[arch-dev-public] Arch Linux Container and Boxes

[Bartłomiej Piotrowski]

On 2017-06-01 18:12, Christian Rebischke wrote:
> On Wed, May 31, 2017 at 07:48:58PM +0200, Bartłomiej Piotrowski wrote:
>> On 2017-05-31 16:08, Christian Rebischke wrote:
>>> There is a dependency cycle, thats why systemd got pulled in.
>>> I got already some feedback to the container and the image and I am
>>> pretty sure we can reduce the size of the container a little bit more.
>>> Currently the docker container is 152mb big in compressed state and
>>> around 425mb or something uncompressed.
>>
>> I don't see a cycle here…
>>
> 
> Here is the cycle that I mean:
> 
> This are the first lines of output of `make docker-push`:
> 
> pacstrap -C /usr/share/devtools/pacman-extra.conf -c -d -G -M /tmp/tmp.eKptMyKU0t diffutils gettext grep inetutils iproute2 iputils pacman procps-ng psmisc sed tar util-linux which gzip
> ==> Creating install root at /tmp/tmp.eKptMyKU0t
> ==> Installing packages to /tmp/tmp.eKptMyKU0t
> :: Synchronizing package databases...
> ---> snip <---
> resolving dependencies...
> looking for conflicting packages...
> warning: dependency cycle detected:
> warning: systemd will be installed before its iptables dependency
> 
> This dependency cycle is pulling in 96 more packages including systemd.
> 
> 

Except removing it or not doesn't have much to do with this. Systemd is
completely pointless in a container, especially for Docker. As pactree
-r shows:

  iptables
  ├─iproute2
  └─systemd
    └─libusb
      └─libpcap
        └─iptables

So the problem is that iproute2 requires iptables. Personally I don't
see a use case for any of them in single-process containers, but I guess
it would be just faster to disable iptables support in iproute2.

Bartłomiej