From 2dd7e91b08cd03f24ac0387e132cebf7b3840c04 Mon Sep 17 00:00:00 2001 From: Richard van der Hoff Date: Wed, 3 Aug 2022 15:52:18 +0100 Subject: [PATCH 1/5] Copy nginx and redis from docker images --- docker/Dockerfile-workers | 35 +++++++++++++++++++++++++++++------ 1 file changed, 29 insertions(+), 6 deletions(-) diff --git a/docker/Dockerfile-workers b/docker/Dockerfile-workers index 84f836ff7bfc..826bd3652e38 100644 --- a/docker/Dockerfile-workers +++ b/docker/Dockerfile-workers @@ -1,9 +1,12 @@ # syntax=docker/dockerfile:1 -# Inherit from the official Synapse docker image + ARG SYNAPSE_VERSION=latest -FROM matrixdotorg/synapse:$SYNAPSE_VERSION -# Install deps +# first of all, we create a base image with an nginx which we can copy into the +# target image. For repeated rebuilds, this is much faster than apt installing +# each time. + +FROM debian:bullseye-slim AS deps_base RUN \ --mount=type=cache,target=/var/cache/apt,sharing=locked \ --mount=type=cache,target=/var/lib/apt,sharing=locked \ @@ -11,13 +14,33 @@ RUN \ DEBIAN_FRONTEND=noninteractive apt-get install -yqq --no-install-recommends \ redis-server nginx-light +# Similarly, a base to copy the redis server from. +# +# The redis docker image has fewer dynamic libraries than the debian package, +# which makes it much easier to copy (but we need to make sure we use an image +# based on the same debian version as the synapse image, to make sure we get +# the expected version of libc. +FROM redis:6-bullseye AS redis_base + +# now build the final image, based on the the regular Synapse docker image +FROM matrixdotorg/synapse:$SYNAPSE_VERSION + # Install supervisord with pip instead of apt, to avoid installing a second # copy of python. RUN --mount=type=cache,target=/root/.cache/pip \ pip install supervisor~=4.2 - -# Disable the default nginx sites -RUN rm /etc/nginx/sites-enabled/default +RUN mkdir -p /etc/supervisor/conf.d + + # Copy over redis and nginx + COPY --from=redis_base /usr/local/bin/redis-server /usr/local/bin + + COPY --from=deps_base /usr/sbin/nginx /usr/sbin + COPY --from=deps_base /usr/share/nginx /usr/share/nginx + COPY --from=deps_base /usr/lib/nginx /usr/lib/nginx + COPY --from=deps_base /etc/nginx /etc/nginx + RUN rm /etc/nginx/sites-enabled/default + RUN mkdir /var/log/nginx /var/lib/nginx + RUN chown www-data /var/log/nginx /var/lib/nginx # Copy Synapse worker, nginx and supervisord configuration template files COPY ./docker/conf-workers/* /conf/ From 846afa49ed063a26bda1a4a9c4a02a85f207100c Mon Sep 17 00:00:00 2001 From: Richard van der Hoff Date: Wed, 3 Aug 2022 15:54:11 +0100 Subject: [PATCH 2/5] fix indentation --- docker/Dockerfile-workers | 50 +++++++++++++++++++-------------------- 1 file changed, 25 insertions(+), 25 deletions(-) diff --git a/docker/Dockerfile-workers b/docker/Dockerfile-workers index 826bd3652e38..003a1cc3bf68 100644 --- a/docker/Dockerfile-workers +++ b/docker/Dockerfile-workers @@ -7,12 +7,12 @@ ARG SYNAPSE_VERSION=latest # each time. FROM debian:bullseye-slim AS deps_base -RUN \ - --mount=type=cache,target=/var/cache/apt,sharing=locked \ - --mount=type=cache,target=/var/lib/apt,sharing=locked \ - apt-get update -qq && \ - DEBIAN_FRONTEND=noninteractive apt-get install -yqq --no-install-recommends \ - redis-server nginx-light + RUN \ + --mount=type=cache,target=/var/cache/apt,sharing=locked \ + --mount=type=cache,target=/var/lib/apt,sharing=locked \ + apt-get update -qq && \ + DEBIAN_FRONTEND=noninteractive apt-get install -yqq --no-install-recommends \ + redis-server nginx-light # Similarly, a base to copy the redis server from. # @@ -25,11 +25,11 @@ FROM redis:6-bullseye AS redis_base # now build the final image, based on the the regular Synapse docker image FROM matrixdotorg/synapse:$SYNAPSE_VERSION -# Install supervisord with pip instead of apt, to avoid installing a second -# copy of python. -RUN --mount=type=cache,target=/root/.cache/pip \ - pip install supervisor~=4.2 -RUN mkdir -p /etc/supervisor/conf.d + # Install supervisord with pip instead of apt, to