compiling-containers
dumb-init
compiling-containers | dumb-init | |
---|---|---|
3 | 10 | |
14 | 6,867 | |
- | 0.9% | |
0.0 | 0.0 | |
over 3 years ago | 8 days ago | |
Go | Python | |
- | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
compiling-containers
-
BuildKit in depth: Docker's build engine explained
A cool thing about Buildkits LLB is that you can write your own front end to BuildKit. At Earthly, this is sort of a starter task for everyone who joins the team.
My frontend was based on intercal and I don't recommend anyone use it[1].
Buildkit functions a bit like a compiler. I wrote an article once about how it all works. [2]
[1]: https://github.com/adamgordonbell/compiling-containers/tree/...
[2]: https://www.docker.com/blog/compiling-containers-dockerfiles...
-
`COPY –chmod` reduced the size of my container image by 35%
Earthly is great (disclosure: work on it)
But also checkout out IckFiles, an Intercal frontend for moby buildkit:
https://github.com/adamgordonbell/compiling-containers/tree/...
-
Compiling Containers - Dockerfiles, LLVM and BuildKit
Hi, I wrote this, thank you for submitting it. I was trying to teach a bit about compilers and container images at the same time and share some working code examples. The code samples are here and here.
dumb-init
-
Fargate: catching docker stopping
I think you are on the right track in thinking it’s a signal handling issue. You mentioned using some “bash scripts”, have you tried something like dumb-init?
-
"systemd doesn't follow Unix philosophy "
At the other extreme, there's dumb-init - it implements the special pid-1 behaviors and acts as a wrapper around the one script you want to run. It's ideal for containers or virtual machines that don't need user logins or more than one service.
-
What should readiness & liveness probe actually check for?
Oh, and another thing. Many containers launch their main process from a shell script. When this happens, the shell script receives the SIGTERM event, not the application. Your shell script MUST relay SIGTERM events back to the main process, and it doesn’t happen by default. You can use a shell script wrapper, like dumb-init (https://github.com/yelp/dumb-init), as your entry point if you need to use a shell script on container startup.
-
Distro balls
It's a plus because Gentoo fully supports the choice of Systemd or OpenRC. It also has minit, dumb-init, sysvinit, cinit in tree for the more adventurous. No one was calling the AUR bloat, the parent comment just mentions that Gentoo has an equivalent project, GURU.
- How to make containers handle the SIGTERM signal which makes K8s terminate application gracefully?
- Show HN: EnvKey 2.0 – End-To-End Encrypted Environments (now open source)
-
`COPY –chmod` reduced the size of my container image by 35%
, but I prefer to not have to make this assumption and use an init system instead.
[1]: https://github.com/Yelp/dumb-init
-
Systemd by Example
> It has no init system.
Apologies that I can't link directly to the "--init" flag but docker actually does have an init, it's just (err, was?) compiled into the binary: https://docs.docker.com/engine/reference/commandline/run/#op...
My recollection is that it either adopted, or inspired, https://github.com/Yelp/dumb-init#readme which folks used to put into their Dockerfile as the init system back in the day
Folks (ahem, I'm looking at you, eks-anywhere[0]) who bundle systemd into a docker container are gravely misguided, and the ones which do so for the ability to launch sshd alongside the actual container's main process are truly, truly lost
0: https://github.com/aws/eks-anywhere/issues/838#issuecomment-...
-
Question: How to handle events to safely terminate a Node.js inside Docker container
You can use something like dumb-init which is designed to correctly handle signals
- Docker e Nodejs - Dockerizando sua aplicação com boas praticas
What are some alternatives?
ko - Build and deploy Go applications
tini - A tiny but valid `init` for containers
Lean and Mean Docker containers - Slim(toolkit): Don't change anything in your container image and minify it by up to 30x (and for compiled languages even more) making it secure too! (free and open source)
eks-anywhere - Run Amazon EKS on your own infrastructure 🚀
Packer - Packer is a tool for creating identical machine images for multiple platforms from a single source configuration.
docker-centos7-systemd-unpriv - Dockerfile for CentOS7 with Systemd in unprivileged mode
dive - A tool for exploring each layer in a docker image
systemd - The systemd System and Service Manager
image-spec - OCI Image Format
vault-exfiltrate - proof-of-concept for recovering the master key from a Hashicorp Vault process
envkey - Simple, end-to-end encrypted configuration and secrets management