Closed Cronick closed 7 months ago
What about this article? https://medium.com/@aminmir326/health-checks-for-distroless-containers-a2180c4c4fcf
Might be a workaround
What I usually do on distroless images is just to copy the curl binary from a busybox image. It's easy and works well. Keeping the advantage of distroless with little downside.
What I usually do on distroless images is just to copy the curl binary from a busybox image. It's easy and works well. Keeping the advantage of distroless with little downside.
Will give that an attempt tomorrow then, if no-one beats me to do it 😄
Oops. Didn’t think about this. I only tested that the route worked in the service. Copying curl binary would be the better solution IMO
Guilty! I'm not running Fletchling inside a docker 😶
@Cronick you might want to use that solution (well with maybe younger version of bbox) https://github.com/GoogleContainerTools/distroless/issues/183#issuecomment-571723446
Could not find a busybox image with curl. So just aimed for the next best wget.
yeah, i saw the same thing last night. This looks like what I'd come up with, but I wanted to give you a chance to fix up your PR. :) Thanks!
gcr.io/distroless/static-debian11 doesn't include curl by default, and because it's distroless. There is not really an obvious way (from what I can see) to get it installed.
Proposal is to change base image to debian:stable-slim and install curl into the container. This will increase the image size by 4x, from what I could test on my own machine, and not as "secure" as a distroless.
So just opening the discussion now, if we should have a working healthcheck or not 😄