iris icon indicating copy to clipboard operation
iris copied to clipboard

Published 20 hours ago verified publisher icon linkedin

Status of Container Images

Open roock opened this issue 2 years ago • 1 comments

I'd like to raise a few questions around the current container images of Iris:

  • Currently there are two Dockerfiles, one in the root directory and one in the ops/Docker directory. The second one isn't maintained anymore and should be removed, or?
    • Bonus Questions: The ops/packer, ops/terraform and ops/charts are also outdated and don't seem to be maintained. Should those go away, too? (I might be looking into proving an updated helm charts with version 2 in the next weeks).
  • Is there any plan to provide pre-build container images? There seems to be an "official" registry (https://quay.io/repository/iris/iris), but the images are 3 years old. If there's no plan I will start building "unofficial" images.
  • I'm currently trying to improve the container image by running the image "rootless" (https://github.com/linkedin/iris/commit/c4123e450cef36a4c5271e4f2550d55f5f73d434), which would mean that iris user has only limited write access to the container image. I'm having trouble finding a good solution for the sender rpc log file. any hints/comments here? I'm currently patching the config file to update, but this doesn't seem to be the best way to handle this.
  • Was there a specific reason for the initializedfile? It doesn't seem to provide any real benefit to me in a container environment.
    • in production setups, database will get initialized once either manually from outside a container or by starting a container with DOCKER_DB_BOOTSTRAP
    • In development setups, containers will be rebuild quite often and reinitialize will happen anyway as the initializedfile isn't existing.

Thanks and keep up the great work!

roock avatar Apr 19 '22 16:04 roock

Hi @roock, the overarching answer to all these questions is that we don't run Iris with containers internally which when combined with the laundry list of other products and projects our team is working on has meant that we have not been able to give the necessary extra attention to keep the Docker builds updated with new releases. While we're probably not going to be able to put more dedicated resources on this for the time being I'm more than happy to empower external users to contribute and help keep the Iris containerized builds updated as well as add any cool new features they might need. Big shout out to you and @bilbof for all you contributions lately btw.

diegocepedaw avatar Apr 20 '22 13:04 diegocepedaw