-
Notifications
You must be signed in to change notification settings - Fork 407
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
miner update HIP #11
miner update HIP #11
Conversation
@mrallen1 and I have been playing around with Open Container Initiative (OCI) images. I think we can mount and boot them on the hotspot (using archivemount and chroot) without installing any container runtimes. This would, however, allow other people to run the container in docker/oci/etc on non hotspots as well. I also think we could boot a OCI image using https://github.com/containers/bubblewrap
|
More concretely I propose we'd make the following miner containers:
We'd run the arm64 slim container on the hotspot, it would essentially just contain /opt/miner and we'd mount through the needed system paths into the bubblewrap environment. The other containers would contain a full system image and an Erlang distribution (these could be done via composing layers). They would be served through a 'container registry' such that 'docker pull' or suchlike would be compatible. Most cloud platforms support a compatible cloud registry API now (eg Amazon ECR) and open source implementations exist. These registries can already contain OCI images. https://docs.docker.com/registry/spec/api/ |
The v2 registry can be queried with bash/jq via something like https://github.com/gforghetti/docker_registry_api_bash_functions |
I made a story in Clubhouse for this work. |
@Vagabond @mrallen1 Your proposed OCI and bubblewrap solution is interesting. I do have my doubts as to how mature the bubblewrap tooling is compared to Docker's. Namely does bubblewrap really have something akin to |
Bubblewrap relies on cgroups, same as Docker does (it's just a much thinner shim over the top). Bubblewrap is used in a ton of places, including flatpak applications and I found out yesterday it's how void linux sandboxes their package building. https://wiki.archlinux.org/index.php/Bubblewrap It definitely does not have a docker pull implementation, but the docker protocol is HTTP based, and as I linked above, shell libraries exist to query it (so we'd do docker pull via bash/curl). I've been thinking about the OCI "layers" we might want to use:
This would allow us to reuse 'layer 2' for all of our docker images and just crosscompile layer3 for arm/arm64 (and swap out the base image for an architecture appropriate image). As a bonus, since our NIFs don't change a lot, we could simply update the middle layer the majority of the time. |
Additionally we can do stuff like @macpie did in the router docker stuff, where we use the environment to configure a sys.config.src template at runtime (for things like paths, key mode, etc) |
Rendered view: https://github.com/helium/HIP/blob/e4a3b70c8f6234c49b9264156ba0ea250d5ac705/0000-miner-update.md