►
From YouTube: GMT 2017-10-05 Containerization WG
Description
Agenda and Notes:
https://docs.google.com/document/d/1z55a7tLZFoRWVuUxz1FZwgxkHeugtc2nHR89skFXSpU/edit?usp=sharing
B
B
B
B
Garbage
collection
on
container
image
layers
in
mixes
continue
Iser
and
then
I'm
gonna
have
a
discussion
on
the
VM
support.
I.
Think
someone
had
this
note
like
that.
This
agenda
item
here:
okay,
let's
go
with
the
the
garbage
GC
image
layer,
stuff.
First
Gilbert:
do
you
want
to
share
the
screen
or
hey.
B
C
So
this
this
is
a
so
this
work
is,
has
been
ongoing
for
a
cup
of
month
on
and
off
so
the
goal
here
so
so.
The
background
is
that
the
message
continue.
Editor
is
able
to
provision
the
long
stalker
containers
from
docker
image,
but
right
now
there
is
no
way
to
to
enforce
that's
the
disk
space
news.
8
of
this
is
bounded
and,
and
we
could
leave
images
the
athletes,
for
example,
in
our
GPU
cluster,
which
metal
containers
the
only
twice.
We
occasionally
see
machine
completely
unusable
because
we
fill
up
all
the
disks.
C
They
are
a
great
doctor
images,
so
this
kind
of
becomes
a
really
high
priority
problems
for
anyone.
That's
operating
vessels
contriver
introduction,
so
we
modified
a
little
bit
right
now.
The
goal
is
to
just
provide
a
working
MVP
so
that
we
can
wish
there
is
a
way
for
the
operator
to
ensure
the
disk
space
of
darker
darker
image.
Star
is
bounded,
and
we
also
want
to
making
sure
that
the
implementation
will
you
keep
the
vessel
controller
usable
meaning
we
are
not
going
to
lock
the
start
down
for
a
very
long
time.
That's
needed!
C
So
right
now,
right
now
this
is
the
MVP
we
plan
to
implement
a
new
message
in
an
operator
APA
action,
so
we
can
just
trigger
this
through
through
through
a
HTTP
HTTP
API
to
print
any
unused
images.
So,
in
terms
of
design,
there
are
generally
two
at
least
two
possible
directions
of
implementing
similar
things.
One
is
a
marker
sweep
another
would
be
a
reference
coming.
So
after
a
couple
rounds,
we
decided
to
go
with
a
marker
sweet
for
now,
because
it
seems
seems
simpler
to
implement.
C
It
does
not
involve
changing
the
internal
data
structure
of
the
talker
store.
I'll
cover
why
the
reference
counting
seemed
to
be
a
little
more
complex
on
that
in
that
fashion.
First,
let
me
explain
how
we
currently
and
students
so
right
now,
the
inter
talker
store
is
kind
of
a
private
component
of
the
Container
Iser
and
provisioner.
C
It
is,
is
check,
pointed
image,
set
and
determine
what
images
are
not
needed
anymore,
and
what
layer
that
I
need
anymore.
After
that
the
occurs,
the
token
stars,
metadata
manager
will
find
a
new.
The
new
image
Center
is
only
images
that
actually
needs
to
retain,
and
also
after
and
after
that,
doctor
star
will
move
all
the
layers.
Other
I
use
the
layers
into
a
new
direct
in
new
temporary
directory.
This
is
the
marking
phase.
C
C
They
move
a
bunch
of
directories,
so
hopefully
it
should
be
every
chip
to
a
very
cheap
in
production
and
doing
this,
the
sweeping
phase
this
during
the
spin
phases
or
can
already
be
unlocked
and
there
one
one
broker
to
implement
this-
is
that
we
realize
that
container
config
was
not
previously
checkpoint,
eight,
as
of
as
of
one
point
pointing
so
that
means,
if
the
mass
of
agent
recovers,
for
example,
it
restarts
we
actually
don't
know
in.
