search

farrellit / ec2metadata-role-assumption

a simple role assumption service that exports resultant credentials the same way the ec2metadata service does, and provides endpoints for arbitrary metadata like in EC2 land.
8 stars 30 forks source link

Alpine Linux support #5

Closed jolexa closed 7 years ago

jolexa commented 7 years ago

Feel free to test with

docker run -e RACK_ENV=production -it --rm -p 127.0.0.1:8009:4567 -v `ls -d ~/.aws`:/root/.aws jolexa/ec2metadata-role-assumption:alpine"

This results in a 305 -> 95M image size reduction, seen here https://hub.docker.com/r/jolexa/ec2metadata-role-assumption/tags/

I had to do the virtualenv bit because the Alpine package for awscli is missing a dependency on colorama - and actually it is not even packaged. (Not sure how they are claiming it to work)

farrellit commented 7 years ago

I think we should look at the order of this stuff. If we do ruby install in the middle, we'll have to repeat it every time we change the code. as it is in master, the gemfile and bundler commands are toward the end so the rebuild on updates is very quick.

For example, when I merged PR #4, I ended up with a rebuild and restart process that was able to use cached layers almost entirely, for a startup of the new version in about 3 seconds, less depending on how long I sat at the command line before executing make up.

Is that something we can incorporate into this version?

dfarrell@mac 2016.11.09 09:07:06 master ~/git/ec2metastub
$ git pull
remote: Counting objects: 6, done.
remote: Total 6 (delta 3), reused 3 (delta 3), pack-reused 2
Unpacking objects: 100% (6/6), done.
From github.com:farrellit/ec2metadata-role-assumption
   8ef7d0c..d1d2551  master     -> origin/master
Updating 8ef7d0c..d1d2551
Fast-forward
 views/index.erb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
dfarrell@mac 2016.11.09 09:07:11 master ~/git/ec2metastub
$ make up
docker build  -t ec2metadata .
Sending build context to Docker daemon 303.6 kB
Step 1 : FROM ruby:2.1
 ---> 9857fcf705d1
Step 2 : RUN apt-get update
 ---> Using cache
 ---> 662d3280e95f
Step 3 : RUN apt-get install -y  python-pip
 ---> Using cache
 ---> 1551b299521c
Step 4 : RUN pip install --upgrade awscli
 ---> Using cache
 ---> 0e4c9441f42c
Step 5 : ADD ./Gemfile /code/Gemfile
 ---> Using cache
 ---> d522066c8de5
Step 6 : ADD ./Gemfile.lock /code/Gemfile.lock
 ---> Using cache
 ---> 083e93319af4
Step 7 : WORKDIR /code
 ---> Using cache
 ---> 94688ddbfae9
Step 8 : RUN bundle install
 ---> Using cache
 ---> b21114f7382f
Step 9 : ADD . /code
 ---> 8d324ca33075
Removing intermediate container 8169b5eacfed
Step 10 : CMD bundle exec ruby ./ec2metadata.rb
 ---> Running in e2aa08976e73
 ---> dbb5b3b83e01
Removing intermediate container e2aa08976e73
Successfully built dbb5b3b83e01
docker run -e RACK_ENV=production -it --rm -p 127.0.0.1:8009:4567 -v `ls -d ~/.aws`:/root/.aws ec2metadata
[2016-11-09 15:07:14] INFO  WEBrick 1.3.1
jolexa commented 7 years ago

Yea, it probably isn't optimized for caching as it is. On every commit, dockerhub builds the image (in my fork) so I didn't take a good look at it.

farrellit commented 7 years ago

I'm going to close this but leave it as an open invitation to move to alpine if we can get it optimized for development cycles