livecd-rootfs

Merge lp:~vorlon/livecd-rootfs/minimize-round-two into lp:livecd-rootfs

  1. minimize-round-two
  2. Merge into trunk
Proposed by Steve Langasek on 2017-10-19
Status: Merged
Merged at revision: 1580
Proposed branch: lp:~vorlon/livecd-rootfs/minimize-round-two
Merge into: lp:livecd-rootfs
Diff against target: 93 lines (+41/-0)
5 files modified
debian/changelog (+14/-0)
live-build/auto/build (+4/-0)
live-build/auto/config (+1/-0)
live-build/ubuntu-cpc/hooks/032-root-squashfs.binary (+1/-0)
live-build/ubuntu-cpc/hooks/999-cpc-fixes.chroot (+21/-0)
To merge this branch: bzr merge lp:~vorlon/livecd-rootfs/minimize-round-two
Reviewer Review Type Date Requested Status
Chris Glass (community) 2017-10-19 Approve on 2017-10-31
Balint Reczey lcow 2017-10-19 Approve on 2017-10-24
Canonical Foundations Team 2017-10-19 Pending
Review via email: mp+332529@code.launchpad.net

Description of the Change

Round two of minimizing our minimized cloud images. The first round removed packages from the image that were part of the minimal seed but unnecessary in the minimized target env; now we look at packages that are part of the cloud/server seed and similarly unnecessary in a non-interactive VM.

Also includes some generic improvements to image size, by removing various backup files that don't need to be retained in a brand new image.

To post a comment you must log in.
Chris Glass (tribaal) wrote :

One small comment inline.

Will run a full GKE cluster test on this.

Steve Langasek (vorlon) :
Chris Glass (tribaal) :
Chris Glass (tribaal) wrote :

Ok, so testing this branch on GKE is in a bit of a catch-22 situation right now:

- I can't test this on xenial (the gke images are xenial-only for production): it fails to build because it needs a more recent live-build (https://pastebin.canonical.com/201353/). This is a heads up when backporting the changes to xenial, too.

- I can't test this on artful either (as a non-production image to kick the tires) because linux-gke (and linux-aws, even if not so relevant) don't exist there.

- I can't test a minimized *GCE* image with trunk sauce either, it fails with https://pastebin.canonical.com/201397/ . This one could probably be solved by running "mkdir -p <mountpoint>/etc/initramfs-tools/conf.d/" (initramfs-tools obviously didn't create that folder since it was not installed). I could also change the sauce to test for minimized, if that's a better solution.

All of those failures seem to be unrelated to your changes here (that look otherwise sensible). Will investigate/try to get a run with a (at least temporary) fixed sauce tomorrow.

Steve Langasek (vorlon) wrote :

I have an artful ppa set up for minimized image testing that includes copies of the xenial linux-gke and linux-kvm packages. You should be able to test an artful minimized build of this branch using EXTRA_PPAS=canonical-foundations/hyperv-staging.

Steve Langasek (vorlon) wrote :

Also, wrt backporting, this live-build versioned dependency is already fixed up on the xenial branch to reference the proper SRU version.

Balint Reczey (rbalint) wrote :

I tested this branch and the minimized image can still be used to derive a working Hyper-V image with OpenGCS.

LGTM.

Balint Reczey (rbalint) :
review: Approve (lcow)
Chris Glass (tribaal) wrote :

Found a quirk in the xenial side here. Will fix in a branch locally and try to push through.

Chris Glass (tribaal) :
Chris Glass (tribaal) wrote :

Xenial FTB even when removing publicsuffix from the list of packages to remove:

https://pastebin.canonical.com/201731/

Please advise - I'm not sure I can test this branch on GCE/GKE as it is now.

Steve Langasek (vorlon) wrote :

On Thu, Oct 26, 2017 at 02:31:01PM -0000, Chris Glass wrote:
> Xenial FTB even when removing publicsuffix from the list of packages to remove:

> https://pastebin.canonical.com/201731/

This seems to be some sort of mis-merge.
lp:~ubuntu-core-dev/livecd-rootfs/xenial-proposed has the following in
live-build/ubuntu-cpc/hooks/032-disk-image.binary:

create_empty_partition_table() {
    apt-get install -qqy parted

    parted "$1" --script -- mklabel msdos
}

Your pastebin output clearly shows that the call to apt-get is missing:

+ create_empty_partition_table binary/boot/disk.ext4
+ parted binary/boot/disk.ext4 --script -- mklabel msdos

Some sort of local damage to your branch? Cosmic rays?

Chris Glass (tribaal) wrote :

Alright, I found where the problem was, and it wasn't this branch at all (or any branch for that matter): The update-grub postinst script noops inside containers (as reported by systemd-detect-virt), and therefore you would not see the problem running the build locally, but launchpad now isolates builds inside containers.

+1'ing this, provided publicsuffix is appropriately taken care of (see inline comments).

I will send a branch to fix the build separately.

review: Approve
Chris Glass (tribaal) wrote :

For the record:

This branch was "merged" onto the xenial-proposed livecd-rootfs branch, and with the publicsuffix package removed from the uninstalled list produced a GKE image that passed k8s cluster tests.

