Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: move to scratch docker image #2705

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

fix: move to scratch docker image #2705

wants to merge 1 commit into from
+78 −77

Conversation

slimm609
Copy link

This updates several components in order to switch to scratch images. The move to scratch is to reduce additional OS dependencies and also added ldflags to remove golang debug symbols.

This resulted in a reduction from 96.6MB to 54.9MB for the release image

This also removes all other files except for the operator itself and the ca-certificates.
This is the new image structure

                                   ├── etc
drwxr-xr-x         0:0     214 kB  │   └── ssl
drwxr-xr-x         0:0     214 kB  │       └── certs
-rw-r--r--         0:0     214 kB  │           └── ca-certificates.crt
-rwxr-xr-x         0:0      55 MB  └── postgres-operator

Switched off of golang-alpine image because of issues with alpine images as well as the alpine golang image being experimental. https://hub.docker.com/_/golang declares "This variant is highly experimental, and not officially supported by the Go project" There are several issues with alpine due to musl as well

are some examples. golang:$ver is the supported version

This required some additional changes to fix the e2e tests, mainly replacing the kubectl exec for curl and wget and replacing it with port-forward and using python requests instead. This method does not require curl or wget to be included in the operator image.

  • removed docker/build_operator.sh which was no longer used after https://github.com/zalando/postgres-operator/pull/2665/files
  • since both the image and the k8s manifests reference the user id of 1000:1000, there is no need to pre-create the user or to even have a passwd file in the image, if the user was set to pgo:pgo then this would require the passwd file to be able to map the name to an id.
  • update kubectl version to match the kind version used for testing
  • updated e2e tests to automatically build image if it doesn't exist during pipeline tests
  • update kubernetes python library to a valid version. the referenced version was not valid during build and not listed in https://pypi.org/project/kubernetes/#history

Ran e2e tests to numerous times to confirm all the changes worked.

@slimm609
fix: move to scratch docker image
dac53da 
This updates several components in order to switch to scratch images. The move to scratch is to reduce
additional OS dependencies and also added ldflags to remove golang debug symbols.

This resulted in a reduction from 96.6MB to 54.9MB for the release image

This also removes all other files except for the operator itself and the ca-certificates
This is the new image structure

```
                                   ├── etc
drwxr-xr-x         0:0     214 kB  │   └── ssl
drwxr-xr-x         0:0     214 kB  │       └── certs
-rw-r--r--         0:0     214 kB  │           └── ca-certificates.crt
-rwxr-xr-x         0:0      55 MB  └── postgres-operator
```

Switched off of golang-alpine image because of issues with alpine images as well as the alpine golang image
being experimental. https://hub.docker.com/_/golang declares "This variant is highly experimental, and not officially supported by the Go project"
There are several issues with alpine due to musl as well
- [Why I Will Never Use Alpine Linux Ever Again](https://martinheinz.dev/blog/92)
- [Docker/Alpine - Why you should avoid alpine linux](https://dev.to/kakisoft/dockeralpine-why-you-should-avoid-alpine-linux-44he)
are some examples. golang:$ver is the supported version

This required some additional changes to fix the e2e tests, mainly replacing the kubectl exec for curl and wget and replacing it with port-forward
and using python requests instead. This method does not require curl or wget to be included in the operator image.

- removed docker/build_operator.sh which was no longer used after https://github.com/zalando/postgres-operator/pull/2665/files
- since both the image and the k8s manifests reference the user id of 1000:1000, there is no need to pre-create the user or to even have a passwd file
in the image, if the user was set to `pgo:pgo` then this would require the passwd file to be able to map the name to an id.
- update kubectl version to match the kind version used for testing
- updated e2e tests to automatically build image if it doesn't exist during pipeline tests

Ran e2e tests to numerous times to confirm all the changes worked.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@sdudoladov sdudoladov Awaiting requested review from sdudoladov sdudoladov is a code owner

@Jan-M Jan-M Awaiting requested review from Jan-M Jan-M is a code owner

@FxKu FxKu Awaiting requested review from FxKu FxKu is a code owner

@jopadi jopadi Awaiting requested review from jopadi jopadi is a code owner

@idanovinda idanovinda Awaiting requested review from idanovinda idanovinda is a code owner

@hughcapet hughcapet Awaiting requested review from hughcapet hughcapet is a code owner

@macedigital macedigital Awaiting requested review from macedigital macedigital is a code owner

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@slimm609