Speaker
Description
PuzzleFS is a container filesystem designed to address the limitations of the existing OCI format. The main goals of the project are reduced duplication, reproducible image builds, direct mounting support and memory safety guarantees, some inspired by the OCIv2 brainstorm document.
Reduced duplication is achieved using the content defined chunking algorithm FastCDC. This implementation allows chunks to be shared among layers. Building a new layer starting from an existing one allows reusing most of the chunks.
Reproducible image builds are achieved by defining a canonical representation of the image format. Direct mounting support is a key feature of PuzzleFS and, together with fs-verity, it provides data integrity. Currently, puzzlefs is implemented as a userspace filesystem (FUSE). A read-only kernel filesystem driver is available as a POC.
Lastly, memory safety is critical to PuzzleFS, leading to the decision to implement it in Rust. The same code is shared between user space and kernel space in order to provide one secure implementation.
The author will present the integration of PuzzleFS into the OCI Image Specification, demo a PuzzleFS workflow and discuss further integrations with LXC and stacker.