Many hyperlinks are disabled.
Use anonymous login
to enable hyperlinks.
26 check-ins for the month beginning 2022-09-01 by user wyoung
Following month ↑|
2022-09-26
| ||
| 22:29 | Replaced most of the speculation in the walmode section of the containers doc with a link to the walbanger project, where we'll be answering this question. ... (check-in: 96633067 user: wyoung tags: trunk) | |
|
2022-09-07
| ||
| 09:11 | Mentioned containerd+nerdctl in place of runc in the containers doc. A tightened-up version of the prior runc and crun sections are now collected below the Podman section. This gives a better flow: each successive option is smaller than the last, excepting only nspawn, which is a bit bigger than crun. (We leave nspawn last because we can't get it to work!) ... (check-in: 457c14a4 user: wyoung tags: trunk) | |
| 07:35 | Updated the "nojail" patch for our Dockerfile to track the recent changes: rename back from Dockerfile.in and the layer refactoring. It does essentially the same thing as before. ... (check-in: 19abf0ac user: wyoung tags: trunk) | |
|
2022-09-05
| ||
| 08:15 | Broke the Dockerfile up into more layers to allow better local caching at build time. Further optimized build time by producing the Fossil source tarball from the local repo instead of hitting the home site if you use the container-image target, since we can be reasonably certain you're working from a repo checkout and thus have all the info available here locally already. ... (check-in: 1da464ee user: wyoung tags: trunk) | |
| 01:42 | Expanded the paragraph on WAL mode interactions in the container doc into a full section, placed higher up, immediately after the first use of Docker's "--volume" flag, to explain why we don't map just the repo DB file, but the whole directory it sits in. Even if we later convince ourselves WAL is safe under this scenario, it'll be conditional at best, so some remnant of this section must remain, no matter which way the experiments go. ... (check-in: 698587d4 user: wyoung tags: trunk) | |
|
2022-09-04
| ||
| 23:46 | Renamed Dockerfile.in back to Dockerfile so it can be used as-is on non-autosetup systems. Realized that we can pass the Fossil checkin hash prefix in as a build arg instead of regenerating the file on disk from auto.def. If you use the Dockerfile as-shipped, you get a "trunk" build, which risks a stale cache — it thinks it already has a tarball by that name and helpfully refuses to pull it again — but at least Windows users get *something* without hand-hacking the file. ... (check-in: b0c9c26a user: wyoung tags: trunk) | |
| 22:20 | Added a /jail/log directory to the container so someone can pass --errorlog and such to the Fossil instance and have a place to put it. It also acts as a mountpoint for appending to a log out on the host. ... (check-in: ed50ceee user: wyoung tags: trunk) | |
| 21:58 | /dev permissions were too tight in the container. They're still tighter than on a stock Ubuntu box, but they should suffice for Fossil's needs. ... (check-in: 8eeb95e1 user: wyoung tags: trunk) | |
| 12:55 | Restricted the container listeners to localhost in section 6 of the containers doc, and mentioned a few other items related to reverse proxying with nginx. ... (check-in: c9ab736f user: wyoung tags: trunk) | |
| 12:14 | Folded info from an exchange with the Podman devs into the container doc. ... (check-in: 80f4a1dd user: wyoung tags: trunk) | |
| 11:36 | Added section numbers to the containers doc (it was getting confusing) and added a few internal fragment IDs. ... (check-in: 4d51d524 user: wyoung tags: trunk) | |
| 11:26 | Finished all the new topics planned for the new containers doc, adding sections on rootful Podman containers and on building via Docker but running via Podman, using Docker Hub as an intermediary to avoid building on the remote host. ... (check-in: 9c96e499 user: wyoung tags: trunk) | |
| 09:27 | Sanitized a local port number out of previous ... (check-in: 3dfa4581 user: wyoung tags: trunk) | |
| 09:25 | Added my sad tale of failure and woe with systemd-nspawn to the container docs, both as a warning to those who follow, and as a cry for help to someone who can make this work. I can't be bothered to spend more time on it, but there's no point throwing the work away. ... (check-in: 1e8c6655 user: wyoung tags: trunk) | |
| 09:15 | Documented another cause to modify the "m" variable in the runc examples in the container docs. ... (check-in: bf503088 user: wyoung tags: trunk) | |
| 08:09 | Added more jq filters to the runc examples to remove further problematic things left in the automatic conversion from the Docker container configuration file to the one we provide to runc. ... (check-in: 4e8c7479 user: wyoung tags: trunk) | |
| 07:15 | Worked through some difficulties here in applying the runc method on remote systems, then documented what I learned in the containers doc. ... (check-in: 56f4e2ce user: wyoung tags: trunk) | |
| 06:28 | Small fix to previous ... (check-in: d5695c8e user: wyoung tags: trunk) | |
| 06:02 | Expanded the runc section of the container doc to cover "bundle" terminology and to show a method for rsyncing the bundle across to a remote host. Also explained why this is a bad idea unless you've got a rather constrained use case, lest people avoid using podman/docker in places where they could provide real value. ... (check-in: f9f13ce7 user: wyoung tags: trunk) | |
| 04:32 | Documented the runc and crun options for running a container, including the cryptic method for exporting an OCI bundle from Docker, allowing you to use both together: Docker Desktop on your big dev box in the office, then one of the two lightweight runtimes out in the cloud. ... (check-in: c9431ef4 user: wyoung tags: trunk) | |
| 02:35 | Added explicit instructions for patching the Dockerfile for the nojail/podman method and for mapping a single Fossil repo into the container rather than a directory. Also included my best current advice on using WAL mode in these contexts. ... (check-in: 87a23d2a user: wyoung tags: trunk) | |
| 02:15 | Removed a TODO-based section of the new containers doc that wasn't meant to be checked in yet. Made a few improvements to the new Podman material as well. ... (check-in: 5adf6c40 user: wyoung tags: trunk) | |
| 02:01 | Added the "Lightweight Alternatives to Docker" section to the new containers doc, currently limited to a tutorial on converting the stock Dockerfile to work under Podman in its default mode, creating a rootless container. This brings in the second container-related file at the root of the repo, the patch file for this, so we don't have to maintain two nearly-parallel Dockerfiles. As a bonus, it allows us to point to the patch from the prose, making explicit what we had to change. ... (check-in: f0399ea9 user: wyoung tags: trunk) | |
| 01:53 | Moved the busybox-config file from tools/ into a new containers/ subdirectory. We were using that as a junk-drawer directory, for lack of a better place to put it. Now that we're about to have a second container-related file in the repo, that weak excuse is wearing thin. ... (check-in: b08e2bb7 user: wyoung tags: trunk) | |
| 01:39 | Referencing the new containers.md file from Dockerfile.in so we can remove a big redundant block comment from it. While in there, made a few style tweaks that will help the ongoing container document expansion. ... (check-in: be8f721d user: wyoung tags: trunk) | |
|
2022-09-03
| ||
| 23:34 |
Extracted the Docker containers material from www/build.wiki and moved
it into a new document dedicated to the topic, containers.md. It was
already pushing the bounds of how much info we want to provide in a
single section of that doc, and it's about to get bigger.
As part of the conversion from wiki format to Markdown, did another edit pass on the doc, improving a few things along the way. Dropped the "docker-" prefix from all internal IDs, as we no longer need them to disambiguate references to other parts of the build doc. ... (check-in: 7129dc98 user: wyoung tags: trunk) | |