[Koha-devel] Minimal docker images for Koha

Kyle Hall kyle.m.hall at gmail.com
Tue Feb 18 12:45:31 CET 2020 

One other question, how does this handle scripts that Koha specifically
does not execute using plack?

Kyle

---
http://www.kylehall.info
ByWater Solutions ( http://bywatersolutions.com )
Meadville Public Library ( http://www.meadvillelibrary.org )
Crawford County Federated Library System ( http://www.ccfls.org )


On Tue, Feb 18, 2020 at 6:43 AM Kyle Hall <kyle.m.hall at gmail.com> wrote:

> This is fantastic Julian! The only thing I can contribute that hasn't
> already been said by you or David is to suggest taking a look at MiniDeb as
> a base image ( https://github.com/bitnami/minideb ). I would also suggest
> using quay.io to build and host your Docker images, as it has built in
> security scanning. I prefer minimal install images not for size reduction (
> though it is nice ), but for the smaller attack surface they provide. Fewer
> things installed means fewer exploits available!
>
> Kyle
>
> ---
> http://www.kylehall.info
> ByWater Solutions ( http://bywatersolutions.com )
> Meadville Public Library ( http://www.meadvillelibrary.org )
> Crawford County Federated Library System ( http://www.ccfls.org )
>
>
> On Mon, Feb 17, 2020 at 12:59 PM Julian Maurice <
> julian.maurice at biblibre.com> wrote:
>
>> Hi all,
>>
>> I've been playing with docker lately, and I tried to build a minimal
>> docker image for Koha. Here are the results.
>>
>> My goals were:
>> * Install only required "things" to get Koha up and running, and nothing
>> else (no testing or dev tools),
>> * No external dependencies except CPAN
>> * Follow Docker best practices as much as possible
>>
>> The resulting images are here:
>>    https://hub.docker.com/repository/docker/julianmaurice/koha
>>
>> and the Dockerfiles are here:
>>    https://github.com/jajm/koha-docker
>>
>> A few things worth mentioning:
>>
>> * I tried to build the smallest image possible by using alpine or perl
>> slim images at first but it was not that great, because the perl version
>> shipped with those images is missing some libs, which cause
>> MARC::Charset to build a database of several hundreds MBs (which is only
>> 5MBs with a standard perl version). So I chose a more standard image
>> (debian:buster) as base.
>>
>> * Koha doesn't work well when running with a perl version different than
>> the system perl installed in /usr/bin/perl. For example, the
>> updatedatabase doesn't work when called from the web installer. This is
>> because Perl scripts are called directly as executable files, and
>> shebangs contain '/usr/bin/perl'. Same problem from
>> misc/translator/translate which calls tmpl_process3.pl.
>>
>> * I tried to make the Koha installation as self-contained as possible.
>> Almost everything is installed as a non-root user in /home/koha,
>> including Perl dependencies.
>>
>> * It doesn't need a reverse proxy such as apache or nginx. The necessary
>> URL rewriting is handled in PSGI file. The container expose two ports,
>> one for intranet, the other one for OPAC.
>>
>> * Each Perl dependency is installed in its latest version, so expect
>> things to break. I can only confirm that the webinstaller, basic
>> cataloguing and search/indexation work. I did not test anything else.
>>
>> * There are docker-compose.yml files in the github repository to get
>> Koha running quickly with mariadb, memcached and elasticsearch.
>>
>> * Zebra is not installed
>>
>> * Images weigh ~1.15GB uncompressed (koha sources included)
>>
>> If you made it this far, thanks for reading :)
>> And if you want to use these docker images, you should start by reading
>> https://github.com/jajm/koha-docker/blob/master/README.md
>>
>> --
>> Julian Maurice
>> BibLibre
>> _______________________________________________
>> Koha-devel mailing list
>> Koha-devel at lists.koha-community.org
>> https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-devel
>> website : http://www.koha-community.org/
>> git : http://git.koha-community.org/
>> bugs : http://bugs.koha-community.org/
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.koha-community.org/pipermail/koha-devel/attachments/20200218/105aa4d2/attachment.html>

More information about the Koha-devel mailing list