Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id C6B58C636D3 for ; Mon, 6 Feb 2023 16:34:59 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230167AbjBFQeo (ORCPT ); Mon, 6 Feb 2023 11:34:44 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:46556 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229758AbjBFQel (ORCPT ); Mon, 6 Feb 2023 11:34:41 -0500 Received: from mail-ed1-x535.google.com (mail-ed1-x535.google.com [IPv6:2a00:1450:4864:20::535]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id D7D952685E for ; Mon, 6 Feb 2023 08:34:38 -0800 (PST) Received: by mail-ed1-x535.google.com with SMTP id i38so1214612eda.1 for ; Mon, 06 Feb 2023 08:34:38 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=szeredi.hu; s=google; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=rqweV/IdMLpHerEGrGcjJETNU3WYwRI8E4zqT9bYsXI=; b=O2oqA4KFh5ssFkA6aephx8mKBllTgUff6NL/yyo3EknEJ6wDgH08O6+HNzyJnvVQUf sgaZmMMlYhHBaqz0NBtOSbaNe3UTQwjY5T9iLYMSdYd5Dxbjxrzg1HqVMXltW3c0BYTY FvYWjhFy8nmt7sGScAm5WLLR9gwtIHBunzmaY= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=rqweV/IdMLpHerEGrGcjJETNU3WYwRI8E4zqT9bYsXI=; b=Vbn64SNK84nlJptZLvjK6AB2e0/WnQt8HLuU71TBUoOxFIszOYcuTMVCIh9t/7N90u +i1PwqnLS+MMuNOjWRMy7JLradj65zXRfseY/6VZwdZwlc5qoP3kHw2f/wkmu8SfaB6W js4f2f9D/oEcDX8QmcaqeqHGX5fKzuDe2mLaHgD5xSj6YpTBtv/f/Hx6n6tyS/aRx4Uk aggNueiH6nkTNF0Afaka/FF7XbJky2Oou/hNnb/+VxT3RTCzoxvafx0dgkRbH9ZwoGAQ AubZw/nZ9X2VvBbUP5dfiVUvKMUdqdnSex1576HL2BcRhMT4kUUhKRCQyLB8GAtsXJLI 36lQ== X-Gm-Message-State: AO0yUKXX60Zyd6S1XdjAOcNJ6qDMxIXTSbiZi2EYKaSNadSJLDkTMvfP XZamzmGgi9NEDlnTFcDfrcp1KSz0sa9iGJQLLbLlFg== X-Google-Smtp-Source: AK7set+9WrjWtdXZihU+qavsFsZziDpoWaQAn3xCH1NFCy0vT42jiYr8sQIuYqbQa7j0sLzgOiMH1zxqKwS/ZHwA/2U= X-Received: by 2002:a50:a458:0:b0:4aa:ab9f:14a0 with SMTP id v24-20020a50a458000000b004aaab9f14a0mr21963edb.68.1675701277442; Mon, 06 Feb 2023 08:34:37 -0800 (PST) MIME-Version: 1.0 References: <5fb32a1297821040edd8c19ce796fc0540101653.camel@redhat.com> <2ef122849d6f35712b56ffbcc95805672980e185.camel@redhat.com> <8ffa28f5-77f6-6bde-5645-5fb799019bca@linux.alibaba.com> <51d9d1b3-2b2a-9b58-2f7f-f3a56c9e04ac@linux.alibaba.com> <071074ad149b189661681aada453995741f75039.camel@redhat.com> <0d2ef9d6-3b0e-364d-ec2f-c61b19d638e2@linux.alibaba.com> <9c8e76a3-a60a-90a2-f726-46db39bc6558@linux.alibaba.com> <02edb5d6-a232-eed6-0338-26f9a63cfdb6@linux.alibaba.com> <3d4b17795413a696b373553147935bf1560bb8c0.camel@redhat.com> <5fbca304-369d-aeb8-bc60-fdb333ca7a44@linux.alibaba.com> In-Reply-To: From: Miklos Szeredi Date: Mon, 6 Feb 2023 17:34:26 +0100 Message-ID: Subject: Re: [PATCH v3 0/6] Composefs: an opportunistically sharing verified image filesystem To: Amir Goldstein Cc: Alexander Larsson , gscrivan@redhat.com, brauner@kernel.org, linux-fsdevel@vger.kernel.org, linux-kernel@vger.kernel.org, david@fromorbit.com, viro@zeniv.linux.org.uk, Vivek Goyal , Josef Bacik , Gao Xiang , Jingbo Xu Content-Type: text/plain; charset="UTF-8" Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Mon, 6 Feb 2023 at 14:31, Amir Goldstein wrote: > > > > > My little request again, could you help benchmark on your real workload > > > > rather than "ls -lR" stuff? If your hard KPI is really what as you > > > > said, why not just benchmark the real workload now and write a detailed > > > > analysis to everyone to explain it's a _must_ that we should upstream > > > > a new