forked from Mirror/frr
Merge pull request #12797 from jvidalallende/ubi8_minimal_dockerfile
docker: reduce ubi8 images size by using ubi8-minimal as base
This commit is contained in:
commit
9213d69499
|
@ -1,83 +0,0 @@
|
||||||
# This stage builds an rpm from the source
|
|
||||||
FROM registry.access.redhat.com/ubi8/ubi:8.5 as ubi-8-builder
|
|
||||||
|
|
||||||
RUN dnf -y update-minimal --security --sec-severity=Important --sec-severity=Critical
|
|
||||||
|
|
||||||
RUN rpm --import https://www.centos.org/keys/RPM-GPG-KEY-CentOS-Official \
|
|
||||||
&& dnf config-manager --disableplugin subscription-manager --add-repo http://mirror.centos.org/centos/8-stream/BaseOS/x86_64/os \
|
|
||||||
&& dnf config-manager --disableplugin subscription-manager --add-repo http://mirror.centos.org/centos/8-stream/AppStream/x86_64/os \
|
|
||||||
&& dnf config-manager --disableplugin subscription-manager --add-repo http://mirror.centos.org/centos/8-stream/PowerTools/x86_64/os
|
|
||||||
|
|
||||||
RUN dnf install -qy https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpm \
|
|
||||||
&& dnf install --enablerepo=* -qy rpm-build git autoconf pcre-devel \
|
|
||||||
systemd-devel automake libtool make readline-devel texinfo \
|
|
||||||
net-snmp-devel pkgconfig groff pkgconfig json-c-devel pam-devel \
|
|
||||||
bison flex python3-pytest c-ares-devel python3-devel python3-sphinx \
|
|
||||||
libcap-devel platform-python-devel \
|
|
||||||
https://ci1.netdef.org/artifact/LIBYANG-LIBYANGV2/shared/build-2/CentOS-8-x86_64-Packages/libyang2-2.0.0.10.g2eb910e4-1.el8.x86_64.rpm \
|
|
||||||
https://ci1.netdef.org/artifact/LIBYANG-LIBYANGV2/shared/build-2/CentOS-8-x86_64-Packages/libyang2-devel-2.0.0.10.g2eb910e4-1.el8.x86_64.rpm \
|
|
||||||
https://ci1.netdef.org/artifact/RPKI-RTRLIB/shared/build-00146/CentOS-7-x86_64-Packages/librtr-0.8.0-1.el7.x86_64.rpm \
|
|
||||||
https://ci1.netdef.org/artifact/RPKI-RTRLIB/shared/build-00146/CentOS-7-x86_64-Packages/librtr-devel-0.8.0-1.el7.x86_64.rpm
|
|
||||||
|
|
||||||
|
|
||||||
COPY . /src
|
|
||||||
|
|
||||||
ARG PKGVER
|
|
||||||
|
|
||||||
RUN echo '%_smp_mflags %( echo "-j$(/usr/bin/getconf _NPROCESSORS_ONLN)"; )' >> /root/.rpmmacros \
|
|
||||||
&& cd /src \
|
|
||||||
&& ./bootstrap.sh \
|
|
||||||
&& ./configure \
|
|
||||||
--enable-rpki \
|
|
||||||
--enable-snmp=agentx \
|
|
||||||
--enable-numeric-version \
|
|
||||||
--with-pkg-extra-version="_palmetto_git$PKGVER" \
|
|
||||||
&& make dist \
|
|
||||||
&& cd / \
|
|
||||||
&& mkdir -p /rpmbuild/{SOURCES,SPECS} \
|
|
||||||
&& cp /src/frr*.tar.gz /rpmbuild/SOURCES \
|
|
||||||
&& cp /src/redhat/frr.spec /rpmbuild/SPECS \
|
|
||||||
&& rpmbuild \
|
|
||||||
--define "_topdir /rpmbuild" \
|
|
||||||
-ba /rpmbuild/SPECS/frr.spec
|
|
||||||
|
|
||||||
