Hi,
That is indeed a good starting point for a discussion. While I'd opt for
having things like 'ping', 'nslookup', etc. in Docker images, I don't
much see a real need for having editors, like 'vim'(configuration files
shouldn't be used in containerized services and all logs should go to
'stdout' anyway so that Docker daemon can gather them).
In general, during our work on ONAP @ Nokia we have struggled with slow
deployment which seems to be caused (at least partially) by not
standardized containers.
It would be very beneficial to create ONAP base images with runtime
environments/tools included on which all services would base on.
This way, many image layers would be deduplicated/reused, effectively
reducing images size and therefore deployment time :)
Best Regards / Pozdrawiam
Piotr Bocheński
-------------------------
Software Development Engineer
MN MANO SOAM 1 R&D WRO 7 (ONAP)
West Gate (Lotnicza 12, 54-155 Wrocław, Poland)
mobile: +48 734 103 812
On 02/23/2018 03:35 PM, FREEMAN, BRIAN D wrote:
Just to mix up the pot a little. The tools being discussed are ones we
would use for troubleshooting in production as well.
Brian
*From:*SULLIVAN, BRYAN L
*Sent:* Friday, February 23, 2018 9:08 AM
*To:* Bochenski, Piotr (Nokia - PL/Wroclaw)
<[email protected]>; Yunxia Chen <[email protected]>; Kang
Xi <[email protected]>; PLATANIA, MARCO <[email protected]>;
FREEMAN, BRIAN D <[email protected]>
*Cc:* onap-discuss <[email protected]>
*Subject:* RE: [onap-discuss] [integration] INT-261: Add standard
utilities to all dockers (vim, ping, nslookup)
Piotr’s suggestion is the correct approach. Where possible, base
containers should be used that are then used to build other more
specific containers, with common tools as needed. Nothing should need
to be installed at deployment time, only configured (via environment)
through the process of container launch.
For production use, you should restrict the pre-installed tools to
those that have an essential purpose in a production system. That’s
why having two base container flavors is good idea.
Thanks,
Bryan Sullivan | AT&T
*From:*[email protected]
<mailto:[email protected]>
[mailto:[email protected]] *On Behalf Of *Bochenski,
Piotr (Nokia - PL/Wroclaw)
*Sent:* Friday, February 23, 2018 2:32 AM
*To:* Yunxia Chen <[email protected]
<mailto:[email protected]>>; Kang Xi <[email protected]
<mailto:[email protected]>>; PLATANIA, MARCO (MARCO)
<[email protected] <mailto:[email protected]>>;
FREEMAN, BRIAN D <[email protected] <mailto:[email protected]>>
*Cc:* onap-discuss <[email protected]
<mailto:[email protected]>>
*Subject:* Re: [onap-discuss] [integration] INT-261: Add standard
utilities to all dockers (vim, ping, nslookup)
Hi,
I absolutely agree that those tools are a must for development and
testing, but they should be included in Docker/VM images before the
actual deployment.
That is the point of environments where there is no access to the
internet - you provide only artifacts that are needed to get the
system installed and the whole procedure takes place offline.
The concept that I've provided below assumes that we decide in the
build time whether we are building 'testing' (with debugging tools) or
'production' artifacts.
Best Regards / Pozdrawiam
Piotr Bocheński
-------------------------
Software Development Engineer
MN MANO SOAM 1 R&D WRO 7 (ONAP)
West Gate (Lotnicza 12, 54-155 Wrocław, Poland)
mobile: +48 734 103 812
On 02/23/2018 12:26 AM, Yunxia Chen wrote:
Hi, Piotr,
Why will this create issue if it has issue when no internet or
behind corporate firewall? Please help to clarify it. Those tools
are used for debugging, especially if you don’t have internet to
outside, you cannot get them using “apt-get” to install them when
you need them.
Regards,
Helen Chen
*From: *<[email protected]>
<mailto:[email protected]> on behalf of
"Bochenski, Piotr (Nokia - PL/Wroclaw)"
<[email protected]> <mailto:[email protected]>
*Organization: *Nokia - PL/Wroclaw
*Date: *Wednesday, February 21, 2018 at 3:49 AM
*To: *Kang Xi <[email protected]> <mailto:[email protected]>,
"PLATANIA, MARCO (MARCO)" <[email protected]>
<mailto:[email protected]>, "FREEMAN, BRIAN D"
<[email protected]> <mailto:[email protected]>
*Cc: *onap-discuss <[email protected]>
<mailto:[email protected]>
*Subject: *Re: [onap-discuss] [integration] INT-261: Add standard
utilities to all dockers (vim, ping, nslookup)
Hi,
In my opinion it's not a good idea to install anything at runtime
- for example, this causes troubles on environments that are cut
off the internet or behind massive corporate firewalls (like the
one that my team uses).
For proper solution I would recommend something like this:
* We create 2 ONAP "base" images - one for production and another
one for development and testing (with mentioned tools included)
* We switch the base image during the build
This would require additional work, but will result in much
"cleaner" solution :)
What do you think?
