Page MenuHomePhabricator
Create Task
Maniphest T336881

Upgrade Thumbor to bullseye
Open, Needs TriagePublic
Actions

Description

Things to look for

  • Python going from 3.7.3 to 3.9.2. Python dependencies aren't a major concern here now that we are using requirements.txt and not relying on system packages.
  • librsvg2 going to 2.50.3 (T265549)
  • Similar changes in imagemagick and other binaries that we shell out to
  • ~Changes required in tools like 3d2png~
  • Potential HAProxy improvements we could make use of (particularly around metric granularity, maybe?)

Known blockers

  • xcftools has been removed from bullseye and the upstream is dead. We need to make a decision about whether to shift our support for this format somehow. We currently receive a very very small number of requests for this format, but we would be breaking support for something we have historically supported. @AntiCompositeNumber has already done the work to move us towards using ImageMagick's support here
  • 3d2png's dependencies are very very old. They will need breaking version bumps for canvas at best, also at some point require updates to the three library. A Good Enough implementation of the canvas fixes is here.
  • The newly patched imagemagick dependencies will produce different images for successful tests - we need to resolve T334863 before moving forward as we won't be forward porting packages as a partial hack

Details

ProjectBranchLines +/-Subject
operations/software/thumbor-pluginsmaster+26 -16wip: upgrade container and dependencies for bullseye
3d2pngmaster+10 -9update dependencies for use with bullseye
Customize query in gerrit

Related Objects
Search...

Event Timeline

hnowlan created this task.May 17 2023, 3:59 PM
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptMay 17 2023, 3:59 PM
Ladsgroup mentioned this in T193352: Update librsvg to ≥2.42.3 (2.44.10).May 17 2023, 4:02 PM
Ladsgroup added a subscriber: Ladsgroup.
Volker_E added a subscriber: Volker_E.May 17 2023, 4:22 PM
hnowlan updated the task description. (Show Details)May 17 2023, 4:24 PM
hnowlan updated the task description. (Show Details)May 17 2023, 4:30 PM
Jdforrester-WMF added a subscriber: Jdforrester-WMF.May 17 2023, 4:54 PM
AntiCompositeNumber added a subtask: T260285: Use ImageMagick for XCF rendering instead of xcftools.May 17 2023, 5:41 PM
AntiCompositeNumber added a subscriber: AntiCompositeNumber.

re xcftools: see https://gerrit.wikimedia.org/r/c/operations/software/thumbor-plugins/+/619864, T260285: Use ImageMagick for XCF rendering instead of xcftools. That patch will probably need a few revisions because of the Thumbor changes in the last two years.

gerritbot added a comment.May 17 2023, 5:48 PM

Change 920759 had a related patch set uploaded (by Hnowlan; author: Hnowlan):

[3d2png@master] wip: update dependencies for use with bullseye

https://gerrit.wikimedia.org/r/920759

gerritbot added a project: Patch-For-Review.May 17 2023, 5:49 PM
hnowlan updated the task description. (Show Details)May 17 2023, 5:49 PM
gerritbot added a comment.May 17 2023, 5:51 PM

Change 920760 had a related patch set uploaded (by Hnowlan; author: Hnowlan):

[operations/software/thumbor-plugins@master] wip: upgrade container and dependencies for bullseye

https://gerrit.wikimedia.org/r/920760

MoritzMuehlenhoff added a subscriber: MoritzMuehlenhoff.May 17 2023, 7:12 PM
Izno added a parent task: T265549: Update librsvg to > 2.44.10.May 17 2023, 11:27 PM
Ahecht added a subscriber: Ahecht.May 18 2023, 1:05 AM
hnowlan updated the task description. (Show Details)May 18 2023, 11:14 AM
hnowlan updated the task description. (Show Details)May 18 2023, 4:34 PM
hnowlan updated the task description. (Show Details)
hnowlan added a project: Platform Team Workboards (Platform Engineering Reliability).May 25 2023, 10:13 AM
hnowlan moved this task from Backlog to Doing 🔨 on the Platform Team Workboards (Platform Engineering Reliability) board.
Clement_Goubert moved this task from Incoming 🐫 to 🛎 Services & Oids on the serviceops board.May 25 2023, 10:15 AM
Ladsgroup awarded a token.May 25 2023, 10:26 AM
AntiCompositeNumber closed subtask T260285: Use ImageMagick for XCF rendering instead of xcftools as Resolved.Jun 13 2023, 2:50 AM
Jdforrester-WMF updated the task description. (Show Details)Jun 13 2023, 11:53 AM
Tacsipacsi added a subscriber: Tacsipacsi.Jul 2 2023, 1:39 PM

In the meantime, Bookworm has been released. Shouldn’t we upgrade directly to that?

Ladsgroup added a comment.Jul 2 2023, 5:46 PM

Bookworm is not really tested enough to be released to a massive service in production, so far we only deployed it, in people.wikimedia.org backend (and a couple more small services). It's probably a good half a year before we can call safely discuss moving to bookworm.

It's also always better to do upgrades in small steps rather than large jumps to avoid a lot of moving parts.

MoritzMuehlenhoff added a comment.Jul 7 2023, 11:34 AM
In T336881#8984098, @Ladsgroup wrote:

Bookworm is not really tested enough to be released to a massive service in production, so far we only deployed it, in people.wikimedia.org backend (and a couple more small services). It's probably a good half a year before we can call safely discuss moving to bookworm.

FWIW, I'm not convinced by this :-) Personally I think it makes sense to move right away to Bookworm: This isn't some flaky Ubuntu release, but a Debian stable release which has ripened over hundreds of thousand of testing installations. There are no known major issues with Bookworm one month after the release and we've added full support for our Debian base layer since the last half year. peopleweb isn't the only service, we are also running a bastion and the entire FastNetMon infra on Bookworm (and the puppet 7 puppet masters/puppetdbs/puppetboards systems are also getting built on it).

The changes which were made so far (font adaptions and the move away from xcftools) are equally beneficial for a bookworm setup and the new stack will have several bugs fixed, that are still present in Bullseye, simply because of the former including two additional years of upstream development.

Ladsgroup added a comment.Jul 10 2023, 5:48 PM

I understand, my point is around priorities of what to upgrade first: i.e. the order of OS upgrade roll out in the production. Upgrading thumbor first thing (with some exceptions) in production can cause issues in larger scale than it needs to be. It's not necessarily with the bookworm itself but also support of the OS in production. For example, docker images, networking inside kubernetes, etc. etc.

Content licensed under Creative Commons Attribution-ShareAlike 4.0 (CC-BY-SA) unless otherwise noted; code licensed under GNU General Public License (GPL) or other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL