Ede_Vau
/
frr
mirror of https://github.com/FRRouting/frr.git
1
1
Fork 0
Code Issues Releases Wiki Activity

Merge pull request #12797 from jvidalallende/ubi8_minimal_dockerfile 

docker: reduce ubi8 images size by using ubi8-minimal as base
This commit is contained in:
Quentin Young 2023-04-12 05:47:38 +00:00 committed by GitHub
parent b4ac6683ac b964031359
commit 9213d69499
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
5 changed files with 170 additions and 90 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

83
docker/ubi-8/Dockerfile
View File

@ -1,83 +0,0 @@
# This stage builds an rpm from the source
FROM registry.access.redhat.com/ubi8/ubi:8.5 as ubi-8-builder
RUN dnf -y update-minimal --security --sec-severity=Important --sec-severity=Critical
RUN rpm --import https://www.centos.org/keys/RPM-GPG-KEY-CentOS-Official \
&& dnf config-manager --disableplugin subscription-manager --add-repo http://mirror.centos.org/centos/8-stream/BaseOS/x86_64/os \
&& dnf config-manager --disableplugin subscription-manager --add-repo http://mirror.centos.org/centos/8-stream/AppStream/x86_64/os \
&& dnf config-manager --disableplugin subscription-manager --add-repo http://mirror.centos.org/centos/8-stream/PowerTools/x86_64/os
RUN dnf install -qy https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpm \
&& dnf install --enablerepo=* -qy rpm-build git autoconf pcre-devel \
systemd-devel automake libtool make readline-devel texinfo \
net-snmp-devel pkgconfig groff pkgconfig json-c-devel pam-devel \
bison flex python3-pytest c-ares-devel python3-devel python3-sphinx \
libcap-devel platform-python-devel \
https://ci1.netdef.org/artifact/LIBYANG-LIBYANGV2/shared/build-2/CentOS-8-x86_64-Packages/libyang2-2.0.0.10.g2eb910e4-1.el8.x86_64.rpm \
https://ci1.netdef.org/artifact/LIBYANG-LIBYANGV2/shared/build-2/CentOS-8-x86_64-Packages/libyang2-devel-2.0.0.10.g2eb910e4-1.el8.x86_64.rpm \
https://ci1.netdef.org/artifact/RPKI-RTRLIB/shared/build-00146/CentOS-7-x86_64-Packages/librtr-0.8.0-1.el7.x86_64.rpm \
https://ci1.netdef.org/artifact/RPKI-RTRLIB/shared/build-00146/CentOS-7-x86_64-Packages/librtr-devel-0.8.0-1.el7.x86_64.rpm
COPY . /src
ARG PKGVER
RUN echo '%_smp_mflags %( echo "-j$(/usr/bin/getconf _NPROCESSORS_ONLN)"; )' >> /root/.rpmmacros \
&& cd /src \
&& ./bootstrap.sh \
&& ./configure \
--enable-rpki \
--enable-snmp=agentx \
--enable-numeric-version \
--with-pkg-extra-version="_palmetto_git$PKGVER" \
&& make dist \
&& cd / \
&& mkdir -p /rpmbuild/{SOURCES,SPECS} \
&& cp /src/frr*.tar.gz /rpmbuild/SOURCES \
&& cp /src/redhat/frr.spec /rpmbuild/SPECS \
&& rpmbuild \
--define "_topdir /rpmbuild" \
-ba /rpmbuild/SPECS/frr.spec
# This stage installs frr from the rpm
FROM registry.access.redhat.com/ubi8/ubi:8.5
RUN dnf -y update-minimal --security --sec-severity=Important --sec-severity=Critical
ARG FRR_IMAGE_TAG
ARG FRR_RELEASE
ARG FRR_NAME
ARG FRR_VENDOR
LABEL name=$FRR_NAME \
vendor=$FRR_VENDOR \
version=$FRR_IMAGE_TAG \
release=$FRR_RELEASE
RUN rpm --import https://www.centos.org/keys/RPM-GPG-KEY-CentOS-Official \
&& dnf config-manager --disableplugin subscription-manager --add-repo http://mirror.centos.org/centos/8-stream/BaseOS/x86_64/os \
&& dnf config-manager --disableplugin subscription-manager --add-repo http://mirror.centos.org/centos/8-stream/AppStream/x86_64/os
RUN dnf install -qy https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpm \
&& mkdir -p /pkgs/rpm \
&& dnf install --enablerepo=* -qy https://ci1.netdef.org/artifact/LIBYANG-LIBYANGV2/shared/build-2/CentOS-8-x86_64-Packages/libyang2-2.0.0.10.g2eb910e4-1.el8.x86_64.rpm \
https://ci1.netdef.org/artifact/RPKI-RTRLIB/shared/build-00146/CentOS-7-x86_64-Packages/librtr-0.8.0-1.el7.x86_64.rpm
COPY --from=ubi-8-builder /rpmbuild/RPMS/ /pkgs/rpm/
RUN dnf install -qy /pkgs/rpm/*/*.rpm \
&& rm -rf /pkgs \
# Own the config / PID files
&& mkdir -p /var/run/frr \
&& chown -R frr:frr /etc/frr /var/run/frr
# Add tini because no CentOS8 package
ENV TINI_VERSION v0.19.0
ADD https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini /sbin/tini
RUN chmod +x /sbin/tini
# Simple init manager for reaping processes and forwarding signals
ENTRYPOINT ["/sbin/tini", "--"]
# Default CMD starts watchfrr
COPY docker/ubi-8/docker-start /usr/lib/frr/docker-start
CMD ["/usr/lib/frr/docker-start"]

