mc256 / starlight Goto Github PK

Fast Container Provisioning on the Edge and over the WAN

License: Apache License 2.0

Go 97.03% Makefile 2.63% Dockerfile 0.34%

edge-computing wide-area-network containers containerd cloud-computing infrastructure container-provisioning deployment kubernetes

starlight's Introduction

Starlight: Fast Container Provisioning

Starlight is an accelerator for provisioning container-based applications. It speeds up deploying and updating containers on workers inside and outside the cloud, while maintaining backwards compatibility with existing tools. It is so fast that containers can start faster than merely downloading an optimized data package, yet with practically no overhead.

The image on the right compares time to download and start containers using containerd ("baseline"), eStargz, Starlight, and the time it takes to download an optimized update package using wget. The registry is in North Virginia. Top row shows time to deploy a container to an empty worker, and bottom row time to update the container to a later version. Read our NSDI 2022 paper for more results.

Extend cloud practices to the edge and WAN

Using containers to provision workers in high-latency or low-bandwidth environments can be tricky. The time it takes to deploy software and start a container increases dramatically with latency, and increases at a higher rate than the equivalent time to simply download the data. Outside the datacenter, where round-trip times are in the order of tens or hundreds of milliseconds, container provisioning can be several times slower than in the cloud, even when the network has reasonable bandwidth.

Why is container provisiong slow?

The root cause for this slow provisioning time is the overall design of the provisioning pipeline: it is pull-based, designed around the stack-of-layers abstraction container images, and does not explicitly consider container updates. For example, updating a Java application to fix the Log4j vulnerability usually requires re-downloading the entire container image, even though the updated Log4j library only takes a fraction of that space. This can make provisioning slower than it should be even inside cloud data centers.

How do we address this?

Starlight decouples the mechanism of container provisioning from container development. Starlight maintains the convenient stack-of-layers structure of container images, but uses a different representation when deploying them over the network. The development and operational pipelines remain unchanged.
See how Starlight works ➡️ or read our NSDI 2022 paper.

Architecture

Starlight is implemented on top of containerd. It is comprised of cloud and worker components.

A proxy server on the cloud side mediates between Starlight workers and any standard registry server.
On the worker side, a command line tool tells Starlight to PULL containers.
A Starlight daemon (snapshotter plugin) runs belongs the containerd of each worker node.

Getting Started

Starlight is compatible with Kubernetes and can replace the default overlayfs snapshotter. We could use helm to deploy Starlight on a Kubernetes cluster.

Suppose you have a container on a OCI compatible registry that you want to deploy. You need to:

Set up a Starlight proxy, ideally close to the registry server you are using. Configure the proxy server to point to the registry and run it. Starlight supports any standard registry. (It can be deployed to k8s using Helm)
Set up the worker to be able to run Starlight. This involves installing containerd and the Starlight snapshotter plugin, configuring containerd to use the plugin, and starting the Starlight snapshotter daemon (you also need to tell the snapshotter the address of the proxy server).
Convert the container image to the Starlight format container image. More specifically, the storage format of the compressed layers needs to be converted to the Starlight format and then the layers stored in the registry. The Starlight format is backwards compatible and almost the same size, so there is no need to store compressed layers twice. In other words, non-Starlight workers will descrompress Starlight images with no chanages. The Starlight CLI tool features the image conversion, example:
```
 ctr-starlight convert --notify \
   --platform=linux/amd64 \
   docker.io/library/redis:6.2.7 reg.yuri.moe/x/redis:6.2.7
```
In addition, the proxy needs some metadata about the list of files in the container to compute the data for deployment. The --nofity flag tells the proxy to fetch the metadata from the registry and store it in the metadata database.

Collect traces on the worker for container startup. This entails starting the container on the worker while collecting file access traces that are sent to the proxy.

The Starlight CLI tool features trace collection, example:

sudo ctr-starlight optimizer on
sudo ctr-starlight pull reg.yuri.moe/x/redis:6.2.7 && \
mkdir /tmp/redis-data && \
sudo ctr c create --snapshotter=starlight \
     --mount type=bind,src=/tmp/redis-data,dst=/data,options=rbind:rw \
     --env-file ./demo/config/all.env --network=host \
     reg.yuri.moe/x/redis:6.2.7
     instance1 && \
sudo ctr t start instance1

You may terminate the container using Ctrl-C and turn off the optimizer using

sudo ctr-starlight optimizer off

We could repeat this process several times, then can report all the traces to the proxy, using:

sudo ctr-starlight report

Reset containerd and starlight. Clean up all the downloaded containers and cache.
```
sudo ./demo/reset.sh
```

🙌 That's it! You can now deploy the container to as many Starlight workers as you want, and it should be fast!

Note step 2 must be done on each worker, and steps 3 and 4 must be done for every container image you want to deploy using Starlight. The good news is that they should be quick, a few minutes for each container.

