Per discussion at {T267891#7049504} and because bullseye will be released soon, so it would be good to test it!
Description
Description
Details
Details
Customize query in gerrit
| Status | Subtype | Assigned | Task | ||
|---|---|---|---|---|---|
| Resolved | taavi | T264713 Add Python 3.8/3.9 to Toolforge Kubernetes/Job Grid | |||
| Resolved | taavi | T266210 Add PHP 7.4 for Kubernetes | |||
| Resolved | taavi | T243159 Request to enable node version 12.14.1 in toolforge to deploy VideoCutTool | |||
| Resolved | taavi | T284590 Build Bullseye based Toolforge images | |||
| Resolved | Joe | T281596 Publish wikimedia-bullseye base docker image |
Event Timeline
Comment Actions
Change 683978 had a related patch set uploaded (by Legoktm; author: Legoktm):
[operations/puppet@production] docker: Build bullseye base image
Comment Actions
Change 683978 merged by Legoktm:
[operations/puppet@production] docker: Build bullseye base image
Comment Actions
root@deneb:/home/legoktm# DISTRIBUTIONS="bullseye" build-base-images
Traceback (most recent call last):
File "/usr/bin/bootstrap-vz", line 11, in <module>
load_entry_point('bootstrap-vz==0.9.11', 'console_scripts', 'bootstrap-vz')()
File "/usr/share/bootstrap-vz/bootstrapvz/base/main.py", line 23, in main
manifest = Manifest(path=opts['MANIFEST'])
File "/usr/share/bootstrap-vz/bootstrapvz/base/manifest.py", line 33, in __init__
self.load_data(data)
File "/usr/share/bootstrap-vz/bootstrapvz/base/manifest.py", line 51, in load_data
validate_manifest(self.data, self.schema_validator, self.validation_error)
File "/usr/share/bootstrap-vz/bootstrapvz/base/__init__.py", line 19, in validate_manifest
release = get_release(data['system']['release'])
File "/usr/share/bootstrap-vz/bootstrapvz/common/releases.py", line 64, in get_release
raise UnknownReleaseException('The release `{name}\' is unknown'.format(name=release))
bootstrapvz.common.releases.UnknownReleaseException: The release `None' is unknownbootstrap-vz is archived upstream, and removed from Debian as well. The version we have installed thinks that buster is still testing. We can probably patch it easily, but we will need to switch to something else when migrating deneb to bullseye.
Comment Actions
If possible it would be great if we could get a base bullseye image somehow, even if not auto-updated right from the start and otherwise created.
We have already a couple of hosts on bullseye and I need to add a python-build bullseye image to the registry to build the wheels of a Python application included in the role of one of the hosts, that of course requires a base bullseye image.
FYI Moritz has opened T281984 for the long term solution.
Comment Actions
The thing that seems to make the most sense is to build our base images with a slightly more stratified procedure:
- build a very base image from scratch and extracting the artifact we can generate with debuerreotype. This is also how official debian images are created.
- add anything we need that's wikimedia-specific in a further layer (so repo configs, gpg keys, additional packages)
Comment Actions
Change 689716 had a related patch set uploaded (by Volans; author: Volans):
[operations/software/homer/deploy@master] Build artifacts for Debian bullseye
Comment Actions
Change 689716 merged by Volans:
[operations/software/homer/deploy@master] Build artifacts for Debian bullseye
Comment Actions
A possible procedure we can use is the following:
- Automate building base images using debeurrotype and docker daily. These images will be bare minimum debian-slim images similar in all respects to what is on dockerhub.
- Make wikimedia-$distro part of production-images, and add the few things we need to add to the base image there.
I'll write a patch shortly.
Comment Actions
For the record, I considered using the "official" dockerhub debian images as a base, but:
- It's not an official debian effort (for now)
- The build process includes downloading artifacts from a jenkins installation, see https://github.com/debuerreotype/docker-debian-artifacts/blob/master/download.sh#L7
- There are ~ monthly builds for amd64 there https://doi-janky.infosiftr.net/job/tianon/job/debuerreotype/job/amd64/ but we can't have any guarantee of swift updates when a security vulnerability happens
so @MoritzMuehlenhoff and I think the best course of action for now is to build the base images from debuerreotype ourselves.
Comment Actions
Change 693175 had a related patch set uploaded (by Giuseppe Lavagetto; author: Giuseppe Lavagetto):
[operations/puppet@production] docker::baseimages: add script to build debian-slim
Comment Actions
Change 693175 merged by Giuseppe Lavagetto:
[operations/puppet@production] docker::baseimages: add script to build debian-slim
Comment Actions
Change 693865 had a related patch set uploaded (by Giuseppe Lavagetto; author: Giuseppe Lavagetto):
[operations/puppet@production] docker::baseimages: improvements to build-bare-slim
Comment Actions
Change 693865 merged by Giuseppe Lavagetto:
[operations/puppet@production] docker::baseimages: improvements to build-bare-slim
Comment Actions
Change 693918 had a related patch set uploaded (by Giuseppe Lavagetto; author: Giuseppe Lavagetto):
[operations/puppet@production] docker::baseimages: remove bootstrap-vz, build bullseye
Comment Actions
Change 693918 merged by Giuseppe Lavagetto:
[operations/puppet@production] docker::baseimages: remove bootstrap-vz, build bullseye