Re: [PATCH] Creating a docker image with Guix
Hey! Ricardo Wurmus skribis: > From fefd4f02d003dd35bd0ab459ec2ccc9f9ad62ffa Mon Sep 17 00:00:00 2001 > From: Ricardo Wurmus > Date: Tue, 3 Jan 2017 16:20:15 +0100 > Subject: [PATCH] guix: Add Docker image export. > > * guix/docker.scm: New file. > * Makefile.am (MODULES): Register it. > * guix/scripts/archive.scm (show-help, %options, guix-archive): Add > support for "--format". > * doc/guix.texi (Invoking guix archive): Document it. I agree with the changes David suggested. Go for it! As a bonus we could test it in a shell script when the ‘docker’ command is available, and skip it otherwise. As a second bonus, Someone could write a blog entry for the web site explaining how Guix makes it super easy to create Docker images. :-) Thank you! Ludo’.
Re: [PATCH] Creating a docker image with Guix
Hi Ricardo, This is awesome! Just a couple things: 1) The amd64 architecture is hardcoded in the image. Should this instead be set to the current architecture? 2) s/configuratio/configuration/ in the docstring for 'config' in guix/docker.scm Ludovic, Ricardo, anyone else: It might be nice if in the future 'guix environment' had a flag to output the resulting profile instead of having to spawn the sub-shell and refer to $GUIX_ENVIRONMENT. Food for thought. :) LGTM (Let's Get This Merged)! - Dave
Re: [PATCH] Creating a docker image with Guix
Ludovic Courtès writes: >> --- a/doc/guix.texi >> +++ b/doc/guix.texi >> @@ -2438,6 +2438,12 @@ Read a list of store file names from the standard >> input, one per line, >> and write on the standard output the subset of these files missing from >> the store. >> >> +@item --export-docker-image=@var{directory} >> +@cindex docker, export >> +Recursively export the specified store directory as a Docker image in >> +tar archive format. The generated archive can be loaded by Docker using >> +@command{docker load}. > > Maybe “as a Docker image in tar archive format, as specified in > @uref{http://…, version 1.0 of the Foo Bar Spec}.” Okay. > I would be in favor of --format=FMT, where FMT can be one of “nar” or > “docker”. Maybe there’ll be others in the future. WDYT? Sounds good. > The paragraph that says “Archives are stored in the “normalized archive” > or “nar” format,“ should be updated. > > Also, it seems that ‘-f docker’ would always imply ’-r’, right? That’s > reasonable but would be worth mentioning. Okay. >> +(define (hexencode bv) >> + "Return the hexadecimal representation of the bytevector BV." >> + (format #f "~{~2,'0x~}" (bytevector->u8-list bv))) > > Maybe use ‘bytevector->base16-string’ from (guix utils) instead. Ah, didn’t know about this one. >> +(define spec-version "1.0") > > Please add the URL to said spec as a comment. I added a clarifying comment (because confusingly this is NOT the version of the Docker image spec). >> +;; TODO: heroically copied from guix/script/pull.scm >> +(define (temporary-directory) > > Alternatively, there’s ‘call-with-temporary-directory’ in (guix utils). > :-) Neat! >> + (and (zero? (apply system* "tar" "-cf" "layer.tar" >> + (cons "../bin" items))) >> + (delete-file "../bin" > > This reminds me we should steal this code of Mark’s sometime: > > https://github.com/spk121/guile100/blob/master/code/tar2.scm Yes, this would be nice. Attached is a new patch with all requested changes and a couple of fixes (generated images now have proper names and tags). ~~ Ricardo >From