Deploying containers

Start a container using Starlight

sudo ctr-starlight pull reg.yuri.moe/starlight/redis:6.2.7 && \
mkdir /tmp/test-redis-data && \
sudo ctr c create \
    --snapshotter=starlight \
    --mount type=bind,src=/tmp/test-redis-data,dst=/data,options=rbind:rw \
    --env-file ./demo/config/all.env \
    --net-host \
    reg.yuri.moe/x/redis:6.2.7 \
    instance3 && \
sudo ctr t start instance3

Update a container using Starlight (Step 3 and Step 4 need to be done for redis:7.0.5)

sudo ctr-starlight pull reg.yuri.moe/starlight/redis:7.0.5 && \
sudo ctr c create \
    --snapshotter=starlight  \
    --mount type=bind,src=/tmp/test-redis-data,dst=/data,options=rbind:rw \
    --env-file ./demo/config/all.env \
    --net-host \
    reg.yuri.moe/x/redis:7.0.5 \
    instance4 && \
sudo ctr t start instance4

For more information, please check out ctr-starlight --help and starlight-daemon --help

Citation

If you find Starlight useful in your work, please cite our NSDI 2022 paper:

@inproceedings {chen2022starlight,
    author = {Jun Lin Chen and Daniyal Liaqat and Moshe Gabel and Eyal de Lara},
    title = {Starlight: Fast Container Provisioning on the Edge and over the {WAN}},
    booktitle = {19th USENIX Symposium on Networked Systems Design and Implementation (NSDI 22)},
    year = {2022},
    address = {Renton, WA},
    url = {https://www.usenix.org/conference/nsdi22/presentation/chen-jun-lin},
    publisher = {USENIX Association},
    month = apr,
}

Roadmap

Starlight is not complete. Our roadmap:

Version	Status	Release Date
v0.1.3		2022-10-12
v0.2.7		2022-11-27
v0.3.2		2023-01-27
v0.4.7		2023-06-05
v0.5.x	stable	2023-11-26
v0.6.x	in progress	2024

Feature List:

starlight's People

Contributors

Stargazers

Watchers

Forkers

paullu-ualberta shism2 cstria0106 nargetdev enfangcui harunaadoga

starlight's Issues

random error occurs on early startup (no such file or directory)

I am measuring the effect of end to end delay on performance. The delay was simulated using the tc command.

Containers work properly in environments without delay, but containers do not run randomly when delay is set.

If I start the container after pulling all of the image, this error does not occur.
Please let me know if you need additional information for the reproducing. Thank you!

Environment

v0.3.1
Followed newbie.md step by step (exclude adjusting the TCP window size
Proxy(with registry) and edge node running in VirtualBox (Arch Linux)
The RTT was set to 100ms on the edge using 'tc' Linux command

Use pjdfstest to test StarlightFS

Description

Use pjdfstest to test the compatibility of StarlightFS.
Pjdfstest is a test suite that helps to test POSIX system calls. We need to make sure that Starlight FS is POSIX compatible.

Failed to convert an image hosted on AWS ECR

Describe your question here

AWS ECR connection issue
The converter does not work with the AWS ECR.

It looks like Starlight doesn't support converting an image host on AWS ECR. The error message is:


fail to convert the container image,unexpected media type for ImageIndex(): application/vnd.docker.distribution.manifest.v2+json; call Image() instead

This can be easily reproduced to convert an image host on AWS ECR, for example:


sudo ctr-starlight convert \
    --insecure-destination \
    --notify --profile myproxy \
    --platform linux/amd64 \
    ${an_img_host_on_aws_ecr}  ${starlight_registry}

Reference:
https://docs.aws.amazon.com/AmazonECR/latest/userguide/image-manifest-formats.html

Issue with concurrent layer metadata extraction

Describe your question here

There is a race condition when caching two layer concurrently. I was found this bug by concurrently running two

		ext, err := NewExtractor(server, img, true)
		_, err = ext.SaveToC()

in an errgroup.Group

The image we are caching

"starlight/mariadb@sha256:9c0c61b8c8c7e406f48ab2c9fb73181e2f0e07ec327f6a8409f7b64c8fc0a0d6",
"starlight/mariadb:10.11.4"

What kind of hardward you have?

Irrelevant

Can Starlight pull dynamic libraries as needed?

Describe your question here

Assuming such a situation, program A needs to use a libhello.so, but libhello.so is in the remote registry and does not exist in the container, can Starlight pull this libhello.so?

As far as I know, it seems that the dynamic linker does not go through the FUSE file system.

Getting Started step 4- ctr-starlight create failure

BUG

Description

Whilst following the 'Getting Started' steps, on step 4 of tracing ('Collect traces on the worker for container startup.'), there seems to be an issue with the command execution.

