Skip to content

Install rbtrace into Ruby container

Matthias Käppler requested to merge mk-container-debug-tools into master

What does this MR do?

This is more of a proposal to start a discussion, since I am not sure where best to do this.

The intention in general is to improve live-debugging support of production Rubies. rbtrace is one of the most useful tools, since it allows us to inject arbitrary iseqs into a running Ruby VM, so that we can see Ruby data structures as visible to the Ruby VM.

We already enable the rbtrace server in production rubies: https://gitlab.com/gitlab-com/gl-infra/k8s-workloads/gitlab-com/blob/61b56bdfe935af26b85485408db489485386f9c0/releases/gitlab/values/values.yaml.gotmpl#L632

However, the gem is not installed in the container, so one cannot rbtrace -p <pid> a process. I tried to install it manually in a GL cluster deployed from our charts, but it asks for the root password since it's installed into /usr/lib:

git@gitlab-webservice-default-5d568776d7-wmflc:/srv/gitlab$ gem install rbtrace
Fetching ffi-1.15.5.gem
Fetching msgpack-1.5.2.gem
Fetching rbtrace-0.4.14.gem
Fetching optimist-3.0.1.gem
ERROR:  While executing gem ... (Gem::FilePermissionError)
    You don't have write permissions for the /usr/lib/ruby/gems/2.7.0 directory.

I think we should build production images that have a tool-belt pre-installed suitable for common Ruby devops tasks. This could be a start.

Image size change

$ docker image inspect registry.gitlab.com/gitlab-org/build/cng/gitlab-ruby:latest | jq '.[0].Size' 
197206532
$ docker image inspect registry.gitlab.com/gitlab-org/build/cng/gitlab-ruby:b3772e8448ba55e4845c8ac9fa4bc2be3c214bb4 | jq '.[0].Size' 
258892637

That can't be right -- I am not sure why these images differ in size so much.

Here is the actual gem directory size on disk:

git@dff0f5c9dafe:/data/cache/bundle-2.7.5/ruby/2.7.0/gems$ du -ach rbtrace-0.4.14/  | grep total
11M	total

Related issues

Checklist

See Definition of done.

For anything in this list which will not be completed, please provide a reason in the MR discussion

Required

  • Merge Request Title, and Description are up to date, accurate, and descriptive
  • MR targeting the appropriate branch
  • MR has a green pipeline on GitLab.com

Expected (please provide an explanation if not completing)

  • Test plan indicating conditions for success has been posted and passes
  • Documentation created/updated
  • Integration tests added to GitLab QA
  • The impact any change in container size has should be evaluated
Edited by Matthias Käppler

Merge request reports