Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

hyperkube images take forever to build #35058

Closed
ixdy opened this issue Oct 18, 2016 · 14 comments · Fixed by #48365
Closed

hyperkube images take forever to build #35058

ixdy opened this issue Oct 18, 2016 · 14 comments · Fixed by #48365
Labels
area/build-release area/controller-manager area/release-eng Issues or PRs related to the Release Engineering subproject help wanted Denotes an issue that needs help from a contributor. Must meet "help wanted" guidelines. sig/release Categorizes an issue or PR as relevant to SIG Release.
Milestone
v1.8

Comments

@ixdy
Copy link
Member

ixdy commented Oct 18, 2016

I'm pretty sure that building the hyperkube images takes longer than building kubernetes itself now.

At least a large part of this seems to be that we download and install ~172 extra debian packages several times (once for each arch).

Step 1 : FROM debian:jessie
 ---> ae85c48b369c
Step 2 : RUN DEBIAN_FRONTEND=noninteractive apt-get update -y     && DEBIAN_FRONTEND=noninteractive apt-get -yy -q install     iptables     ebtables     ethtool     ca-certificates     conntrack     util-linux     socat     git     nfs-common     glusterfs-client     cifs-utils     && DEBIAN_FRONTEND=noninteractive apt-get upgrade -y     && DEBIAN_FRONTEND=noninteractive apt-get autoremove -y     && DEBIAN_FRONTEND=noninteractive apt-get clean && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* # 8d44e7d0-167f-48a2-8d52-c3d7748438c2
 ---> Running in 70dd6f4a01e7
Get:1 http://security.debian.org jessie/updates InRelease [63.1 kB]
Get:2 http://security.debian.org jessie/updates/main amd64 Packages [392 kB]
Ign http://httpredir.debian.org jessie InRelease
Get:3 http://httpredir.debian.org jessie-updates InRelease [142 kB]
Get:4 http://httpredir.debian.org jessie Release.gpg [2373 B]
Get:5 http://httpredir.debian.org jessie Release [148 kB]
Get:6 http://httpredir.debian.org jessie-updates/main amd64 Packages [17.6 kB]
Get:7 http://httpredir.debian.org jessie/main amd64 Packages [9064 kB]
Fetched 9829 kB in 3s (2871 kB/s)
Reading package lists...
Reading package lists...
Building dependency tree...
util-linux is already the newest version.
The following extra packages will be installed:
  attr bsd-mailx cron dbus exim4 exim4-base exim4-config exim4-daemon-light
  file fuse git-man glusterfs-common init-system-helpers keyutils kmod
  krb5-locales less libaio1 libalgorithm-c3-perl libarchive-extract-perl
  libasn1-8-heimdal libavahi-client3 libavahi-common-data libavahi-common3
  libbsd0 libcap-ng0 libcgi-fast-perl libcgi-pm-perl libclass-c3-perl
  libclass-c3-xs-perl libcpan-meta-perl libcups2 libcurl3-gnutls
  libdata-optlist-perl libdata-section-perl libdbus-1-3
  libdevmapper-event1.02.1 libedit2 liberror-perl libevent-2.0-5 libexpat1
  libfcgi-perl libffi6 libfile-copy-recursive-perl libfuse2 libgdbm3
  libglib2.0-0 libglib2.0-data libgmp10 libgnutls-deb0-28 libgssapi-krb5-2
  libhcrypto4-heimdal libhdb9-heimdal libheimbase1-heimdal libhogweed2
  libhx509-5-heimdal libibverbs1 libidn11 libk5crypto3 libkeyutils1
  libkrb5-26-heimdal libkrb5-3 libkrb5support0 libldap-2.4-2 libldb1
  liblockfile-bin liblockfile1 liblog-message-perl liblog-message-simple-perl
  liblvm2app2.2 libmagic1 libmnl0 libmodule-build-perl
  libmodule-pluggable-perl libmodule-signature-perl libmro-compat-perl
  libnetfilter-conntrack3 libnettle4 libnfnetlink0 libnfsidmap2 libntdb1
  libp11-kit0 libpackage-constants-perl libparams-util-perl libpod-latex-perl
  libpod-readme-perl libpopt0 libpython-stdlib libpython2.7
  libpython2.7-minimal libpython2.7-stdlib librdmacm1 libregexp-common-perl
  libroken18-heimdal librtmp1 libsasl2-2 libsasl2-modules libsasl2-modules-db
  libsoftware-license-perl libsqlite3-0 libssh2-1 libssl1.0.0
  libsub-exporter-perl libsub-install-perl libtalloc2 libtasn1-6 libtdb1
  libterm-ui-perl libtevent0 libtext-soundex-perl libtext-template-perl
  libtirpc1 libwbclient0 libwind0-heimdal libwrap0 libx11-6 libx11-data