Running:

sudo ctr-starlight create --optimize \
       --mount type=bind,src=/tmp/test-redis-data,dst=/data,options=rbind:rw \
    --env-file ./demo/config/all.env \
    --net-host \
    redis:6.2.1-starlight \
    redis:6.2.1-starlight \
    instance1

results in the following output:

time="Oct  8 03:05:39.951694957" level=info msg="sn service created" unique=093346
time="Oct  8 03:05:39.951759185" level=info msg="preparing snapshot" combo="redis:6.2.1-starlight" container=instance1 ref="redis:6.2.1-starlight"
time="Oct  8 03:05:39.970331241" level=info msg="prepared container snapshot" mnt="[{bind /var/lib/starlight-grpc/sfs/3/m [rw rbind]}]" snapshotter=worker-redis-6.2.1-starlight-918328-093346
time="Oct  8 03:05:39.970499958" level=info msg="added image config" path=/var/lib/starlight-grpc/sfs/redis_6.2.1-starlight.json
ctr-starlight: stat : no such file or directory

Detailed explanation

I was able to identify the issue by looking into the mounts.go file. On line 121, the withMounts function seems to loop over all the given mounts (assuming that multiple such mounts can be given in the same command) and sends the combination of type, src and dst to the parseMountFlag function.
The issue with this is that the parseMountFlag expects a string that contains the fields necessary for a mount (as mentioned above). However, what happens in the current implementation is that each field is passed in turn to this function, and therefore for the first field that does not have a src, the instruction:
if stat, err := os.Stat(m.Source); err != nil will fail, resulting in the error above

Potential Solution

Removing the for loop from the withMounts method and replacing it with: mount := strings.Join(context.StringSlice("mount"), ",") results in the creation of the container.

However, yet another issue arises immediately as one tries to mount this container. Due to the returned function from withMounts looping over the mount fields in the same manner, it will fail to create the correct mount point. This can also be fixed by removing the for loop and replacing it with mount := strings.Join(context.StringSlice("mount"), ",") (see note)

Final Mention

After this, containerd did indeed successfully create the container. However, when submitting the logs, the following error was displayed for the generated logs:

$ ctr-starlight report --server $STARLIGHT_PROXY --plain-http
ERRO[0000] cannot parse file                             file=06381.log
ERRO[0000] cannot parse file                             file=46711.log
ERRO[0000] cannot parse file                             file=52677.log
ERRO[0000] cannot parse file                             file=59089.log
ERRO[0000] cannot parse file                             file=82091.log
ERRO[0000] cannot parse file                             file=90635.log
ERRO[0000] cannot parse file                             file=91054.log
ERRO[0000] cannot parse file                             file=91121.log
INFO[0000] uploaded filesystem traces                    version=0.0.0

This might be due to the files being empty.

Notes

Code for withMounts:

func withMounts(context *cli.Context, ctx gocontext.Context, base string) (oci.SpecOpts, error) {
	mount := strings.Join(context.StringSlice("mount"), ",")
	m, err := parseMountFlag(mount)
	if err != nil {
		return nil, err
	}
	log.G(ctx).Info("Mount: ", m.Source, "Dest: ", m.Destination)
	if stat, err := os.Stat(m.Source); err != nil {
		return nil, err
	} else {
		if stat.IsDir() {
			if err := touchDir(ctx, base, m.Destination); err != nil {
				return nil, err
			}
		} else {
			if err := touchFile(ctx, base, m.Destination); err != nil {
				return nil, err
			}
		}
	}

	return func(ctx gocontext.Context, client oci.Client, container *containers.Container, s *specs.Spec) error {
		mounts := make([]specs.Mount, 0)
		mount := strings.Join(context.StringSlice("mount"), ",")
		m, err := parseMountFlag(mount)
		if err != nil {
			return err
		}

		mounts = append(mounts, m)

		log.G(ctx).WithFields(logrus.Fields{
			"destination": m.Destination,
			"source":      m.Source,
		}).Info("mounting point")

		return oci.WithMounts(mounts)(ctx, client, container, s)
	}, nil
}

Unable to start python container

Question

Not able to start starlight-converted Python container

What kind of hardware you have?

I set up the env according to this document

I'm using Starlight v0.3.2

Steps to reproduce the problem

sudo ctr pull docker.io/library/python:3.9.3
sudo systemctl start starlight && sudo ctr-starlight add myproxy http cloud.cluster.local:8090

sudo ctr-starlight convert --insecure-destination --notify --profile myproxy \ 
  --platform linux/amd64 docker.io/library/python:3.9.3 cloud.cluster.local:5000/python:3.9.3-starlight

sudo ctr-starlight optimizer on
sudo ctr-starlight pull --profile myproxy cloud.cluster.local:5000/python:3.9.3-starlight

sudo ctr c create --snapshotter=starlight  \
--mount type=bind,source=/starlight/demo/config,destination=/entrypoint,options=rbind:rw  \
--mount type=bind,source=/starlight/demo/config/scripts,destination=/app,options=rbind:rw  \
--net-host cloud.cluster.local:5000/python:3.9.3-starlight tmp /entrypoint/entrypoint-py.sh

sudo ctr t start tmp

At the step 7, I can't start the container, the error message is:

python: error while loading shared libraries: libpython3.9.so.1.0: cannot open shared object file: No such file or directory

Notify the starlight proxy after image conversion

Description

The existing steps to prepare a container image are prolonged. After converting the TAR.GZ format container image to the Starlight format container image, we need to notify the proxy using curl command. This is not elegant! Please add the Starlight proxy to the ctr-starlight convert command as a parameter or an environment variable so that after the conversion, it notifies the proxy immediately.

