Add the design document #1
There are no files selected for viewing
| Original file line number | Diff line number | Diff line change | ||||||||
|---|---|---|---|---|---|---|---|---|---|---|
| @@ -0,0 +1,102 @@ | ||||||||||
| # Design and architecture | ||||||||||
|
|
||||||||||
| ## Authors | ||||||||||
| * [Arron Wang](https://github.com/arronwy) | ||||||||||
| * [Jiang Liu](https://github.com/jiangliu) | ||||||||||
|
|
||||||||||
| ## Design | ||||||||||
| The `image-rs` crate is a rustified and tailored version of [containers/image](https://github.com/containers/image), | ||||||||||
| to provide a small, simple, secure, lightweight and high performance OCI container image management library. | ||||||||||
| The crate development is driven by the [Confidential Containers](https://github.com/confidential-containers) | ||||||||||
| project scope but it might be used in a more generic fashion. | ||||||||||
|
|
||||||||||
arronwy marked this conversation as resolved.
Show resolved
Hide resolved
|
||||||||||
| Currently the `image-rs` crate focuses on usage scenarios to run Confidential Containers on Kubernetes clusters with | ||||||||||
| [Kata Containers](https://katacontainers.io/). It may also be enhanced to support other Confidential container runtimes | ||||||||||
| on demand. So it implements the | ||||||||||
| [CRI Image Service](https://github.com/kubernetes/cri-api/blob/master/pkg/apis/runtime/v1alpha2/api.proto#L119) | ||||||||||
| interface to be easily integrated with the K8s ecosystem. Among the container image `Build`, `Ship` and `Run` stages, | ||||||||||
| it focuses on the `Run` stage instead of `Build` and `Ship`. `Run` stage will mostly cover `Pull` and `Unpack` | ||||||||||
| operations, which will provide interfaces to prepare container images for running in a confidential environment. | ||||||||||
| Users may use any OCI image/distribution spec compatible tools to build and distribute | ||||||||||
| encrypted/plaintext container images with or without signatures. | ||||||||||
|
|
||||||||||
| The `image-rs` crate supports both unencrypted and encrypted container images since | ||||||||||
| [Encrypted Container Image](https://github.com/opencontainers/artifacts/pull/15) | ||||||||||
| is mandatory for many confidential container usage scenarios. It also supports image signature verification to ensure | ||||||||||
| integrity. Depending on the threat modeling of confidential containers, it should be configurable for which types of | ||||||||||
| images are supported. The policy may like below, currently we support image level signature and layer level encryption, | ||||||||||
| whether need per-layer signature support is still TBD: | ||||||||||
|
|
||||||||||
| 1. encrypted with signature, mandatory | ||||||||||
| 2. encrypted without signature, mandatory | ||||||||||
| 3. unencrypted with signature, configurable and should be enabled | ||||||||||
| 4. unencrypted without signature, configurable and may be disabled | ||||||||||
|
Comment on lines
+30
to
+33
Member
There was a problem hiding this comment. This might be quicker to understand if it was formatted as a table.
Also, is this scenario supported: a signed image that contains encrypted layers and unencrypted layers? (I think this should be stated clearly, maybe using the table above). tbh, I'm wondering if we need an additional term since "encrypted image" doesn't specify if the image is signed. How about:
Other questions:
Member
Author
There was a problem hiding this comment. For image encryption opencontainers/artifacts#15 this PR describe the details on encrypted mediatype definitions for oci image spec. |
||||||||||
|
|
||||||||||
| ### Goals | ||||||||||
| * Support pulling OCI/docker v2 images from registries with or without authentication | ||||||||||
| * Support downloading OCI images from local [OCI layout compatiable](https://github.com/opencontainers/image-spec/blob/main/image-layout.md) storage | ||||||||||
| * Support OCI image decryption | ||||||||||
| * Support OCI image signature verification | ||||||||||
| * Support configurable security policies for allowed OCI images | ||||||||||
| * Support seamlessly integration with Kata Agent and Attestation Agent | ||||||||||
| * Provide a command-line utility for debug | ||||||||||
| * Explore image decryption and decompression acceleration technologies | ||||||||||
| * Explore image on demand loading technologies | ||||||||||
| * Explore technologies to share image data among containers/pods with confidentiality and integrity. | ||||||||||
|
|
||||||||||
|
|
||||||||||
| ### Non-Goals | ||||||||||
| * Image push, content discovery/management operations for remote registries | ||||||||||
| * Image encryption and signing | ||||||||||
|
Member
There was a problem hiding this comment. I agree that everything involving provisioning an image is a non-goal that would bloat
Member
There was a problem hiding this comment. So maybe a "Howto" doc helps here:)
Member