  libxau6 libxcb1 libxdmcp6 libxext6 libxml2 libxmuu1 libxtables10 logrotate
  mime-support openssh-client openssl patch perl perl-modules psmisc python
  python-crypto python-dnspython python-ldb python-minimal python-ntdb
  python-samba python-talloc python-tdb python2.7 python2.7-minimal rename
  rpcbind rsync samba samba-common samba-common-bin samba-dsdb-modules
  samba-libs samba-vfs-modules sgml-base shared-mime-info tcpd tdb-tools ucf
  update-inetd winbind xauth xdg-user-dirs xml-core
Suggested packages:
  smbclient anacron checksecurity dbus-x11 mail-reader eximon4 exim4-doc-html
  exim4-doc-info spf-tools-perl swaks gettext-base git-daemon-run
  git-daemon-sysvinit git-doc git-el git-email git-gui gitk gitweb git-arch
  git-cvs git-mediawiki git-svn cups-common gnutls-bin krb5-doc krb5-user
  libsasl2-modules-otp libsasl2-modules-ldap libsasl2-modules-sql
  libsasl2-modules-gssapi-mit libsasl2-modules-gssapi-heimdal open-iscsi
  watchdog ssh-askpass libpam-ssh keychain monkeysphere ed diffutils-doc
  perl-doc libterm-readline-gnu-perl libterm-readline-perl-perl make
  libb-lint-perl libcpanplus-dist-build-perl libcpanplus-perl
  libfile-checktree-perl libobject-accessor-perl python-doc python-tk
  python-crypto-dbg python-crypto-doc python2.7-doc binutils binfmt-support
  openssh-server bind9 bind9utils ctdb ldb-tools ntp smbldap-tools
  heimdal-clients sgml-base-doc libnss-winbind libpam-winbind debhelper
Recommended packages:
  mailx ssh-client libarchive-tar-perl
The following NEW packages will be installed:
  attr bsd-mailx ca-certificates cifs-utils conntrack cron dbus ebtables
  ethtool exim4 exim4-base exim4-config exim4-daemon-light file fuse git
  git-man glusterfs-client glusterfs-common init-system-helpers iptables
  keyutils kmod krb5-locales less libaio1 libalgorithm-c3-perl
  libarchive-extract-perl libasn1-8-heimdal libavahi-client3
  libavahi-common-data libavahi-common3 libbsd0 libcap-ng0 libcgi-fast-perl
  libcgi-pm-perl libclass-c3-perl libclass-c3-xs-perl libcpan-meta-perl
  libcups2 libcurl3-gnutls libdata-optlist-perl libdata-section-perl
  libdbus-1-3 libdevmapper-event1.02.1 libedit2 liberror-perl libevent-2.0-5
  libexpat1 libfcgi-perl libffi6 libfile-copy-recursive-perl libfuse2 libgdbm3
  libglib2.0-0 libglib2.0-data libgmp10 libgnutls-deb0-28 libgssapi-krb5-2
  libhcrypto4-heimdal libhdb9-heimdal libheimbase1-heimdal libhogweed2
  libhx509-5-heimdal libibverbs1 libidn11 libk5crypto3 libkeyutils1
  libkrb5-26-heimdal libkrb5-3 libkrb5support0 libldap-2.4-2 libldb1
  liblockfile-bin liblockfile1 liblog-message-perl liblog-message-simple-perl
  liblvm2app2.2 libmagic1 libmnl0 libmodule-build-perl
  libmodule-pluggable-perl libmodule-signature-perl libmro-compat-perl
  libnetfilter-conntrack3 libnettle4 libnfnetlink0 libnfsidmap2 libntdb1
  libp11-kit0 libpackage-constants-perl libparams-util-perl libpod-latex-perl
  libpod-readme-perl libpopt0 libpython-stdlib libpython2.7
  libpython2.7-minimal libpython2.7-stdlib librdmacm1 libregexp-common-perl
  libroken18-heimdal librtmp1 libsasl2-2 libsasl2-modules libsasl2-modules-db
  libsoftware-license-perl libsqlite3-0 libssh2-1 libssl1.0.0
  libsub-exporter-perl libsub-install-perl libtalloc2 libtasn1-6 libtdb1
  libterm-ui-perl libtevent0 libtext-soundex-perl libtext-template-perl
  libtirpc1 libwbclient0 libwind0-heimdal libwrap0 libx11-6 libx11-data
  libxau6 libxcb1 libxdmcp6 libxext6 libxml2 libxmuu1 libxtables10 logrotate
  mime-support nfs-common openssh-client openssl patch perl perl-modules
  psmisc python python-crypto python-dnspython python-ldb python-minimal
  python-ntdb python-samba python-talloc python-tdb python2.7
  python2.7-minimal rename rpcbind rsync samba samba-common samba-common-bin
  samba-dsdb-modules samba-libs samba-vfs-modules sgml-base shared-mime-info
  socat tcpd tdb-tools ucf update-inetd winbind xauth xdg-user-dirs xml-core
0 upgraded, 172 newly installed, 0 to remove and 0 not upgraded.