Support Documents

We don't have anything right now, please ask @mc256 😂😂😂👻. @mc256 is ready to help at any time.

Acceptance Criteria

ctr-starlight convert command not only converts the container image but also notifies the Starlight Proxy
- Example:
  ctr-starlight convert --notify=starlightproxy.example.com

Method for Injecting Latency and Limiting Bandwidth in Starlight Evaluations

Greetings,

I've recently read your paper and successfully used Starlight for container provisioning. I appreciate this holistic and solid work.

In your paper, you evaluated Starlight under various bandwidth and latency settings. My assumption is that you deployed Starlight and a private image registry within the same Local Area Network (LAN), as this would naturally result in high bandwidth (several GBs) and almost negligible latency (close to 0 ms). I wonder if this setup enabled you to achieve the minimal latency of 0.15ms mentioned in the paper.

Could you please clarify how you managed to limit the bandwidth and inject latency in your setup? I'm considering Linux tc as a potential method, but would appreciate your confirmation or suggestion of an alternative.

Thank you for your time and assistance.

Error while dialing dial unix //run/starlight/starlight-daemon.sock: connect: permission denied

Hello. I'm trying Starlight for my research. I'm currently following this instruction: https://github.com/mc256/starlight/blob/master/docs/newbie.md

When I run command just like 'ctr-strlight convert ...' or 'ctr-starlight test', it prints permission error

$ ctr-starlight test test
notify starlight proxy server failed: rpc error: code = Unavailable desc = connection error: desc = "transport: Error while dialing dial unix //run/starlight/starlight-daemon.sock: connect: permission denied"

But it works with sudo, like 'sudo ctr-starlight test test'

$ sudo ctr-starlight test test
ping test success: ok! - http://10.0.2.2:8090
latency: 1 ms

And it also works when I change starlight socket's permission explicitly

$ sudo chmod -R 777 /run/starlight
$ ctr-starlight test test         
ping test success: ok! - http://10.0.2.2:8090
latency: 30 ms

The environment: Ubuntu 22.04.1 LTS on VirtualBox

Thank you!

Cannot pull starlight images

Describe your question here

Hi, I'm trying to run starlight images, but there's some issues that I can't make it work.

The quickstart 1, 2 are hard to follow, because it is outdated. But finally I managed to configure proxy and snapshotter, at least I think it worked.
I've converted a wordpress image into starlight format:

ctr-starlight convert --notify \
   --platform=linux/amd64 --insecure-source --insecure-destination --profile myproxy \
   mydomain/wordpress:latest mydomain:5000/wordpress:latest-sl

The proxy said there's no error:

root@ip-172-31-34-159:~/starlight/demo/compose# docker logs 5f16cb6c2847
time="Jan 24 08:07:45.199986106" level=info msg=starlight-proxy version=0.6.0-20231127
time="Jan 24 08:07:45.200056436" level=info msg="loaded configuration" log=debug new=true path=/etc/starlight/starlight-proxy.json
time="Jan 24 08:07:45.200075854" level=info msg="default backend registry: http://mydomain:5000"
time="Jan 24 08:07:45.201070585" level=error msg="failed to connect to database, retrying in 5 seconds (1/10)" error="dial tcp 172.22.0.3:5432: connect: connection refused"
time="Jan 24 08:07:50.231868242" level=info msg="database initialized"
time="Jan 24 08:07:50.231939720" level=info msg="listen on 0.0.0.0:8090"
time="Jan 24 08:11:27.187301146" level=info msg="request received" action=notify ip="172.31.37.107:55342"
time="Jan 24 08:11:28.632002187" level=debug msg="saved ToC" hash="sha256:2d9538d065959444bc6f78942878ac24ec1bd8d82e290dd41f75682878ee3781" image="mydomain:5000/wordpress" platform=uni-arch serial=1 tag=latest-sl
time="Jan 24 08:11:28.632029805" level=info msg="cached ToC" container="mydomain:5000/wordpress:latest-sl"

Note that although I specified --platform=linux/amd64, the proxy still saved it as uni-arch.
3. I try to pull starlight image by:

ctr-starlight pull --profile myproxy mydomain:5000/wordpress:latest-sl

But it failed:

ctr-starlight pull --profile myproxy mydomain:5000/wordpress:latest-sl
pull image failed: failed to pull image mydomain:5000/wordpress:latest-sl: {"status":"Bad Request","code":400,"error":"requested image mydomain:5000/wordpress:latest-sl not found"}

I have to manuly modify the platform from uni-arch to linux/amd64 in tag database to continue.

