Provide tarballs for releases

[afbjorklund]

In addition to the currently existing binaries, we should provide tarballs for smaller downloads.

Doesn't have to be anything fancy, just add .tar.gz with the same files. Kubernetes does this.

[medyagh]

Would the tarball be created per platform? Or does it include all the platforms in one file

[afbjorklund]

We already have a cross-tars target to do this, and it is one tarball per platform.

We could have just one checksum file though (SHA512?), and one entry per line.

So, something like this:

https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG-1.15.md#client-binaries

d54ed7920368e2db06424f8b2498c388658d9e7d0f431c9d78590431956cf5c5e4706bacca8a92da0a6cabb6445c171bf2fadd4b9992251a2e795942678aa651  minikube-darwin-amd64.tar.gz
67a30a667f8156f4312ad6928d6601699fab27e09aff19a141be280f32fe8c8068923d8f1c2c667ab2f67800815bd0cda5fd7c42783270b61a9802b3ea5f4d88  minikube-linux-amd64.tar.gz
91f5c0e8d35f9dc886e447aac519cc617a03d4e970772c35ff83c2f4bd5a82373f6d569b62c0d98927afd7f2c9622cc93442e4a9dea2cb072f895db2f291039a  minikube-windows-amd64.tar.gz

I don't really care much for SHA-512 myself, due to the line wrapping and lack of tools.
I suppose something shorter would work too, might as well go for MD5 unless signed ?

[afbjorklund]

There's some bugs with the current targets, though. It "forgets" to gzip the files, and includes kvm2 driver.
It also includes the "out" folder, which is probably just a side-effect rather than an active packaging choice.

So I think we want to have a solution* for the drivers first. And I have no idea why we include the add-ons ?
Currently the tarball include all the template files from deploy/addons, which I think we include as "assets" ?

• See Download our own kvm2 driver if installed version is missing or out of date #4391

[tstromberg]

Do you mind elaborating on the plans and use case for the tarballs? I'm hesitant to introduce another download form on our release pages unless there is a clear benefit for users:

• If users want a managed minikube install, they use a packaged form
• If users want an unmanaged minikube install, they use the binary form

The tarball addresses the solution of how to download the kvm2 driver, but I'm not sure it otherwise differentiates itself enough to warrant a 3rd form of download, particularly as it would still need a form of installation.

For what it's worth, I don't mind the tarball approach: I do in fact prefer it to the current approach of supplying an arbitrary executable (on macOS and Linux). If we adopt the tarball approach, we should discuss what it would take to deprecate the binary download approach.

Thoughts?

[afbjorklund]

Some packaging formats prefer tarballs (in fact only support tar), so it might make it easier downstream.
I wasn't planning on deprecating the "raw" binaries, just make minikube more accessible (like deb or rpm)

The two benefits were:

• offering compression (60-70% smaller download), something like .gz or .xz
• offering checksum (verifiable download), something like MD5 or SHA-512

Both of these benefits are already in the packages, but since we can't see to settle on one standard...
The main idea was to make minikube as available as kubectl, in several packaging formats:

• exe (40M)
• tar (17M .tgz)
• apt (13M .deb)
• yum (11M .rpm)

Note: all of these formats have the exact same minikube binary, with the exact same checksum!
Unfortunately all those packaging standards checksum the archive and not the actual contents...

But I don't think that we want to remove the executable, since lots of users are using that already.
Another approach would of course be to delete the buggy old cross-tars target, rather than fixing it ?

[fejta-bot]

Issues go stale after 90d of inactivity.
Mark the issue as fresh with /remove-lifecycle stale.
Stale issues rot after an additional 30d of inactivity and eventually close.

If this issue is safe to close now please do so with /close.

Send feedback to sig-testing, kubernetes/test-infra and/or fejta.
/lifecycle stale

[medyagh]

are we still thinking doin this ? I would support any effort to give users a cheap option to download. for places with slow internet.

[afbjorklund]

The main problem was that we were unable to support more than one primary format.
And some users had gotten used to downloading "raw" binaries, rather than tarballs...

But again the minikube binary is not the biggest part of the download (more like 5%).
And we do provide a standalone .sha256 file now (but we don't tell anyone to use it)

Latest numbers:
56M minikube.tar
23M minikube.tgz
18M minikube.txz

Kubernetes links, for comparison:
45M https://storage.googleapis.com/kubernetes-release/release/v1.16.2/bin/linux/amd64/kubectl
14M https://dl.k8s.io/v1.16.2/kubernetes-client-linux-amd64.tar.gz

[afbjorklund]

My original goal was that I wanted to support something like this*:
http://repo.roscidus.com/kubernetes/kubectl

But then I ended up implementing the "minikube kubectl" instead.
And people seem to prefer their "appstores" ?

TL;DR So I guess we can close this now.

---

Ultimately it is much better that the computer handles all this for us...
Better to do sudo apt-get install minikube than doing it "by hand".

The main problem was that it was hard to get "blessed" by a distribution.
And then there was all the distro wars and the package manager wars ?

It's a bit sad that you need to have root privileges (sudo), just to install a tool.
But in the case of minikube, you probably need that anyway - to run the VM.

Compare the current:

Linux

Download and install minikube to /usr/local/bin:

curl -LO https://storage.googleapis.com/minikube/releases/latest/minikube-linux-amd64 \ && sudo install minikube-linux-amd64 /usr/local/bin/minikube

macOS

Download and install minikube to /usr/local/bin:

curl -LO https://storage.googleapis.com/minikube/releases/latest/minikube-darwin-amd64 \ && sudo install minikube-darwin-amd64 /usr/local/bin/minikube

Windows

... and so on ...

With: (an imaginary)

0install run https://storage.googleapis.com/minikube/feeds/minikube.xml

This will download a suitable implementation of minikube (along with any dependencies) and then run it without any side effects for other software on your system.

---

In order to provide tarballs, we would have to extend our instructions above.
Beyond just "install", we would also need "tar" and "gzip" or "xz" available:

tar xvaf *.txz

And note that there is even one step missing from our current instructions.
How to download the .sha256, and run sha256sum or openssl sha256 ?

sha256sum -c *.sha256.txt

Not to mention signing, we haven't even gotted around to doing that just yet...
But it would probably be yet another file to download, yet another step to run ?

gpg --verify *.txz.asc

And of course, the instructions above assume that /usr/local/bin is in the PATH.
Which it isn't everywhere (!), and then you have the same problem as with ~/bin.

PATH="$HOME/bin:$PATH"

* See https://docs.0install.net/details/ for a manual walk-through of all steps.

The way I see it, the tarballs (archives) were just a small piece of the puzzle.