Not sure how to improve this - maybe better caching? Do we actually want to install these extra packages? Should we use a better base image than debian:jessie?

cc @jbeda @luxas
@ixdy
Copy link
Member Author

ixdy commented Oct 18, 2016

cc @aaronlevy @colemickens @david-mcmahon

(not really sure who "owns" hyperkube, if anyone)

@david-mcmahon david-mcmahon added the help wanted Denotes an issue that needs help from a contributor. Must meet "help wanted" guidelines. label Oct 18, 2016
@david-mcmahon david-mcmahon added this to the v1.5 milestone Oct 18, 2016
@jbeda
Copy link
Contributor

jbeda commented Oct 18, 2016

The hyperkube binary is one thing. I think the image ends up being big as we drag in so much stuff. I wasn't involved in creating the docker image so I can't comment.

Ideally this thing would be slim and would have minimal external dependencies. Fixing this starts with mapping why we have each of those deps imported.

@pwittrock pwittrock added area/release-eng Issues or PRs related to the Release Engineering subproject and removed team/ux labels Oct 18, 2016
@luxas
Copy link
Member

luxas commented Oct 25, 2016

I actually have written a such patch in my local env, but I never uploaded.
It removed the docker and docker-multinode-specific stuff and all the unused deps.

Also, we will come one step closer once #30356 is in.

Should I submit the patch so you can take a look at it?

@ixdy
Copy link
Member Author

ixdy commented Oct 31, 2016

Should I submit the patch so you can take a look at it?

sure!

@ixdy ixdy mentioned this issue Nov 4, 2016
Closed
@dims
Copy link
Member

dims commented Nov 16, 2016

@ixdy This needs to be triaged as a release-blocker or not for 1.5

@ixdy ixdy modified the milestones: v1.6, v1.5 Nov 16, 2016
@ixdy
Copy link
Member Author

ixdy commented Nov 16, 2016

punting to v1.6.