But an error still occurred on the first try:

root@ip-172-31-37-107:~/starlight# ctr-starlight pull --profile myproxy mydomain:5000/wordpress:latest-sl
pull image failed: failed to pull image mydomain:5000/wordpress:latest-sl: {"status":"Bad Request","code":400,"error":"failed to load all compressed layer: Get \"https://mydomain:5000/v2/\": http: server gave HTTP response to HTTPS client"}
root@ip-172-31-37-107:~/starlight# ctr-starlight pull --profile myproxy mydomain:5000/wordpress:latest-sl
requested to pull image mydomain:5000/wordpress:latest-sl in 1499ms 
delta image 249.1MiB / original 255.1MiB (skipped: 6.1MiB = 2.37%)

The image isn't pulled correctly.

time="Jan 24 08:12:19.490889785" level=info msg="request received" action=delta ip="172.31.37.107:49294"
time="Jan 24 08:12:19.493557860" level=info msg="find existing file contents" _step=1 builder="Builder ()->(mydomain:5000/wordpress:latest-sl)" total=0 unique=0
time="Jan 24 08:12:19.497219737" level=error msg="failed to load layer: Get \"https://mydomain:5000/v2/\": http: server gave HTTP response to HTTPS client" layer="[00018:02]sha256:592e0d17765a0d0ef67e4b8163af9745d34e4865ef5f0cbae1d793f6f33b7377-107379483"
time="Jan 24 08:12:19.497305283" level=error msg="failed to load layer: Get \"https://mydomain:5000/v2/\": http: server gave HTTP response to HTTPS client" layer="[00001:03]sha256:57773387eb6bee5e1fb7f54187bc190fae16844b4efc303355af96a73eb6f6fe-656"
time="Jan 24 08:12:19.497368654" level=error msg="failed to load layer: Get \"https://mydomain:5000/v2/\": http: server gave HTTP response to HTTPS client" layer="[00002:06]sha256:be50837fac8b94900458ac907ad8fc93a6489c533371658d5a4c8b0791a3afed-1201"
time="Jan 24 08:12:19.497424800" level=error msg="failed to load layer: Get \"https://mydomain:5000/v2/\": http: server gave HTTP response to HTTPS client" layer="[00005:16]sha256:28904abea0a638a029ae1ada96adf7e378d352750f0845eb620b1dedf74b9333-848"
time="Jan 24 08:12:19.497479087" level=error msg="failed to load layer: Get \"https://mydomain:5000/v2/\": http: server gave HTTP response to HTTPS client" layer="[00004:15]sha256:2f1ca1f66cc4626de5ab613511737159afcc91f276e032f4cd64dcb60abfd8c6-1039"
time="Jan 24 08:12:19.497531184" level=error msg="failed to load layer: Get \"https://mydomain:5000/v2/\": http: server gave HTTP response to HTTPS client" layer="[00017:12]sha256:44688d4bc6c8fe47d7564c2417852a138ccfc0d2f193a735fd87075fe4500027-1335"
time="Jan 24 08:12:19.497580702" level=error msg="failed to load layer: Get \"https://mydomain:5000/v2/\": http: server gave HTTP response to HTTPS client" layer="[00012:01]sha256:429a81eb9ef59357ab9dc626accb4ee17d6411382fab18d95174c34ec073335e-668"
time="Jan 24 08:12:19.497640068" level=error msg="failed to load layer: Get \"https://mydomain:5000/v2/\": http: server gave HTTP response to HTTPS client" layer="[00020:10]sha256:19d82ac87a32ab4fd87c6fca68f16ebd95cd52364050cee12863514cce3ab3ff-4708"
time="Jan 24 08:12:19.497682422" level=error msg="failed to load layer: Get \"https://mydomain:5000/v2/\": http: server gave HTTP response to HTTPS client" layer="[00021:08]sha256:f8207675971b9f0e4bbe665b6d4df7585c6b6a3fd0bcaf6047245d1ef9f99693-939"
time="Jan 24 08:12:19.497694816" level=error msg="failed to load layer: Get \"https://mydomain:5000/v2/\": http: server gave HTTP response to HTTPS client" layer="[00003:05]sha256:c67ed66059b092e4e09579d6aed9a414f555a880a1bfc945310f51632e05c365-988"
time="Jan 24 08:12:19.497755408" level=error msg="failed to load layer: Get \"https://mydomain:5000/v2/\": http: server gave HTTP response to HTTPS client" layer="[00007:19]sha256:7a532a96a66f44d9e9071c5991b4a259398a08c127f5ffba13b858260427118e-2814"
time="Jan 24 08:12:19.497756289" level=error msg="failed to load layer: Get \"https://mydomain:5000/v2/\": http: server gave HTTP response to HTTPS client" layer="[00016:20]sha256:94b84a62a5e359745ad76c367bdca9bf2ce3bdc8bb116a2393259a9921908dc0-2165"
time="Jan 24 08:12:19.497818488" level=error msg="failed to load layer: Get \"https://mydomain:5000/v2/\": http: server gave HTTP response to HTTPS client" layer="[00010:09]sha256:d131dca527404f803ca14286a282ff54ae7d8cb4b2425f39a694e1f8b8d5f9ca-11584821"
time="Jan 24 08:12:19.497823945" level=error msg="failed to load layer: Get \"https://mydomain:5000/v2/\": http: server gave HTTP response to HTTPS client" layer="[00006:14]sha256:adb908868ec8b98b233dcf64d4630231da94d9304dff51b5c096a4f81e7a3a05-31137002"
time="Jan 24 08:12:19.497880953" level=error msg="failed to load layer: Get \"https://mydomain:5000/v2/\": http: server gave HTTP response to HTTPS client" layer="[00009:04]sha256:cc291c0f04ce615e4c404a5917bdd2b31477c821ccf4a35dd3dfb70267fafcaf-20637845"