# This stage installs frr from the rpm
|
|
||||||
FROM registry.access.redhat.com/ubi8/ubi:8.5
|
|
||||||
RUN dnf -y update-minimal --security --sec-severity=Important --sec-severity=Critical
|
|
||||||
ARG FRR_IMAGE_TAG
|
|
||||||
ARG FRR_RELEASE
|
|
||||||
ARG FRR_NAME
|
|
||||||
ARG FRR_VENDOR
|
|
||||||
LABEL name=$FRR_NAME \
|
|
||||||
vendor=$FRR_VENDOR \
|
|
||||||
version=$FRR_IMAGE_TAG \
|
|
||||||
release=$FRR_RELEASE
|
|
||||||
|
|
||||||
RUN rpm --import https://www.centos.org/keys/RPM-GPG-KEY-CentOS-Official \
|
|
||||||
&& dnf config-manager --disableplugin subscription-manager --add-repo http://mirror.centos.org/centos/8-stream/BaseOS/x86_64/os \
|
|
||||||
&& dnf config-manager --disableplugin subscription-manager --add-repo http://mirror.centos.org/centos/8-stream/AppStream/x86_64/os
|
|
||||||
|
|
||||||
RUN dnf install -qy https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpm \
|
|
||||||
&& mkdir -p /pkgs/rpm \
|
|
||||||
&& dnf install --enablerepo=* -qy https://ci1.netdef.org/artifact/LIBYANG-LIBYANGV2/shared/build-2/CentOS-8-x86_64-Packages/libyang2-2.0.0.10.g2eb910e4-1.el8.x86_64.rpm \
|
|
||||||
https://ci1.netdef.org/artifact/RPKI-RTRLIB/shared/build-00146/CentOS-7-x86_64-Packages/librtr-0.8.0-1.el7.x86_64.rpm
|
|
||||||
|
|
||||||
COPY --from=ubi-8-builder /rpmbuild/RPMS/ /pkgs/rpm/
|
|
||||||
|
|
||||||
RUN dnf install -qy /pkgs/rpm/*/*.rpm \
|
|
||||||
&& rm -rf /pkgs \
|
|
||||||
# Own the config / PID files
|
|
||||||
&& mkdir -p /var/run/frr \
|
|
||||||
&& chown -R frr:frr /etc/frr /var/run/frr
|
|
||||||
|
|
||||||
# Add tini because no CentOS8 package
|
|
||||||
ENV TINI_VERSION v0.19.0
|
|
||||||
ADD https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini /sbin/tini
|
|
||||||
RUN chmod +x /sbin/tini
|
|
||||||
|
|
||||||
# Simple init manager for reaping processes and forwarding signals
|
|
||||||
ENTRYPOINT ["/sbin/tini", "--"]
|
|
||||||
|
|
||||||
# Default CMD starts watchfrr
|
|
||||||
COPY docker/ubi-8/docker-start /usr/lib/frr/docker-start
|
|
||||||
CMD ["/usr/lib/frr/docker-start"]
|
|
132
docker/ubi8-minimal/Dockerfile
Normal file
132
docker/ubi8-minimal/Dockerfile
Normal file
|
@ -0,0 +1,132 @@
|
||||||
|
# This stage builds an rpm from the source
|
||||||
|
ARG UBI8_MINIMAL_VERSION
|
||||||
|
FROM registry.access.redhat.com/ubi8/ubi-minimal:${UBI8_MINIMAL_VERSION} as ubi8-minimal-builder
|
||||||
|
|
||||||
|
RUN rpm --import https://repo.almalinux.org/almalinux/RPM-GPG-KEY-AlmaLinux-8
|
||||||
|
|
||||||
|
ADD docker/ubi8-minimal/almalinux.repo /etc/yum.repos.d/almalinux.repo
|
||||||
|
|
||||||
|
# ubi8-minimal comes with broken tzdata package installed, so we need to remove them
|
||||||
|
# and later reinstall it again: https://bugzilla.redhat.com/show_bug.cgi?id=1668185
|
||||||
