Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore(*) update base image for kuma-dp #2881

Merged
merged 2 commits into from
Oct 4, 2021
Merged

chore(*) update base image for kuma-dp #2881

merged 2 commits into from
Oct 4, 2021

Conversation

lobkovilya
Copy link
Contributor

Summary

Update base image to alpine:3.14

Full changelog

  • update base image

Issues resolved

N/A

Documentation

N/A

Testing

  • Unit tests
  • E2E tests
  • Manual testing on Universal
  • Manual testing on Kubernetes

Backwards compatibility

  • Add backport-to-stable label if the code is backwards compatible. Otherwise, list breaking changes.

@lobkovilya
chore(*) replace envoy-alpine image with alpine:3.14
3f79479 
Signed-off-by: Ilya Lobkov <ilya.lobkov@konghq.com>
@lobkovilya
chore(*) replace alpine with alpine-glibc
1442c8c 
Signed-off-by: Ilya Lobkov <ilya.lobkov@konghq.com>
@lobkovilya lobkovilya requested a review from a team as a code owner October 4, 2021 09:29
@jpeach
Copy link
Contributor

jpeach commented Oct 4, 2021

Why glibc? What is the origin and support policy for the image?

@jakubdyszkiewicz
Copy link
Contributor

jakubdyszkiewicz commented Oct 4, 2021
edited

@jpeach it's the base image that envoy-alipne uses, so we were using it implicitly already.

@jakubdyszkiewicz jakubdyszkiewicz merged commit f8791fc into master Oct 4, 2021
@jakubdyszkiewicz jakubdyszkiewicz deleted the chore/replace-envoy-alpine-with-alpine branch October 4, 2021 10:00
mergify bot pushed a commit that referenced this pull request Oct 4, 2021
@lobkovilya
chore(*) update base image for kuma-dp (#2881)
83c8662 
Signed-off-by: Ilya Lobkov <ilya.lobkov@konghq.com>
(cherry picked from commit f8791fc)
@mergify mergify bot mentioned this pull request Oct 4, 2021
Merged
jakubdyszkiewicz pushed a commit that referenced this pull request Oct 4, 2021
@mergify
chore(*) update base image for kuma-dp (#2881)
cda619b 
Signed-off-by: Ilya Lobkov <ilya.lobkov@konghq.com>
@jpeach
Copy link
Contributor

jpeach commented Oct 4, 2021

@jpeach it's the base image that envoy-alipne uses, so we were using it implicitly already.

I'm pretty uncomfortable depending on a base image where we don't know the origin and maintainer, or have any information about its quality of provenance. Its one thing for envoy to take on that risk, it's another thing for us to take it on without any analysis that I can see.

Do we expect this change to be permanent? I see that the base image for envoy-alpine is updated in main, so we would get this change for free with envoy 1.20.

Finally, was any comparison made with other base images? Ubuntu doesn't look like it would be substantially smaller and would improve the ability to troubleshoot envoy containers. Google distroless would be substantially smaller.

$ docker images
REPOSITORY                        TAG       IMAGE ID       CREATED        SIZE
ubuntu                            latest    597ce1600cf4   3 days ago     72.8MB
envoyproxy/envoy-alpine           v1.18.4   2497804fd5d4   5 weeks ago    84.6MB
gcr.io/distroless/base-debian11   latest    96c9f71abf99   51 years ago   20.3MB
gcr.io/distroless/base            latest    96c9f71abf99   51 years ago   20.3MB
gcr.io/distroless/base-debian10   latest    4b3996585481   51 years ago   19.2MB

@jpeach
Copy link
Contributor

jpeach commented Oct 4, 2021

Well, I underestimated the size of the envoy binary:

$ docker images
REPOSITORY                    TAG       IMAGE ID       CREATED       SIZE
envoyproxy/envoy-alpine       v1.19.1   dedc47289dc0   5 weeks ago   84.2MB
envoyproxy/envoy-distroless   v1.19.1   416825efe80a   5 weeks ago   83.3MB
envoyproxy/envoy              v1.19.1   ccc78547fdb0   5 weeks ago   134MB

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jakubdyszkiewicz jakubdyszkiewicz jakubdyszkiewicz approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@lobkovilya @jpeach @jakubdyszkiewicz