Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

etcd images: aspect of licensing/busybox #15034

Closed
ptabor opened this issue Dec 21, 2022 · 1 comment
Closed

etcd images: aspect of licensing/busybox #15034

ptabor opened this issue Dec 21, 2022 · 1 comment
Labels
type/feature

Comments

@ptabor
Copy link
Contributor

ptabor commented Dec 21, 2022

What would you like to be added?

Follow up to #13556

Currently we generate images based on:

FROM --platform=linux/s390x busybox:1.34.1 as source
FROM --platform=linux/s390x gcr.io/distroless/base-debian11
...
RUN mkdir -p /var/etcd/
RUN mkdir -p /var/lib/etcd/
...
RUN echo 'hosts: files mdns4_minimal [NOTFOUND=return] dns mdns4' >> /etc/nsswitch.conf

CMD ["/usr/local/bin/etcd"]

Seems that:

  1. We can use https://docs.docker.com/engine/reference/builder/#workdir to get rid of MKDIR
  2. We can copy the /etc/nsswitch.conf to avoid need for echo and bash redirect syntax (>>)
  3. I don't see other reasons to keep /bin/sh
  4. As etcd is statically compiled, we might not need base-debian11 image at all

Why is this needed?

To isolate from security and licensing problems.
@ptabor ptabor changed the title etcd images: espect of licensing/busybox etcd images: aspect of licensing/busybox Dec 22, 2022
This was referenced Dec 23, 2022
Merged
Merged
Merged
Merged
@ahrtr
Copy link
Member

ahrtr commented Dec 23, 2022

Done.

@ahrtr ahrtr closed this as completed Dec 23, 2022
@ahrtr ahrtr mentioned this issue Jan 23, 2023
Closed
@dctrwatson dctrwatson mentioned this issue Feb 15, 2023
Closed
2 tasks
@serathius serathius mentioned this issue Mar 17, 2023
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
type/feature
Milestone
No milestone
Development

No branches or pull requests
2 participants
@ptabor @ahrtr