Project

General

Profile

Actions
Copy link

Story #13794

open

Build Docker images without requiring Docker on client

Added by Peter Amstutz almost 6 years ago. Updated over 1 year ago.

Status:
New
Priority:
Normal
Assigned To:
-
Category:
-
Target version:
-
Start date:
Due date:
% Done:

0%

Estimated time:
Story points:
-
Release:
Postponed
Release relationship:
Auto

Description

See Build docker images as part of a workflow

Web-only users do not have access to Docker on the client (in addition, some shell users don't have access to Docker for security reasons, for example visitors to cloud.curoverse.com). Ther should be a mechanism to submit a request to build a Docker image for use in Arvados.

Possible solutions:

Unprivileged build inside a normal container request

For building images, here is a blog post which outlines how to do it with nested unprivileged containers, which is described as an "epic yak shave".

This seems like it would require quite a lot of tooling development.

Special container request

Special format container request recognized by crunch-run which executes "docker build" (instead of docker run) and produces the image collection as output.

Dedicated docker builder service

New microservice with API to request "build image".

Use external build service

For example, quay.io, then pull the resulting image (#11724). Requires integrating with external service(s) so would be harder to fully automate compared to Arvados-based solutions.

Related issues

Related to Arvados Epics - Story #16447: Improve container image handlingIn Progress11/01/202205/31/2023

Actions
Related to Arvados - Story #11724: Pull Docker images without requiring Docker on clientResolvedTom Clegg12/06/2022

Actions
Blocked by Arvados - Story #19846: Use collection properties instead of links to tag docker imagesNewTom Clegg01/18/2023

Actions
Actions
Copy link
 #1

Updated by Peter Amstutz almost 6 years ago

  • Status changed from New to In Progress
Actions
Copy link
 #2

Updated by Peter Amstutz almost 6 years ago

  • Description updated (diff)
  • Status changed from In Progress to New
Actions
Copy link
 #3

Updated by Peter Amstutz almost 6 years ago

  • Related to Story #11724: Pull Docker images without requiring Docker on client added
Actions
Copy link
 #4

Updated by Peter Amstutz almost 6 years ago

  • Tracker changed from Bug to Feature
Actions
Copy link
 #5

Updated by Peter Amstutz almost 6 years ago

  • Tracker changed from Feature to Story
Actions
Copy link
 #6

Updated by Peter Amstutz almost 3 years ago

  • Target version deleted (To Be Groomed)
Actions
Copy link
 #7

Updated by Peter Amstutz over 1 year ago

  • Related to Story #16447: Improve container image handling added
Actions
Copy link
 #8

Updated by Tom Clegg over 1 year ago

  • Related to deleted (Story #11724: Pull Docker images without requiring Docker on client)
Actions
Copy link
 #9

Updated by Tom Clegg over 1 year ago

  • Is duplicate of Story #11724: Pull Docker images without requiring Docker on client added
Actions
Copy link
 #10

Updated by Tom Clegg over 1 year ago

  • Is duplicate of deleted (Story #11724: Pull Docker images without requiring Docker on client)
Actions
Copy link
 #11

Updated by Tom Clegg over 1 year ago

  • Related to Story #11724: Pull Docker images without requiring Docker on client added
Actions
Copy link
 #12

Updated by Tom Clegg over 1 year ago

  • Description updated (diff)
Actions
Copy link
 #13

Updated by Tom Clegg over 1 year ago

  • Blocked by Story #19846: Use collection properties instead of links to tag docker images added
Actions
Copy link
 #14

Updated by Lucas Di Pentima over 1 year ago

  • Release set to 60
Actions
Copy link

Also available in: Atom PDF