On 24/02/2023 6:12 pm, Anthony PERARD wrote: > On Fri, Feb 24, 2023 at 05:37:44PM +0000, Andrew Cooper wrote: >> On 24/02/2023 5:29 pm, Anthony PERARD wrote: >>> Patch series available in this git branch: >>> https://xenbits.xen.org/git-http/people/aperard/xen-unstable.git >>> br.gitlab-containers-update-v3 >>> >>> v3: >>> - new patch which remove non-debug x86_32 builds >>> - don't fix root certificates in jessie containers as those won't be used >>> anymore on the main branch. >>> >>> v2: >>> - Remove CentOS 7.2 >>> - Remove Debian Jessie test, but update container recipe for the benefit of >>> older branches. >>> - Fix CentOS 7 containner recipe to update all packages. (Fix missing >>> update of >>> HTTPS root certificates) >>> >>> There is work in progress [1] to update urls in our repo to use https, but >>> those https urls to xenbits don't work in our containers, due to an expired >>> root certificate. So we need to update those containers. >>> >>> This series update the dockerfile where just rebuilding the container isn't >>> enough. >> LGTM. >> >> Acked-by: Andrew Cooper <andrew.coop...@citrix.com> >> >> I'll add this to my commit sweep, and rebuild the remaining containers. >> >> But on that note, I noticed that the debian unstable container was 2.3G >> when I last rebuilt it. Which I think is obscenely large for what we're >> doing. >> >> Can we see about switching to slim/tiny container bases? > I don't think that would help much, the non-slim container is only 116MB > vs 74.6MB
That's 64% smaller to start with... > for the slim (amd64 containers). But maybe we could try to use > "--no-install-recommends", that might save a few bytes in our containers. Oh wow - yeah. For buster-gcc-ibt (which is already slim), we're getting: Suggested packages: binutils-doc bison-doc bzip2-doc cpp-doc gcc-8-locales dbus-user-session libpam-systemd pinentry-gnome3 tor debian-keyring flex-doc g++-multilib g++-8-multilib gcc-8-doc libstdc++6-8-dbg autoconf automake libtool gdb gcc-doc libgcc1-dbg libgomp1-dbg libitm1-dbg libatomic1-dbg libasan5-dbg liblsan0-dbg libtsan0-dbg libubsan1-dbg libmpx2-dbg libquadmath0-dbg parcimonie xloadimage scdaemon glibc-doc sensible-utils git bzr gdbm-l10n gmp-doc libgmp10-doc libmpfr-doc libsasl2-modules-gssapi-mit | libsasl2-modules-gssapi-heimdal libsasl2-modules-ldap libsasl2-modules-otp libsasl2-modules-sql libstdc++-8-doc m4-doc make-doc man-browser ed diffutils-doc perl-doc libterm-readline-gnu-perl | libterm-readline-perl-perl libb-debug-perl liblocale-codes-perl pinentry-doc readline-doc which is a whole bunch of junk we absolutely do not need. ~Andrew
