On Fri, Aug 21, 2015 at 10:38:31PM -0700, Tianon Gravi wrote:
> > The message itself comes (or at least should) in response to
> > Dir::Cache::pkgcache and Dir::Cache::srcpkgcache being empty and if
> > the cache is forbidden to be build entirely in memory – which is the
> > case for apt running as root for, well, reasons. I guess we should
> > drop this, even through keeping everything in memory can be very slow…
>
> I'm not opposed to changing/removing that config (or adding more config
> as appropriate), but I would note that this is documented in
> apt.conf(5):
(reopened, see other mail)
> | RUN apt-get update && apt-get install -y some-packages && rm -rf /var/lib/apt/lists/*
[…]
> | A /bin/busybox
> | A /usr/share/man/man1/busybox.1.gz
> | A /usr/share/doc/busybox-static/changelog.Debian.gz
> | ...
> | A /usr/share/doc/busybox-static/syslog.conf.txt
> | A /usr/share/initramfs-tools/hooks/zz-busybox
> | C /var/lib/dpkg/status-old
> | C /var/lib/dpkg/triggers
> | C /var/lib/dpkg/triggers/Lock
> | C /var/lib/dpkg/info
> | A /var/lib/dpkg/info/busybox-static.list
> | A /var/lib/dpkg/info/busybox-static.md5sums
> | C /var/lib/dpkg/status
> | C /var/lib/dpkg/lock
> | A /var/lib/apt/extended_states
> | A /var/lib/apt/lists/httpredir.debian.org_debian_dists_sid_InRelease
> | A /var/lib/apt/lists/httpredir.debian.org_debian_dists_sid_main_binary-amd64_Packages.gz
> | A /var/lib/apt/lists/lock
> | A /var/log/apt/history.log
> | A /var/log/apt/term.log
> | C /var/log/dpkg.log
Given that you remove /var/lib/apt/lists I wonder how files still
ending up there…
> If there's a better way to accomplish this, I'm very interested, because
> I'm not particularly happy about hard-coding so much APT internal
> knowledge (especially since the "/var/lib/apt/lists" bit there gets
> encoded in actual "end-user" Dockerfiles, not just baked into the base
> image).
>
> The full source of all configuration modifications is in the script that
> builds the images:
>
> https://github.com/docker/docker/blob/5fd15da7daad56c07842ecda082e9c5d0e6ff620/contrib/mkimage/debootstrap#L36-L152
A few random comments as I have practically no idea about docker and/or
what images produced with it intended to solve:
* running dpkg (or apt which calls dpkg) in eatmydata is better than
--unsafe-io as the flag still does some 'slow' io operations.
* Since 1.0.9.2 the GzipIndexes option applies to all compression
algorithms, not just gz – which was on request from Paul for stuff
like docker, so I am mindly suprised it isn't used yet. On the other
hand, if you remove /var/lib/apt/lists anyhow it doesn't really
matter…
* If you wanna cleanup that much, how about setting lists and archives
directory to be on something like /tmp, assuming this is cleaned up
automatically of course.
* You could at least drop the logs from apt in the same place for
cleanup assuming your usecase is allowing it.
* Also, for maximum cleanup try --path-{exclude,include} options for
dpkg, but that is super-dependent on usecase of course.
Best regards
David Kalnischkies
Attachment:
signature.asc
Description: Digital signature