From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <help-guix-bounces+larch=yhetil.org@gnu.org>
Received: from mp1 ([2001:41d0:2:4a6f::])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits))
	by ms11 with LMTPS
	id kObsHqP40171NgAA0tVLHw
	(envelope-from <help-guix-bounces+larch=yhetil.org@gnu.org>)
	for <larch@yhetil.org>; Sun, 31 May 2020 18:34:11 +0000
Received: from aspmx1.migadu.com ([2001:41d0:2:4a6f::])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits))
	by mp1 with LMTPS
	id 6FHOGqP4014jZAAAbx9fmQ
	(envelope-from <help-guix-bounces+larch=yhetil.org@gnu.org>)
	for <larch@yhetil.org>; Sun, 31 May 2020 18:34:11 +0000
Received: from lists.gnu.org (lists.gnu.org [209.51.188.17])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by aspmx1.migadu.com (Postfix) with ESMTPS id 25616940058
	for <larch@yhetil.org>; Sun, 31 May 2020 18:34:11 +0000 (UTC)
Received: from localhost ([::1]:52304 helo=lists1p.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.90_1)
	(envelope-from <help-guix-bounces+larch=yhetil.org@gnu.org>)
	id 1jfSmg-0006L9-3G
	for larch@yhetil.org; Sun, 31 May 2020 14:34:10 -0400
Received: from eggs.gnu.org ([2001:470:142:3::10]:41230)
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <zimon.toutoune@gmail.com>)
 id 1jfSm6-0005vs-Oh
 for help-guix@gnu.org; Sun, 31 May 2020 14:33:34 -0400
Received: from mail-qt1-x82e.google.com ([2607:f8b0:4864:20::82e]:40417)
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128)
 (Exim 4.90_1) (envelope-from <zimon.toutoune@gmail.com>)
 id 1jfSm5-00082S-SG
 for help-guix@gnu.org; Sun, 31 May 2020 14:33:34 -0400
Received: by mail-qt1-x82e.google.com with SMTP id h9so6077467qtj.7
 for <help-guix@gnu.org>; Sun, 31 May 2020 11:33:33 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025;
 h=mime-version:references:in-reply-to:from:date:message-id:subject:to
 :cc; bh=BlkQIjeUBKPZtIQnvhSkvPqvctXNmAakajNSbleQGRU=;
 b=Jd8F6UgeM0+WFYyRduFCSGJrwjjgvLcDuEOJ/iowUEx+yNTu223ogcIYgXwFzInHMe
 nPeHPNnG7iOcGnk0sMuIyzsCCNb0Q8TCQhOFduEXNr1cHFmKzJGLfatPR22oDIgtWjsH
 /xL8F7hN5/RxTVj/cFisF+JTVbFjMKBMlQREuSQhsNywMgUhrACByru98/6roW6j7gNQ
 nhjyT+Uyf46iJ3XWjxLqvKIRjQ1NJ2V8CTRxeaokpNVbXi6pA/N7xO3Pknz9pmg1ClSw
 MAts+YVfBv4Tbampcr47Pgq2X6zpQNiA4+OmuI5fKDXU11f4RYWXVhKu4GwKTnn96vKm
 xKjQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20161025;
 h=x-gm-message-state:mime-version:references:in-reply-to:from:date
 :message-id:subject:to:cc;
 bh=BlkQIjeUBKPZtIQnvhSkvPqvctXNmAakajNSbleQGRU=;
 b=BOOxFsDRpeu54qPKrlFU/wDbV1JmnnArlrAbPYypK3x4fMmnx0qXEPeimboN4Lu4jH
 owl4RNY9oNOb+wBt8yuT5kMlEINvzlrjvasmB9D2s0/xEjtUmG1+HrRJ3Mt/Zz8IRbHR
 yZpzX6V78ta0ECrUuRnK0V1EuF3pcbuDHxO5470G1Ll6yCzghb679HGRLMZbSdLHF8ei
 2uMfdm+ZtzXQ3lY9/A9x7PWUVpS8qIIJ8oeDDRDJZOoqXJleKw9Osi5hBqtF/c02DvKj
 jDcn1CbeJR0nA2TirYU+jVOFr/3lHPwH9zHFlyC8Gj9ZVmZQNVGDCaXJMfhm1864xdB2
 Z6TA==
X-Gm-Message-State: AOAM5318HWUhQDAh0bA+uBq+HzC83nWQcE8OZwEsiYjjiWI3n3R8RQ1z
 8bmlT5xPByEYHggFtwUGvdK8LC3ERInSAr8R5z8=
X-Google-Smtp-Source: ABdhPJzshnBw/n2wVyLhHMIevyO20YJqvxxh6tP0OCjzkZPPvzy7AiNfVFxrpX0wo4cOuu4u3QHKE+Hdsu5ha7OOGLk=
X-Received: by 2002:ac8:7092:: with SMTP id y18mr19537981qto.354.1590950012669; 
 Sun, 31 May 2020 11:33:32 -0700 (PDT)
MIME-Version: 1.0
References: <CAKjnHz1X26QhPEWZfOmAbEmZHQA1qdU_Dq7U6kVXUqG7vCvuhw@mail.gmail.com>
 <87h7vyxqrz.fsf@gmail.com>
 <CAKjnHz1=4v5kMQ8G6+_rQpMrK183HD5JUW8YKuvFPVX-e_UfWw@mail.gmail.com>
 <87367glo7c.fsf@gmail.com>
 <CAKjnHz0ngmPC3dYu6czZTLAbXMyw7HfXiLr4fhdTyDiUo42vdA@mail.gmail.com>
In-Reply-To: <CAKjnHz0ngmPC3dYu6czZTLAbXMyw7HfXiLr4fhdTyDiUo42vdA@mail.gmail.com>
From: zimoun <zimon.toutoune@gmail.com>
Date: Sun, 31 May 2020 20:33:21 +0200
Message-ID: <CAJ3okZ1RfzqtCtzd2zBDmEMroL-V1-5vscmAZVofbBCEpGy11w@mail.gmail.com>
Subject: Re: Guix Docker image inflation
To: Stephen Scheck <singularsyntax@gmail.com>
Content-Type: text/plain; charset="UTF-8"
Received-SPF: pass client-ip=2607:f8b0:4864:20::82e;
 envelope-from=zimon.toutoune@gmail.com; helo=mail-qt1-x82e.google.com
X-detected-operating-system: by eggs.gnu.org: No matching host in p0f cache.
 That's all we know.
X-Spam_score_int: -20
X-Spam_score: -2.1
X-Spam_bar: --
X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1,
 DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001,
 RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001 autolearn=_AUTOLEARN
X-Spam_action: no action
X-BeenThere: help-guix@gnu.org
X-Mailman-Version: 2.1.23
Precedence: list
List-Id: <help-guix.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/help-guix>,
 <mailto:help-guix-request@gnu.org?subject=unsubscribe>
List-Archive: <https://lists.gnu.org/archive/html/help-guix>
List-Post: <mailto:help-guix@gnu.org>
List-Help: <mailto:help-guix-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/help-guix>,
 <mailto:help-guix-request@gnu.org?subject=subscribe>
Cc: help-guix <help-guix@gnu.org>
Errors-To: help-guix-bounces+larch=yhetil.org@gnu.org
Sender: "Help-Guix" <help-guix-bounces+larch=yhetil.org@gnu.org>
X-Scanner: scn0
Authentication-Results: aspmx1.migadu.com;
	dkim=fail (rsa verify failed) header.d=gmail.com header.s=20161025 header.b=Jd8F6Uge;
	dmarc=fail reason="SPF not aligned (relaxed)" header.from=gmail.com (policy=none);
	spf=pass (aspmx1.migadu.com: domain of help-guix-bounces@gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=help-guix-bounces@gnu.org
X-Spam-Score: 1.59
X-TUID: MJBfiOnRGmva