fefd4f02d003dd35bd0ab459ec2ccc9f9ad62ffa Mon Sep 17 00:00:00 2001 From: Ricardo Wurmus Date: Tue, 3 Jan 2017 16:20:15 +0100 Subject: [PATCH] guix: Add Docker image export. * guix/docker.scm: New file. * Makefile.am (MODULES): Register it. * guix/scripts/archive.scm (show-help, %options, guix-archive): Add support for "--format". * doc/guix.texi (Invoking guix archive): Document it. --- Makefile.am | 1 + doc/guix.texi| 18 +++- guix/docker.scm | 117 +++ guix/scripts/archive.scm | 14 +- 4 files changed, 148 insertions(+), 2 deletions(-) create mode 100644 guix/docker.scm diff --git a/Makefile.am b/Makefile.am index fb08a004b..4317b83a2 100644 --- a/Makefile.am +++ b/Makefile.am @@ -158,6 +158,7 @@ MODULES = \ if HAVE_GUILE_JSON MODULES += \ + guix/docker.scm \ guix/import/github.scm \ guix/import/json.scm\ guix/import/crate.scm\ diff --git a/doc/guix.texi b/doc/guix.texi index 3a9ebe8a6..93a56a2b0 100644 --- a/doc/guix.texi +++ b/doc/guix.texi @@ -2394,7 +2394,7 @@ what you should use in this case (@pxref{Invoking guix copy}). @cindex nar, archive format @cindex normalized archive (nar) -Archives are stored in the ``normalized archive'' or ``nar'' format, which is +By default archives are stored in the ``normalized archive'' or ``nar'' format, which is comparable in spirit to `tar', but with differences that make it more appropriate for our purposes. First, rather than recording all Unix metadata for each file, the nar format only mentions @@ -2410,6 +2410,9 @@ verifies the signature and rejects the import in case of an invalid signature or if the signing key is not authorized. @c FIXME: Add xref to daemon doc about signatures. +Optionally, archives can be exported as a Docker image in the tar +archive format using @code{--format=docker}. + The main options are: @table @code @@ -2438,6 +2441,19 @@ Read a list of store file names from the standard input, one per line, and write on the standard output the subset of these files missing from the store. +@item -f +@item --format=@var{FMT} +@cindex docker, export +@cindex export format +Specify the export format. Acceptable arguments are @code{nar} and +@code{docker}. The default is the nar format. When the format is +@code{docker}, recursively export the specified store directory as a +Docker image in tar archive format, as specified in +@uref{https://github.com/docker/docker/blob/master/image/spec/v1.2.md, +version 1.2.0 of the Docker Image Specification}. Using +@code{--format=docker} implies @code{--recursive}. The generated +archive can be loaded by Docker using @command{docker load}. + @item --generate-key[=@var{parameters}] @cindex signing, archives Generate a new key pair for the daemon. This is a pre
Re: [PATCH] Creating a docker image with Guix
Ricardo Wurmus skribis: > Chris Marusich writes: > >> What happens if I invoke this command while GC is trying to delete the >> specified path? > > It will do weird things, I guess. It’s best to do this inside of “guix > environment” as I demonstrated because while you’re in the environment > the temporary profile is protected from GC. But if you do “guix archive --export-docker-image=foo emacs”, then Emacs is protected from GC for the dynamic extend of ‘with-store’ in ‘guix-archive’. Also, in practice, the ‘list-runtime-roots’ helper will notice the file name in the arguments to ‘guix archive’ and will make it a GC root. So that does not introduce any difference compared to the existing behavior, I think. Ludo’.
