[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-project] TPA-RFC-87: container image lifecycle

To: tor-project@xxxxxxxxxxxxxxxxxxxx
Subject: [tor-project] TPA-RFC-87: container image lifecycle
From: Antoine Beaupré via tor-project <tor-project@xxxxxxxxxxxxxxxxxxxx>
Date: Tue, 15 Apr 2025 21:05:14 -0400
List-id: "Moderated discussion list for tor contributors." <tor-project.lists.torproject.org>
Organization: Tor
Reply-to: Antoine Beaupré <anarcat@xxxxxxxxxxxxxx>

---
affected users: container registry users
deadline: 2025-05-08 (3 weeks)
status: proposed
discussion: https://gitlab.torproject.org/tpo/tpa/base-images/-/issues/24
---

Summary: TPA container images will follow upstream OS support schedules

Table of contents:

- Proposal
  - Debian images
  - Ubuntu images
- Alternatives considered
  - Different schedules according to image type
  - Upgrades in lockstep with our major upgrades
    - Upgrade completes before EOL
    - Upgrade completes after EOL
- References

# Proposal

Container image versions published by TPA as part of the `base-images`
repository will be supported following upstream (Debian and Ubuntu)
support policies, including "LTS" releases.

In other words, we will *not* retire the images in lockstep with the
normal "major release" upgrade policy, which typically starts the
upgrade during the freeze and aims to retire the previous release
within a year.

This is to give our users a fallback if they have trouble with the
major upgrades, and to simplify our upgrade policy.

This implies supporting 4 or 5 Debian build per image, per
architecture, depending on how long upstream live, including testing
and unstable.

We can make exceptions in case our major upgrades take an extremely
long time (say, past the LTS EOL date), but we *strongly* encourage
all container image users to regularly follow the latest "stable"
release (if not "testing") to keep their things up to date, regardless
of TPA's major upgrades schedules.

Before image retirements, we'll send an announcement, typically about
a year in advance (when the new stable is released, which is typically
a year before the previous LTS drops out of support) and a month
before the actual retirement.

## Debian images

Those are the Debian images currently supported and their scheduled
retirement date.

| codename   | version | end of support |
|------------|---------|----------------|
| `bullseye` | 11      | 2026-08-31     |
| `bookworm` | 12      | 2028-06-30     |
| `trixie`   | 13      | likely 2030    |
| `sid`      | N/A     | N/A            |

Note that `bullseye` was actually retired already, before this
proposal was adopted ([tpo/tpa/base-images#19][]).

 [tpo/tpa/base-images#19]: https://gitlab.torproject.org/tpo/tpa/base-images/-/issues/19

## Ubuntu images

Ubuntu releases are tracked separately, as we do not actually perform
Ubuntu major upgrades. So we currently have those images:

| codename   | version   | end of support |
|------------|-----------|----------------|
| `focal`    | 20.04 LTS | 2025-05-29     |
| `jammy`    | 22.04 LTS | 2027-06-01     |
| `noble`    | 24.04 LTS | 2029-05-31     |
| `oracular` | 24.10     | 2025-07        |

Concretely, it means we're supporting a relatively constant number (4)
of upstream releases.

Note that we do not currently build other images on top of Ubuntu
images, and would discourage such an approach, as Ubuntu is typically
not supported by TPA, except to build third-party software (in this
case, "C" Tor).

# Alternatives considered

Those approaches were discussed but ultimately discarded.

## Different schedules according to image type

We've also considered having different schedules for different image
types, for example having only "stable" for some less common images.

This, however, would be confusing for users: they would need to
*guess* what exactly we consider to be a "common" image.

This implies we build more images than we might truly need (e.g. who
really needs the `redis-server` image from `testing` *and*
`unstable`?) but this seems like a small cost to pay for the tradeoff.

We currently do not feel the number of built images is a problem in
our pipelines.

## Upgrades in lockstep with our major upgrades

We've also considered retiring container images in lockstep with the
major OS upgrades as performed by TPA. For Debian, this would have
*not* include LTS releases, unless our upgrades are delayed. For
Ubuntu, it includes LTS releases and supported rolling releases.

For Debian, it meant we generally supported 3 releases (including
testing and unstable), except during the upgrade, when we support 4
versions of the container images for however long it takes to complete
the upgrade after the stable release.

This was confusing, as the lifetime of an image depended upon the
speed at which major upgrades were performed. Those are highly
variable, as they depend on the team's workload and the difficulties
encountered (or not) during the procedure.

It could mean that support for a container image would abruptly be
dropped if the major upgrade crossed the LTS boundary, although this
is also a problem with the current proposal, alleviated by
pre-retirement announcements.

### Upgrade completes before EOL

In this case, we complete the Debian 13 upgrade before the EOL:

- 2025-04-01: Debian 13 upgrade starts, 12 and 13 images supported
- 2025-06-10: Debian 13 released, Debian 14 becomes `testing`, 12, 13
  and 14 images supported
- 2026-02-15: Debian 13 upgrade completes
- 2026-06-10: Debian 12 becomes LTS, 12 support dropped, 13 and 14 supported

In this case, "oldstable" images (Debian 12) images are supported 4
months after the major upgrade completion, and 14 months after the
upgrades start.

### Upgrade completes after EOL

In this case, we complete the Debian 13 upgrade after the EOL:

- 2025-04-01: Debian 13 upgrade starts, 12 and 13 images supported
- 2025-06-10: Debian 13 released, Debian 14 becomes `testing`, 12, 13
  and 14 images supported
- 2026-06-10: Debian 12 becomes LTS, 12, 13 and 14 supported
- 2027-02-15: Debian 13 upgrade completes, Debian 12 images support
  dropped, 13 and 14 supported
- 2028-06-30: Debian 12 LTS support dropped upstream

In this case, "oldstable" (Debian 12) images are supported zero months
after the major upgrades completes, and 22 months after the upgrade
started.

# References

 - [discussion issue][]
 - [Debian release support schedule][]
 - [Ubuntu][] and [Debian][] release timelines at Wikipedia
 - [Debian major upgrades progress and history][]
 
 [discussion issue]: https://gitlab.torproject.org/tpo/tpa/base-images/-/issues/24
 [Debian major upgrades progress and history]: https://gitlab.torproject.org/tpo/tpa/team/-/wikis/howto/upgrades#all-time-version-graph
 [Debian]: https://en.wikipedia.org/wiki/Debian_version_history#Release_table
 [Ubuntu]: https://en.wikipedia.org/wiki/Ubuntu_version_history#Table_of_versions
 [Debian release support schedule]: https://www.debian.org/releases/

-- 
Antoine Beaupré
torproject.org system administration
_______________________________________________
tor-project mailing list -- tor-project@xxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to tor-project-leave@xxxxxxxxxxxxxxxxxxxx

Next by Author: [tor-project] Debian 13 ("trixie") upgrade schedule, batch 1, coming up (TPA-RFC-80)
Previous by thread: [tor-project] Anti-censorship team meeting notes, 2025-04-10
Next by thread: [tor-project] Applications Team Meeting Rescheduled to Tuesday, April 22nd
Index(es):
- Author
- Thread