time="Jan 24 08:12:19.497886913" level=error msg="failed to load layer: Get \"https://mydomain:5000/v2/\": http: server gave HTTP response to HTTPS client" layer="[00019:17]sha256:b52220c829a31f50a974358e881e6a48dd3ae0f58d86371cf3fc3c4b0b1a41f5-30327"
time="Jan 24 08:12:19.497934573" level=error msg="failed to load layer: Get \"https://mydomain:5000/v2/\": http: server gave HTTP response to HTTPS client" layer="[00011:07]sha256:c44de33f5c800c4dc1fe0c961db0b672bbd850a7b12681baf41b45407189f0b6-12408281"
time="Jan 24 08:12:19.497947786" level=error msg="failed to load layer: Get \"https://mydomain:5000/v2/\": http: server gave HTTP response to HTTPS client" layer="[00014:11]sha256:d023f13378905e4245835eb0c90151794cb7b0976b9197b57642d86d57c7e9a5-706"
time="Jan 24 08:12:19.497989034" level=error msg="failed to load layer: Get \"https://mydomain:5000/v2/\": http: server gave HTTP response to HTTPS client" layer="[00015:13]sha256:58e1055b1087ab23611b14b7978f38cac12117f20e31af2c44a30e08574e7976-26905737"
time="Jan 24 08:12:19.498007648" level=error msg="failed to load layer: Get \"https://mydomain:5000/v2/\": http: server gave HTTP response to HTTPS client" layer="[00008:18]sha256:136fc8617fa3e7c23cb11d31b4c285b765c4fa8d36dcd609293ab16abb06524e-25927104"
time="Jan 24 08:12:19.498041063" level=error msg="failed to load layer: Get \"https://mydomain:5000/v2/\": http: server gave HTTP response to HTTPS client" layer="[00013:00]sha256:bd83efce2a367393cfd51477c15b8111e333e6d2a2f0bf06ff8e70c8ee98acd4-31500556"
time="Jan 24 08:12:19.645177374" level=info msg="find requested file contents" _step=2 builder="Builder ()->(mydomain:5000/wordpress:latest-sl)" total=20685 unique=15511
time="Jan 24 08:12:19.649755778" level=info msg="find the best file content references" _step=3 builder="Builder ()->(mydomain:5000/wordpress:latest-sl)" compressedSize=258944523 content=15511
time="Jan 24 08:12:22.266492900" level=info msg="request received" action=delta ip="172.31.37.107:49294"
time="Jan 24 08:12:22.267498744" level=info msg="fetched layer" layer="[00002:06]sha256:be50837fac8b94900458ac907ad8fc93a6489c533371658d5a4c8b0791a3afed-1201" shared=true
time="Jan 24 08:12:22.267509832" level=info msg="fetched layer" layer="[00018:02]sha256:592e0d17765a0d0ef67e4b8163af9745d34e4865ef5f0cbae1d793f6f33b7377-107379483" shared=true
time="Jan 24 08:12:22.267517768" level=info msg="fetched layer" layer="[00009:04]sha256:cc291c0f04ce615e4c404a5917bdd2b31477c821ccf4a35dd3dfb70267fafcaf-20637845" shared=true
time="Jan 24 08:12:22.267532116" level=info msg="fetched layer" layer="[00001:03]sha256:57773387eb6bee5e1fb7f54187bc190fae16844b4efc303355af96a73eb6f6fe-656" shared=true
time="Jan 24 08:12:22.267553365" level=info msg="fetched layer" layer="[00003:05]sha256:c67ed66059b092e4e09579d6aed9a414f555a880a1bfc945310f51632e05c365-988" shared=true
time="Jan 24 08:12:22.267541640" level=info msg="fetched layer" layer="[00013:00]sha256:bd83efce2a367393cfd51477c15b8111e333e6d2a2f0bf06ff8e70c8ee98acd4-31500556" shared=true
time="Jan 24 08:12:22.267566894" level=info msg="fetched layer" layer="[00006:14]sha256:adb908868ec8b98b233dcf64d4630231da94d9304dff51b5c096a4f81e7a3a05-31137002" shared=true
time="Jan 24 08:12:22.267639796" level=info msg="fetched layer" layer="[00015:13]sha256:58e1055b1087ab23611b14b7978f38cac12117f20e31af2c44a30e08574e7976-26905737" shared=true
time="Jan 24 08:12:22.267660060" level=info msg="fetched layer" layer="[00012:01]sha256:429a81eb9ef59357ab9dc626accb4ee17d6411382fab18d95174c34ec073335e-668" shared=true
time="Jan 24 08:12:22.267575819" level=info msg="fetched layer" layer="[00008:18]sha256:136fc8617fa3e7c23cb11d31b4c285b765c4fa8d36dcd609293ab16abb06524e-25927104" shared=true
time="Jan 24 08:12:22.267653977" level=info msg="fetched layer" layer="[00014:11]sha256:d023f13378905e4245835eb0c90151794cb7b0976b9197b57642d86d57c7e9a5-706" shared=true
time="Jan 24 08:12:22.267587468" level=info msg="fetched layer" layer="[00004:15]sha256:2f1ca1f66cc4626de5ab613511737159afcc91f276e032f4cd64dcb60abfd8c6-1039" shared=true
time="Jan 24 08:12:22.267585728" level=info msg="fetched layer" layer="[00011:07]sha256:c44de33f5c800c4dc1fe0c961db0b672bbd850a7b12681baf41b45407189f0b6-12408281" shared=true
time="Jan 24 08:12:22.267684508" level=info msg="fetched layer" layer="[00016:20]sha256:94b84a62a5e359745ad76c367bdca9bf2ce3bdc8bb116a2393259a9921908dc0-2165" shared=true
time="Jan 24 08:12:22.267615599" level=info msg="fetched layer" layer="[00019:17]sha256:b52220c829a31f50a974358e881e6a48dd3ae0f58d86371cf3fc3c4b0b1a41f5-30327" shared=true
