Update docs and scripts for latest on OCI images

Makefile

@@ -190,7 +190,7 @@ load: dist/img.tar
 
 CTR_VERSION := $(shell sudo ctr version | sed -n -e '/Version/ {s/.*: *//p;q;}')
 load/oci: dist/img-oci.tar
-	@echo $(CTR_VERSION)\\nv1.7.7 | sort -crV || (echo "containerd version must be 1.7.7+ was $(CTR_VERSION)" && exit 1)
+	@echo $(CTR_VERSION)\\nv1.7.7 | sort -crV || @echo $(CTR_VERSION)\\nv1.6.25 | sort -crV || (echo "containerd version must be 1.7.7+ or 1.6.25+ was $(CTR_VERSION)" && exit 1)
 	@echo using containerd $(CTR_VERSION)
 	sudo ctr -n $(CONTAINERD_NAMESPACE) image import --all-platforms $<
 
@@ -269,7 +269,7 @@ bin/k3s/clean:
 
 .PHONY: test/k3s-%
 test/k3s-%: dist/img.tar bin/k3s dist-%
-	sudo bash -c -- 'while ! timeout 40 test/k3s/bootstrap.sh "$*"; do $(MAKE) bin/k3s/clean bin/k3s; done'
+	sudo bash -c -- 'while ! timeout 40 test/k3s/bootstrap.sh "$*" dist/img.tar; do $(MAKE) bin/k3s/clean bin/k3s; done'
 	sudo bin/k3s kubectl get pods --all-namespaces
 	sudo bin/k3s kubectl apply -f test/k8s/deploy.yaml
 	sudo bin/k3s kubectl get pods --all-namespaces
@@ -278,6 +278,22 @@ test/k3s-%: dist/img.tar bin/k3s dist-%
 	sleep 5s
 	sudo bin/k3s kubectl wait deployment wasi-demo --for condition=Available=True --timeout=5s
 	sudo bin/k3s kubectl get pods -o wide
+	sudo bin/k3s kubectl delete -f test/k8s/deploy.yaml
+	sudo bin/k3s kubectl wait deployment wasi-demo --for delete --timeout=60s
+
+.PHONY: test/k3s-oci-%
+test/k3s-oci-%: dist/img-oci.tar bin/k3s dist-%
+	sudo bash -c -- 'while ! timeout 40 test/k3s/bootstrap.sh "$*" dist/img-oci.tar; do $(MAKE) bin/k3s/clean bin/k3s; done'
+	sudo bin/k3s kubectl get pods --all-namespaces
+	sudo bin/k3s kubectl apply -f test/k8s/deploy.oci.yaml
+	sudo bin/k3s kubectl get pods --all-namespaces
+	sudo bin/k3s kubectl wait deployment wasi-demo --for condition=Available=True --timeout=120s
+	# verify that we are still running after some time	
+	sleep 5s
+	sudo bin/k3s kubectl wait deployment wasi-demo --for condition=Available=True --timeout=5s
+	sudo bin/k3s kubectl get pods -o wide
+	sudo bin/k3s kubectl delete -f test/k8s/deploy.oci.yaml
+	sudo bin/k3s kubectl wait deployment wasi-demo --for delete --timeout=60s
 
 .PHONY: test/k3s/clean
 test/k3s/clean: bin/k3s/clean;

README.md

@@ -270,11 +270,11 @@ The test binary supports commands for different type of functionality, check [cr
 
 #### Demo 4 using OCI Images with custom WASM layers
 
-The previous demos run with an OCI Container image containing the wasm module in the file system.  Another option is to provide a cross-platform OCI Image that that will not have the wasm module or components in the file system of the container that wraps the wasmtime/wasmedge process.  This OCI Image with custom WASM layers can be run across any platform and provides for de-duplication in the Containerd content store among other benefits.
+The previous demos run with an OCI Container image containing the wasm module in the file system.  Another option is to provide a cross-platform OCI Image that that will not have the wasm module or components in the file system of the container that wraps the wasmtime/wasmedge process.  This OCI Image with custom WASM layers can be run across any platform and provides for de-duplication in the Containerd content store among other benefits. To build OCI images using your own images you can use the [oci-tar-builder](./crates/oci-tar-builder/README.md)
 
-To learn more about this approach checkout the [design document](https://docs.google.com/document/d/11shgC3l6gplBjWF1VJCWvN_9do51otscAm0hBDGSSAc/edit).
+To learn more about this approach checkout the [design document](https://docs.google.com/document/d/11shgC3l6gplBjWF1VJCWvN_9do51otscAm0hBDGSSAc/edit).  
 