Re: [PATCH] Creating a docker image with Guix
Howdy! Ricardo Wurmus skribis: > Ludovic Courtès writes: > >> I’m not familiar enough with Docker but I’m under the impression that we >> should be able to generate an image without even using Docker. :-) > > The attached patch adds a Docker export feature, so you can do this: > > docker load < \ > $(guix archive --export-docker-image=$(readlink -f ~/.guix-profile)) Woow, that was fast! > Then you can use “docker images” to show the available images. For some > reason Docker won’t show the name and tag “guix archive” generates, so > just take the most recently added image. Then run it, e.g. like this: > > docker run --rm -ti d1472905 /bin/emacs > > This starts the container and runs “/bin/emacs” interactively. During > export “guix archive” also links the item’s “./bin” directory to “/bin”, > so users can run commands without having to know the long store path. Awesome! > I used it successfully to build an Emacs Docker image like this: > > guix environment --ad-hoc coreutils bash emacs-no-x-toolkit > docker load < $(guix archive --export-docker-image=$GUIX_ENVIRONMENT) Be sure to let emacs-devel know. ;-) > From d600db91078f28d82324671e3d43acaddc9b9608 Mon Sep 17 00:00:00 2001 > From: Ricardo Wurmus > Date: Tue, 3 Jan 2017 16:20:15 +0100 > Subject: [PATCH] guix: Add Docker image export. > > * guix/docker.scm: New file. > * Makefile.am (MODULES): Register it. > * guix/scripts/archive.scm (show-help, %options, guix-archive): Add > support for "--export-docker-image". > * doc/guix.texi (Invoking guix archive): Document it. Looks great! > --- a/doc/guix.texi > +++ b/doc/guix.texi > @@ -2438,6 +2438,12 @@ Read a list of store file names from the standard > input, one per line, > and write on the standard output the subset of these files missing from > the store. > > +@item --export-docker-image=@var{directory} > +@cindex docker, export > +Recursively export the specified store directory as a Docker image in > +tar archive format. The generated archive can be loaded by Docker using > +@command{docker load}. Maybe “as a Docker image in tar archive format, as specified in @uref{http://…, version 1.0 of the Foo Bar Spec}.” I would be in favor of --format=FMT, where FMT can be one of “nar” or “docker”. Maybe there’ll be others in the future. WDYT? The paragraph that says “Archives are stored in the “normalized archive” or “nar” format,“ should be updated. Also, it seems that ‘-f docker’ would always imply ’-r’, right? That’s reasonable but would be worth mentioning. > +(define (hexencode bv) > + "Return the hexadecimal representation of the bytevector BV." > + (format #f "~{~2,'0x~}" (bytevector->u8-list bv))) Maybe use ‘bytevector->base16-string’ from (guix utils) instead. > +(define spec-version "1.0") Please add the URL to said spec as a comment. > +;; TODO: heroically copied from guix/script/pull.scm > +(define (temporary-directory) Alternatively, there’s ‘call-with-temporary-directory’ in (guix utils). :-) > + (and (zero? (apply system* "tar" "-cf" "layer.tar" > + (cons "../bin" items))) > + (delete-file "../bin" This reminds me we should steal this code of Mark’s sometime: https://github.com/spk121/guile100/blob/master/code/tar2.scm Thank you! Ludo’.
Re: [PATCH] Creating a docker image with Guix
Chris Marusich writes: > What happens if I invoke this command while GC is trying to delete the > specified path? It will do weird things, I guess. It’s best to do this inside of “guix environment” as I demonstrated because while you’re in the environment the temporary profile is protected from GC. >> +;; See https://github.com/opencontainers/image-spec/blob/master/config.md >> +(define (config layer time) >> + "Generate a minimal image configuratio for the given LAYER file." > > Minor typo. Oops! Thanks. -- Ricardo GPG: BCA6 89B6 3655 3801 C3C6 2150 197A 5888 235F ACAC http://elephly.net
Re: [PATCH] Creating a docker image with Guix
Ricardo Wurmus writes: > Ludovic Courtès writes: > >> I’m not familiar enough with Docker but I’m under the impression that we >> should be able to generate an image without even using Docker. :-) > > The attached patch adds a Docker export feature, so you can do this: > > docker load < \ > $(guix archive --export-docker-image=$(readlink -f ~/.guix-profile)) > > [...] > > I used it successfully to build an Emacs Docker image like this: > > guix environment --ad-hoc coreutils bash emacs-no-x-toolkit > docker load < $(guix archive --export-docker-image=$GUIX_ENVIRONMENT) Wow! That's pretty cool. If it's this easy to make a Docker image, I'm sure it'll be a good incentive for Docker users to try out Guix! What happens if I invoke this command while GC is trying to delete the specified path? > +;; See https://github.com/opencontainers/image-spec/blob/master/config.md > +(define (config layer time) > + "Generate a minimal image configuratio for the given LAYER file." Minor typo. -- Chris signature.asc Description: PGP signature