time="Jan 24 08:12:22.267623206" level=info msg="fetched layer" layer="[00020:10]sha256:19d82ac87a32ab4fd87c6fca68f16ebd95cd52364050cee12863514cce3ab3ff-4708" shared=true
time="Jan 24 08:12:22.267703593" level=info msg="fetched layer" layer="[00007:19]sha256:7a532a96a66f44d9e9071c5991b4a259398a08c127f5ffba13b858260427118e-2814" shared=true
time="Jan 24 08:12:22.267638445" level=info msg="fetched layer" layer="[00017:12]sha256:44688d4bc6c8fe47d7564c2417852a138ccfc0d2f193a735fd87075fe4500027-1335" shared=true
time="Jan 24 08:12:22.267611169" level=info msg="fetched layer" layer="[00010:09]sha256:d131dca527404f803ca14286a282ff54ae7d8cb4b2425f39a694e1f8b8d5f9ca-11584821" shared=true
time="Jan 24 08:12:22.267597678" level=info msg="fetched layer" layer="[00021:08]sha256:f8207675971b9f0e4bbe665b6d4df7585c6b6a3fd0bcaf6047245d1ef9f99693-939" shared=true
time="Jan 24 08:12:22.267601147" level=info msg="fetched layer" layer="[00005:16]sha256:28904abea0a638a029ae1ada96adf7e378d352750f0845eb620b1dedf74b9333-848" shared=true
time="Jan 24 08:12:22.267905689" level=info msg="find existing file contents" _step=1 builder="Builder ()->(mydomain:5000/wordpress:latest-sl)" total=0 unique=0
time="Jan 24 08:12:22.414975846" level=info msg="find requested file contents" _step=2 builder="Builder ()->(mydomain:5000/wordpress:latest-sl)" total=20685 unique=15511
time="Jan 24 08:12:22.419693100" level=info msg="find the best file content references" _step=3 builder="Builder ()->(mydomain:5000/wordpress:latest-sl)" compressedSize=258944523 content=15511
time="Jan 24 08:12:22.889638557" level=info msg="generated response header" _digest="sha256:ad85b3baebd712667d58fd199e28f4b72bc0764840002b222fc4c12a629315e0" body=258944523 config=5207 header=2231476 manifest=2279
time="Jan 24 08:12:22.914611437" level=debug msg="header sent" action=delta ip="172.31.37.107:49294"
2024/01/24 08:12:22 http: panic serving 172.31.37.107:49294: runtime error: invalid memory address or nil pointer dereference
goroutine 258 [running]:
net/http.(*conn).serve.func1()
        /usr/local/go/src/net/http/server.go:1854 +0xbf
panic({0x952420, 0xe2acf0})
        /usr/local/go/src/runtime/panic.go:890 +0x263
io.(*SectionReader).ReadAt(0xc00630ee28?, {0xc005cae840?, 0x95c560?, 0xc00630ee20?}, 0x40a853?)
        /usr/local/go/src/io/io.go:540 +0x25
io.(*SectionReader).ReadAt(0x7fa265c51288?, {0xc005cae840?, 0x60?, 0xc000450000?}, 0xc005cae840?)
        /usr/local/go/src/io/io.go:552 +0x9f
io.(*SectionReader).Read(0xc006312330, {0xc005cae840?, 0x927d60?, 0xc006066801?})
        /usr/local/go/src/io/io.go:513 +0x54
io.(*LimitedReader).Read(0xc005ce32a8, {0xc005cae840?, 0xc0060668b0?, 0x10?})
        /usr/local/go/src/io/io.go:477 +0x45
io.copyBuffer({0xabd000, 0xc0060668b0}, {0xabc2a0, 0xc005ce32a8}, {0x0, 0x0, 0x0})
        /usr/local/go/src/io/io.go:427 +0x1b2
io.Copy(...)
        /usr/local/go/src/io/io.go:386
net.genericReadFrom({0xabc4c0?, 0xc0004b8000?}, {0xabc2a0, 0xc005ce32a8})
        /usr/local/go/src/net/net.go:675 +0x6a
net.(*TCPConn).readFrom(0xc0004b8000, {0xabc2a0, 0xc005ce32a8})
        /usr/local/go/src/net/tcpsock_posix.go:54 +0x78
net.(*TCPConn).ReadFrom(0xc0004b8000, {0xabc2a0?, 0xc005ce32a8?})
        /usr/local/go/src/net/tcpsock.go:130 +0x36
net/http.(*response).ReadFrom(0xc000d72380, {0xabc2a0?, 0xc005ce32a8})
        /usr/local/go/src/net/http/server.go:599 +0x36e
io.copyBuffer({0xabc760, 0xc000d72380}, {0xabc2a0, 0xc005ce32a8}, {0x0, 0x0, 0x0})
        /usr/local/go/src/io/io.go:413 +0x14b
io.Copy(...)
        /usr/local/go/src/io/io.go:386
io.CopyN({0xabc760, 0xc000d72380}, {0xabc300?, 0xc006312330}, 0x57)
        /usr/local/go/src/io/io.go:362 +0x9a
github.com/mc256/starlight/proxy.(*Builder).WriteBody(0xc00017d030?, {0xabfb90?, 0xc000d72380}, 0x2?)
        /go/src/app/proxy/builder.go:160 +0x3a5
github.com/mc256/starlight/proxy.(*Server).delta(0xc0000cb0e0, {0xabfb90, 0xc000d72380}, 0xc000d66d00)
        /go/src/app/proxy/server.go:154 +0x9f2
net/http.HandlerFunc.ServeHTTP(0xc0000ac180?, {0xabfb90?, 0xc000d72380?}, 0x40d90a?)
        /usr/local/go/src/net/http/server.go:2122 +0x2f
net/http.(*ServeMux).ServeHTTP(0xc003720475?, {0xabfb90, 0xc000d72380}, 0xc000d66d00)
        /usr/local/go/src/net/http/server.go:2500 +0x149
net/http.serverHandler.ServeHTTP({0xc00049a0c0?}, {0xabfb90, 0xc000d72380}, 0xc000d66d00)
        /usr/local/go/src/net/http/server.go:2936 +0x316
net/http.(*conn).serve(0xc000098000, {0xac0010, 0xc00007a510})
        /usr/local/go/src/net/http/server.go:1995 +0x612
created by net/http.(*Server).Serve
        /usr/local/go/src/net/http/server.go:3089 +0x5ed

