Skip to content
This repository has been archived by the owner on Sep 5, 2019. It is now read-only.

git-init and creds-init images are too big #179

Closed
imjasonh opened this issue Jun 6, 2018 · 3 comments
Closed

git-init and creds-init images are too big #179

imjasonh opened this issue Jun 6, 2018 · 3 comments
Labels
kind/bug Something isn't working kind/dev

Comments

@imjasonh
Copy link
Member

imjasonh commented Jun 6, 2018
edited
Loading

git-init and creds-init images are both based on gcr.io/cloud-builders/gcloud:latest, which includes every optional gcloud component, and clocks in at ~2 GB. This makes builds slow, and ko apply -L -f config/ slow because the image is always rebuilt and pushed into the daemon (google/go-containerregistry#205)

git-init probably only needs git, and creds-init probably only needs ssh-keygen, so base images that include those packages (or a single base image that includes both) would help a lot.
@google-prow-robot google-prow-robot added kind/bug Something isn't working kind/dev labels Jun 6, 2018
@imjasonh
Copy link
Member Author

imjasonh commented Jun 6, 2018

As a test, I created a minimal Dockerfile:

FROM launcher.gcr.io/google/ubuntu16_04
  
RUN apt-get -y update && \
    apt-get -y install keychain git

I pushed this to gcr.io/my-project/init-base and updated .ko.yaml so that the images are based on this image. git-init is now 112.3 MB, down from 947.3 MB. tests/git-ssh/ passes against the cluster running these smaller images, so I think everything's working.

The question is, how we keep this base image up-to-date, ideally building it as part of the release, or even building it at the beginning of ko apply -f config/ -- I'm not sure the best place to hook this into the current release workflow. @mattmoor thoughts?

@imjasonh imjasonh mentioned this issue Jul 23, 2018
Closed
@scothis scothis mentioned this issue Jul 30, 2018
Closed
@nader-ziada
Copy link
Member

All the tests ran successfully with a base image based on alpine. The init-base image using alpine is only 23.2 MB vs 112.3 MB for image using ubuntu

FROM alpine:latest
RUN apk add --update git openssh-client

To help with running the builds faster on a smaller image, I have the following proposal

Proposal

  1. Maintain this init-base image separately from the release process to allow for updates based on its base image (FROM entry) to be published as needed.
  2. Use automated builds linked to the Dockerfile to publish the init-base image on a publicly available repo, for example gcr.io/knative-build/init-base-image
  3. As long as the .ko.yaml is pulling latest, it would pick it the latest image irrespective of when it was updated, and we can use tags in case we need to make sure some release is using a specific version of the image.
  4. Since this is only one Dockerfile, we probably don’t need to have this in a separate repo similar to cloud-sdk-docker or cloud-builders, but this is also an option.

@mattmoor @imjasonh thoughts?

@imjasonh
Copy link
Member Author

That seems totally reasonable to me. I don't have a strong preference about alpine, we can always change it later if we decide we want to.

@nader-ziada nader-ziada mentioned this issue Aug 27, 2018
Merged
@imjasonh imjasonh mentioned this issue Aug 27, 2018
Merged
@cruwe cruwe mentioned this issue Mar 9, 2019
Open
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
kind/bug Something isn't working kind/dev
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@imjasonh @nader-ziada @google-prow-robot