kube icon indicating copy to clipboard operation
kube copied to clipboard

Published 20 hours ago verified publisher icon kube-rs

Document recommended deployment environment

Open nightkr opened this issue 5 years ago • 4 comments

#331 highlights that this can be pretty confusing at the moment...

Arguably this isn't really specific to kube-rs, but at the same time it's probably something that will be relevant for 99% of kube-rs users.

nightkr avatar Oct 25 '20 18:10 nightkr

Personally, I'd lean towards crate2nix and buildLayeredImage because:

  1. It has much better caching behaviour than Dockerfiles (since it caches each Rust package individually, just like Cargo)
  2. It automatically figures out which dependencies are required at runtime, and tree-shakes the rest
  3. It can theoretically cross-build packages, but I'm not sure about whether the Rust tooling is set up for this yet

However, it does have some disadvantages...

  1. Nix doesn't have the mindshare of Dockerfiles
  2. It can take advantage of remote builders, but it's a bit messier to set up than Docker for Desktop

nightkr avatar Oct 25 '20 18:10 nightkr

cargo-wharf is good at caching too.

MikailBag avatar Oct 25 '20 19:10 MikailBag

Oh, that's interesting. The caching seems stronger than for the plain Dockerfile setup, but there doesn't seem to be much of a story for non-cargo build steps (seeing apt invoked in the instructions is a bit worrying..). I'd also be a bit wary about encouraging dependencies on non-official Docker Hub images, given their recent changes to both rate limits and retention.

nightkr avatar Oct 25 '20 20:10 nightkr

For what its work I've been using ekidd/rust-musl-builder as my builder.

Here is an example:

FROM ekidd/rust-musl-builder:stable as builder

ENV APP=my-app

RUN mkdir .cargo src

COPY Cargo.toml Cargo.toml
COPY Cargo.lock Cargo.lock

RUN echo "fn main() {println!(\"if you see this, the build broke\")}" > src/lib.rs && \
    cargo vendor > .cargo/config && \ 
    cargo build --release && \
    rm -rf src

COPY src src

RUN rm -rf target/release/**/libsrc* 
RUN cargo build --release

FROM alpine:latest

ARG APP_FOLDER=/usr/src/app
ENV APP_USER=appuser

RUN addgroup -S $APP_USER \
    && adduser -S -g $APP_USER $APP_USER

RUN apk update \
    && apk add --no-cache ca-certificates open-ssl \
    && rm -rf /var/cache/apk/*

COPY --from=builder /home/rust/src/target/x86_64-unknown-linux-musl/release/${APP} ${APP_FOLDER}/${APP}
ENV PATH="${APP_FOLDER}:${PATH}"

CMD ["${APP}"]

Replaced the hacky method with cargo chef

FROM ekidd/rust-musl-builder:stable as planner

RUN cargo install cargo-chef

COPY . .
RUN cargo chef prepare --recipe-path recipe.json

FROM ekidd/rust-musl-builder:stable as cacher

RUN cargo install cargo-chef
COPY --from=planner /home/rust/src/recipe.json recipe.json
RUN cargo chef cook --release --recipe-path recipe.json

FROM ekidd/rust-musl-builder:stable as builder

COPY . .
COPY --from=cacher /home/rust/src/target target
COPY --from=cacher /home/rust/.cargo /home/rust/.cargo

RUN cargo build --release

FROM alpine:latest

ENV APP=my-app
ARG APP_FOLDER=/usr/src/app
ENV APP_USER=appuser

RUN addgroup -S $APP_USER \
    && adduser -S -g $APP_USER $APP_USER

RUN apk update \
    && apk add --no-cache ca-certificates \
    && rm -rf /var/cache/apk/*

COPY --from=builder /home/rust/src/target/x86_64-unknown-linux-musl/release/${APP} ${APP_FOLDER}/${APP}
ENV PATH="${APP_FOLDER}:${PATH}"

CMD ${APP}

praveenperera avatar Oct 28 '20 00:10 praveenperera