AstraLinux human docker images

We use docker and kubernetes in 100% of recent projects, so when we encountered the “special” way of using AstraLinux base docker images, we decided to make life easier for ourselves and other developers.

Too lazy to read further, then the images are here https://hub.docker.com/r/ipodsekin/astralinux.

And who are interested in the details, welcome under cat.

“special” way

The AstraLinux developer provides ready-made docker images that you can use in your projects.

To do this, you can go to the site https://vault.astralinux.ru/images/find the distribution you are interested in, download it as… tar archive and upload to your Docker Host. This is done with the command:

cat alse-slim-1.7.1-docker-mg7.0.0.tar| docker import - alse/alse1.7.1

I guess this is different from what developers are used to, just specifying the name of the docker image in the Dockerfile:

FROM ubuntu:22.04
...

Manipulations with tar archives complicate CI/CD, force the creation of intermediate Docker Registries, and also make automatic updating of base images not obvious.

And when we develop very simple images, we simply indicate automatic assembly on docker.com: Docker Hub downloads the sources itself, builds the image, checks for vulnerabilities, and then sends a webhook after it. It is clear that tar archives are going by.

Way of the Samurai

We have developed a script https://gitlab.com/cloudlab_en/astralinux, which allows you to download docker image tarballs and publish them to Docker Hub. The most obvious solution was to create a bash file with nailed links, but then one would have to visit the site, check for a new or updated image (with the same tag), manually update the bash file, and so on. This path is also “special”.

A one-line parser was written that pulled out the names of SHA hashes of images.

Then, we loop through the links, download the SHA file and check that we did not have an image with the same SHA hash before. At the same time, the tar file itself is not checked for SHA, we believe that the developer is doing everything right. So, if we didn’t have such a file, then we download the archive, import it into the local Docker Host, and then upload the name of me to the Docker Hub https://hub.docker.com/r/ipodsekin/astralinux.

After that, we can already freely download the image

docker pull ipodsekin/astralinux:astralinux:orel-slim-2.12.45-mg7.1.0

or use it as base in your Dockerfile:

FROM ipodsekin/astralinux:orel-slim-2.12.45-mg7.1.0
...

Our script runs once a day and uploads updates to Docker Hub.

Examination

Create a test image with curl:

FROM ipodsekin/astralinux:orel-slim-2.12.45-mg7.1.0
RUN apt-get update && apt-get install curl -y

Collecting it:

docker build . -t astralinuxtest

We start the container and go into it:

docker run -it astralinuxtest /bin/sh

First of all, we check which image we have raised:

# uname -a
Linux dd6a033a7f5e 5.15.0-48-generic #54~20.04.1-Ubuntu SMP Thu Sep 1 16:17:26 UTC 2022 x86_64 GNU/Linux

Ubuntu… Oops…

We killed 10 minutes of time for rechecking, but, no, that’s right, this is Ubuntu, but AstraLinux. We can verify this by reading the version of AstraLinux:

# cat /etc/astra_version                   
CE 2.12.45 (orel)

Well, for the sake of form, you can test curl inside:

curl https://www.google.com/
<!doctype html><html itemscope="" itemtype="http://schema.org/WebPage" lang...
...

The image works, you can use it.

We spent approximately two hours creating the script and writing this article. It will be great if the OS developer follows our example and lays out the official images in a convenient way.

Similar Posts

Leave a Reply

Your email address will not be published. Required fields are marked *