We
actually
don't
know
which
image
is
used
to
launch
a
nested
container.
C
This
is
this,
is
this
is
specific,
especially
problematic
for
and
that's
the
container,
because
there
is
no
previous
checkpoints
about
how
it
was
launched
at
all.
So
after
well,
agent
restarts
we,
we
don't
know
one
if
weather
NASA
container
is
using,
which
images
using
so
there's
no
way
we
cleaner
is
pretty
fun
to
safely
implements.
D
C
I
think
the
top-level
container
it
is
possible
to
replicate
the
logic
of
how
it
is
whomped,
although
how
it
would
like
to
try
to
replay
how
is
launched
but
but
yeah.
If
there
is
code
change
in
missiles,
agent
or
something
else,
then
there
is
a
chance
that,
whatever
we
think
so,
we
or
whatever
we,
whatever
the
current
called
thinks
it.
How
it
was
launched,
may
be
different
from
how
it
was
actually
launched.
A
So
basically,
we
one
day
we
want
to
continue
config.
Here
we
want
to
find
out
the
mapping
like,
for
example,
given
and
continue
ID.
We
would
like
to
know
what
image
this
running
container
is
using.
So
let's
say
you
have
a
level
continue
and
you
restart
the
agent
or
you
acquire
the
cluster,
and
if
you
don't
have
the
container
config,
because
after
recovery
we
don't
path,
fill
the
container
config
for
any
power
level
continue.
It
means
you
cannot
figure
out
like
what
exactly
the
image
this
running
container
is
using.
C
I
think
for
top-level
container,
because
we
info
we
can
recover
them
indirectly
through
other
information,
although
I
don't
know
whether
we
will
trust
with
the
back
ceiling
logic
wonder-percent.
If
the
logic
of
methyls
agent
cause
changes,
we
could
have,
we
could
have
incorrect
view
of
something,
but
for
the
nested
container
there
is
absolutely
no
way
to
actually
leave
information
at
all.
Okay,.
C
B
B
C
B
C
C
C
B
C
A
B
E
E
Serious
problem,
I,
don't
know,
smoke
tests
will
occasionally
time
occasionally
blow
their
time
budget,
which
is
just
purely
arbitrary,
and
it
causes
some
toil
on
our
end.
But
I
probably
argue
that
that's
self-inflicted
made
it
big
and
but
in
general
you
know
your
stuff
causes.
This
stuff
consumes
part
of
the
limited
resource
of
ions
from
your
storage
subsystem,
yeah.
C
B
C
B
E
B
So
we
yeah
I
think
there
I
remember,
there's
a
to
do
there
that
we
want
to
on
to
ionize
sounded
EU
to
so
that
we
don't
interfere
with
the
well.
It's
just
a
limited,
like
kind
of
like,
like
reduce
some
of
the
interferences
yeah
I.
Remember,
there's
a
to
do
that
using
I'm
nice.
What
do
you
look
for?
Do
I?
Think
it's
easier
because
she's
just
do
ionized
EU
and
you
just
want
to
make
sure
I
own
Isis.
There.
A
Basically
so
basically,
this
is
basic.
Gc
supports
our
current
Tokra
store
and
in
the
future
we
will
have
a
separate
store,
called
unified,
artifact
store
and
the
gist
the
OCI
image.
And
if
you
depends
on
that
unified
artifact
store
and
then
we
will
happen,
a
new
GC
in
with
the
OCI
and
then
which
make
it
compatible
with
docker
image
version.
2
schema
right
now
we
are
working
darker
version,
2
schema
1.
So
this
is
a
very
basics
possible
key.
So.
F
B
So
actually,
this
is
the
purpose.
