Hi!
In last week's community meeting, there was brief discussion about the ironic-image repository and the utility images that we build around Ironic. Adam suggested to add an iPXE builder image to avoid creating more repositories, but there were some objections
around wanting one image per project to avoid issues with image building tooling.
I wanted to expand a bit on this discussion and maybe find a better way forward than just creating more repositories. There was already some sort of consensus in a
PR discussion around this, that we cannot really have a separate repository for every utility image we want.
First of all, let me clarify that I agree that a project should not have a lot of random "extra" Containerfiles and scripts included in the main repository. However, we seem to have a need for many images for external tools or custom utilities. I think the
tooling for these should ideally be consolidated into one repository since they are not really projects of their own.
To be specific, I'm talking about MariaDB, Dnsmasq, keepalived, etc. My understanding is that we build these custom images mainly to integrate better with Ironic, i.e. we include custom scripts and configuration to make it easier to run them in Metal3 context.
We don't really touch the code of these upstream projects, they are just utilities for us. This is why I think we can keep them all in one repository. I'm not saying we need to move the existing code from ironic-image though, just that I think we can have
a repository for these things. That is where we can now put the iPXE builder container.
Does this make sense?
Now I am perhaps going a bit off topic. This is more about the long-term road map and spawning ideas, so take it with a grain of salt.
Ideally (in my opinion), we should try to keep the configuration and custom scripts outside of the container images and use upstream/official images as far as possible. This means we do not need to build and publish images. We will still need to configure the
containers of course, but that can be done through environment variables and mounted scripts instead of baking them into the image.
Another benefit is that it becomes much easier for an external expert to understand the setup. Currently you basically have to be an expert on ironic-image to understand our dnsmasq or keepalived container. It is not at all obvious how it works for someone
that knows dnsmasq but not ironic-image.
To recap, I'm mainly interested in if it sounds alright to you all if we work on a new repo utility-images that would be for these kind of things. Do you think it is OK to have a repository like this, or do we need to have e.g. a separate ipxq-builder repo?
Best ragards,
Lennart Jern