132
docker/ubi8-minimal/Dockerfile Normal file
View File

@ -0,0 +1,132 @@
# This stage builds an rpm from the source
ARG UBI8_MINIMAL_VERSION
FROM registry.access.redhat.com/ubi8/ubi-minimal:${UBI8_MINIMAL_VERSION} as ubi8-minimal-builder
RUN rpm --import https://repo.almalinux.org/almalinux/RPM-GPG-KEY-AlmaLinux-8
ADD docker/ubi8-minimal/almalinux.repo /etc/yum.repos.d/almalinux.repo
# ubi8-minimal comes with broken tzdata package installed, so we need to remove them
# and later reinstall it again: https://bugzilla.redhat.com/show_bug.cgi?id=1668185
RUN rpm --quiet -e --nodeps tzdata >/dev/null 2>&1
RUN microdnf --disableplugin=subscription-manager --setopt=install_weak_deps=0 install \
autoconf \
automake \
bison \
c-ares-devel \
flex \
git \
groff \
json-c-devel \
libcap-devel \
libssh-devel \
libtool \
make \
net-snmp-devel \
openssl \
pam-devel \
pcre-devel \
pkgconfig \
platform-python-devel \
python3-devel \
python3-pytest \
python3-sphinx \
readline-devel \
rpm-build \
systemd-devel \
texinfo \
tzdata \
&& microdnf --disableplugin=subscription-manager clean all
RUN curl -sSL -o /tmp/libyang2.rpm https://ci1.netdef.org/artifact/LIBYANG-LIBYANGV2/shared/build-12/RedHat-8-x86_64-Packages/libyang2-2.0.7-1.el8.x86_64.rpm \
&& rpm -i /tmp/libyang2.rpm \
&& rm -f /tmp/libyang2.rpm
RUN curl -sSL -o /tmp/libyang2-devel.rpm https://ci1.netdef.org/artifact/LIBYANG-LIBYANGV2/shared/build-12/RedHat-8-x86_64-Packages/libyang2-devel-2.0.7-1.el8.x86_64.rpm \
&& rpm -i /tmp/libyang2-devel.rpm \
&& rm -f /tmp/libyang2-devel.rpm
RUN curl -sSL -o /tmp/librtr.rpm https://ci1.netdef.org/artifact/RPKI-RTRLIB/shared/build-149/RedHat-8-x86_64-Packages/librtr-0.8.0-1.el8.x86_64.rpm \
&& rpm -i /tmp/librtr.rpm \
&& rm -f /tmp/librtr.rpm
RUN curl -sSL -o /tmp/librtr-devel.rpm https://ci1.netdef.org/artifact/RPKI-RTRLIB/shared/build-149/RedHat-8-x86_64-Packages/librtr-devel-0.8.0-1.el8.x86_64.rpm \
&& rpm -i /tmp/librtr-devel.rpm \
&& rm -f /tmp/librtr-devel.rpm
COPY . /src
ARG PKGVER
RUN echo '%_smp_mflags %( echo "-j$(/usr/bin/getconf _NPROCESSORS_ONLN)"; )' >> /root/.rpmmacros \
&& cd /src \
&& ./bootstrap.sh \
&& ./configure \
--enable-rpki \
