dockerspawner icon indicating copy to clipboard operation
dockerspawner copied to clipboard

Published 20 hours ago verified publisher icon jupyterhub

docker-py currently unmaintained, consider a replacement

Open rpwagner opened this issue 3 years ago • 3 comments

I found this while looking into how DockerSpawner calls docker as inspiration for a similar spawner for Apptainer. It's a significant enough potential issue that I wanted to raise it.

Proposed change

There is a current PR in the docker-py repo to list the package as unmaintained.

Alternative options

One of the commenters on the PR has an alternative package that calls the Docker CLI. This may be replacement for docker-py.

Who would use this feature?

This would impact all DockerSpawner users.

(Optional): Suggest a solution

  • Review the development activity around docker-py. There are some recent contributions, but the number of issues and PRs are significant.
  • Decide on whether on not to find alternative to docker-py. Python-on-Whales may be better than maintaining a separate wrapper to the Docker CLI or API. It may or may not be a drop-in replacement.
  • Determine the amount of code and documentation changes, along with any new dependency issues.
  • Plan on a target release, code, test, etc.

rpwagner avatar Jul 20 '22 19:07 rpwagner

Thank you for opening your first issue in this project! Engagement like this is essential for open source projects! :hugs:
If you haven't done so already, check out Jupyter's Code of Conduct. Also, please try to follow the issue template as it helps other other community members to contribute more effectively. welcome You can meet the other Jovyans by joining our Discourse forum. There is also an intro thread there where you can stop by and say Hi! :wave:
Welcome to the Jupyter community! :tada:

welcome[bot] avatar Jul 20 '22 19:07 welcome[bot]

Switching to the docker CLI would also mean the podman CLI should mostly just work :smiley:

https://gabrieldemarmiesse.github.io/python-on-whales/#main-features claims

1 to 1 mapping between the CLI interface and the Python API.

There's a couple of Podman CLI spawners intended to get the benefits of daemon-less root-less containers.

  • https://github.com/gatoniel/podmanspawner
  • https://github.com/manics/podmanclispawner I've also written a Podman CLI backend for repo2docker:
  • https://github.com/manics/repo2podman

So I don't think switching to a CLI wrapper (either our own or python-on-whales) is too difficult. It's a question of is it worth it and if so, how soon is it needed? It's obviously best not to use an unmaintained package, but there's only one CVE for docker-py from 2014.

manics avatar Jul 20 '22 21:07 manics

I don't feel moving away from docker-py is urgent, unless something changes, like:

  • A critical CVE in docker-py that can't be mitigated by a change to DockerSpawner
  • Incompatibility with a newer version of Docker, Python, or a docker-py dependency

However, it does seem like an issue to have on the radar so that it's not a surprise if docker-py can't be used, or if there's an opportunity to make a change with other benefits. And I am too unfamiliar with Docker to say whether a CLI wrapper library would be the better solution, I was just glad to have something to list under alternative options.

rpwagner avatar Jul 20 '22 22:07 rpwagner