|
RUN rpm --quiet -e --nodeps tzdata >/dev/null 2>&1
|
||||||
|
|
||||||
|
RUN microdnf --disableplugin=subscription-manager --setopt=install_weak_deps=0 install \
|
||||||
|
autoconf \
|
||||||
|
automake \
|
||||||
|
bison \
|
||||||
|
c-ares-devel \
|
||||||
|
flex \
|
||||||
|
git \
|
||||||
|
groff \
|
||||||
|
json-c-devel \
|
||||||
|
libcap-devel \
|
||||||
|
libssh-devel \
|
||||||
|
libtool \
|
||||||
|
make \
|
||||||
|
net-snmp-devel \
|
||||||
|
openssl \
|
||||||
|
pam-devel \
|
||||||
|
pcre-devel \
|
||||||
|
pkgconfig \
|
||||||
|
platform-python-devel \
|
||||||
|
python3-devel \
|
||||||
|
python3-pytest \
|
||||||
|
python3-sphinx \
|
||||||
|
readline-devel \
|
||||||
|
rpm-build \
|
||||||
|
systemd-devel \
|
||||||
|
texinfo \
|
||||||
|
tzdata \
|
||||||
|
&& microdnf --disableplugin=subscription-manager clean all
|
||||||
|
|
||||||
|
RUN curl -sSL -o /tmp/libyang2.rpm https://ci1.netdef.org/artifact/LIBYANG-LIBYANGV2/shared/build-12/RedHat-8-x86_64-Packages/libyang2-2.0.7-1.el8.x86_64.rpm \
|
||||||
|
&& rpm -i /tmp/libyang2.rpm \
|
||||||
|
&& rm -f /tmp/libyang2.rpm
|
||||||
|
|
||||||
|
RUN curl -sSL -o /tmp/libyang2-devel.rpm https://ci1.netdef.org/artifact/LIBYANG-LIBYANGV2/shared/build-12/RedHat-8-x86_64-Packages/libyang2-devel-2.0.7-1.el8.x86_64.rpm \
|
||||||
|
&& rpm -i /tmp/libyang2-devel.rpm \
|
||||||
|
&& rm -f /tmp/libyang2-devel.rpm
|
||||||
|
|
||||||
|
RUN curl -sSL -o /tmp/librtr.rpm https://ci1.netdef.org/artifact/RPKI-RTRLIB/shared/build-149/RedHat-8-x86_64-Packages/librtr-0.8.0-1.el8.x86_64.rpm \
|
||||||
|
&& rpm -i /tmp/librtr.rpm \
|
||||||
|
&& rm -f /tmp/librtr.rpm
|
||||||
|
|
||||||
|
RUN curl -sSL -o /tmp/librtr-devel.rpm https://ci1.netdef.org/artifact/RPKI-RTRLIB/shared/build-149/RedHat-8-x86_64-Packages/librtr-devel-0.8.0-1.el8.x86_64.rpm \
|
||||||
|
&& rpm -i /tmp/librtr-devel.rpm \
|
||||||
|
&& rm -f /tmp/librtr-devel.rpm
|
||||||
|
|
||||||
|
COPY . /src
|
||||||
|
|
||||||
|
ARG PKGVER
|
||||||
|
|
||||||
|
RUN echo '%_smp_mflags %( echo "-j$(/usr/bin/getconf _NPROCESSORS_ONLN)"; )' >> /root/.rpmmacros \
|
||||||
|
&& cd /src \
|
||||||
|
&& ./bootstrap.sh \
|
||||||
|
&& ./configure \
|
||||||
|
--enable-rpki \
|
||||||
|
--enable-snmp=agentx \
|
||||||
|
--enable-numeric-version \
|
||||||
|
--with-pkg-extra-version="_git$PKGVER" \
|
||||||
|
&& make dist \
|
||||||
|
&& cd / \
|
||||||
|
&& mkdir -p /rpmbuild/{SOURCES,SPECS} \
|
||||||
|
&& cp /src/frr*.tar.gz /rpmbuild/SOURCES \
|
||||||
|
&& cp /src/redhat/frr.spec /rpmbuild/SPECS \
|
||||||
|
&& rpmbuild \
|
||||||
|
--define "_topdir /rpmbuild" \
|
||||||
|
-ba /rpmbuild/SPECS/frr.spec
|
||||||
|
|
||||||
|
# This stage installs frr from the rpm
|
||||||
|
FROM registry.access.redhat.com/ubi8/ubi-minimal:${UBI8_MINIMAL_VERSION}