--enable-snmp=agentx \
--enable-numeric-version \
--with-pkg-extra-version="_git$PKGVER" \
&& make dist \
&& cd / \
&& mkdir -p /rpmbuild/{SOURCES,SPECS} \
&& cp /src/frr*.tar.gz /rpmbuild/SOURCES \
&& cp /src/redhat/frr.spec /rpmbuild/SPECS \
&& rpmbuild \
--define "_topdir /rpmbuild" \
-ba /rpmbuild/SPECS/frr.spec
# This stage installs frr from the rpm
FROM registry.access.redhat.com/ubi8/ubi-minimal:${UBI8_MINIMAL_VERSION}
ARG FRR_IMAGE_TAG
ARG FRR_RELEASE
ARG FRR_NAME
ARG FRR_VENDOR
LABEL name=$FRR_NAME \
vendor=$FRR_VENDOR \
version=$FRR_IMAGE_TAG \
release=$FRR_RELEASE
ADD docker/ubi8-minimal/almalinux.repo /etc/yum.repos.d/almalinux.repo
RUN rpm --import https://repo.almalinux.org/almalinux/RPM-GPG-KEY-AlmaLinux-8
RUN microdnf --disableplugin=subscription-manager --setopt=install_weak_deps=0 install \
c-ares \
initscripts \
net-snmp-agent-libs \
net-snmp-libs \
openssl \
python3 \
shadow-utils \
systemd \
&& microdnf --disableplugin=subscription-manager clean all
RUN curl -sSL -o /tmp/libyang2.rpm https://ci1.netdef.org/artifact/LIBYANG-LIBYANGV2/shared/build-12/RedHat-8-x86_64-Packages/libyang2-2.0.7-1.el8.x86_64.rpm \
&& rpm -i /tmp/libyang2.rpm \
&& rm -f /tmp/libyang2.rpm
RUN curl -sSL -o /tmp/librtr.rpm https://ci1.netdef.org/artifact/RPKI-RTRLIB/shared/build-149/RedHat-8-x86_64-Packages/librtr-0.8.0-1.el8.x86_64.rpm \
&& rpm -i /tmp/librtr.rpm \
&& rm -f /tmp/librtr.rpm
COPY --from=ubi8-minimal-builder /rpmbuild/RPMS/ /pkgs/rpm/
# Install packages and create FRR files and folders. Be sure to own the config / PID files
RUN rpm -i /pkgs/rpm/x86_64/*.rpm \
&& rm -rf /pkgs \
&& rm -rf /mnt/rootfs/var/cache/* /mnt/rootfs/var/log/dnf* /mnt/rootfs/var/log/yum.* \
&& mkdir -p /var/run/frr \
&& chown -R frr:frr /etc/frr /var/run/frr
# There is no package for tini, add it manually
ENV TINI_VERSION v0.19.0
ADD https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini /sbin/tini
RUN chmod +x /sbin/tini
# Simple init manager for reaping processes and forwarding signals
ENTRYPOINT ["/sbin/tini", "--"]
# Default CMD starts watchfrr
COPY docker/ubi8-minimal/docker-start /usr/lib/frr/docker-start
CMD ["/usr/lib/frr/docker-start"]