Dear Stephen,

On Sun, 31 May 2020 at 19:51, Stephen Scheck <singularsyntax@gmail.com> wrote:

> But I'm now starting to doubt my whole approach because it seems like
> there are some fundamental GC problems with running a live Guix system
> inside a container.

I do not think it is "some fundamental GC problems with running a live
Guix system inside a container" but it is a fundamental Docker
filesystem design which is incompatible with your approach.  As I have
tried to show, the issue is:

$ CONTAINER=`docker run --detach --tty --privileged image0`
$ docker exec --interactive --tty $CONTAINER /bin/sh
/ # dd if=/dev/urandom of=/data1 bs=1234567 count=1024
$ HASH=`docker commit $CONTAINER` && docker tag $HASH image1

$ CONTAINER=`docker run --detach --tty --privileged image1`
$ docker exec --interactive --tty $CONTAINER /bin/sh
/ # rm /data1
/ # dd if=/dev/urandom of=/data2 bs=1234567 count=1024
$ HASH=`docker commit $CONTAINER` && docker tag $HASH image2

$ CONTAINER=`docker run --detach --tty --privileged image2`
$ docker exec --interactive --tty $CONTAINER /bin/sh
/ # rm /data2
/ # dd if=/dev/urandom of=/data3 bs=1234567 count=1024
$ HASH=`docker commit $CONTAINER` && docker tag $HASH image3

etc.

And all the resulting images are bigger and bigger.  Do I misread something?

Maybe "docker export | docker import" should help to keep the size
"reasonable" even if I am not convinced...


Well, thank you for raising the issue, because I have learnt
interesting stuff about Docker. :-)
And I do not have yet something concrete to say about your initial issue, sorry.


All the best,
simon