]>
git.proxmox.com Git - mirror_lxc.git/commit
Add support for squashfs images in oci via atomfs
This adds support to the oci template for squashfs images.
It uses 'atomfs' from [1] to accomplish this.
Squashfs images (media type
application/vnd.stacker.image.layer.squashfs+zstd+verity) have several
benefits compared to tar+gz:
* immediately mountable
* read-only filesystem
* verity data present in oci manifest.
I presented this at Fosdem 2023 at [2].
The 'atomfs' program can be replaced by passing '--mount-helper'
argument to the oci template.
mount-helper mount oci:<oci_dir>:<oci_name> <mountpoint>
mount-helper umount <mountpoint>
[1] https://github.com/project-machine/atomfs
[2] https://fosdem.org/2023/schedule/event/container_secure_storage/
Signed-off-by: Scott Moser <smoser@brickies.net>
projects / mirror_lxc.git / commit