filesystemmmmms

And, one very big, core note:
you can design an archival filesystem, or a filesystem for getting things done – and not both.

trees, trees everywhere

Metadata in-tree

• happy: the more 'obvious' choice
• sad: changes in attribs on leaf nodes may cause a lot of parent notes to diverge in hash.
  • theory might say "that's log/height", but practice seems to indicate chown hits swaths and that causes all intermediate nodes to update, which means roughly 1/2 all nodes diverge.
• sad: recursive fetch of all notes gets metadata and data – heavy if you only wanted the metadata.
  • debatable: IPLD Selectors can get you this anyway (it's just less smackingly obvious).

Metadata in parallel tree

• happy: Easier to fetch a tree of just the metadata.
  • debatable: IPLD Selectors can get you this anyway (it's just less smackingly obvious).
  • still, definitely makes it more obvious how to map this onto other transport/packing formats, anyway.
    • imagine 'car' formats: of course you put a full tree in them.
• misleadingly seems happy: can dedup the full-content-body bytes more easily since metadata is separate.
  • absolutely misleading. the leafs will dedup in IPLD no matter what. (not a bad thing – just not a good thing unique to this approach.)

flatstitch root tree

• e.g. [{"name":"x","type":"dir"},{"name":"x/y","type":"file"},...]
• sad: they don't trivially compose and scale.
  • makes 'root' special and that's awkward.
• happy: most updates to attribs on a leaf will change that leaf and the 'root' and nothing else.
  • debatable: just how consequential this is in practice.

variations on in-tree

Is it useful to put attribs (other than name) in their own block, so when they're the same, the CID is simply the same?

Also makes attribs "fixed size" which might be useful (but names still aren't, so, eh).

attribyooots

How many different ways to do attributes are there?

one

type Attribs struct {
	mtime Int
	posix Int # Ye standard 0777 mask packing here?
	sticky Bool (implicit: false)
	setuid Bool (implicit: false)
	setgid Bool (implicit: false)
	uid Int
	gid Int
}

two

type Attribs struct {
	mtime Int
	posix Int # Ye standard 0777 mask packing here?
	sticky Bool (implicit: false)
}

• diff vs one: actively disregards / no-support-for uid and gid.

three

type Attribs struct {
	mtime optional Int
}

• questionable: would one ever really want a tree with mixtures of mtime and not? what does absent mean? what would cause one to produce such a mixed tree?

four

type Attribs struct {
}

• worth pointing out: this is absolutely an option.

five

type Attribs struct {
	mtime Int
	posix Int # Ye standard 0777 mask packing here?
	sticky Bool (implicit: false)
	uid Int
	gid Int
}

• diff vs one: we can still describe owner uid and gid, but setuid and setgid are excluded from the schema entirely. Thus, perhaps you might use this schema when you know you're not going to accept inputs with those properties.
• this set of attributes might also make the most sense with a schema for the tree that also doesn't support describing device nodes, etc, per that same user story about intentionally low-priv/low-effect(? wording) modes.

more…

notes on attributes

• 'ctime' exists. But you can't set it without being a driver. So this is one of those things that's "archival, or fit-for-purpose"-choice.
• 'btime' is a new, recently added property! wow! but it's the same issue as 'ctime'.
• 'xattrs' are unbounded in size. that's cool.
• 'xattrs' are not all equally writeable (see "security.*"). So this prompts "archival, or fit-for-purpose" again.
• 'xattrs' are not all readable unconditionally(!??!)!
  • some are not readable without privileges…
  • some actually get string-munged on write in a form of "namespacing"…
• hardlinks exist but most people agree that preserving that is a mistake.
  • hardlinks are for a system's local optimizations of storage dedup and should not be used for semantics.

chunking

chunking vs external integration

Basically: chunking is Good. Except: people like using basic-bitch hashes on per-file granularity because it's easier for everyone to agree on. What do?

(Not clear there's actually anything great possible here period.)

which chunking to use?

Rolling checksums are the name of the game. There are several of these. Correctly implemented rolling checksums for chunkfinding should be very very fast, nearly invisible in performance compared to cryptographic hashing.

Update: some buzhash based things have been pushed into go-ipfs-chunker! Probably we should use them.

dev nodes: seriously, argh

• clearly need 'em for some root filesystem and container-related work
• they're opaque ints – that's "easy" enough
• but some of those opaque ints are more consistently meaningful than others
  • device loop nodes are effectively pointers to global vars in the kernel, for example: so they're meaningless to transport anywhere else. But surely it would be inappropriate for our understanding of posixy filesystems to take note of this! nngh.

misc references

• https://www.cyphar.com/blog/post/20190121-ociv2-images-i-tar

  • the entire thing. Just read the entire thing.

• casync has a (overly?) comprehensive list of things you could conceivably save metadata on: https://github.com/systemd/casync/blob/e4a3c5efc8f11e0e99f8cc97bd417665d92b40a9/src/caformat.h#L82-L125

• Timeless Stack rio has a bunch of code around filesystem attribute normalizers which is the result of some real-world user stories discovery around needing to hash things deterministically+convergently while handling full container filesystems: https://github.com/polydawn/go-timeless-api/blob/0ece408663edb9dbc6109ef8690f8425f0d8f5f4/filesetFilters.go

  • especially take a gander at the preset groups that ended up getting used in different user stories: https://github.com/polydawn/go-timeless-api/blob/0ece408663edb9dbc6109ef8690f8425f0d8f5f4/filesetFilters.go#L32-L40
  • We will probably have filters like this in IPFS for all future paths of development, for any and all of the above choice matrices. Anything we do that's not exactly posix -> there will be filters/mappings. Know 'em.

perhaps a summary

1. There are definitely more than one meaningful filesystem spec possible. Let's do several.
   • We are uniquely empowered to do this and support it well and share dedup. We can rock; Therefore, we should rock.
2. Probably "containerfs" is a big one; "plainfiles" might be another; "posixlowpower" a third?
   • This is an example enumeration mapping onto user stories, but might not be correct. Figuring out which of these (or which not-listed-here combinations) we actually want to focus on is still the name of the problem – we've done discovery in this document, not made choices yet.
3. Decisions about the overall tree topology should be made now. All three (or more) filesystem specs should share the topology.
   • Variations in the attributes are fine; variations in the topology are extremely undesirable. (Concretely: We want the same selectors to work on all of the filesystem formats!)