-> **Note**: This requires containerd 1.7.7+ and 1.6.25+ (not yet released).  If you do not have these patches for both `containerd` and `ctr` you will end up with an error message such as `mismatched image rootfs and manifest layers` at the import and run steps.
+> **Note**: This requires containerd 1.7.7+ and 1.6.25+.  If you do not have these patches for both `containerd` and `ctr` you will end up with an error message such as `mismatched image rootfs and manifest layers` at the import and run steps. Latest versions of k3s have the necessary containerd versions. Kind doesn't not have these versions but we have a docker file for a [kind image that does work](test/k8s/Dockerfile.oci).  See the MAKE file for how to use with kind.
 
 Build and import the OCI image with WASM layers image:
 

crates/oci-tar-builder/README.md

@@ -25,32 +25,31 @@ There is an experimental executable that uses the library and can package a wasm
 To generate the package and import to a registry using a tool such as [regctl](https://github.com/regclient/regclient/blob/main/docs/regctl.md#image-commands): 
 
 ```
-cargo run --bin oci-tar-builder -- --name wasi-demo-app --repo localhost:5000 --module ./target/wasm32-wasi/debug/wasi-demo-app.wasm -o ./bin
-regctl image import localhost:5000/wasi-demo-oci:module ./bin/wasi-demo-app.tar        
+cargo run --bin oci-tar-builder -- --name wasi-demo-oci --repo ghcr.io/containerd/runwasi --tag latest --module ./target/wasm32-wasi/debug/wasi-demo-app.wasm -o ./dist/img-oci.tar
+regctl image import localhost:5000/wasi-demo-oci:latest ./dist/img-oci.tar        
 ```
 
-View the manifest created, notice that the media types are `application/vnd.w3c.wasm.module.v1+wasm` which are subject to change.
+View the manifest created, notice that the media types for the layers are `application/vnd.bytecodealliance.wasm.component.layer.v0+wasm` which are subject to change.
 
 ```
-regctl manifest get localhost:5000/wasi-demo-oci:module
-Name:                                localhost:5000/wasi-demo-oci:module
+Name:                                localhost:5000/wasi-demo-oci:latest
 MediaType:                           application/vnd.oci.image.manifest.v1+json
-Digest:                              sha256:869fb6029e26713160d7626dce140f1275f591a694203509cb1e047e746daac8
+Digest:                              sha256:6c48b431d29a1ea1ece13fa50e9f33e4d164e07f6a501dbed668aed947002c5c
 Annotations:
-  io.containerd.image.name:          localhost:5000/wasi-demo-app
-  org.opencontainers.image.ref.name: 5000/wasi-demo-app
-Total Size:                          2.565MB
+  io.containerd.image.name:          ghcr.io/containerd/runwasi/wasi-demo-oci:latest
+  org.opencontainers.image.ref.name: latest
+Total Size:                          2.590MB
 
 Config:
-  Digest:                            sha256:707ef07a1143cfdf20af52979d835d5cfc86acc9634edb79d28b89a1edbdc452
+  Digest:                            sha256:beb7483682ae4ec45d02cd7cee8ee733f8dc610cb7e91070dc8f10567365bdd7
   MediaType:                         application/vnd.oci.image.config.v1+json
-  Size:                              118B
+  Size:                              138B
 
 Layers:
 
-  Digest:                            sha256:b434ff20f62697465e24a52e3573ee9c212e3a171e18e0821bbb464b14fdbbf9
-  MediaType:                         application/vnd.w3c.wasm.module.v1+wasm
-  Size:                              2.565MB
+  Digest:                            sha256:656e978ae0c37156a6abe06052a588e5c700346650765859981ebd2089cffd42
+  MediaType:                         application/vnd.bytecodealliance.wasm.component.layer.v0+wasm
+  Size:                              2.590MB
 ```
 
 ### Spec

test/k3s/bootstrap.sh

@@ -16,6 +16,6 @@ EOF
 systemctl daemon-reload
 systemctl restart k3s-runwasi
 while ! bin/k3s ctr version; do sleep 1; done
-bin/k3s ctr image import --all-platforms dist/img.tar
+bin/k3s ctr image import --all-platforms $2
 while [ "$(bin/k3s kubectl get pods --all-namespaces --no-headers | wc -l)" == "0" ]; do sleep 1; done
 while [ "$(bin/k3s kubectl get pods --all-namespaces --no-headers | grep -vE "Completed|Running" | wc -l)" != "0" ]; do sleep 1; done

test/k8s/Dockerfile.oci

@@ -7,7 +7,7 @@ ARG GO_VERSION="1.21.3-bullseye"
 # modified from https://github.com/kubernetes-sigs/kind/blob/main/images/base/Dockerfile
 # stage for building containerd
 FROM golang:${GO_VERSION} as build-containerd
-ARG CONTAINERD_VERSION="v1.7.7"
+ARG CONTAINERD_VERSION="v1.7.12"
 ARG CONTAINERD_CLONE_URL="https://github.com/containerd/containerd"
 # we don't build with optional snapshotters, we never select any of these
 # they're not ideal inside kind anyhow, and we save some disk space