POWER and Z (among others) #22
Comments
|
I have started to provide the rootfs months ago, you can see the rootfs for various architectures like these for tumbleweed at https://build.opensuse.org/project/show/Virtualization:containers:images:openSUSE-Tumbleweed |
|
I forgot to mention, the only missing part for your git based workflow are branches within this repository |
|
Oh, nice! So, I think the release files I'm looking for would be the ones under https://build.opensuse.org/package/binaries/Virtualization:containers:images:openSUSE-42.2/openSUSE-42.2-docker-image?repository=images, right? (https://build.opensuse.org/package/binaries/Virtualization:containers:images:openSUSE-Tumbleweed/openSUSE-Tumbleweed-docker-image?repository=images for Tumbleweed, etc etc) As I noted, official images don't have a way to consume these officially (yet), but I do want to wire up my temporary automation to be pulling these in for creating Is there an easy way to programatically determine the URLs I'll need to download without scraping that HTML page for the full |
|
@tianon Note that we are currently undergoing a lot of work within KIWI to make it output proper Docker images ( As for your question about programmatically figuring out the URLs, you could go and parse the necessary What would be awesome is if there was some programmatic way for us to tell you that there is an update of an openSUSE image (pull requests on GitHub aren't a very good updating system). |
|
Hi @tianon : There is always a file without the "Build" suffix which is actually a link to the latest Build, so you can use that one. You can have a job look for the date of that file and pull it when it changes. |
|
@jordimassaguerpla ahhh, thanks -- http://download.opensuse.org/repositories/Virtualization:/containers:/images:/openSUSE-Tumbleweed/images/ is a much better link for seeing the actual artifacts 😄 👍 ❤️ See https://hub.docker.com/r/armhf/opensuse/, https://hub.docker.com/r/aarch64/opensuse/, and https://hub.docker.com/r/ppc64le/opensuse/. 👍 ( @cyphar yeah, I agree that for base images, the PR method doesn't really work as well as for images that don't contain a rootfs, but we haven't figured out something better yet (and the update cadence can't be too high or the automated builds folks get overwhelmed with rebuilds) 😞 |
|
Huge thanks @tianon for pushing those ppc64le images to dockerhub! 🌷 @tboerger It looks like maybe the repos in the images need to be tweaked. I'm unable to install curl, for example. Edit: This is an issue with tumbleweed and 42.1 (the only two I've tried). |
|
@clnperez Thomas probably isn't the best person to ping about issues with images, given that he's moved on from working for SUSE (he's at OwnCloud now). While he's still technically a maintainer, we have a containers team at SUSE which works on this stuff as our full-time jobs. To answer your question, the package situation for |
I think he just asked me because I directly responded to that :P |
|
@cyphar Here ya go: It sounds like we need to just add something like http://download.opensuse.org/ports/ppc/distribution/13.2/repo/oss/suse/ppc64le/, but could you point me to the right place for 42.1? I'm more familiar with SLES than OpenSuSE so I don't know how the releases are setup. |
|
@cyphar I found this: http://download.opensuse.org/ports/ppc/distribution/leap/42.1/repo/oss/ |
|
I was going to ask if you would do something like |
|
Just a quick note, people from IBM approached me and I manually pushed an openSUSE tumbleweed image here. The image was built with a simple Dockerfile like this one: The repositories bundled inside of it are working fine, it looks like @jordimassaguerpla and @davidcassany fixed that in the meantime. Once we are done with an internal milestone we should invest time into using umoci to build native docker base images. This will allow us to push the image from our current x86_64 infrastructure. |
|
@cyphar I tried the command you pasted to see if it would be helpful, and before I could get to it, I first tried installing curl (to exactly recreate). There were new repo issues with checksums on tumbleweed (not with 42.1) on ppc64le: But in the end that command didn't add the right repo: Let me know if you want me to try anything else. |
|
Would be nice to have mongodb image on hub.docker.com/u/ppc64le |
|
Thanks for the feedback @CrimsonGlory |
|
