On Wed, 2018-06-13 at 11:32 +0100, Daniel P. Berrangé wrote:
On Tue, Jun 12, 2018 at 12:12:12PM +0200, Andrea Bolognani wrote:
> The pre-built images have been hand-crafted using the
> build dependencies recorded in the libvirt-jenkins-ci
> repository: of course that's not something that we want
> to keep doing manually going forward, so figuring out a
> sensible way to generate Dockerfiles and potentially
> even Docker images automatically is pretty high on the
> priority list.
When first testing I produced a custom Ubuntu docker image
with not much effort. I was just creating a file in
"libvirt-jenkins-ci" repo called "images/ubuntu-18.04.docker"
that contains
FROM ubuntu:18.04
RUN apt-get update
ENV PACKAGES \
::PACKAGE-LIST:: \
RUN apt-get -y install $PACKAGES
Pretty much exactly how I've created the images you can find on
Docker Hub, except for
RUN mkdir /build
WORKDIR /build
this bit, which AFAICT is entirely unnecessary.
::PACKAGE-LIST:: can be built by reading the
guests/vars/projects/libvirt.yml file, and then
expanding it based on guest/vars/mappings.yml
I hadn't written code for that bit, but it just
needs a short python script to read the two
yaml files and map the data sets.
Yeah, same here: I just extracted the package list from the output
of a 'lcitool update' run this time around, but I was planning on
writing a tool to do that for me just like you mention.
The one thing I haven't quite figured out yet is where to store
the resulting Dockerfiles. If we committed them to some repository
we could take advantage of Docker Hub's autobuild support, which
would be pretty neat; on the other hand, being generated content,
they have no business being committed, plus it would be tricky to
ensure the generated files are always in sync with the source
mappings without introducing a bunch of scaffoling to the
libvirt-jenkins-ci repository.
Similarly, once we have a tool that can process the mappings and
spit out a flat list of packages, it would make sense to drop the
Ansible code that we already have for that, and load generated
files instead, but that would have the same drawbacks as above.
So right now I'm leaning towards leaving the Ansible part alone
and using the new tool once a month or so to manually generate
fresh images and upload them to Docker Hub, but I'd like to hear
what you think about the issue.
I was only going to do packages forthe libvirt.yml,
but we can expand to cover the other modules too
quite easily, as its just taking the union of all
the project files.
I don't think we can/want to do that.
The way build dependencies for projects are set up right now, we
expect to build eg. libvirt-glib against our own copy of libvirt
rather than the distro-provided one, so libvirt is *not* included
among the packages required by the libvirt-glib project.
So if we included build dependencies for all projects in the Docker
images, that would make them way bigger and you would still be
unable to build libvirt-glib or whatever on top of them. Perhaps we
can find some way out of this later, but I'd rather move one step
at the time instead of trying to solve all the things in one fell
swoop :)
Other distros are just the same but change the
name of the pkg manager command.
Yup.
[...]
> env:
[...]
> + - IMAGE="ubuntu-18"
> script:
> - docker run
[...]
> + "libvirt/build:$IMAGE"
This is a pretty alien approach to take for docker images.
This defines an image called 'libvirt/build' and then uses a
tag to identify different distros. The normal practice is
for tags to identify different versions of the same distro.
Using tags for completely different distros, fedora vs ubuntu,
on the same image name is not something I'd expect.
ie rather than
Name: libvirt/build
Tag: ubuntu-18.04
we should have
Name: libvirt/ubuntu
Tag: 18.04
I don't mind having several images and using the tag only for the
version number, if that's something that will make the result look
less alien to Docker users; however, I think we should keep the
names consistent with what we use on our CentOS CI, so it would be
ubuntu:18 instead of ubuntu:18.04.
Though perhaps make clear it is for CI, so
Name: libvirt/ci-ubuntu
Tag: 18.04
Just like for the guests you can create and manage with lcitool,
while these images will be primarily used for Travis CI they
should be usable for developers as well, which is why I picked the
name "build" instead of "ci" or "travis-ci" in the first
place.
At the same time, I didn't use just the distribution name because
I didn't want to give the impression that by pulling them you
would get an OS with libvirt already installed.
I'm thinking something libvirt/build-on-ubuntu:18 would do, but
perhaps other people can come up with something better.
Annoyingly you can't use '/' in an image name to create
a
multilevel namespace, so we have to include 'ci' to either
the image name or organization name.
We already have gotten hold of the libvirt organization name, and
we should definitely maintain control of it to avoid squatting.
--
Andrea Bolognani / Red Hat / Virtualization