There was a problem hiding this comment. ooi, is it not in scope as there are already existing tools to encrypt+sign or is that we don't want to bloat the binary? If it's the latter, we can simply build two binaries from the same source (one to encrypt/sign the other to decrypt/check) to avoid any packaging bloat. If this project supported encrypting/signing, that would make writing unit tests easier. But at an integration level, the CI should encrypt with other tooling too! ;)
Member
Author
There was a problem hiding this comment. This project will leverage ocicrypt-rs to do decryption and image signing verification, and we may focuse integration test for compatiable with existing container build tools like skopeo
Member
There was a problem hiding this comment. We hope to focus on the most valuable features at the first stage:)
Member
Member
Author
There was a problem hiding this comment. Yes, we added the document for generate test data in another PR which will describe how to do those steps, and will link them when related PR are merged. |
||||||||||
| * Image export to local storage | ||||||||||
| * Image import from other service daemon or other local storage format | ||||||||||
|
|
||||||||||
|
|
||||||||||
| ### Existing Solutions | ||||||||||
| * [containers-image-proxy-rs](https://github.com/containers/containers-image-proxy-rs): a rust bindings for skopeo, | ||||||||||
| which doesn't meet our requirements of small TCB and lightweight. | ||||||||||
| * [oci-distribution](https://github.com/krustlet/oci-distribution): a crate from | ||||||||||
| [krustlet](https://github.com/krustlet/krustlet) to run wasm application with K8S. Since wasm is platform agnostic | ||||||||||
| and small code size, `oci-distribution` does not support manifest lists for different platforms and internal data | ||||||||||
| struct is not friend to generic container workload. | ||||||||||
| * [oci-registry-client](https://github.com/ecarrara/oci-registry-client): a very simple client for OCI image registries | ||||||||||
| with limited features and latest commit is one and half years ago. | ||||||||||
|
|
||||||||||
| These projects focus on image distribution and do not support image unpack and storage management features. | ||||||||||
|
|
||||||||||
arronwy marked this conversation as resolved.
Show resolved
Hide resolved
|
||||||||||
| ## Architecture | ||||||||||
| The following diagram demonstrates the overall architecture and how to | ||||||||||
| integrate with Kata Agent: | ||||||||||
|  | ||||||||||
arronwy marked this conversation as resolved.
Show resolved
Hide resolved
|
||||||||||
|
|
||||||||||
| Diagram source file: [architecture.pptx](images/architecture.pptx) | ||||||||||
|
|
||||||||||
| The `image-rs` crate provides an API that covers the container image pulling and management parts of the OCI specification. | ||||||||||
|
|
||||||||||
| For image pulling part, it will follow OCI distribution and image spec to | ||||||||||
| interact with remote registries to download container image metadata | ||||||||||
| and blob data, these info will be consumed by the image management module. | ||||||||||
| After container image is downloaded, `image-rs` will talk with remote | ||||||||||
| attestation service to verify the image signature and decrypt the image | ||||||||||
arronwy marked this conversation as resolved.
Show resolved
Hide resolved
|
||||||||||
| if needed. After image is unpacked, for support image caching inside the guest, | ||||||||||
| the image format module can handle the format conversion between oci v1 and docker v2. | ||||||||||
|
|
||||||||||
| The image pulling module cooperates with the | ||||||||||
| [Attestation-agent](https://github.com/confidential-containers/attestation-agent) | ||||||||||
| to fetch secrets for decryption/verification from the remote attestation and key management server. | ||||||||||
|
|
||||||||||
| Snapshot module will prepare the rootfs together with the container | ||||||||||
| configuration and metadata, the bundles can be generated for the | ||||||||||
| runtime service to consume. The snapshot module can also support different | ||||||||||
| snapshotters which can support image on demand pulling. | ||||||||||
|
|
||||||||||
| As container image layers decryption and decompression can be time consuming, | ||||||||||
| image-rs will support different acceleration libraries to accelerate these process | ||||||||||
| like Intel storage acceleration library: | ||||||||||
| [isa-l](https://github.com/intel/isa-l) | ||||||||||
| [isa-l_crypto](https://github.com/intel/isa-l_crypto). | ||||||||||
|
|
||||||||||
|
|
||||||||||
| ## Reference | ||||||||||
| * [Nydus Image Service](https://github.com/dragonflyoss/image-service) for data on demand loading, data deduplication and encryption. | ||||||||||
| * [stargz](https://github.com/containerd/stargz-snapshotter) for data on demand loading. | ||||||||||
Uh oh!
There was an error while loading. Please reload this page.