We're finally officializing a lot of the multiarch work we've been doing, and as such we think we've finally got some decent examples that are worth looking at for how openSUSE might be enabled for multiarch 🙂 We also have a multiarch section in the official-images README.md. docker-library/official-images#3024 ( We are happy to help with any of this! 🎉 |
|
This is great, we are definitely going to join the party :) |
|
A PR for fixing the repos in tumbleweed: Regarding the official multiarch section, I understand we could have different directories or branches in our github repo for the different archs, right? Since openSUSE is a "From scratch" image. |
|
Yeah, different branches or different directories are fine -- whatever works best for your flow! |
|
For Debian, Ubuntu, and BusyBox, I went with different branches since it made it easier to work with, but directories are fine too! (as seen in the example I made in https://github.com/tianon/docker-brew-alpine-multiarch for how Alpine could work) |
|
Anything we can do to help here? 😄 (just a friendly prod 👍 ❤️) |
|
@davidcassany is currently working in converting our internal build pipeline to use a new native docker build feature he added to KIWI. Adding the new architectures will follow along. |
|
Hello @flavio and @davidcassany , we just realized that https://download.opensuse.org/ports/zsystems/ contains tumbleweed packages, but no repository for 42.2 packages on s390x. Is that just a glitch and a matter of activating, or do you expect it will not happen until the next release? |
Last time we checked OBS had s390x repositories only for Tumbleweed. I don't know if the situation changed in the meantime, we will double check while working on this issue. |
|
@tianon, as @flavio said I am working on updating the pipeline we have to produce our Docker images; also, as @cyphar mentioned here months ago, our current workflow is changing to better integrate the Open Build Service and KIWI (using umoci and skopeo) to produce native Docker images (native in the sense that the resulting tarball is ready to be loaded |
|
See docker-library/official-images#527 for an older (still relevant) discussion of some issues with us doing that. We'd also love to support Git-LFS, but as discussed in https://github.com/docker-library/official-images/issues/1095, it didn't support I have been considering allowing for a rootfs to be hosted outside Git and simply including in the Up until now, I've been extracting the rootfs from the released tarballs (https://github.com/docker-library/oi-janky-groovy/blob/6e1191f17080ca600e59a1cdbfd8a0b289e4f8a1/multiarch/target-opensuse-pipeline.groovy#L74-L99) to get preview images up, which is where the current |
|
@tianon thanks the response and the references, I read the thread you suggested (docker-library/official-images#527) and I understand there are some reasons to prevent the suggested there strategy. I was wondering if what I have done here and here is more in line of what you would expect. I realize this is quite similar of what is suggest in the mentioned thread, but I believe this still could be a valid option if some constraints are included in the tests you perform, for instance our images do no include a multilayered rootfs, so IMHO there is no need for any further special analysis of what you are already doing. What you think? |
|
I mean, Multi-stage builds are something we've talked about using to help with this issue, although we aren't using a new enough version of Docker on the official build servers yet to implement them fully. Here's an all-out example of what that approach might look like with Ubuntu's official rootfs tarballs (https://partner-images.canonical.com/core/): FROM debian:stretch-slim AS fetch
RUN set -ex; \
apt-get update; \
apt-get install -y --no-install-recommends \
ca-certificates \
gnupg2 dirmngr \
wget \
; \
rm -rf /var/lib/apt/lists/*
ENV UBUNTU_FINGERPRINT D2EB44626FDDC30B513D5BB71A5D6C4C7DB87C81
RUN gpg --keyserver ha.pool.sks-keyservers.net --recv-keys "$UBUNTU_FINGERPRINT"
ENV UBUNTU_SUITE xenial
ENV UBUNTU_SERIAL 20170802
RUN set -eux; \
\
wget "https://partner-images.canonical.com/core/${UBUNTU_SUITE}/${UBUNTU_SERIAL}/SHA256SUMS"; \
wget "https://partner-images.canonical.com/core/${UBUNTU_SUITE}/${UBUNTU_SERIAL}/SHA256SUMS.gpg"; \
gpg --batch --verify SHA256SUMS.gpg SHA256SUMS; \
\
arch="$(dpkg --print-architecture)"; \
tarball="ubuntu-${UBUNTU_SUITE}-core-cloudimg-${arch}-root.tar.gz"; \
wget -O "$tarball" "https://partner-images.canonical.com/core/${UBUNTU_SUITE}/${UBUNTU_SERIAL}/$tarball"; \