So
that's
the
reason
we
want
to
move
to
like,
like
a
unify,
artifact
store
for
not
just
artifacts
from
fetcher
and
also
like
layers
from
talker
images,
OCI
images,
whatever
images
layers
so
make
a
unify,
and
then
we
have
a
single
GC
mechanics
and
in
a
single
cache
mechanism
like
cache
replacement
mechanism
for
that
cache
store.
Basically,
so.
B
Yeah
I
think
this
is
like
a
more
stopgap
solution,
but
I
think
it's
good
enough,
and
as
long
as
you
have
a
monitor
script
to
monitor
the
entire
host
disk
and
if
it
goes
low
can
just
trigger
that
endpoint
to
garbage
collect
those
I
use
later.
That
should
be
good
enough
for
at
least
for
MVP
I
would
say
the.
F
Other
question
I
had
was
the
the
trash
folder
that
you're
gonna
use
right
to
actually
move
the
GC
files
instead
of
deleting
them.
The
trash
folder
has
to
really
be
relatively
big
as
well.
So
would
there
be
some
I
mean
I,
don't
know
whether
it's
just
a
documentation
issue
where
you
need
to
document
that
the
trash
needs
to
be
it
shouldn't
be
sitting
in
something
like
slash
temp
right,
because
otherwise
it
might
happen
that
you
just
overflow,
slash
temp
itself.
B
C
C
So
I'll
proceed
here,
so
we
so
to
implement
this.
We
actually
need
to
add
a
new
virtual
virtual
interface
called
pool
tada
to
all
the
store
interfaces,
although
in
the
MVP
already
the
talker
star
will
implement
this.
For
now
for
the
for
app
see,
I
think
the
only
other
store
interested
right
now
exact
see.
So
that's
what
simply
return.
Nothing
immediately.
C
Active
I
think
I
think
we
actually
want
to
rename
the
activity
to
rate
ten
images
to
make
it
clearer
to
make
it
marks
expressive.
This
means
all
the
images
that
the
continue
either
considers
you
still
should
still
be
retained.
This
is
this
is
all
the
images
country
in
use
plus
a
set
up
a
list
of
images
that
the
operator
might
want
to
manually
keep
in
practice.
We
see
that
we
have
a
very
well
so
in
practice.
C
One
one
second
I
see
is
people
create
a
common
base,
images
that
pretty
much
being
shared
on
every
single
machine,
but
then
they
keep
fanning
out
of
there
with
our
further
image
stars.
So
we
want
to
making
sure
that
we
don't
believe
these
common
images
on
the
machines
at
least
gave
up
sir
operator
API
to
do
that.
A
So,
just
to
give
you
guys
a
little
context
here,
so
we
in
the
GC
from
the
operator
API
for
the
very
basic
one.
We
don't
any.
We
don't
need
any
parameter.
It
means
like.
If
you
trigger
the
GC,
we
will
delete
all
the
unused
image
on
this
agent
so
and
then
depends
on
that.
On
top
of
that,
we
should
have
introduced
a
new
parameter
for
the
operator
API.
It
is
a
vector
of
image.
A
Allow
use,
allow
the
operator
to
specify
a
couple
image
name,
so
those
are
the
image
they
might
be
used
or
not
currently
by
this
agent,
but
we
want
to
always
keep
it
on
this
agent.
So
we
call
it
an
exclude
images
which
we
want
to
keep,
and
then
we
will
do
the
calculation
to
combine
those
images
together,
and
then
this
is
the
active
image
right
here.
We
have
vision,
which
means
like
the
image
we
always
want
to
keep
should
not
be
deleted.
A
B
C
The
way
the
way
the
way
uber
said
our
images
app
is
we
create
a
pretty
like
slab
to
ten
different
type
of
base
in
it
is
roughly
each
one
model
to
a
different
programming
language,
then,
besides,
that
each
of
the
individual
micro-service
would
extend
the
base
image
and
then
put
our
own
logic
of
boundaries
inside
this
means
our
mean.
