Skip to content
This repository has been archived by the owner on Nov 15, 2023. It is now read-only.

Improve docker image size with a 2 stages image #463

Merged
merged 6 commits into from
Aug 3, 2018
Merged

Improve docker image size with a 2 stages image #463

merged 6 commits into from
Aug 3, 2018

Conversation

chevdor
Copy link
Contributor

@chevdor chevdor commented Jul 31, 2018
edited
Loading

This improves both build time and size of the docker image.
It also moves all the scripts under a scripts folder.

In order to optimize the build time, I split the build.sh script into a production build and a -demo one. This is however no longer used at all by the docker image building.

@pepyakin please let me know whether you find the split interesting to keep, otherwise, I will revert that part. I made sure the demos are still part of the CI.

@chevdor chevdor mentioned this pull request Jul 31, 2018
Closed
@chevdor chevdor mentioned this pull request Aug 1, 2018
Closed
@chevdor
Copy link
Contributor Author

chevdor commented Aug 2, 2018
edited
Loading

Short update on the progress here:

As it turns out, using the rust base image it not a good strategy as it results in a binary that misses libssl when using slim images.

  • Test using phusion/baseimage:0.10.1 for the 2 stages => 274 MB
  • Test using phusion/baseimage:0.10.1 for the build and the smaller ubuntu:18.10 as second stage => 103MB but libssl failure.
  • Test using phusion/baseimage:0.10.1 for the build and alpine:latest for the runtime.

The latest is much much smaller and has no known vulnerability.

Failure with ubuntu:18.10 is:

polkadot: error while loading shared libraries: libssl.so.1.0.0: cannot open shared object file: No such file or directory

@chevdor
Copy link
Contributor Author

chevdor commented Aug 2, 2018
edited
Loading

The libssl issue is solvable with the following in the second stage when using ubuntu:18.10:

apt-get update
apt-get install -y  libssl1.0.0 libssl-dev
# cd /lib/x86_64-linux-gnu
# ln -s libssl.so.1.0.0 libssl.so.10
# ln -s libcrypto.so.1.0.0 libcrypto.so.10

it results in a running polkadot but failing to connect to telemetry.

@chevdor chevdor added the A3-in_progress Pull request is in progress. No review needed at this stage. label Aug 2, 2018
@chevdor
Copy link
Contributor Author

chevdor commented Aug 2, 2018

After lots of testing here is the conclusion (I will also fix this PR). The best I got was:

  • a running polkadot with telemetry broken in 74MB compressed
  • a running polkadot with telemetry functionnal in 88MB compressed (version below).
dockerfile ``` FROM phusion/baseimage:0.10.1 as builder LABEL maintainer "[email protected]" LABEL description="This is the build stage for Polkadot. Here we create the binary."

ARG PROFILE=release
WORKDIR /polkadot

COPY . /polkadot

RUN apt-get update &&
apt-get upgrade -y &&
apt-get install -y cmake pkg-config libssl-dev git

RUN curl https://sh.rustup.rs -sSf | sh -s -- -y &&
export PATH=$PATH:$HOME/.cargo/bin &&
# rustup update nightly &&
# rustup target add wasm32-unknown-unknown --toolchain nightly &&
# rustup update stable &&
# cargo install --git https://github.com/alexcrichton/wasm-gc &&
cargo build --$PROFILE

===== SECOND STAGE ======

FROM phusion/baseimage:0.10.0
LABEL maintainer "[email protected]"
LABEL description="This is the 2nd stage: a very small image where we copy the Polkadot binary."
ARG PROFILE=release
COPY --from=builder /polkadot/target/$PROFILE/polkadot /usr/local/bin

RUN mv /usr/share/ca* /tmp &&
rm -rf /usr/share/* &&
mv /tmp/ca-certificates /usr/share/ &&
rm -rf /usr/lib/python* &&
mkdir -p /root/.local/share/Polkadot &&
ln -s /root/.local/share/Polkadot /data