|
||||||
|
ARG FRR_IMAGE_TAG
|
||||||
|
ARG FRR_RELEASE
|
||||||
|
ARG FRR_NAME
|
||||||
|
ARG FRR_VENDOR
|
||||||
|
LABEL name=$FRR_NAME \
|
||||||
|
vendor=$FRR_VENDOR \
|
||||||
|
version=$FRR_IMAGE_TAG \
|
||||||
|
release=$FRR_RELEASE
|
||||||
|
|
||||||
|
ADD docker/ubi8-minimal/almalinux.repo /etc/yum.repos.d/almalinux.repo
|
||||||
|
|
||||||
|
RUN rpm --import https://repo.almalinux.org/almalinux/RPM-GPG-KEY-AlmaLinux-8
|
||||||
|
|
||||||
|
RUN microdnf --disableplugin=subscription-manager --setopt=install_weak_deps=0 install \
|
||||||
|
c-ares \
|
||||||
|
initscripts \
|
||||||
|
net-snmp-agent-libs \
|
||||||
|
net-snmp-libs \
|
||||||
|
openssl \
|
||||||
|
python3 \
|
||||||
|
shadow-utils \
|
||||||
|
systemd \
|
||||||
|
&& microdnf --disableplugin=subscription-manager clean all
|
||||||
|
|
||||||
|
RUN curl -sSL -o /tmp/libyang2.rpm https://ci1.netdef.org/artifact/LIBYANG-LIBYANGV2/shared/build-12/RedHat-8-x86_64-Packages/libyang2-2.0.7-1.el8.x86_64.rpm \
|
||||||
|
&& rpm -i /tmp/libyang2.rpm \
|
||||||
|
&& rm -f /tmp/libyang2.rpm
|
||||||
|
|
||||||
|
RUN curl -sSL -o /tmp/librtr.rpm https://ci1.netdef.org/artifact/RPKI-RTRLIB/shared/build-149/RedHat-8-x86_64-Packages/librtr-0.8.0-1.el8.x86_64.rpm \
|
||||||
|
&& rpm -i /tmp/librtr.rpm \
|
||||||
|
&& rm -f /tmp/librtr.rpm
|
||||||
|
|
||||||
|
COPY --from=ubi8-minimal-builder /rpmbuild/RPMS/ /pkgs/rpm/
|
||||||
|
|
||||||
|
# Install packages and create FRR files and folders. Be sure to own the config / PID files
|
||||||
|
RUN rpm -i /pkgs/rpm/x86_64/*.rpm \
|
||||||
|
&& rm -rf /pkgs \
|
||||||
|
&& rm -rf /mnt/rootfs/var/cache/* /mnt/rootfs/var/log/dnf* /mnt/rootfs/var/log/yum.* \
|
||||||
|
&& mkdir -p /var/run/frr \
|
||||||
|
&& chown -R frr:frr /etc/frr /var/run/frr
|
||||||
|
|
||||||
|
# There is no package for tini, add it manually
|
||||||
|
ENV TINI_VERSION v0.19.0
|
||||||
|
ADD https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini /sbin/tini
|
||||||
|
RUN chmod +x /sbin/tini
|
||||||
|
|
||||||
|
# Simple init manager for reaping processes and forwarding signals
|
||||||
|
ENTRYPOINT ["/sbin/tini", "--"]
|
||||||
|
|
||||||
|
# Default CMD starts watchfrr
|
||||||
|
COPY docker/ubi8-minimal/docker-start /usr/lib/frr/docker-start
|
||||||
|
CMD ["/usr/lib/frr/docker-start"]
|
23
docker/ubi8-minimal/almalinux.repo
Normal file
23
docker/ubi8-minimal/almalinux.repo
Normal file
|
@ -0,0 +1,23 @@
|
||||||
|
[AlmaLinux - baseos]
|
||||||
|
name=AlmaLinux $releasever - BaseOS
|
||||||
|
mirrorlist=https://mirrors.almalinux.org/mirrorlist/$releasever/baseos
|
||||||
|
# baseurl=https://repo.almalinux.org/almalinux/$releasever/BaseOS/$basearch/os/
|
||||||
|
enabled=1
|
||||||
|
gpgcheck=1
|
||||||
|
countme=1
|
||||||
|
|
||||||
|
[AlmaLinux - appstream]
