Join GitHub today
GitHub is home to over 28 million developers working together to host and review code, manage projects, and build software together.
Sign upTemplate VMs should be shipped as builders rather than images #1135
Comments
This comment has been minimized.
Show comment
Hide comment
This comment has been minimized.
adrelanos
Aug 19, 2015
Member
You are suggesting automated template builds on user machines? This has pros and cons.
Pros:
- Build decentralization, trust distribution. Not as good as deterministic builds, but shipping less binary files.
- More realistic mid term compared to deterministic images. (reasoning: [1])
Cons:
- Building takes longer than downloading binary images.
- More fragile, more likely to fail. (For example, transient issues with apt-get downloading.)
My position is, nevermind Ubuntu. Concentrate on one thing (Debian) and doing that well. If I am not mistaken, this is also the position by Qubes core developers, but they're free to to correct me. Ubuntu is really not worth any attention for various reasons, but that should be best discussed in a separate issues if required.
[1] Yes, Debian is working on reproducible builds. But for now, that includes deterministic packages. Not deterministic installed packages. Files that are automatically generated during package installation such as /etc/xml/catalog or /var/lib/dpkg/info/docbook-xml make images non-deterministic also. And other stuff. Will be a while until deterministic images can be created.
|
You are suggesting automated template builds on user machines? This has pros and cons. Pros:
Cons:
My position is, nevermind Ubuntu. Concentrate on one thing (Debian) and doing that well. If I am not mistaken, this is also the position by Qubes core developers, but they're free to to correct me. Ubuntu is really not worth any attention for various reasons, but that should be best discussed in a separate issues if required. [1] Yes, Debian is working on reproducible builds. But for now, that includes deterministic packages. Not deterministic installed packages. Files that are automatically generated during package installation such as /etc/xml/catalog or /var/lib/dpkg/info/docbook-xml make images non-deterministic also. And other stuff. Will be a while until deterministic images can be created. |
This comment has been minimized.
Show comment
Hide comment
This comment has been minimized.
marmarek
Aug 26, 2015
Member
On Wed, Aug 19, 2015 at 12:33:51PM -0700, Patrick Schleizer wrote:
Cons:
- Building takes longer than downloading binary images.
In some cases - much, much longer. For example if you have fast internet
connection downloading an template image is a matter of minutes-tens
minutes. But building the template (still using such fast connection)
can take 2h+.
My position is, nevermind Ubuntu. Concentrate on one thing (Debian)
and doing that well. If I am not mistaken, this is also the position
by Qubes core developers, but they're free to to correct me.
We haven't decided to abandon Fedora, we will still support it.
Anyway users are free to build the templates manually. To ease the task
we provide ready to use config files for qubes-builder to reproduce
templates provided as binaries:
https://github.com/qubesos/qubes-template-configs
Best Regards,
Marek Marczykowski-Górecki
Invisible Things Lab
A: Because it messes up the order in which people normally read text.
Q: Why is top-posting such a bad thing?
|
On Wed, Aug 19, 2015 at 12:33:51PM -0700, Patrick Schleizer wrote:
In some cases - much, much longer. For example if you have fast internet
We haven't decided to abandon Fedora, we will still support it. Anyway users are free to build the templates manually. To ease the task Best Regards, |
qubesuser commentedAug 19, 2015
Currently template VMs are shipped as images, which means that they are large and distributions like Ubuntu cannot be distributed due to trademark issues.
Instead, a modified version of the template builders should be what is in the template RPM packages, and on installation the package should download the distribution packages and build the template VMs like is currently done by the Qubes builder.
This way, Ubuntu images can be directly shipped, the download size would be greatly reduced and it would be possible to directly download the most current updated packages for the distribution rather than having a separate update step.