Thanks Chesnay for driving this. I found a problem with image name change[1] and I have created a PR[2] to fix it.
Best, Xingbo [1] https://issues.apache.org/jira/browse/FLINK-29161 [2] https://github.com/apache/flink/pull/20726 Chesnay Schepler <ches...@apache.org> 于2022年8月31日周三 17:15写道: > I will optimistically merge the PRs that make the switch so we can > gather some e2e testing data. > > On 30/08/2022 14:51, Chesnay Schepler wrote: > > yes, alpine would have similar issues as CentOS. As for usability, > > from personal experience it has always been a bit of a drag to extend > > or use manually because it is such a minimal image. > > > > On 30/08/2022 14:45, Matthias Pohl wrote: > >> Thanks for bringing this up, Chesnay. Can you elaborate a bit more on > >> what > >> you mean when referring to Alpine as being "not as user-friendly"? > >> Doesn't > >> it come with the same issue that switching to CentOS comes with that we > >> have to update our scripts (I'm thinking of apt in particular)? Or what > >> else did you have in mind in terms of user-friendliness? I would imagine > >> selecting the required packages would be a bit more tedious. > >> > >> I'm wondering whether we considered the security aspect. A more minimal > >> Alpine base image might reduce the risk of running into CVEs. But then; > >> it's also the question how fast those CVEs are actually fixed on average > >> (now comparing Ubuntu and Alpine for instance). Or is this even a > >> concern > >> for us? > >> > >> I didn't find any clear answers around that topic with a quick Google > >> search. [1] was kind of interesting to read. > >> > >> Anyway, I definitely see the benefits of just switching to Ubuntu due to > >> the fact that it also relies on Debian's package management (reducing > >> the > >> migration effort) and that we're using it for our CI builds > >> (consistency). > >> > >> +1 for going with Ubuntu if security is not a big concern > >> > >> Best, > >> Matthias > >> > >> [1] > >> > https://jfrog.com/knowledge-base/why-use-ubuntu-as-a-docker-base-image-when-alpine-exists/ > >> > >> > >> On Tue, Aug 30, 2022 at 11:40 AM Chesnay Schepler <ches...@apache.org> > >> wrote: > >> > >>> Hello, > >>> > >>> during the release of the 1.15.2 images > >>> <https://github.com/docker-library/official-images/pull/13065> it was > >>> noted that we use the openjdk:8/11 images, which have been deprecated > >>> <https://github.com/docker-library/openjdk/issues/505> and thus no > >>> longer receive any updates. > >>> > >>> There are a number of alternatives, the most promising being Eclipse > >>> Temurin <https://hub.docker.com/_/eclipse-temurin>, the successor of > >>> AdoptOpenJDK, since it's vendor neutral. > >>> > >>> This would imply a switch of distros from Debian to most likely Ubuntu > >>> 22.04 (Alpine isn't as user-friendly, and CentOS is likely incompatible > >>> with existing images using our images as a base). We are also running > >>> our CI on Ubuntu, so I don't expect any issues. > >>> > >>> Let me know what you think. > >>> > >>> The required changes on our side appear to be minimal; I have already > >>> prepared a PR <https://github.com/apache/flink-docker/pull/130>. > >>> > > > >