We
always
have
a
set
of
non
paste
images
we
expect
to
so
we
say
we
excited
to
be
keep
we
used
by
all
the
container
monkey
logic.
So
this
means
like
will
our
our
clean
ups.
C
B
C
A
A
C
For
example,
if
you
are
basically,
you
operate
a
base
image
from
version,
one
to
version
two,
and
if
you,
if
you
exclude
images,
you
only
put
version
to
go
for
whatever
layers
of
the
version,
one
will
can
be
pruned
now
as
long
as
they're
not
being
used
for
something
else.
So
eventually
they
will
go
away.
Well,
nobody
uses
them
all
refers
to
them.
B
C
C
B
I'm
talking
about
API
like
what
do
they
provide
I
remember
they
provide
some
sort
of
filtering
stuff,
but
we
can
do
that
later.
I
guess
I
just
want
to
make
sure
like,
like
we
have
a
dislike
in
API
change,
yeah
yeah
I
cannot
yeah,
actually
I.
Think
it's
for
it's!
Okay!
For
now,
what
type
of
API
you
you,
you
you,
the
viewing
operator
aprx.
Is
this
like
an
API
so
in
the
future
cannot
change
this.
If
we
want
to
move
to
a
different,
we
have
to
be
backwards
compatible
once
we
introduce
this.
A
B
B
I'm,
just
looking
at
that
I'm
just
thinking
about,
if
that
makes
sense
or
no
I
mean
darker
print
support,
darker
image
print
support,
light
a
which
we
do
support
I.
Can
you
don't
specify
any
exclude
images,
this
pretty
much
a
like
all
images,
all
layers,
and
they
have
also
a
filter
like
filter,
which
you
can
do
arbitrary
key
value
pairs,
like
you
can
say,
I
want
to
delete
docker
images
layers
with
step,
give
a
label,
or
things
like
this
I'm.
B
C
D
You
seeing
the
amount
of
work
the
operator
for
each
role
out
of
the
basement.
Could
you
like
specify
expiration
time
for
these
images,
for
like
I,
don't
know
one
day,
so
it
makes
us
can
determine
that
all
these
images
haven't
been
use
in
the
past
24
hours.
Then
it
could
be
firm
if
it's
used
by
all
the
fastest
in
a
real
cluster.
E
C
B
A
B
C
B
B
A
So
yeah
so
I
think
almost
on
the
on
the
by
the
end
of
the
the
GCD
side,
I
would
like
to
mention
two
probably
right
now.
Gillian
and
myself
are
trying
to
restore
explain,
is
to
support
the
dragon
surrounding
container,
which
we
mentioned
PST.
So
we
don't
have
a
solution,
but
I
will
say
like
a
lot
of
user,
especially
existing
bases
user
with
who
is
using
unify
continuous
every
day.
A
My
one
to
the
ma
expelled
like
is
to
be
better
compatible,
which
means
they
don't
necessary
to
drink
all
the
containers
on
every
agent,
because
they're
gonna
be
paying
for
if
they're,
already
using
some
kind
of
a
production,
so
I
can
see
many
usually
they'll
be
expecting
like
we
expect
like
we
can
support
the
GC
and
a
solution
yet,
but
we
will
keep
investigate
on
that
couple
days
and
the
second
problem
we
have
right
now
it
is
embrace
we
discussed
yesterday.
So
basically
right
now
me.
This
is
an
implementation
detail.
A
So
right
now
we
we
we
do
the
mock
and
split,
and
then
we
did
a
mock
me
lock
did
not
order
in
August
or
it
means
any
new
coming
pulling.
The
crest
we
will
post
it
and
then
we
could
then
put
off
then
in
the
queue
so
just
waiting
for
the
image
juicy
finish
once
they
finished.
We
leave
you
clean
up
here
on
them.
I,
probably
first
resumed
and
continued
down
low
in
it,
and
then
you
might
hit
a
potential
race.
