Strip unneeded binaries from the layers

[mnapoli]

@bubba-h57 I've done a ls -la /opt/bin in the layers and this is the result:

-rwx------ 1 sbx_user1051  495     6198 Jan 13 21:38 c_rehash
-rwx------ 1 sbx_user1051  495   359936 Jan 13 21:38 curl
-rwx------ 1 sbx_user1051  495     6088 Jan 13 21:38 curl-config
-rwx------ 1 sbx_user1051  495   642600 Jan 13 21:38 openssl
-rwx------ 1 sbx_user1051  495      812 Jan 13 21:38 pear
-rwx------ 1 sbx_user1051  495      833 Jan 13 21:38 peardev
-rwx------ 1 sbx_user1051  495      746 Jan 13 21:38 pecl
-rwx------ 1 sbx_user1051  495    27552 Jan 13 21:38 pg_config
-rwx------ 1 sbx_user1051  495    14816 Jan 13 21:38 phar
-rwx------ 1 sbx_user1051  495    14816 Jan 13 21:38 phar.phar
-rwx------ 1 sbx_user1051  495     2935 Jan 13 21:38 php-config
-rwx------ 1 sbx_user1051  495 12748024 Jan 13 21:38 php-fpm
-rwx------ 1 sbx_user1051  495     4531 Jan 13 21:38 phpize
-rwx------ 1 sbx_user1051  495     1695 Jan 13 21:38 xml2-config
-rwx------ 1 sbx_user1051  495    17008 Jan 13 21:38 xmlcatalog
-rwx------ 1 sbx_user1051  495    71920 Jan 13 21:38 xmllint

I guess we can remove everything except php/php-fpm right?

[bubba-h57]

Sure.

On Sun, Jan 13, 2019, 4:45 PM Matthieu Napoli <notifications@github.com wrote:

@bubba-h57 https://github.com/bubba-h57 I've done a ls -la /opt/bin in the layers and this is the result:

-rwx------ 1 sbx_user1051 495 6198 Jan 13 21:38 c_rehash -rwx------ 1 sbx_user1051 495 359936 Jan 13 21:38 curl -rwx------ 1 sbx_user1051 495 6088 Jan 13 21:38 curl-config -rwx------ 1 sbx_user1051 495 642600 Jan 13 21:38 openssl -rwx------ 1 sbx_user1051 495 812 Jan 13 21:38 pear -rwx------ 1 sbx_user1051 495 833 Jan 13 21:38 peardev -rwx------ 1 sbx_user1051 495 746 Jan 13 21:38 pecl -rwx------ 1 sbx_user1051 495 27552 Jan 13 21:38 pg_config -rwx------ 1 sbx_user1051 495 14816 Jan 13 21:38 phar -rwx------ 1 sbx_user1051 495 14816 Jan 13 21:38 phar.phar -rwx------ 1 sbx_user1051 495 2935 Jan 13 21:38 php-config -rwx------ 1 sbx_user1051 495 12748024 Jan 13 21:38 php-fpm -rwx------ 1 sbx_user1051 495 4531 Jan 13 21:38 phpize -rwx------ 1 sbx_user1051 495 1695 Jan 13 21:38 xml2-config -rwx------ 1 sbx_user1051 495 17008 Jan 13 21:38 xmlcatalog -rwx------ 1 sbx_user1051 495 71920 Jan 13 21:38 xmllint

I guess we can remove everything except php/php-fpm right?

— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/mnapoli/bref/issues/166, or mute the thread https://github.com/notifications/unsubscribe-auth/AAk17ryJwyRDcFgg0iaYH5SFnv8zce9Nks5vC6j4gaJpZM4Z9ZH- .

[viezel]

curl and openssl is often used by php applications. Are you sure you would be able to strip those without side effects?

[mnapoli]

If we remove the binaries that shouldn't affect the libraries and the PHP extensions, right?

[viezel]

hmm will exec('curl ...') still work without binaries?

[nealio82]

I highly doubt it would still work, although are you actually doing exec('curl ...') in your code? Wouldn't it make more sense to use $handle = curl_init() instead?

[viezel]

if you handle large amount of data you will find an overhead of using curl within php.

[mnapoli]

@viezel indeed that will not work. But the same could be said about any binary out there. I don't see a reason to include curl over any other Linux binary.

[prolic]

Just remove and document how to add custom binaries for those who need

[viezel]

@mnapoli agreed. Its fine for now. We can always add it again.

[nealio82]

if you handle large amount of data you will find an overhead of using curl within php.

can you handle such large amounts of data within a Lambda's execution limits? i'm slightly worried that your use-case might be too heavy for using FaaS!?

[viezel]

good point. I actually have not tried that yet. Im merely thinking of situations where I would like to merge our infrastructure into Lambda. Maybe those long running jobs are better off in a Fargate setup.