From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mp1 ([2001:41d0:2:4a6f::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by ms11 with LMTPS id wJG0JpRB0V6SXgAA0tVLHw (envelope-from ) for ; Fri, 29 May 2020 17:08:36 +0000 Received: from aspmx1.migadu.com ([2001:41d0:2:4a6f::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by mp1 with LMTPS id AN9xIpRB0V5TFQAAbx9fmQ (envelope-from ) for ; Fri, 29 May 2020 17:08:36 +0000 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by aspmx1.migadu.com (Postfix) with ESMTPS id 60DD4940538 for ; Fri, 29 May 2020 17:08:35 +0000 (UTC) Received: from localhost ([::1]:41516 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1jeiUk-0004V8-CU for larch@yhetil.org; Fri, 29 May 2020 13:08:34 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:40140) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1jeiUc-0004Un-9t for help-guix@gnu.org; Fri, 29 May 2020 13:08:26 -0400 Received: from wout2-smtp.messagingengine.com ([64.147.123.25]:57113) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1jeiUb-00032Y-9o for help-guix@gnu.org; Fri, 29 May 2020 13:08:26 -0400 Received: from compute2.internal (compute2.nyi.internal [10.202.2.42]) by mailout.west.internal (Postfix) with ESMTP id 87D41176F; Fri, 29 May 2020 13:08:22 -0400 (EDT) Received: from mailfrontend2 ([10.202.2.163]) by compute2.internal (MEProxy); Fri, 29 May 2020 13:08:22 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=famulari.name; h=date:from:to:cc:subject:message-id:references:mime-version :content-type:in-reply-to; s=mesmtp; bh=bvhRBpXpYUGaZGxVCAgy3SiJ b5poVi8F0s6ZB+MAxqc=; b=p3ZvSSkUtLrUL/moJJiMMogCMe+w4XtOE4ZBY2zH WjYnw3A/XyLY7hTHJfRRTtQaEirv5VwdZNSudKrK2WWs2NKagrCZo8sgj2ax+eFz xc5x4N//5zPDsrm87KX4h9qvSbuanb1HXHbXY/A1fxBBDhTasWN4Rn+e3kM1hxz9 e4c= DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-type:date:from:in-reply-to :message-id:mime-version:references:subject:to:x-me-proxy :x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s=fm2; bh=bvhRBp XpYUGaZGxVCAgy3SiJb5poVi8F0s6ZB+MAxqc=; b=ADV+U2ROagOULKRhxDvB8V C2JlhremmkBQzMg2i3YtIZDjydV3/NJFKrktwhRlS649W+EgnA+EVkiJmscIzR6Q 7MEE3UtB2EjSf3Nax8bLFekm0WR/uiUKl4hT4kNmhd11e9XsdVNYXovI2L2yVtBn vkUxM1poM3p+WthONA94Ji9pDKB0F7t6Qh2y6TGZ860BKpZO68XY9Mhr8izvLJYi nPSTzKdI0KVdnjX3yByxEYE/3jlqW/bbgL6L5yvWjXFa2pg2vhlzGxwrylPFMtK/ M+ibPyobVBaDbqGTjyR4rt5ZOJQDh8A80sBT5b0C7bK4OOcpNqKY7GN4in+1kPpg == X-ME-Sender: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeduhedruddvkedgkeehucetufdoteggodetrfdotf fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen uceurghilhhouhhtmecufedttdenucenucfjughrpeffhffvuffkfhggtggujgesthdtre dttddtvdenucfhrhhomhepnfgvohcuhfgrmhhulhgrrhhiuceolhgvohesfhgrmhhulhgr rhhirdhnrghmvgeqnecuggftrfgrthhtvghrnhepueekkedtffdvtddugeejgedtvefhue efiedvjeeitdeigedtveejvdejheffvefgnecukfhppeejiedruddvgedrudefkedrieef necuvehluhhsthgvrhfuihiivgeptdenucfrrghrrghmpehmrghilhhfrhhomheplhgvoh esfhgrmhhulhgrrhhirdhnrghmvg X-ME-Proxy: Received: from localhost (c-76-124-138-63.hsd1.pa.comcast.net [76.124.138.63]) by mail.messagingengine.com (Postfix) with ESMTPA id 929623061856; Fri, 29 May 2020 13:08:21 -0400 (EDT) Date: Fri, 29 May 2020 13:08:20 -0400 From: Leo Famulari To: Stephen Scheck Subject: Re: Guix Docker image inflation Message-ID: <20200529170820.GA30828@jasmine.lan> References: <20200528181043.GC23745@jasmine.lan> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: Received-SPF: pass client-ip=64.147.123.25; envelope-from=leo@famulari.name; helo=wout2-smtp.messagingengine.com X-detected-operating-system: by eggs.gnu.org: First seen = 2020/05/29 12:53:48 X-ACL-Warn: Detected OS = Linux 2.2.x-3.x [generic] [fuzzy] X-Spam_score_int: -27 X-Spam_score: -2.8 X-Spam_bar: -- X-Spam_report: (-2.8 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H4=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001 autolearn=_AUTOLEARN X-Spam_action: no action X-BeenThere: help-guix@gnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: help-guix Errors-To: help-guix-bounces+larch=yhetil.org@gnu.org Sender: "Help-Guix" X-Scanner: scn0 Authentication-Results: aspmx1.migadu.com; dkim=pass header.d=famulari.name header.s=mesmtp header.b=p3ZvSSkU; dkim=pass header.d=messagingengine.com header.s=fm2 header.b=ADV+U2RO; dmarc=none; spf=pass (aspmx1.migadu.com: domain of help-guix-bounces@gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=help-guix-bounces@gnu.org X-Spam-Score: -1.21 X-TUID: XKUjj9b9IzUe On Fri, May 29, 2020 at 12:19:46PM -0400, Stephen Scheck wrote: > The previous day's Docker image is used as the base for the new one being > built - the image is pulled from Docker Hub, `guix pull` is run inside it, > and a new > image is "committed" (Docker terminology for creating a new image from a > file system snapshot). I'm still not quite sure what you are doing (or what Docker does) so please bear with me. > root@localhost /# du -h --max-depth=1 /gnu/store | egrep > "guix-system$|guix-packages-base$|guix-[0-9a-f]*-modules$" [...] > 191M /gnu/store/l3amdz5xyhflg5wdzlxr2685dq5glic2-guix-527ab3125-modules > 201M /gnu/store/5mhn1ynxvy7jihsknsnv3yspkkvc0r5s-guix-2e59ae238-modules If I understand correctly, you should not need both of these directories in a Guix VM image. The latter hashes are truncated guix.git commit hashes and a VM image would only be based on a single one. I recommend looking into why all these directories are being copied into your images. I figure you'd want to create each image with *only* the things corresponding to the Git commit it's based on, but it sounds like they are being created by copying the entire host image, which doesn't seem right. If the Docker images are being created by simply snapshotting the file system of a non-ephemeral Guix system, that's probably not the right way to do it. Is that what's going on?