|
||||||
|
name=AlmaLinux $releasever - AppStream
|
||||||
|
mirrorlist=https://mirrors.almalinux.org/mirrorlist/$releasever/appstream
|
||||||
|
# baseurl=https://repo.almalinux.org/almalinux/$releasever/AppStream/$basearch/os/
|
||||||
|
enabled=1
|
||||||
|
gpgcheck=1
|
||||||
|
countme=1
|
||||||
|
|
||||||
|
[AlmaLinux - powertools]
|
||||||
|
name=AlmaLinux $releasever - PowerTools
|
||||||
|
mirrorlist=https://mirrors.almalinux.org/mirrorlist/$releasever/powertools
|
||||||
|
# baseurl=https://repo.almalinux.org/almalinux/$releasever/PowerTools/$basearch/os/
|
||||||
|
enabled=1
|
||||||
|
gpgcheck=1
|
||||||
|
countme=1
|
|
@ -5,37 +5,45 @@ set -e
|
||||||
##
|
##
|
||||||
# Package version needs to be decimal
|
# Package version needs to be decimal
|
||||||
##
|
##
|
||||||
DISTRO=ubi-8
|
DISTRO=ubi8-minimal
|
||||||
|
|
||||||
|
UBI8_MINIMAL_VERSION=$1
|
||||||
|
if [ -z "$UBI8_MINIMAL_VERSION" ]; then
|
||||||
|
UBI8_MINIMAL_VERSION="latest"
|
||||||
|
fi
|
||||||
|
|
||||||
GITREV="$2"
|
GITREV="$2"
|
||||||
if [ -z "$GITREV" ];then
|
if [ -z "$GITREV" ];then
|
||||||
GITREV="$(git rev-parse --short=10 HEAD)"
|
GITREV="$(git rev-parse --short=10 HEAD)"
|
||||||
fi
|
fi
|
||||||
|
|
||||||
FRR_IMAGE_TAG="$1"
|
FRR_IMAGE_TAG="$3"
|
||||||
if [ -z $FRR_IMAGE_TAG ];then
|
if [ -z $FRR_IMAGE_TAG ];then
|
||||||
FRR_IMAGE_TAG="frr:ubi-8-$GITREV"
|
FRR_IMAGE_TAG="frr:ubi8-minimal-$GITREV"
|
||||||
fi
|
fi
|
||||||
PKGVER="$(printf '%u\n' 0x$GITREV)"
|
PKGVER="$(printf '%u\n' 0x$GITREV)"
|
||||||
|
|
||||||
FRR_RELEASE="$3"
|
FRR_RELEASE="$4"
|
||||||
if [ -z $FRR_RELEASE ];then
|
if [ -z $FRR_RELEASE ];then
|
||||||
FRR_RELEASE=$(git describe --tags --abbrev=0)
|
FRR_RELEASE=$(git describe --tags --abbrev=0)
|
||||||
fi
|
fi
|
||||||
|
|
||||||
FRR_NAME=$4
|
FRR_NAME=$5
|
||||||
if [ -z $FRR_NAME ];then
|
if [ -z $FRR_NAME ];then
|
||||||
FRR_NAME=frr
|
FRR_NAME=frr
|
||||||
fi
|
fi
|
||||||
|
|
||||||
FRR_VENDOR=$5
|
FRR_VENDOR=$6
|
||||||
if [ -z $FRR_VENDOR ];then
|
if [ -z $FRR_VENDOR ];then
|
||||||
FRR_VENDOR=frr
|
FRR_VENDOR=frr
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
DOCKERFILE_PATH="$(dirname $(realpath $0))/Dockerfile"
|
||||||
|
|
||||||
docker build \
|
docker build \
|
||||||
--cache-from="frr:$DISTRO-builder-$GITREV" \
|
--cache-from="frr:$DISTRO-builder-$GITREV" \
|
||||||
--file=docker/$DISTRO/Dockerfile \
|
--file="$DOCKERFILE_PATH" \
|
||||||
|
--build-arg="UBI8_MINIMAL_VERSION=$UBI8_MINIMAL_VERSION" \
|
||||||
--build-arg="PKGVER=$PKGVER" \
|
--build-arg="PKGVER=$PKGVER" \
|
||||||
--build-arg="FRR_IMAGE_TAG=$FRR_IMAGE_TAG" \
|
--build-arg="FRR_IMAGE_TAG=$FRR_IMAGE_TAG" \
|
||||||
--build-arg="FRR_RELEASE=$FRR_RELEASE" \
|
--build-arg="FRR_RELEASE=$FRR_RELEASE" \
|
Loading…
Reference in a new issue