Best Regards / Pozdrawiam
Piotr Bocheński
-------------------------
Software Development Engineer
MN MANO SOAM 1 R&D WRO 7 (ONAP)
West Gate (Lotnicza 12, 54-155 Wrocław, Poland)
mobile: +48 734 103 812
On 02/20/2018 05:13 PM, Kang Xi wrote:
Thanks. Then we pretty much have solved this problem. I’ll
update the jira ticket accordingly.
Regards,
Kang
*From:*PLATANIA, MARCO (MARCO) [mailto:[email protected]]
*Sent:* Tuesday, February 20, 2018 11:11
*To:* Kang Xi <[email protected]>
<mailto:[email protected]>; FREEMAN, BRIAN D <[email protected]>
<mailto:[email protected]>
*Cc:* onap-discuss <[email protected]>
<mailto:[email protected]>
*Subject:* Re: [onap-discuss] [integration] INT-261: Add
standard utilities to all dockers (vim, ping, nslookup)
All the components in Heat already have ping-utils, vim and
nslookup. Not sure about the Centos VMs for DCAE, need to
check with Lusheng.
Marco
*From: *Kang Xi <[email protected] <mailto:[email protected]>>
*Date: *Tuesday, February 20, 2018 at 11:02 AM
*To: *"PLATANIA, MARCO (MARCO)" <[email protected]
<mailto:[email protected]>>, BRIAN FREEMAN
<[email protected] <mailto:[email protected]>>
*Cc: *onap-discuss <[email protected]
<mailto:[email protected]>>
*Subject: *RE: [onap-discuss] [integration] INT-261: Add
standard utilities to all dockers (vim, ping, nslookup)
Hi Marco,
I agree with you. Actually I did check the size and found the
total is less than 5MB. Is there also an easy solution for heat?
Regards,
Kang
*From:*PLATANIA, MARCO (MARCO) [mailto:[email protected]]
*Sent:* Tuesday, February 20, 2018 10:58
*To:* Kang Xi <[email protected]
<mailto:[email protected]>>; FREEMAN, BRIAN D <[email protected]
<mailto:[email protected]>>
*Cc:* onap-discuss <[email protected]
<mailto:[email protected]>>
*Subject:* Re: [onap-discuss] [integration] INT-261: Add
standard utilities to all dockers (vim, ping, nslookup)
Hi Kang,
Those tools don’t really require too much space in a docker
image, so size shouldn’t be a problem. I don’t think we need
to modify the docker images, we could create init containers
in kubernetes that install those tools for the ONAP components
that need them.
Marco
*From: *<[email protected]
<mailto:[email protected]>> on behalf of
Kang Xi <[email protected] <mailto:[email protected]>>
*Date: *Tuesday, February 20, 2018 at 10:38 AM
*To: *BRIAN FREEMAN <[email protected] <mailto:[email protected]>>
*Cc: *onap-discuss <[email protected]
<mailto:[email protected]>>
*Subject: *[onap-discuss] [integration] INT-261: Add standard
utilities to all dockers (vim, ping, nslookup)
Hi Brian, All,
We have a backlog jira ticket asking to install standard
utilities to all dockers.
https://jira.onap.org/browse/INT-261
<https://urldefense.proofpoint.com/v2/url?u=https-3A__jira.onap.org_browse_INT-2D261&d=DwMFAg&c=LFYZ-o9_HUMeMTSQicvjIg&r=KgFIQiUJzSC0gUhJaQxg8eC3w16GC3sKgWIcs4iIee0&m=SIDtjRhzdznWsLmsHqy4fafBi8RZUWe4XJlUYPMbWbI&s=tRBXDFUKW30iWCNKP3P9x_6jg-HN8_AH4Pdspuq8FOo&e=>
This issue was discussed at today’s Integration weekly
meeting. Some concerns were raised that it would inflate the
size and increate maintenance work for the production version
as how to turn on/off installing those packages. Another
question is that it might not be needed for all the dockers.
There is no doubt that having those tools will make debug and
test more productive. Do you think it is possible to add the
tools to a few most demanding dockers? If yes, please specify
a list and I’ll follow up on this. Immediately I have the
controller dockers in SDNC/APPC and mso docker in SO.
Regards,
Kang
_______________________________________________
onap-discuss mailing list
[email protected] <mailto:[email protected]>
https://lists.onap.org/mailman/listinfo/onap-discuss
<https://urldefense.proofpoint.com/v2/url?u=https-3A__lists.onap.org_mailman_listinfo_onap-2Ddiscuss&d=DwMDaQ&c=LFYZ-o9_HUMeMTSQicvjIg&r=ML-JPRZQOfToJjMwlJLPlcWimAEwMA5DZGNIrk-cgy0&m=o5dtOFAs0gnnKaTl94MGVVUAinv5qzl2_ybGlliou20&s=ZU0Enplq-etqZuMQKNKmNeXQK-Kl6QNAwDspjOtEkno&e=>
_______________________________________________
onap-discuss mailing list
[email protected]
https://lists.onap.org/mailman/listinfo/onap-discuss
