Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Create UBI minimal base image #587

Merged
merged 50 commits into from
May 30, 2024
Merged

Create UBI minimal base image #587

merged 50 commits into from
May 30, 2024

Conversation

grooverdan
Copy link
Member

There was a requirement for a UBI base image.

Entrypoint and healthcheck.sh are the same as the previous ubuntu image.

grooverdan and others added 30 commits May 20, 2024 13:55
Need to resolve pmem dependencies in Dockerfile and complete the
container build.

update.sh mostly done.

generate-stackbrew not done.
This is a minor API change when using UBI based container images.
Have same host-cache-size and skip-name-resolve settings as Ubuntu base images.

Also use a socket location that is outside of the datadir which was the default for RPM distos and not Deb distros.
curl was in ubi9 base image and wget wasn't so use that. We use --location to follow the github redirect.

Copy the verification step of gosu from Ubuntu base image.

Best practices - consolidate common things so layers common to multiple images
can occur.

For compatibility with previous image install:
* jemalloc (epel)
* pwgen (epel) - secure passwords

Liburing from AlmaLinux (messy - requested UBI inclusion https://issues.redhat.com/browse/RHEL-36705)
This facilitates and upgrade from mysql container where that is the uid used.
key for EPEL rpm to verify added.

ARG/ENV for MARIADB_VERSION required for upgrade MARIADB_AUTO_UPGRADE.

Remove pmem deps as they are now gone from RHEL9 releases.

Trim down dependency list.

Unfortunately boost-program-options still needed by galera even though only used for garb.

procps-ng added for ps dependency in galera sst scripts.

Add galera library symlink so will work with same configuration as Ubuntu base.

Add healthcheck.sh script, same as others.

Use mariadbd as command as we don't need to backwards compat anything.
Added thanks to Red Hat - RHEL-38361
Precreate /var/lib/mysql/mysql as this is what support-files/rpm/server-postin.sh
in the server uses to determine if MariaDB is installed or not. Fake it,
its the entrypoint's responsibility to create datadirectories.

Also remove /var/run/mysql handling, its part of packaging.
grooverdan and others added 4 commits May 24, 2024 17:49
/run/mariadb should be able to be written by any user in
an unpriv mode, but that socket written there shouldn't be
deletable by anyone, so sticky bit restricts this to the creating
user.

Align comments around galera and clarify that its the deb/rpm
packaging differences that result in different locations.
Copy link
Contributor

@tianon tianon left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

A few notes, as requested 😇 ❤️

10.11-ubi/Dockerfile Outdated Show resolved Hide resolved
10.11-ubi/Dockerfile Outdated Show resolved Hide resolved
10.11-ubi/Dockerfile Outdated Show resolved Hide resolved
10.11-ubi/Dockerfile Outdated Show resolved Hide resolved
10.11-ubi/Dockerfile Outdated Show resolved Hide resolved
10.11-ubi/Dockerfile Outdated Show resolved Hide resolved
10.11-ubi/Dockerfile Outdated Show resolved Hide resolved
10.11-ubi/Dockerfile Outdated Show resolved Hide resolved
grooverdan and others added 16 commits May 29, 2024 11:25
Also link to gosu license, by name at least.

Test name: HasLicenses from Red Hat OpenShift Software Certification Policy Guide
This looks a bit outdates compared to the OCI standard, but its
still part of OpenShift certification.

The release gets populated with the Docker Official Images build.
For the moment hard code it, but using docker manifest inspect is almost
there if something more automated is required.
ignore to top of file as its frequently edited near release
All changes needed to make a set of tags for ubi
@grooverdan grooverdan merged commit 2ddebc0 into next May 30, 2024
8 of 10 checks passed
@grooverdan grooverdan deleted the ubiminimal branch May 30, 2024 06:32
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Development

Successfully merging this pull request may close these issues.

3 participants