Even
if
it's
like
right
before
we
start
approved.
A
We
have
some
image
start
downloading,
but
they
are
big.
They
are
still
pulling
the
layers
and
right
now
we
trigger
the
pool
and
we
lock
the
store
and
the
prune
is
ongoing,
but
the
aiming
down
low
down
low,
they
are
also
ongoing.
So
let's
say:
if
we
have
like
we
have
like
some
image
download.
They
are
using
the
layers
which
is
download
before
on
the
in
the
store,
but
they
are
unmute
layers.
It
means
we
might
delay
those
layers
well
by
for
some
reasons
by
the
pool.
A
So
it
is
a
race
here
and
then
that
continuing
aren't
gonna
fail
because
we
are
missing
some
layers.
So
right
now
here
we
are,
we
are,
we
are
comparing
the
usability
and
and
and
the
use
and
the
operator
friendly
friendly
choice
here.
It
means
like
we
can
either
we
can
either
wait
for
all
the
image
pool
finish
and
all
the
image
time
low
finish
or
the
come
current.
A
B
B
C
Problem
of
delaying
the
pruning
is,
if
you
keeps
having
a
stream
saying
it's
a
red
clay
speaking.
If
you
have
a
stream
putting
happening
infinitely,
you're
cooler
will
be
also
delayed
infinitely
Annie.
This
is
since
seem
similar
to
like,
if
have
a
read/write
lock,
and
there
is
a
theoretical
problem
that
if
you
obtain
an
exclusive
right
lock
on
on
something,
but
you
keeps
having
other
other
entities
of
training
you
could
the
right,
lock
side
could
be
starved
instantly.
You
never
know
there
is
there.
C
You
know
what
one
of
the
one
of
the
one
of
information
with
over
the
way
to
implement
this
would
be
simply
queue
up
any.
So
if
what
we
want,
when
the
when
the
first
pruning
enters
the
system,
we
simply
to
have
all
the
image
pulling
to
at
that
point.
So
so
we
make
sure
that,
all
after
all,
the
all
the
thumb
laws
currently
running
down
all
the
finishes,
ruining
will
be
the
first
ones
in
the
lock
and
the
finishes
work
in
other.
C
B
C
B
B
A
E
B
F
A
So
right
now,
in
this
decide
dock
we
only
have
to
operate
the
API
to
control
the
GC.
But
after
this
basic
GC
support
lens,
we
might
introduce
an
aging
threat.
So
if
we
specify
an
age
effects,
so
we
have
the
heuristic
project
in
the
agent
which
it
is
the
very
basic
one.
So
it
means
like
we
frequency
every
couple
days
specified
by
the
use
operator.
We
will
trigger
the
GC
automatically.
So
that's
the
prin
which
we
did
not
have
in
the
decider
yet,
but
something.
F
F
C
F
F
Guess
the
only
way
to
start
it
as
restart
the
agent
by
removing
that
particular
plug
and
stop
the
GC
right,
let's
say:
there's
a
bug
in
DC
where
that's
going
and
destroying
images
of
existing
containers
or
whatnot
right,
something
horrible
happens
over
there
and
yeah.
You
need
to
stop
this.
That
is
pretty
pretty
intrusive
to
the
system.
If
something
goes
wrong
with
this,
so
the
only
option
then
is
to
just
remove
the
flag
and
then
restart
agent.
I
guess
right.
B
That
that's
kind
of
kind
of
reminds
me
another
question
like
ID
like.
If
AJ
is
not
up,
how
do
we
prune
the
images
like?
That's
not
so
you
just
think
about
like
what
what
if
the
disk
is
already
full
and
he
cannot
start
agents
because
agency,
checkpoints
and
metadata
initially
during
recovery,
and
then
you
want
to
prune
the
images
like
is
there
a
way
to
do
just
like
do
am
a
sociology
which
you
do
cleanup
of
those
layers,
but.