And there's no doubt that the creation would fail.

Seems the proxy is trying to connect to the registry by HTTPS. But there's no way to change to HTTP:

I couldn't find a flag such as --plain-http for ctr-starlight pull.
There's no way to configure snapshotter or daemon. It seems that only the protocol used to connect to the proxy is configurable.
It seems like there's a way to configure proxy by setting the environment variable ``REGISTRY=http://mydomain:5000", but there's no instructions on how to use the default backend. I set this environment variable as I described at the beginning, but the error still occurred.

Any tips or guidance would be greatly appreciated.

What kind of hardward you have?

2 VM

mc256 / starlight Goto Github PK

starlight's Introduction

Starlight: Fast Container Provisioning

Extend cloud practices to the edge and WAN

Why is container provisiong slow?

How do we address this?

Architecture

Getting Started

Deploying containers

Citation

Roadmap

starlight's People

Contributors

Stargazers

Watchers

Forkers

starlight's Issues

Environment

Description

Describe your question here

Describe your question here

What kind of hardward you have?

Describe your question here

BUG

Description

Detailed explanation

Potential Solution

Final Mention

Notes

Question

What kind of hardware you have?

Steps to reproduce the problem

Description

Support Documents

Acceptance Criteria

Describe your question here

What kind of hardward you have?

Recommend Projects

Recommend Topics

Recommend Org