrmac
force-pushed
the
create-incomplete
branch
2 times, most recently
from
411dc0d to
0a3cd53
Compare
|
Marking as ready to review — please consider this only in tandem with #1140. |
mtrmac
force-pushed
the
create-incomplete
branch
from
0a3cd53 to
9d7ca46
Compare
mtrmac
force-pushed
the
create-incomplete
branch
from
9d7ca46 to
5a0d8c5
Compare
|
This looks like it has a decent chance of avoiding the types of cases that #1140 would have to clean up on behalf of binaries using a version of the storage library that doesn't include this change, so it looks like it's worth pursuing. |
mtrmac
force-pushed
the
create-incomplete
branch
from
5a0d8c5 to
f1a9d1a
Compare
err must be nil at that point. This also un-indents the success case, so that it proceeds as a straight-line code. Signed-off-by: Miloslav Trmač <[email protected]>
For now, this only causes two redundant saves for non-tarball layers, which is not useful; but it will allow us to build infrastructure for saving the incomplete record much earlier. Signed-off-by: Miloslav Trmač <[email protected]>
... so that we also remove the layer from layerStore.layers and the like. Signed-off-by: Miloslav Trmač <[email protected]>
We will need want to refer to "layer" in a defer block, in order to delete that layer. That doesn't work with "layer" being a named return value, because a (return nil, -1, ...) sets "layer" to nil. So, turn "layer" into a local variable, and use an unnamed return value. And beause all return values must be named, or unnamed, consistently, turn "size" and "err" also into local variables. Then decrease the scope of the "size" and "err" local variables to simplify understanding the code a bit. Signed-off-by: Miloslav Trmač <[email protected]>
... so that we don't repeat it all over the place. Introduce a pretty ugly cleanupFailureContext variable for that purpose; still, it's better than copy&pasting everything. This will be even more useful soon. Signed-off-by: Miloslav Trmač <[email protected]>
... so that it can be also automatically cleaned up. Signed-off-by: Miloslav Trmač <[email protected]>
mtrmac
force-pushed
the
create-incomplete
branch
from
f1a9d1a to
70cd76b
Compare
This implements the suggestion in #1139, along with EDIT partially fixing #1147 ; as an alternative to #1140 .
Conceptually I like this much better than #1140, but it’s quite a bit more invasive, and potentially risky by invoking the layer removal code in previously-unreachable situations.
Marking as draft because it’s completely untested so far.