Merge pull request #129 from justincormack/ro-rw-setup

Rework setup of container for read only/read write

src/moby/build.go

@@ -186,7 +186,8 @@ func Build(m Moby, w io.Writer, pull bool, tp string) error {
 		}
 		so := fmt.Sprintf("%03d", i)
 		path := "containers/onboot/" + so + "-" + image.Name
-		err = ImageBundle(path, image.Image, config, iw, useTrust, pull)
+		readonly := image.Readonly != nil && *image.Readonly
+		err = ImageBundle(path, image.Image, config, iw, useTrust, pull, readonly)
 		if err != nil {
 			return fmt.Errorf("Failed to extract root filesystem for %s: %v", image.Image, err)
 		}
@@ -204,7 +205,8 @@ func Build(m Moby, w io.Writer, pull bool, tp string) error {
 		}
 		so := fmt.Sprintf("%03d", i)
 		path := "containers/onshutdown/" + so + "-" + image.Name
-		err = ImageBundle(path, image.Image, config, iw, useTrust, pull)
+		readonly := image.Readonly != nil && *image.Readonly
+		err = ImageBundle(path, image.Image, config, iw, useTrust, pull, readonly)
 		if err != nil {
 			return fmt.Errorf("Failed to extract root filesystem for %s: %v", image.Image, err)
 		}
@@ -221,7 +223,8 @@ func Build(m Moby, w io.Writer, pull bool, tp string) error {
 			return fmt.Errorf("Failed to create config.json for %s: %v", image.Image, err)
 		}
 		path := "containers/services/" + image.Name
-		err = ImageBundle(path, image.Image, config, iw, useTrust, pull)
+		readonly := image.Readonly != nil && *image.Readonly
+		err = ImageBundle(path, image.Image, config, iw, useTrust, pull, readonly)
 		if err != nil {
 			return fmt.Errorf("Failed to extract root filesystem for %s: %v", image.Image, err)
 		}

src/moby/image.go

@@ -6,6 +6,7 @@ import (
 	"fmt"
 	"io"
 	"io/ioutil"
+	"path/filepath"
 	"strings"
 
 	log "github.com/Sirupsen/logrus"
@@ -184,36 +185,50 @@ func ImageTar(image, prefix string, tw tarWriter, trust bool, pull bool, resolv
 }
 
 // ImageBundle produces an OCI bundle at the given path in a tarball, given an image and a config.json
-func ImageBundle(path string, image string, config []byte, tw tarWriter, trust bool, pull bool) error {
+func ImageBundle(path string, image string, config []byte, tw tarWriter, trust bool, pull bool, readonly bool) error {
 	log.Debugf("image bundle: %s %s cfg: %s", path, image, string(config))
-	err := ImageTar(image, path+"/rootfs/", tw, trust, pull, "")
+
-	if err != nil {
+	// if read only, just unpack in rootfs/ but otherwise set up for overlay
+	rootfs := "rootfs"
+	if !readonly {
+		rootfs = "lower"
+	}
+
+	if err := ImageTar(image, filepath.Join(path, rootfs)+"/", tw, trust, pull, ""); err != nil {
 		return err
 	}
 	hdr := &tar.Header{
-		Name: path + "/" + "config.json",
+		Name: filepath.Join(path, "config.json"),
 		Mode: 0644,
 		Size: int64(len(config)),
 	}
-	err = tw.WriteHeader(hdr)
+	if err := tw.WriteHeader(hdr); err != nil {
-	if err != nil {
 		return err
 	}
 	buf := bytes.NewBuffer(config)
-	_, err = io.Copy(tw, buf)
+	if _, err := io.Copy(tw, buf); err != nil {
-	if err != nil {
 		return err
 	}
-	// add a tmp directory to be used as a mount point if needed
+	if !readonly {
+		// add a tmp directory to be used as a mount point for tmpfs for upper, work
 		hdr = &tar.Header{
-		Name:     path + "/" + "tmp",
+			Name:     filepath.Join(path, "tmp"),
 			Mode:     0755,
 			Typeflag: tar.TypeDir,
 		}
-	err = tw.WriteHeader(hdr)
+		if err := tw.WriteHeader(hdr); err != nil {
-	if err != nil {
 			return err
 		}
+		// add rootfs as merged mount point
+		hdr = &tar.Header{
+			Name:     filepath.Join(path, "rootfs"),
+			Mode:     0755,
+			Typeflag: tar.TypeDir,
+		}
+		if err := tw.WriteHeader(hdr); err != nil {
+			return err
+		}
+	}
 
 	return nil
 }