Wikimedia Release Engineering Team/Deployment pipeline/2017-06-06
Appearance
2017-06-06
[edit]Who's here:
Last Time
[edit]- 2017-05-30
- Talked about base-containers -- nodejs + python
- Talked a bit about minikube + blubber
Next Time, Last Time
[edit]- giuseppe
- build various nodejs base layers for docker
- play with istio.io (lyft) to expose services to one another
- uses pki to tls encrypt communication between services
- thcipriani: Â Done ci-docker-staging registry for blubber to destroy
- marko: configuration inside of and communication between containers
- dan: config merging issue for blubber
- https://phabricator.wikimedia.org/T166353
- minkube/k8s config generation work begins
Topics
[edit]- giuseppe looked at building base-images with blubber
- blubber in go might slow us down (unfamiliar with the language)
- the docker security problem: base image gets security patch, rolling updates to images
- Need some tree representation of the images?
- yes, the base idea is to have a service we can ask "which images contain 'sudo'", and what is the dependency tree? And use the result for automatic rebuilding of all the related images.
- TODO create blubber workboard
- Â Done https://phabricator.wikimedia.org/project/view/2812/
- tracked via https://phabricator.wikimedia.org/tag/release_pipeline/
- Blubber is in Differential https://phabricator.wikimedia.org/source/blubber/
- Services wants to think about tooling for local development
- Marko + Dan to schedule meeting this week
- talked with greg-g about coordinating next-quarter work on SSD (this stuff) just join this meeting?
- services making progress on local dev env
- https://github.com/wikimedia/mediawiki-containers/compare/master...gwicke:k8s_services
- Next steps tooling to build configuration
Next Time
[edit]- Jenkins job that uses blobber to push image to the Docker registry
- dan/giuseppe to coordinate on blubber for base images
- base project type that makes decisions for them
- moar abstraction for developers
- standardize as much as possible in a base image provided to developers
- intent is to minimize amount of changes devs would have to add