stacked fs for this? > > > > > > > > > > I agree that benchmarking the actual KPI (boot time) will have > > > a much stronger impact and help to build a much stronger case > > > for composefs if you can prove that the boot time difference really matters. > > > > > > In order to test boot time on fair grounds, I prepared for you a POC > > > branch with overlayfs lazy lookup: > > > https://github.com/amir73il/linux/commits/ovl-lazy-lowerdata > > > > Sorry about being late to the party... > > > > Can you give a little detail about what exactly this does? > > > > Consider a container image distribution system, with base images > and derived images and instruction on how to compose these images > using overlayfs or other methods. > > Consider a derived image L3 that depends on images L2, L1. > > With the composefs methodology, the image distribution server splits > each image is split into metadata only (metacopy) images M3, M2, M1 > and their underlying data images containing content addressable blobs > D3, D2, D1. > > The image distribution server goes on to merge the metadata layers > on the server, so U3 = M3 + M2 + M1. > > In order to start image L3, the container client will unpack the data layers > D3, D2, D1 to local fs normally, but the server merged U3 metadata image > will be distributed as a read-only fsverity signed image that can be mounted > by mount -t composefs U3.img (much like mount -t erofs -o loop U3.img). > > The composefs image format contains "redirect" instruction to the data blob > path and an fsverity signature that can be used to verify the redirected data > content. > > When composefs authors proposed to merge composefs, Gao and me > pointed out that the same functionality can be achieved with minimal changes > using erofs+overlayfs. > > Composefs authors have presented ls -lR time and memory usage benchmarks > that demonstrate how composefs performs better that erofs+overlayfs in > this workload and explained that the lookup of the data blobs is what takes > the extra time and memory in the erofs+overlayfs ls -lR test. > > The lazyfollow POC optimizes-out the lowerdata lookup for the ls -lR > benchmark, so that composefs could be compared to erofs+overlayfs. Got it, thanks. > > To answer Alexander's question: > > > Cool. I'll play around with this. Does this need to be an opt-in > > option in the final version? It feels like this could be useful to > > improve performance in general for overlayfs, for example when > > metacopy is used in container layers. > > I think lazyfollow could be enabled by default after we hashed out > all the bugs and corner cases and most importantly remove the > POC limitation of lower-only overlay. > > The feedback that composefs authors are asking from you > is whether you will agree to consider adding the "lazyfollow > lower data" optimization and "fsverity signature for metacopy" > feature to overlayfs? > > If you do agree, the I think they should invest their resources > in making those improvements to overlayfs and perhaps > other improvements to erofs, rather than proposing a new > specialized filesystem. Lazy follow seems to make sense. Why does it need to be optional? Does it have any advantage to *not* do lazy follow? Not sure I follow the fsverity requirement. For overlay+erofs case itsn't it enough to verify the erofs image? Thanks, Miklos > > Thanks, > Amir.