this post was submitted on 20 Jun 2024

24 points (92.9% liked)

Linux

48186 readers

1571 users here now

From Wikipedia, the free encyclopedia

Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).

Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word "Linux" in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.

Rules

Posts must be relevant to operating systems running the Linux kernel. GNU/Linux or otherwise.
No misinformation
No NSFW content
No hate speech, bigotry, etc

Related Communities

Community icon by Alpár-Etele Méder, licensed under CC BY 3.0

founded 5 years ago

MODERATORS

nooter692@lemmy.ml

AgreeableLandscape@lemmy.ml

MarcellusDrum@lemmy.ml

cypherpunks@lemmy.ml

cyclohexane@lemmy.ml

d3Xt3r@lemmy.nz

Should I make this: (distroless) containers builder, by taking list of packages or a gentoo ebuild file (lemy.lol)

submitted 4 months ago* (last edited 4 months ago) by matcha_addict@lemy.lol to c/linux@lemmy.ml

12 comments fedilink hide all child comments

I am thinking to make the following tool, but wanted to get opinions before I embark on this journey.

The tool builds container images.

The images are optionally distroless: meaning, they do not include an entire distro. They only include the application(s) you specify and its dependencies.

What else does the tool give you?

the build tool uses a package manager to do dependency resolution, so you don't have to manually resolve them like many docker files do. (NOTE: The package manager is not installed on the container image. It is only used by the build tool)
uses gentoo's portage to build the software from source (if not previously cached). This is helpful when you're using versions of software that aren't built against each other in the repos you download from
allows specifying compile flag customizations per package.
makes use of gentoo's existing library of package build or install recipes, so that you only have to write them for uncommon apps rather than in every docker file.

I find it crazy that so many dockerfiles are doing their own dependency resolution when we already have package managers.

What do you think? Is this tool useful or am I missing a reason why it wouldn't be?

you are viewing a single comment's thread
view the rest of the comments

[–] just_another_person@lemmy.world 3 points 4 months ago* (last edited 4 months ago) (1 children)

I think you're missing the point of distroless by trying to make a distro out of an image based on distroless with a package manager.

The entire context of that image would be immediately lost and make absolutely no sense by introducing a package manager into it.

If you're unfamiliar with combining portions of images as multi-stage builds, you may want to look into that to grasp the concepts better.

Another thing: not all containers are built with dockerfiles. You might want to get more familiar with how distroless images are built into the OCI-compliant sense, and the tools used therein.

What you're describing not only already exists, it exists in the toolchain you mean to rewrite. It's a hat on a hat, on another hat because it's in containers.

Maybe if you described the problem you're having, it might help others understand what you're trying to solve for.

[–] matcha_addict@lemy.lol 2 points 4 months ago* (last edited 4 months ago) (1 children)

The package manager would not be part of the container image. The package manager is only used to build it. The container image will only include the packages the user specifies.

combining portions of images as multi-stage builds

That's something I am making use of for this, actually :)

What you're describing not only already exists...

Can you please give an example of a tool that can build a container image by being given only a list of packages it needs to have?

My tool would be as simple as doing something like this:

build-container --packages nodejs-20.1.1, yarn-4.2.2, some-app-i-made-1.0.0

And I would have a container that only has nodejs binary, yarn, and my own app. no package manager or any utils.

[–] just_another_person@lemmy.world 1 points 4 months ago (1 children)

Yes. In your example, the base image is nodejs, which includes yarn. Then you copy your app into it with a COPY command and set the entrypoint to execute. Dead simple.

[–] matcha_addict@lemy.lol 1 points 4 months ago (1 children)

the base image is nodejs

Which has its own dockerfile. My proposed tool would allow using other images as base too, but that is not the problem it is solving.

copy your app

Well you'd have to have it compiled or built if that is required in your case. With my system, the build recipe would be a gentoo ebuild (shell-script-like) that you would just reference.

The example I gave is pretty simple, you're right. Say in another case, you list the following packages:

nodejs, nginx, vpn-app(wireguard), some-system-monitoring-app, my-app

You could start with a nodejs base or an nginx base, and then write the steps to install the other. You'd also have to make sure to get all the deps if they have them.

You're unlikely to find a ready image that has all what you want. But with my method, you can compose different ones however you like, rather than having to find an image that matches your exact use case.

[–] just_another_person@lemmy.world 1 points 4 months ago (1 children)

Again, all you're describing is just scripting tools that already exist together.

My question is "WHY?". You've not been able to describe a problem that needs a solution. I'm seeing in these other comments that you're just deflecting that question, so do you know what you're trying to solve here?

[–] matcha_addict@lemy.lol 2 points 4 months ago

Please demonstrate how the example I gave above can be done with common scripting tools, such it would mimic the declarative experience I described. I don't think it is possible as you claim.

Can you please point to where I deflected any questions? I looked and could not find any instances of such.

I actually answered the question "why", please refer to previous comments. It is also answered in the main post. But I will rephrase and summarize again here:

when creating a container image that requires certain applications installed, most dockerfiles explicitly install the dependencies of said applications as well. With my tool, you only declare the package you need, and it will resolve dependencies automatically and install them for you.
the above would work with distroless containers too, as the package manager used is outside of the produced container.