Uploaded image for project: 'Request For Comments'
  1. Request For Comments
  2. RFC-805

Rebuild the OS-level base container periodically

    XMLWordPrintable

    Details

    • Type: RFC
    • Status: Implemented
    • Resolution: Done
    • Component/s: DM
    • Labels:
      None

      Description

      Fabio Hernandez asked when we update the operating system in our distributed containers (lsstsqre/centos-7-stack-lsst_distrib and therefore nublado derived from it). Nominally, according to the Dev Guide we aim to update within 6 months of CentOS minor releases. But we are currently 2 minor releases behind.

      The OS-level base container is built from the official centos:7 container as-is, without doing yum update at any point. This container is then used to create a lsst-newinstall container containing rubin-env, with updates to the latter occurring either when lsst/lsst is modified or when manually triggered. The newinstall container then becomes the base for installing Science Pipelines tarballs using eups distrib.

      Note that updating the OS base container more frequently or doing a yum update at a higher level in the chain would increase the storage required, as layers could no longer be shared between containers.

      Option 0 is to maintain the status quo, updating the OS base only when someone complains or remembers.

      Option 1 is to more carefully monitor CentOS releases and plan to manually rebuild the OS base container within 6 months, as stated in the Dev Guide.

      Option 2 is to automatically rebuild the OS base container periodically, perhaps once a quarter.

      Option 3 is to not rebuild the base container but instead do yum update in the newinstall container or even in the stack-lsst_distrib container.

      I think the DM-CCB needs to discuss the trade-offs between these.

      In any case, it would seem that we should have a "bleed build" that uses the latest OS as well as rubin-env to discover problems before they occur in the development builds and releases.

        Attachments

          Issue Links

            Activity

            Hide
            tjenness Tim Jenness added a comment -

            After discussion at CCB the outcome is that we would like to link updating of the OS to a pipelines release. The idea being to update a week or so after the formal release.

            Show
            tjenness Tim Jenness added a comment - After discussion at CCB the outcome is that we would like to link updating of the OS to a pipelines release. The idea being to update a week or so after the formal release.
            Hide
            tjenness Tim Jenness added a comment -

            I'm fine with option 2.

            Show
            tjenness Tim Jenness added a comment - I'm fine with option 2.
            Hide
            ktl Kian-Tat Lim added a comment -

            Requires DM-CCB discussion.

            Show
            ktl Kian-Tat Lim added a comment - Requires DM-CCB discussion.

              People

              Assignee:
              ktl Kian-Tat Lim
              Reporter:
              ktl Kian-Tat Lim
              Watchers:
              Colin Slater, Jim Bosch, Kian-Tat Lim, Leanne Guy, Michelle Butler [X] (Inactive), Tim Jenness, Wil O'Mullane, Yusra AlSayyad
              Votes:
              0 Vote for this issue
              Watchers:
              8 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved:
                Planned End:

                  Jenkins

                  No builds found.