I can definitely remember having a performance difference between my container
and a vm. I never bothered to research it any further and thought maybe it was
related to older cgroups implementation, oc, or older distro.
>
> By any chance have you measured the performance difference between GNU
By any chance have you measured the performance difference between GNU
libc and MUSL?
Best Regards,
Taavi
smime.p7s
Description: S/MIME Cryptographic Signature
--
Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from
this list
ISC funds the development of this softw
> On 2. 9. 2024, at 15:22, Devpt Calmarsoft wrote:
>
> strip binaries or not
Oh god, don’t ever do that if you ever want my help with debugging.
Stripping the symbols is a horrible practice that should be not be done. It’s
ok to have a detached symbols that can be installed later, but if you
Le 02/09/2024 à 15:00, Marc a écrit :
I think this will copy duplicates, duplicates increase still layer
size so you have 2x size of a default /usr
Alpine is so small that I did not notice that ! thanks !
so you can only copy individual files
You are right, extra files appear in the diff! I wa
>
> I think this will copy duplicates, duplicates increase still layer
> size so you have 2x size of a default /usr
>
> so you can only copy individual files
>
> You are right, extra files appear in the diff! I was thinking that the
> files already present would be discarded. Copying
On Behalf Of Devpt
Calmarsoft
Sent: Monday, 2 September 2024 12:25
To:bind-users@lists.isc.org
Subject: Re: Updated Docker images (9.18, 9.20, 9.21) - now based on
Alpine Linux
I forgot to specify the runtime dependency packages (fixed Dockerfile
attached), I am sorry.
This is still minimal change
: Monday, 2 September 2024 12:25
> To: bind-users@lists.isc.org
> Subject: Re: Updated Docker images (9.18, 9.20, 9.21) - now based on
> Alpine Linux
>
> I forgot to specify the runtime dependency packages (fixed Dockerfile
> attached), I am sorry.
> This is still minimal chan
I forgot to specify the runtime dependency packages (fixed Dockerfile
attached), I am sorry.
This is still minimal changes, and the result is now 101MB, which is
still an interesting improvement (371MB before changes). Note that when
building, the intermediate image is visible.
Le 02/09/2024 à
Le 27/08/2024 à 19:52, Ondřej Surý a écrit :
What’s the size difference for you?
I mean if someone wants to play with our Dockerfile and there’s a
significant reduction is size, I would be convinced. But in a world,
where a mobile application that does absolutely nothing has 4 GB, I
feel like
> Having said that, I wonder if people have some preference or even policy
> which mandates specific base image?
Yes. We're using a certified ubi8-minimal image for the finalized
docker by mandate and a bit of preference. Base image is 90M deployed
with BIND 9.18.29 is 258M (uncompressed). In t
On 27. 08. 24 20:18, Ondřej Surý wrote:
There’s also human wear. I would like to see a proof that it helps to halve the
size of the image before someone spends time on this. As usual, contributions
are welcome.
We are probably going to integrate the Docker with the main repository to build
ea
Ok, thanks. I see the logging now and I got this:
27-Aug-2024 19:53:19.449 general: error: could not configure root hints
from '/usr/share/dns/root.hints': file not found
Then I checked the container:
bind9-1:/var/log/bind# docker exec -it bind9 /bin/sh
/ # ls -lha /usr/share/dns/
ls: /usr/sh
There’s also human wear. I would like to see a proof that it helps to halve the
size of the image before someone spends time on this. As usual, contributions
are welcome.
We are probably going to integrate the Docker with the main repository to build
each future tag and so on, so we might look
>
> What’s the size difference for you?
>
> I mean if someone wants to play with our Dockerfile and there’s a
> significant reduction is size, I would be convinced. But in a world,
> where a mobile application that does absolutely nothing has 4 GB, I feel
> like 130 MB is on the low side of the s
What’s the size difference for you?
I mean if someone wants to play with our Dockerfile and there’s a significant
reduction is size, I would be convinced. But in a world, where a mobile
application that does absolutely nothing has 4 GB, I feel like 130 MB is on the
low side of the scale.
Ondre
>
> > On 27. 8. 2024, at 18:57, Marc wrote:
> >
> > Afaik apk del \ does not free up space still.
>
> Right. That was not really my intention though. I wanted to reduce
> the amount of cruft installed in the image. The less binary stuff
> around, the less possible attack surface.
>
> But apk
For what it's worth this is how we build our dockers, with a builder
and then the runner. IMO it's cleaner that way and not much more
complicated. We'll continue to roll our own though so no real dog in
this fight.
Peter
On Tue, Aug 27, 2024 at 1:28 PM Ondřej Surý wrote:
>
> > On 27. 8. 2024,
> On 27. 8. 2024, at 18:57, Marc wrote:
>
> Afaik apk del \ does not free up space still.
Right. That was not really my intention though. I wanted to reduce
the amount of cruft installed in the image. The less binary stuff
around, the less possible attack surface.
But apk --no-cache should w
> On 27. 8. 2024, at 18:47, Ondřej Surý wrote:
>
> But I think you are right. The default logging goes to the syslog and there's
> no syslog
> in the container. I'm thinking about appending -L /var/log/bind/default.log
> to the CMD
> part of the docker (so it can be easily overridden).
I've j
>
> Sure, it’s not secret:
>
> https://gitlab.isc.org/isc-projects/bind9-docker
>
> Branches with history…
>
Afaik apk del \ does not free up space still.
If you work with builder phase, you can probably shave of some MB's
1 # Version: 0.0.1 - 3proxy
2
3 #
4 # Stag
Hi Dan,
I'm using podman instead of docker as it allows me to run the containers
unprivileged,
but this works now:
podman run -it docker.io/internetsystemsconsortium/bind9:9.18 -g -c
/etc/bind/named.conf
and the container (named in the container) prints all the logs to the stderr.
But I think
This morning, I had several internetsystemsconsortium/bind9:9.18
containers update and none of them would launch properly, they just kept
restarting.
The containers do no logging at all, and I couldn't determine any root
cause. I tried disabling mount points, adjusting permissions, etc.
Nothi
Sure, it’s not secret:
https://gitlab.isc.org/isc-projects/bind9-docker
Branches with history…
Ondrej
--
Ondřej Surý — ISC (He/Him)
My working hours and your working hours may be different. Please do not feel
obligated to reply outside your normal working hours.
> On 27. 8. 2024, at 14:04, Mi
On Tuesday, August 27th, 2024 at 4:21 AM, Ondřej Surý wrote:
> the Docker images have been updated to use Alpine Linux as the base image
> and the bind9 binaries are now compiled from the source while building the
> Docker images. This is more in-line with the expected Docker (Podman)
> workfl
Hello,
the Docker images have been updated to use Alpine Linux as the base image
and the bind9 binaries are now compiled from the source while building the
Docker images. This is more in-line with the expected Docker (Podman) workflow.
Externally, there should not be any visible changes to the cur
25 matches
Mail list logo