RUN rm -rf /usr/bin /usr/sbin

EXPOSE 30333 9933 9944
VOLUME ["/data"]

CMD ["/usr/local/bin/polkadot"]


</details>

@chevdor chevdor force-pushed the will-docker-stages branch from 96160d3 to 5721984 Compare August 3, 2018 13:27
@chevdor chevdor changed the title WIP: Improve docker image size with a 2 stages image Improve docker image size with a 2 stages image Aug 3, 2018
@chevdor chevdor added A0-please_review Pull request needs code review. and removed A3-in_progress Pull request is in progress. No review needed at this stage. labels Aug 3, 2018
@gavofyork gavofyork added A8-looksgood and removed A0-please_review Pull request needs code review. labels Aug 3, 2018
@gavofyork gavofyork merged commit db46682 into paritytech:master Aug 3, 2018
adrianbrink
adrianbrink reviewed Aug 3, 2018
View reviewed changes
Dockerfile
ARG PROFILE=release
COPY --from=builder /polkadot/target/$PROFILE/polkadot /usr/local/bin

RUN mv /usr/share/ca* /tmp && \
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think this can be changed to mv /usr/share/ca-certificates /tmp, since you only move back ca-certificates 2 lines below.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

yes indeed, same effect, I have been lazy on that one :)

dvdplm added a commit that referenced this pull request Aug 5, 2018
@dvdplm
Merge branch 'master' into refactor/substrate-state-machine-generic
08f25d3 
* master:
  --version commit hash - style improvement (#496)
  Send initial values with subscription. (#493)
  Improve docker image size with a 2 stages image (#463)
dvdplm pushed a commit that referenced this pull request Sep 4, 2018
@chevdor @dvdplm
Improve docker image size with a 2 stages image (#463)
f476df6 
* Improve docker image size with a 2 stages image

* Minor doc updates

* Fix and reduce size of the docker image

* Fix paths in scripts
gavofyork pushed a commit that referenced this pull request Sep 4, 2018
@dvdplm @gavofyork
Use parity-ethereum rev 02c54d42398f to fix build (#655)
b6d7182 
* Use parity-ethereum rev 02c54d42398f to fix build

* More lockfiles and new build artifacts

* Update .gitlab-ci.yml (#633)

it is necessary to test.
You will probably have to create a cron-job for the nightly assembly of the master branch

* Do not attempt to rustup if in CI. This is taken care of by the base (#621)

image.

* Improve docker image size with a 2 stages image (#463)

* Improve docker image size with a 2 stages image

* Minor doc updates

* Fix and reduce size of the docker image

* Fix paths in scripts

* cargo --force to allow CI to build. (#599)
liuchengxu added a commit to chainx-org/substrate that referenced this pull request Aug 23, 2021
@liuchengxu
Add malan runtime (paritytech#463)
64ad88a 
* ChainX TC0

* Update btc testnet header

* Use Testnet in xpallet-system

* Add ptc0 chain

* Bump spec version to 7

* Fast governance processure

* Add malan runtime

* Add malan.json

* Rename chainx-dev-runtime to dev-runtime

* Use dns in bootnode

* Fix clippy under runtime-benchmarks feature

* Update error message for invalid chain option

* Add two more malan bootnodes

* Rebuild malan genesis config

* Update btc genesis

* Use new manlan config

* Update malan.json

* Use new malan.json

* Rebuild malan runtime

Since we currently has only one executor(`chainx`), we must use
spec_name = "chainx" in the runtime code.

* Update malan.json

* Use malan.json

* Clean up unused code

* Revert chainx.json changes
liuchengxu pushed a commit to autonomys/substrate that referenced this pull request Jun 3, 2022
@nazar-pc
Merge pull request paritytech#463 from subspace/bump-runtime-version
09115cb 
Bump runtime version
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@adrianbrink adrianbrink adrianbrink left review comments

@gavofyork gavofyork gavofyork approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@chevdor @gavofyork @adrianbrink