From d692658de119ef511c664e323448143365465af9 Mon Sep 17 00:00:00 2001 From: Richard van der Hoff <1389908+richvdh@users.noreply.github.com> Date: Thu, 4 Aug 2022 12:59:27 +0100 Subject: [PATCH] synapse-workers docker: copy nginx and redis in from base images (#13447) Part of my continuing quest to make the docker images build quicker: copy nginx and redis in from base docker images, rather than apt installing each time. --- changelog.d/13447.misc | 1 + docker/Dockerfile-workers | 93 +++++++++++++++---------- docker/conf-workers/supervisord.conf.j2 | 2 +- 3 files changed, 60 insertions(+), 36 deletions(-) create mode 100644 changelog.d/13447.misc diff --git a/changelog.d/13447.misc b/changelog.d/13447.misc new file mode 100644 index 000000000000..ede3ee91b89d --- /dev/null +++ b/changelog.d/13447.misc @@ -0,0 +1 @@ +Improve rebuild speed for the "synapse-workers" docker image. diff --git a/docker/Dockerfile-workers b/docker/Dockerfile-workers index 84f836ff7bfc..003a1cc3bf68 100644 --- a/docker/Dockerfile-workers +++ b/docker/Dockerfile-workers @@ -1,39 +1,62 @@ # syntax=docker/dockerfile:1 -# Inherit from the official Synapse docker image -ARG SYNAPSE_VERSION=latest -FROM matrixdotorg/synapse:$SYNAPSE_VERSION - -# Install deps -RUN \ - --mount=type=cache,target=/var/cache/apt,sharing=locked \ - --mount=type=cache,target=/var/lib/apt,sharing=locked \ - apt-get update -qq && \ - DEBIAN_FRONTEND=noninteractive apt-get install -yqq --no-install-recommends \ - redis-server nginx-light - -# Install supervisord with pip instead of apt, to avoid installing a second -# copy of python. -RUN --mount=type=cache,target=/root/.cache/pip \ - pip install supervisor~=4.2 - -# Disable the default nginx sites -RUN rm /etc/nginx/sites-enabled/default -# Copy Synapse worker, nginx and supervisord configuration template files -COPY ./docker/conf-workers/* /conf/ - -# Copy a script to prefix log lines with the supervisor program name -COPY ./docker/prefix-log /usr/local/bin/ - -# Expose nginx listener port -EXPOSE 8080/tcp +ARG SYNAPSE_VERSION=latest -# A script to read environment variables and create the necessary -# files to run the desired worker configuration. Will start supervisord. -COPY ./docker/configure_workers_and_start.py /configure_workers_and_start.py -ENTRYPOINT ["/configure_workers_and_start.py"] +# first of all, we create a base image with an nginx which we can copy into the +# target image. For repeated rebuilds, this is much faster than apt installing +# each time. + +FROM debian:bullseye-slim AS deps_base + RUN \ + --mount=type=cache,target=/var/cache/apt,sharing=locked \ + --mount=type=cache,target=/var/lib/apt,sharing=locked \ + apt-get update -qq && \ + DEBIAN_FRONTEND=noninteractive apt-get install -yqq --no-install-recommends \ + redis-server nginx-light + +# Similarly, a base to copy the redis server from. +# +# The redis docker image has fewer dynamic libraries than the debian package, +# which makes it much easier to copy (but we need to make sure we use an image +# based on the same debian version as the synapse image, to make sure we get +# the expected version of libc. +FROM redis:6-bullseye AS redis_base + +# now build the final image, based on the the regular Synapse docker image +FROM matrixdotorg/synapse:$SYNAPSE_VERSION -# Replace the healthcheck with one which checks *all* the workers. The script -# is generated by configure_workers_and_start.py. -HEALTHCHECK --start-period=5s --interval=15s --timeout=5s \ - CMD /bin/sh /healthcheck.sh + # Install supervisord with pip instead of apt, to avoid installing a second + # copy of python. + RUN --mount=type=cache,target=/root/.cache/pip \ + pip install supervisor~=4.2 + RUN mkdir -p /etc/supervisor/conf.d + + # Copy over redis and nginx + COPY --from=redis_base /usr/local/bin/redis-server /usr/local/bin + + COPY --from=deps_base /usr/sbin/nginx /usr/sbin + COPY --from=deps_base /usr/share/nginx /usr/share/nginx + COPY --from=deps_base /usr/lib/nginx /usr/lib/nginx + COPY --from=deps_base /etc/nginx /etc/nginx + RUN rm /etc/nginx/sites-enabled/default + RUN mkdir /var/log/nginx /var/lib/nginx + RUN chown www-data /var/log/nginx /var/lib/nginx + + # Copy Synapse worker, nginx and supervisord configuration template files + COPY ./docker/conf-workers/* /conf/ + + # Copy a script to prefix log lines with the supervisor program name + COPY ./docker/prefix-log /usr/local/bin/ + + # Expose nginx listener port + EXPOSE 8080/tcp + + # A script to read environment variables and create the necessary + # files to run the desired worker configuration. Will start supervisord. + COPY ./docker/configure_workers_and_start.py /configure_workers_and_start.py + ENTRYPOINT ["/configure_workers_and_start.py"] + + # Replace the healthcheck with one which checks *all* the workers. The script + # is generated by configure_workers_and_start.py. + HEALTHCHECK --start-period=5s --interval=15s --timeout=5s \ + CMD /bin/sh /healthcheck.sh diff --git a/docker/conf-workers/supervisord.conf.j2 b/docker/conf-workers/supervisord.conf.j2 index 086137494efd..9f1e03cfc0a2 100644 --- a/docker/conf-workers/supervisord.conf.j2 +++ b/docker/conf-workers/supervisord.conf.j2 @@ -19,7 +19,7 @@ username=www-data autorestart=true [program:redis] -command=/usr/local/bin/prefix-log /usr/bin/redis-server /etc/redis/redis.conf --daemonize no +command=/usr/local/bin/prefix-log /usr/local/bin/redis-server priority=1 stdout_logfile=/dev/stdout stdout_logfile_maxbytes=0