E
That's
been
an
issue
forever
right,
I
mean
this
same
thing,
exists
with
Sam
boxes
and
boxes
and
like
agent
coming
up
right.
Listen
this
because
we
do
in
some
cases
we
do
a
bad
job
of
disk
isolation
and
other
agent
run
out
of
space,
and
you
kind
of
manually
grew
up
around
and
you
could
bunch
of
stuff
not
very
satisfying
yeah.
B
C
Think
operator,
if
I
would
be
open
in
a
class
if
I
have
an
operating
machine
in
a
large
class
or
in
that
state
I
will
we
typically
do
something
more
more
brutal,
simply
shut
up
any
process
we
can
and
then
we
move
any
any
of
these
temporary.
It
has
a
dated
actress
like
soccer
star,
sandbox
and
then
try
to
restart
your
agent
to
see
whether
she'll
come
back.
C
E
But
I
mean
I
guess,
but
the
only
thing
along
that
one
so
I
can
see
being
reliable
would
be
to
reimage
the
machine
from
scratch
like
just
oh
this
thing
when
I
dispose
nuclear
from
all
it
like
as
soon
as
you
go
as
soon
as
you
try
to
write
a
tool
which
says
you
know,
oh,
you
should
go
and
clean
up.
Maybe
you
should
clean
up
this
thing
I,
maybe
should
that
thing?
You
really
need
some
sort
of
some
sort
of
API
support
for
the
for
the
file
system
database.
F
This
goes
back
at
the
when
James
was
making
right,
I
mean
why
not
run
GC
as
a
separate
process.
It
seems
like
mission
critical
over
here
and
it
seems
independent
of
the
agent.
Why
not
just
write
it
as
a
separate
process,
and
then
any
interaction
of
the
agent
can
have
to
happen
over
the
process.
Yeah.
B
C
B
Yeah
and
also
I
think
like
right
now,
I
think
Josephus
was
working
on
the
standalone.
Continual
part
of
that
work
is
making
container
riser
itself
standalone
that
you
can
launch
container
riser
with
other
agents
that
make
that
very
possible.
We
can
in
fact
factor
out
a
way
to
like
just
run,
container
Iser
stand-alone
and
then.
B
Container
Iser,
as
far
as
I
know
that
it
shouldn't
checkpoint
anything
if
no
task
launch
it's
being
here,
so
you
won't
try
to
use.
You
won't
try
to
checkpoint
any
information
into
the
disk
unless
there's
a
launch
from
somewhere.
So
UF
disk
is
full
that
one
should
be
still
able
to
boot
up
and
then
do
proper
cleanup,
yeah.
B
C
B
Yeah,
so
container
riser
will
be
a
library,
so
if
you're
running
was
aging,
it
just
be
a
library
that
if
it's
a
rainy
standalone
like
you
have
a
helper
binary,
can
also
initialize
container
riser
without
an
agent,
and
that
container
rather
can
give
you
all
information
about
like
running
containers
running
like
all
the
images,
if
you
hit
proper
API
for
that
container
as
an
interface.
So
that
makes
this
very
possible
like
see.
B
B
B
B
Okay,
so
it
sounds
like
he's
not
on
the
line.
Yeah
I
think
he
he
volunteered
to
do
some
background
research
on
the
like
criminals,
vm
support-
and
this
is
the
first
checkpoint
outside
whether
I'm
going
to
the
right
direction.
For
the
question
to
ask
ourselves
yeah,
are
you
on
the
line?
Jonah,
Jonah
hat?
B
Okay,
so
sounds
like
he's
not
on
the
line.
Who
can
do
that
next
next
time,
I
think
we
our
target
to
do
the
the
VM
research
sync
next
time.
That's
one
month
check.
So
let's
target
those
and
also
move
the
discussion
to
next
time.
Okay,
okay
sounds
like
we
are
all
good
anything
else
that
guys
want
wants
to
discuss.