avoid installing a second + # copy of python. + RUN --mount=type=cache,target=/root/.cache/pip \ + pip install supervisor~=4.2 + RUN mkdir -p /etc/supervisor/conf.d # Copy over redis and nginx COPY --from=redis_base /usr/local/bin/redis-server /usr/local/bin @@ -42,21 +42,21 @@ RUN mkdir -p /etc/supervisor/conf.d RUN mkdir /var/log/nginx /var/lib/nginx RUN chown www-data /var/log/nginx /var/lib/nginx -# Copy Synapse worker, nginx and supervisord configuration template files -COPY ./docker/conf-workers/* /conf/ + # Copy Synapse worker, nginx and supervisord configuration template files + COPY ./docker/conf-workers/* /conf/ -# Copy a script to prefix log lines with the supervisor program name -COPY ./docker/prefix-log /usr/local/bin/ + # Copy a script to prefix log lines with the supervisor program name + COPY ./docker/prefix-log /usr/local/bin/ -# Expose nginx listener port -EXPOSE 8080/tcp + # Expose nginx listener port + EXPOSE 8080/tcp -# A script to read environment variables and create the necessary -# files to run the desired worker configuration. Will start supervisord. -COPY ./docker/configure_workers_and_start.py /configure_workers_and_start.py -ENTRYPOINT ["/configure_workers_and_start.py"] + # A script to read environment variables and create the necessary + # files to run the desired worker configuration. Will start supervisord. + COPY ./docker/configure_workers_and_start.py /configure_workers_and_start.py + ENTRYPOINT ["/configure_workers_and_start.py"] -# Replace the healthcheck with one which checks *all* the workers. The script -# is generated by configure_workers_and_start.py. -HEALTHCHECK --start-period=5s --interval=15s --timeout=5s \ - CMD /bin/sh /healthcheck.sh + # Replace the healthcheck with one which checks *all* the workers. The script + # is generated by configure_workers_and_start.py. + HEALTHCHECK --start-period=5s --interval=15s --timeout=5s \ + CMD /bin/sh /healthcheck.sh From 463ad096e583323f58bfdf7e4ff458e5eb9095d3 Mon Sep 17 00:00:00 2001 From: Richard van der Hoff Date: Wed, 3 Aug 2022 15:54:46 +0100 Subject: [PATCH 3/5] changelog --- changelog.d/13447.misc | 1 + 1 file changed, 1 insertion(+) create mode 100644 changelog.d/13447.misc diff --git a/changelog.d/13447.misc b/changelog.d/13447.misc new file mode 100644 index 000000000000..ede3ee91b89d --- /dev/null +++ b/changelog.d/13447.misc @@ -0,0 +1 @@ +Improve rebuild speed for the "synapse-workers" docker image. From 67962830f1d15748b04b6087bf03b9a3e193f4a7 Mon Sep 17 00:00:00 2001 From: Richard van der Hoff Date: Wed, 3 Aug 2022 17:18:11 +0100 Subject: [PATCH 4/5] fix path to redis-server --- docker/conf-workers/supervisord.conf.j2 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/conf-workers/supervisord.conf.j2 b/docker/conf-workers/supervisord.conf.j2 index 086137494efd..1ae70f08e094 100644 --- a/docker/conf-workers/supervisord.conf.j2 +++ b/docker/conf-workers/supervisord.conf.j2 @@ -19,7 +19,7 @@ username=www-data autorestart=true [program:redis] -command=/usr/local/bin/prefix-log /usr/bin/redis-server /etc/redis/redis.conf --daemonize no +command=/usr/local/bin/prefix-log /usr/local/bin/redis-server /etc/redis/redis.conf --daemonize no priority=1 stdout_logfile=/dev/stdout stdout_logfile_maxbytes=0 From 47f426940a670aa2237c85c06f027f88c92e1472 Mon Sep 17 00:00:00 2001 From: Richard van der Hoff Date: Thu, 4 Aug 2022 10:12:55 +0100 Subject: [PATCH 5/5] Let redis use default config --- docker/conf-workers/supervisord.conf.j2 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/conf-workers/supervisord.conf.j2 b/docker/conf-workers/supervisord.conf.j2 index 1ae70f08e094..9f1e03cfc0a2 100644 --- a/docker/conf-workers/supervisord.conf.j2 +++ b/docker/conf-workers/supervisord.conf.j2 @@ -19,7 +19,7 @@ username=www-data autorestart=true [program:redis] -command=/usr/local/bin/prefix-log /usr/local/bin/redis-server /etc/redis/redis.conf --daemonize no +command=/usr/local/bin/prefix-log /usr/local/bin/redis-server priority=1 stdout_logfile=/dev/stdout stdout_logfile_maxbytes=0