Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Speedup the building of Docker images #18038

Open
wants to merge 5 commits into
base: develop
Choose a base branch
from
Open

Speedup the building of Docker images #18038

wants to merge 5 commits into from
+154 −138

Conversation

sandhose
Copy link
Member

@sandhose sandhose commented Dec 18, 2024
edited
Loading

This is a split off #18033

This uses a few tricks to speed up the building of docker images:

  • This switches to use uv pip install instead of pip install. This saves a bunch of time, especially when cross-compiling
  • I then looked at what packages were not using binary wheels: I upgraded MarkupSafe to have binaries for py3.12, and got back to Python 3.12 because hiredis didn't have builds for py3.13 with the version we were using
  • The generation of the requirements.txt is arch-agnostic, so I've switched this one to run on the build architecture, so that both arch can share it
  • The download of runtime depdendencies can be done on the build architecture through manual apt-get download plus dpkg --extract
  • We were using -slim images, but still installed a bunch of -dev dependencies. Turns out, all the dev dependencies were already installed in the non-slim image, which saves a bunch of time as well

@sandhose sandhose requested a review from a team as a code owner December 18, 2024 09:32
This was referenced Dec 18, 2024
Draft
Closed
anoadragon453
anoadragon453 requested changes Dec 19, 2024
View reviewed changes
Copy link
Member

@anoadragon453 anoadragon453 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

A few very minor things, but otherwise this LGTM. This included a few tricks I wasn't aware of myself. Thanks for taking the time to go through and do this!

Needs a git revert d113209 before merge, of course.

docker/Dockerfile

ENV UV_LINK_MODE=copy
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Could you leave a comment explaining why this is useful?

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

From https://github.com/astral-sh/uv/blob/main/docs/guides/integration/docker.md#caching:

Changing the default UV_LINK_MODE silences warnings about not being able to use hard links since the cache and sync target are on separate file systems.

docker/Dockerfile Outdated
xmlsec1:${arch} \
libjemalloc2:${arch} \
libicu72:${arch} \
openssl:${arch} || exit 10; \
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why exit 10? Is the exit code returned by apt-get download in case of failure not appropriate?

docker/Dockerfile
mkdir -p /install-${arch}/var/lib/dpkg/status.d/ && \
for deb in /tmp/debs-${arch}/*.deb; do \
package_name=$(dpkg-deb -I ${deb} | awk '/^ Package: .*$/ {print $2}'); \
echo "Process: ${package_name}"; \
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
echo "Process: ${package_name}"; \
echo "Extracting: ${package_name}"; \

AndrewFerr
AndrewFerr reviewed Jan 27, 2025
View reviewed changes
docker/Dockerfile
@@ -78,38 +49,20 @@ ARG TEST_ONLY_IGNORE_POETRY_LOCKFILE
# Export the dependencies, but only if we're actually going to use the Poetry lockfile.
# Otherwise, just create an empty requirements file so that the Dockerfile can
# proceed.
RUN if [ -z "$TEST_ONLY_IGNORE_POETRY_LOCKFILE" ]; then \
/root/.local/bin/poetry export --extras all -o /synapse/requirements.txt ${TEST_ONLY_SKIP_DEP_HASH_VERIFICATION:+--without-hashes}; \
ARG POETRY_VERSION
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nitpick: set this here instead of in the global scope, since no other build stage uses it.

docker/Dockerfile

ENV UV_LINK_MODE=copy
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

From https://github.com/astral-sh/uv/blob/main/docs/guides/integration/docker.md#caching:

Changing the default UV_LINK_MODE silences warnings about not being able to use hard links since the cache and sync target are on separate file systems.

docker/Dockerfile
RUN if [ -z "$TEST_ONLY_IGNORE_POETRY_LOCKFILE" ]; then \
/root/.local/bin/poetry export --extras all -o /synapse/requirements.txt ${TEST_ONLY_SKIP_DEP_HASH_VERIFICATION:+--without-hashes}; \
ARG POETRY_VERSION
RUN --mount=type=cache,target=/root/.cache/uv \
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Should UV_LINK_MODE=copy be set here as well?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@AndrewFerr AndrewFerr AndrewFerr left review comments

@anoadragon453 anoadragon453 anoadragon453 requested changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@sandhose @anoadragon453 @AndrewFerr