23
docker/ubi8-minimal/almalinux.repo Normal file
View File

@ -0,0 +1,23 @@
[AlmaLinux - baseos]
name=AlmaLinux $releasever - BaseOS
mirrorlist=https://mirrors.almalinux.org/mirrorlist/$releasever/baseos
# baseurl=https://repo.almalinux.org/almalinux/$releasever/BaseOS/$basearch/os/
enabled=1
gpgcheck=1
countme=1
[AlmaLinux - appstream]
name=AlmaLinux $releasever - AppStream
mirrorlist=https://mirrors.almalinux.org/mirrorlist/$releasever/appstream
# baseurl=https://repo.almalinux.org/almalinux/$releasever/AppStream/$basearch/os/
enabled=1
gpgcheck=1
countme=1
[AlmaLinux - powertools]
name=AlmaLinux $releasever - PowerTools
mirrorlist=https://mirrors.almalinux.org/mirrorlist/$releasever/powertools
# baseurl=https://repo.almalinux.org/almalinux/$releasever/PowerTools/$basearch/os/
enabled=1
gpgcheck=1
countme=1

22
docker/ubi-8/build.sh → docker/ubi8-minimal/build.sh
View File

@ -5,37 +5,45 @@ set -e
## ##
# Package version needs to be decimal # Package version needs to be decimal
## ##
DISTRO=ubi-8 DISTRO=ubi8-minimal
UBI8_MINIMAL_VERSION=$1
if [ -z "$UBI8_MINIMAL_VERSION" ]; then
UBI8_MINIMAL_VERSION="latest"
fi
GITREV="$2" GITREV="$2"
if [ -z "$GITREV" ];then if [ -z "$GITREV" ];then
GITREV="$(git rev-parse --short=10 HEAD)" GITREV="$(git rev-parse --short=10 HEAD)"
fi fi
FRR_IMAGE_TAG="$1" FRR_IMAGE_TAG="$3"
if [ -z $FRR_IMAGE_TAG ];then if [ -z $FRR_IMAGE_TAG ];then
FRR_IMAGE_TAG="frr:ubi-8-$GITREV" FRR_IMAGE_TAG="frr:ubi8-minimal-$GITREV"
fi fi
PKGVER="$(printf '%u\n' 0x$GITREV)" PKGVER="$(printf '%u\n' 0x$GITREV)"
FRR_RELEASE="$3" FRR_RELEASE="$4"
if [ -z $FRR_RELEASE ];then if [ -z $FRR_RELEASE ];then
FRR_RELEASE=$(git describe --tags --abbrev=0) FRR_RELEASE=$(git describe --tags --abbrev=0)
fi fi
FRR_NAME=$4 FRR_NAME=$5
if [ -z $FRR_NAME ];then if [ -z $FRR_NAME ];then
FRR_NAME=frr FRR_NAME=frr
fi fi
FRR_VENDOR=$5 FRR_VENDOR=$6
if [ -z $FRR_VENDOR ];then if [ -z $FRR_VENDOR ];then
FRR_VENDOR=frr FRR_VENDOR=frr
fi fi
DOCKERFILE_PATH="$(dirname $(realpath $0))/Dockerfile"
docker build \ docker build \
--cache-from="frr:$DISTRO-builder-$GITREV" \ --cache-from="frr:$DISTRO-builder-$GITREV" \
--file=docker/$DISTRO/Dockerfile \ --file="$DOCKERFILE_PATH" \
--build-arg="UBI8_MINIMAL_VERSION=$UBI8_MINIMAL_VERSION" \
--build-arg="PKGVER=$PKGVER" \ --build-arg="PKGVER=$PKGVER" \
--build-arg="FRR_IMAGE_TAG=$FRR_IMAGE_TAG" \ --build-arg="FRR_IMAGE_TAG=$FRR_IMAGE_TAG" \
--build-arg="FRR_RELEASE=$FRR_RELEASE" \ --build-arg="FRR_RELEASE=$FRR_RELEASE" \

0
docker/ubi-8/docker-start → docker/ubi8-minimal/docker-start
View File