| 1 |
On 2019-12-10 13:44, Rich Freeman wrote: |
| 2 |
> I'm not talking about container-host mapping. I'm talking about |
| 3 |
> building the same container 100 times and having the container end up |
| 4 |
> with the same UIDs inside each time. |
| 5 |
> |
| 6 |
> Build order in portage isn't really deterministic, especially over |
| 7 |
> long periods of time, so you can't rely on stuff getting installed in |
| 8 |
> the same order. |
| 9 |
|
| 10 |
While I agree that portage doesn't guarantee you |
| 11 |
deterministic/reproducible builds, in practice this isn't a problem: |
| 12 |
|
| 13 |
Assume you are building a container for dev-db/mysql. I can only think |
| 14 |
of one scenario where you would end up with different UIDs: That's when |
| 15 |
dev-db/mysql (or a dependency) would suddenly create an own user and |
| 16 |
will be merged before mysql's user was created. |
| 17 |
|
| 18 |
But this is very theoretically. Especially in a container world, you |
| 19 |
will create one container per services so it's *very* unlikely that |
| 20 |
something like that will ever happen. Not? |
| 21 |
|
| 22 |
Aside benefits from reproducible builds in general (which Gentoo doesn't |
| 23 |
provide), please share reasons why one would care about used UIDs/GIDs |
| 24 |
in containers... |
| 25 |
|
| 26 |
|
| 27 |
> Uh, the container processes shouldn't even see the host |
| 28 |
> processes/files whether they have the same UIDs or not... |
| 29 |
|
| 30 |
Especially when you put mysql or any other service using data into a |
| 31 |
container, service running in that container must be able to access this |
| 32 |
data. And one common way to do that is allowing container to access data |
| 33 |
stored on host, i.e. |
| 34 |
|
| 35 |
> $ docker run \ |
| 36 |
> --name some-mysql \ |
| 37 |
> -v /my/own/datadir:/var/lib/mysql \ |
| 38 |
> -e MYSQL_ROOT_PASSWORD=my-secret-pw \ |
| 39 |
> -d mysql:tag |
| 40 |
|
| 41 |
which will make /my/own/datadir from host available in container as |
| 42 |
/var/lib/mysql. |
| 43 |
|
| 44 |
|
| 45 |
-- |
| 46 |
Regards, |
| 47 |
Thomas Deutschmann / Gentoo Linux Developer |
| 48 |
C4DD 695F A713 8F24 2AA1 5638 5849 7EE5 1D5D 74A5 |
Archives