WEBVTT 00:00.000 --> 00:11.800 Our next speaker, just admitted to me, he is not a go developer. 00:11.800 --> 00:14.600 Wow, exciting. 00:14.600 --> 00:17.680 People like that, you know, the go developer for some reason? 00:17.680 --> 00:20.720 So why did I invite Dimash for you today? 00:20.720 --> 00:25.800 Well, you don't build Go, oh well, we don't write Go, but you build it. 00:25.800 --> 00:30.280 And this is most interesting, because those go binaries, they get them everywhere. 00:30.280 --> 00:35.160 And we want to know how this is called, we've written very badly, and it's a positive 00:35.160 --> 00:36.160 compiler. 00:36.160 --> 00:37.160 A positive entry. 00:37.160 --> 00:46.080 And yeah, hello, welcome. 00:46.080 --> 00:47.080 My name is Dimitri. 00:47.080 --> 00:49.680 I am an OS distribution developer. 00:49.680 --> 00:52.360 So I've built lots of operating systems. 00:52.360 --> 00:54.000 I am the Indian developer. 00:54.000 --> 00:55.880 I'm a bunch of core developer. 00:55.880 --> 01:02.280 I started Intel Clear Linux project currently working at Chingar Building WulfioS. 01:02.280 --> 01:07.520 And I'm mostly focused on building production grade container images, such that all the 01:07.520 --> 01:13.560 go code that I compile over a thousand projects, we deploy it in Kubernetes clusters in 01:13.560 --> 01:17.240 production for ourselves and our customers. 01:17.240 --> 01:23.480 And this talk I'm going to dwell into how we build all of the go projects that we ship. 01:23.480 --> 01:28.480 And hopefully, such that other people adopt our best practices. 01:28.480 --> 01:35.200 It will be Linux focused, right, such that majority of this applies to Linux binaries on 01:35.200 --> 01:37.240 x86 and ARM. 01:37.240 --> 01:43.080 However, most of it is transferable to go on other operating systems and architectures as 01:43.080 --> 01:44.080 well. 01:44.080 --> 01:47.200 But you may need to do your own testing. 01:47.200 --> 01:55.080 Yeah, I've been doing this for a while, so hopefully you'll find something useful here. 01:55.080 --> 01:57.440 First we'll start with simple things. 01:57.440 --> 02:04.480 So by default, when you run go build, it will produce binaries with debug symbol attached. 02:04.480 --> 02:12.600 I do want to ask you a question, who has here run GTB or DELF on a go binary to debug 02:12.600 --> 02:13.600 it? 02:14.520 --> 02:15.640 OK, that's a lot. 02:15.640 --> 02:21.160 Keep your hand up if you've done it, well, the binary you're attaching to is running 02:21.160 --> 02:22.480 in a production cluster. 02:24.480 --> 02:26.160 OK, still a few hands. 02:26.160 --> 02:32.520 OK, I want to posit that the debug information is often unused in production, right? 02:32.520 --> 02:36.160 Such that when you build your production container, you can strip that. 02:36.160 --> 02:42.560 So there is LD flags, dash W flag, which will remove debug symbols from the binary 02:42.600 --> 02:44.040 you produce. 02:44.040 --> 02:48.600 And if you want to keep a copy of your debug information, there is another option where 02:48.600 --> 02:53.920 you can use strip and you can strip debug and store it in your debug info server, which 02:53.920 --> 02:55.520 you are running locally. 02:55.520 --> 03:00.160 Because then GTB can still connect, and you can still get all of your debug information 03:00.160 --> 03:05.880 for the five people who connect to their production binaries, right? 03:05.880 --> 03:08.560 They're saving on the binary stage. 03:08.600 --> 03:14.240 It can be like 35, 40% of the binary size, such that you can potentially, you know, 03:14.240 --> 03:18.000 half of all of your container sizes. 03:18.000 --> 03:20.560 Next up, trim path. 03:20.560 --> 03:27.800 So when you build binary, it encodes the file path of your build system inside the 03:27.800 --> 03:31.120 binaries for majority of files that you're compiling. 03:31.120 --> 03:36.600 It leaks the username, it leaks the file system layout of your build infrastructure into 03:36.600 --> 03:37.680 the binary. 03:37.680 --> 03:38.680 And if you strip that.