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1=== modified file 'debian/changelog'
2--- debian/changelog 2017-10-19 06:20:19 +0000
3+++ debian/changelog 2017-10-19 23:34:00 +0000
4@@ -1,6 +1,20 @@
5 livecd-rootfs (2.479) UNRELEASED; urgency=medium
6
7 * Purge initramfs-tools from minimized images.
8+ * Remove boot/grub leftovers from our root squashfs, left behind after
9+ grub purge.
10+ * Remove apt, debconf, dpkg cruft files from /var/cache and /var/lib in all
11+ our livefses.
12+ * Pass --cache false to lb config; otherwise we copy around caches of
13+ .debs that are never used properly, and which prevent us from emptying
14+ /var/cache/apt in images.
15+ * When building minimized cloud images, remove various packages that we
16+ don't want installed by default. Some are tools that aren't needed for
17+ non-interactive use; some are libraries whose reverse-dependencies
18+ will have already been removed; and one, open-vm-tools, should only be
19+ included in images that are targeted to VMWare (which is not the case
20+ for any of the current minimal images), rather than being included
21+ directly in the cloud-image seed.
22
23 -- Steve Langasek <steve.langasek@ubuntu.com> Fri, 13 Oct 2017 17:14:58 -0400
24
25
26=== modified file 'live-build/auto/build'
27--- live-build/auto/build 2017-10-14 03:27:07 +0000
28+++ live-build/auto/build 2017-10-19 23:34:00 +0000
29@@ -225,6 +225,10 @@
30 apt-get -y --purge autoremove"
31 fi
32
33+ # remove crufty files that shouldn't be left in an image
34+ rm -f chroot/var/cache/debconf/*-old chroot/var/lib/dpkg/*-old
35+ Chroot chroot apt clean
36+
37 if [ -f config/oem-config-preinstalled ]; then
38
39 # This is cargo-culted almost verbatim (with some syntax changes for
40
41=== modified file 'live-build/auto/config'
42--- live-build/auto/config 2017-10-10 23:57:03 +0000
43+++ live-build/auto/config 2017-10-19 23:34:00 +0000
44@@ -694,6 +694,7 @@
45 --initsystem none \
46 --bootloader "$BOOTLOADER" \
47 --initramfs-compression lzma \
48+ --cache false \
49 ${BOOTAPPEND_LIVE:+--bootappend-live "$BOOTAPPEND_LIVE"} \
50 $OPTS \
51 "$@"
52
53=== modified file 'live-build/ubuntu-cpc/hooks/032-root-squashfs.binary'
54--- live-build/ubuntu-cpc/hooks/032-root-squashfs.binary 2017-09-13 18:31:12 +0000
55+++ live-build/ubuntu-cpc/hooks/032-root-squashfs.binary 2017-10-19 23:34:00 +0000
56@@ -31,6 +31,7 @@
57 env DEBIAN_FRONTEND=noninteractive chroot binary/boot/squashfs.dir apt-get --purge remove --assume-yes '^linux-.*' 'linux-base+'
58 env DEBIAN_FRONTEND=noninteractive chroot binary/boot/squashfs.dir apt-get --purge remove --assume-yes '^grub-.*'
59 env DEBIAN_FRONTEND=noninteractive chroot binary/boot/squashfs.dir apt-get autoremove --purge --assume-yes
60+rm -rf binary/boot/squashfs.dir/boot/grub
61 chroot binary/boot/squashfs.dir mkdir /lib/modules
62
63 chroot binary/boot/squashfs.dir rm /usr/sbin/grub-probe
64
65=== modified file 'live-build/ubuntu-cpc/hooks/999-cpc-fixes.chroot'
66--- live-build/ubuntu-cpc/hooks/999-cpc-fixes.chroot 2017-10-10 23:57:03 +0000
67+++ live-build/ubuntu-cpc/hooks/999-cpc-fixes.chroot 2017-10-19 23:34:00 +0000
68@@ -136,6 +136,27 @@
69 rm "${rootd}/boot/initrd.img"
70 fi
71
72+if [ "${SUBPROJECT:-}" = minimized ]; then
73+ # Remove various packages that we don't want in the minimized images.
74+ # Some of these are tools that don't make sense by default
75+ # non-interactively; some are libraries whose reverse-dependencies
76+ # will have already been removed; open-vm-tools, it's a bug that this
77+ # is in the common cloud seed because this should only be included
78+ # in VMWare guest images, and we know none of the minimized images
79+ # are targeted at VMWare.
80+ _xchroot "${rootd}" env DEBIAN_FRONTEND=noninteractive \
81+ apt-mark auto '^lib.*' '^python*' vim-runtime 2>/dev/null
82+ # FIXME: iso-codes is a dep of software-properties and shouldn't be
83+ _xchroot "${rootd}" env DEBIAN_FRONTEND=noninteractive \
84+ apt-get -y autoremove --purge iso-codes xauth pastebinit \
85+ plymouth open-vm-tools git shared-mime-info vim vim-common \
86+ console-setup ncurses-term tmux screen policykit-1 \
87+ xdg-user-dirs less publicsuffix run-one apport-symptoms \
88+ ubuntu-cloudimage-keyring file
89+
90+ _xchroot "${rootd}" apt clean
91+fi
92+
93 #### END COMMON ARCH FUNCTIONS
94
95

Subscribers

People subscribed via source and target branches