docker-node icon indicating copy to clipboard operation
docker-node copied to clipboard

Published 20 hours ago verified publisher icon nodejs

Avoid upgrading base OS image during the life of a major version of Node.js

Open targos opened this issue 2 years ago • 3 comments

Problem

The update of the base OS image used for node:18 from Debian 11 to 12 has caused issues for various people:

  • https://github.com/nodejs/node/issues/43064#issuecomment-1591237820 (last comments)
  • https://github.com/nodejs/docker-node/issues/1916
  • https://github.com/nodejs/build/issues/3382

Solution

Keep the same base OS image during the entire life of any major version of Node.js and only upgrade it for future major versions.

Alternatives to Consider

Teach the community to specify the name of the base OS in their Dockerfiles, but I'm afraid it's too late for that. I don't remember seeing any documentation that recommends to do it.

targos avatar Jun 14 '23 14:06 targos

Same issue, use FROM node:18-bullseye AS base fix it. I will put the logs here for others to search.

[22:34:35] #10 [deps 1/3] RUN corepack enable && corepack prepare "[email protected]" --activate
[22:34:35] #10 sha256:xxxxx
[22:34:35] #10 0.085 node[7]: ../src/node_platform.cc:68:std::unique_ptr<long unsigned int> node::WorkerThreadsTaskRunner::DelayedTaskScheduler::Start(): Assertion `(0) == (uv_thread_create(t.get(), start_thread, this))' failed.
[22:34:35] #10 0.086  1: 0xb7a940 node::Abort() [node]
[22:34:35] #10 0.086  2: 0xb7a9be  [node]
[22:34:35] #10 0.087  3: 0xbe98be  [node]
[22:34:35] #10 0.087  4: 0xbe99a1 node::NodePlatform::NodePlatform(int, v8::TracingController*, v8::PageAllocator*) [node]
[22:34:35] #10 0.088  5: 0xb38f5b node::InitializeOncePerProcess(std::vector<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >, std::allocator<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > > > const&, node::ProcessFlags::Flags) [node]
[22:34:35] #10 0.088  6: 0xb395ab node::Start(int, char**) [node]
[22:34:35] #10 0.088  7: 0x7fcea1ef918a  [/lib/x86_64-linux-gnu/libc.so.6]
[22:34:35] #10 0.088  8: 0x7fcea1ef9245 __libc_start_main [/lib/x86_64-linux-gnu/libc.so.6]
[22:34:35] #10 0.089  9: 0xabbdee _start [node]
[22:34:35] #10 0.093 Aborted (core dumped)
[22:34:35] #10 ERROR: executor failed running [/bin/sh -c corepack enable && corepack prepare "[email protected]" --activate]: exit code: 134
[22:34:35] ------
[22:34:35]  > [deps 1/3] RUN corepack enable && corepack prepare "[email protected]" --activate:
[22:34:35] ------
[22:34:35] Dockerfile:5
[22:34:35] --------------------
[22:34:35]    3 |     
[22:34:35]    4 |     FROM base AS deps
[22:34:35]    5 | >>> RUN corepack enable && corepack prepare "[email protected]" --activate
[22:34:35]    6 |     COPY pnpm-lock.yaml ./
[22:34:35]    7 |     RUN pnpm fetch

felix98765 avatar Jun 14 '23 14:06 felix98765

I don't think it's practical to pin the version because the OS and Node version don't line up. There is an inherent risk to using shortcut tags and it's a balancing act between stability and security.

For example, we had pinned to a major node version and specific OS version which meant we weren't getting security updates until we bumped to the new OS version.

LaurentGoderre avatar Jun 14 '23 15:06 LaurentGoderre

I think this causes an unnecessary problem. In the docker node v20.3 image, we have broken a large number of users (e.g. Ubuntu LTS users). From a user's perspective, this kind of breakage is unexpected in what looks like a server minor update.

ronag avatar Jun 21 '23 15:06 ronag