grep -q " *$tarball\$" SHA256SUMS; \
grep " *$tarball\$" SHA256SUMS | sha256sum -c -; \
\
mkdir /rootfs; \
tar -xf "$tarball" -C /rootfs
# TODO add /usr/sbin/policy-rc.d
# TODO add /sbin/initctl
# TODO add /etc/dpkg/dpkg.cfg.d/...
# TODO add /etc/apt/apt.conf.d/...
# TODO purge /var/lib/apt/lists/*
# TODO update sources.list
# TODO update /run/systemd/container
# see https://github.com/tianon/docker-brew-ubuntu-core/blob/ea95f62628559b4dc13b179cce87f96b83d44238/update.sh#L57-L103
# (https://github.com/tianon/docker-brew-ubuntu-core/blob/8984e91c47abd923cf214fb7232b044106b39337/xenial/Dockerfile)
FROM scratch
COPY --from=fetch /rootfs /
CMD ["bash"] |
|
Unfortunately this multi approach solution would not work because the tarball we are producing is now something like |
|
@tianon The problem is that we are no longer producing simple tarballs. We use The thing is, the old method of just including a |
|
Putting my name in here to express an interest in seeing arm64 OpenSUSE images, as well as to query re status changes since early September. |
|
I just tried arm32v7/opensuse and aarch64/opensuse and found some issues: 01 - Docker recently did some reorganization on their registry for 64bit ARM systemsSee the deprecation notice in https://hub.docker.com/r/aarch64/opensuse/
02 - arm32v7/opensuse:tumbleweed is brokenRPMs for the wrong platform (from the armv6hl repositores) are installed per default 03 - When arm32v7 docker images runs on aarch64 systems zypper cannot determine the correct architecture.A workaround could be to force the architecture in zypp.conf 04 - Incorrect repositories for all architectures that are maintained in 'ports' are used.Here are the correct ones for arm32v7 and aarch64: armv7hl:Leap 42.2
Leap 42.3
Tumbleweed
aarch64:Leap 42.2
Leap 42.3
Tumbleweed
|
|
@mnhauke In general we would recommend using images from the |
|
FYI, I verified that two last openSUSE images for ppc64le are able to be pulled from https://store.docker.com/images/opensuse but still have inside bad zypper repos, so add question in previous reference openSUSE/docker-containers#66 |
|
@davidcassany can you take a look at that please? |
|
@flavio this was solved last week here openSUSE/docker-containers#79 and closed the other mentioned issue, I just didn't realize this issue was still open. |
Hey folks -- we don't have a way to officially consume other architectures yet for official images (initial work for that sort of thing over in docker-library/official-images#2289 / docker-library/go-dockerlibrary#2), but there's some interest in at least getting some initial images up for testing, etc of other platforms (specifically from the IBM folks for POWER and Z, cc @duglin @estesp), especially including building Docker's own upstream packages for some of these other architectures.
Are there official published rootfs tarballs I could consume to build something for their needs in the interim, or is that something we could look to add in the future? What amount of work does that represent, and how can we (official images team) and/or IBM help out with that? Thanks! ❤️
cc @flavio @cyphar @jordimassaguerpla
The text was updated successfully, but these errors were encountered: