Development: docker (and podman) #356
Conversation
(duplicate with branch `variograms`)
|
Site tested and ready for review. Thank you in advance! |
While reviewing #356, the instructions of the PR template for reviewing seem to no longer work to render the site from the GHA artifact. With these changes, it seems to work again though, using python -m http.server 8887
There was a problem hiding this comment.
Thanks for this guided tour! We can discuss some things live further. Some of my comments are an example and apply to more places.
Some questions.
Images are stored in different places between Docker and Podman:
$ podman images
REPOSITORY TAG IMAGE ID CREATED SIZE
docker.io/library/alpine latest b0c9d60fc5e3 4 weeks ago 8.13 MB
$
$ docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
test-mne latest b711361627aa 2 days ago 5.47GB
nginx latest 97662d24417b 4 days ago 192MB
rocker/tidyverse latest 0a2c0d551856 3 weeks ago 2.73GB
alpine latest a606584aa9aa 7 months ago 7.8MB
geopython/geopython-workshop latest ed98940df343 20 months ago 1.05GB
ubuntu latest 99284ca6cea0 20 months ago 77.8MB
hello-world latest d2c94e258dcb 21 months ago 13.3kBIs it possible to let Podman run a container I installed or built with Docker in this setting?
Also, I'm hesitant to log into RStudio Server as root (Podman case): how should we look at this? What are the permissions of the rstudio user (Docker case)?
There was a problem hiding this comment.
Is there a reason why the figures are not in a subdirectory of the tutorial directory? (Cf other tutorials)
There was a problem hiding this comment.
Yes!
On all the other tutorials I saw, the images are generated by running the Rmd main file.
It makes nostalgic sense to keep them with the tutorial, but in fact they are subject to version control and change upon every re-render.
The images for this tutorial are screenshots, i.e. static images. In a hugo context, these are best stored in the static folder.
Both is possible. I would follow the opinion of the website maintainers (@damianooldoni ?)
Thank you for the thorough review! I will go through your comments and adjust.
I have not looked this up, but the chance is low. Pods work technically different from docker containers, and once you build or pull one, it is converted into a container of the respective system.
so you can transfer the recipe's, not the outcome.
The difference, as I understand it, is that a container with the unprivileged container user in the Docker case still requires privileged execution on the host system. To me, this brings the risk of privilege escalation in case of breakout to the root. I will double-check and try. |
highlights: - general language and consistency - container permanence (`--rm`) - confusion with version control and virtual envs - rootless docker
(another self re-read) - slightly adjusted title - date and tags updated - wording / minor changes - an image of a tiny home - mentioned user permissions
There was a problem hiding this comment.
@falkmielke I added some small comments for your latest changes.
The tutorial has considerable length compared to the average INBO tutorial. Perhaps you could consider splitting the tutorial into two or three tutorials (or an 'article' referring one or two tutorials, as here). It's just a thought, I'm not sure how well it would work here.
(I feel clumsy.)
|
Voila. Not one, not two, but four tutorials. Thank you for another round of review @florisvdh @ThierryO ! |
curly brackets did not go well with the hugo update #359
Description
This tutorial summarizes initial steps in creating docker images.
Matter of fact, it is just an assembly of components and tutorials which I found helpful for applying docker in an INBO-environment.
Task list
tutorials/contentindex.md. In case of an Rmarkdown tutorial I have knitted myindex.Rmdtoindex.md(both files are pushed to the repo).tagsin the YAML header (see the tags listed in the tutorials website side bar for tags that have been used before)categoriesto the YAML header and my category tags are from the list of category tagsstaticfolder.