@luxas
Copy link
Member

luxas commented Nov 16, 2016

The main problem here is that we're installing huge packages for supporting some volume types:

  • git
  • nfs-common
  • glusterfs-client
  • cifs-utils

With containerized volume mounters we'll get rid of that.

@codablock
Copy link
Contributor

When it comes to local rebuilding, #40011 should help here.

As I've already noted in the PR, maybe we should make CACHEBUST=0 the default for all hack/dev-xxx.sh scripts. This would at least ease development and testing.

@ethernetdan
Copy link
Contributor

@ixdy can this be closed? or moved to 1.7?

@ixdy ixdy modified the milestones: v1.6, v1.7 Mar 13, 2017
@spiffxp
Copy link
Member

spiffxp commented May 31, 2017

@ixdy should this be in v1.7? is there an appropriate sig to own this?

@ixdy ixdy modified the milestones: v1.7, v1.8 May 31, 2017
@ixdy
Copy link
Member Author

ixdy commented May 31, 2017
edited
Loading

cries nope, not v1.7.

I'm still not sure who owns hyperkube.

@luxas
Copy link
Member

luxas commented May 31, 2017

Everyone and no one I suppose. Yeah, agree it's sad.

@k8s-github-robot k8s-github-robot added the needs-sig Indicates an issue or PR lacks a `sig/foo` label and requires one. label May 31, 2017
@spiffxp
Copy link
Member

spiffxp commented Jun 24, 2017

/sig release
guess we're saying sig-release owns hyperkube under the general guise of "cutting bits" until/unless there is a better home for it

@k8s-ci-robot k8s-ci-robot added the sig/release Categorizes an issue or PR as relevant to SIG Release. label Jun 24, 2017
@k8s-github-robot k8s-github-robot removed the needs-sig Indicates an issue or PR lacks a `sig/foo` label and requires one. label Jun 24, 2017
@luxas
Copy link
Member

luxas commented Jun 24, 2017
edited
Loading

@spiffxp Yeah, hyperkube definitely belongs to sig-release as it hasn't been owned by a sig so far...

@ixdy ixdy mentioned this issue Jun 30, 2017
Merged
k8s-github-robot pushed a commit that referenced this issue Aug 3, 2017
Merge pull request #48365 from ixdy/hyperkube-base-image
efe3951 
Automatic merge from submit-queue (batch tested with PRs 48365, 49902, 49808, 48722, 47045)

Rebase hyperkube image on debian-hyperkube-base, based on debian-base.

**What this PR does / why we need it**: saves all of the hyperkube image dependencies in a cacheable base image, rather than downloading them for every build (which is slow and flaky).

This way, at build time, we only need to pull down the hyperkube base image and add the hyperkube binary.

I've additionally based the base image on `debian-base` instead of `debian`, though we amusing end up reinstalling a bunch of the things we removed in `debian-base`.

**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #35058, at least partially

**Special notes for your reviewer**: I'm increasingly convinced that the hyperkube image is a bad pattern, as this image carries the superset of dependencies anyone might need, rather than the limited set of dependencies one needs. hyperkube really needs a proper owner.

**Release note**:

```release-note
```

/assign @timstclair @luxas @philips @nikhiljindal 
cc @kubernetes/sig-release-pr-reviews
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
area/build-release area/controller-manager area/release-eng Issues or PRs related to the Release Engineering subproject help wanted Denotes an issue that needs help from a contributor. Must meet "help wanted" guidelines. sig/release Categorizes an issue or PR as relevant to SIG Release.
Projects
None yet
Milestone
v1.8
Development

Successfully merging a pull request may close this issue.

Rebase hyperkube image on debian-hyperkube-base, based on debian-base. ixdy/kubernetes