github.com/google/fleetspeak@v0.1.15-0.20240426164851-4f31f62c1aea/sandboxes/shared/envoy/Dockerfile (about) 1 ARG ENVOY_IMAGE="${ENVOY_IMAGE:-envoyproxy/envoy}" 2 ARG ENVOY_VARIANT="${ENVOY_VARIANT:-dev}" 3 4 5 FROM ${ENVOY_IMAGE}:${ENVOY_VARIANT} as envoy-base 6 ARG ENVOY_CONFIG=envoy.yaml 7 ENV ENVOY_CONFIG="$ENVOY_CONFIG" 8 ENV DEBIAN_FRONTEND=noninteractive 9 RUN --mount=type=cache,target=/var/cache/apt,sharing=locked \ 10 --mount=type=cache,target=/var/lib/apt/lists,sharing=locked \ 11 rm -f /etc/apt/apt.conf.d/docker-clean \ 12 && echo 'Binary::apt::APT::Keep-Downloaded-Packages "true";' | tee /etc/apt/apt.conf.d/keep-cache \ 13 && apt-get -qq update -y \ 14 && apt-get -qq install --no-install-recommends -y curl 15 COPY --chmod=777 "$ENVOY_CONFIG" /etc/envoy.yaml 16 COPY --chmod=644 cert.pem /etc/cert.pem 17 COPY --chmod=644 key.pem /etc/key.pem 18 CMD ["/usr/local/bin/envoy", "-c", "/etc/envoy.yaml"] 19 20 FROM envoy-base as envoy-admin 21 ARG ENVOY_ADMIN_PORT=10001 22 ENV ENVOY_ADMIN_PORT="$ENVOY_ADMIN_PORT" 23 HEALTHCHECK \ 24 --interval=1s \ 25 --timeout=1s \ 26 --start-period=1s \ 27 --retries=3 \ 28 CMD curl -s "localhost:${ENVOY_ADMIN_PORT}/stats?filter=server.state" | grep 0 \ 29 && curl -s "localhost:${ENVOY_ADMIN_PORT}/stats?filter=listener_manager.workers_started" | grep 1 30 31 FROM envoy-base as envoy-fault-injection 32 RUN --mount=type=cache,target=/var/cache/apt,sharing=locked \ 33 --mount=type=cache,target=/var/lib/apt/lists,sharing=locked \ 34 apt-get -qq update -y \ 35 && apt-get -qq install --no-install-recommends -y tree 36 COPY enable_delay_fault_injection.sh disable_delay_fault_injection.sh enable_abort_fault_injection.sh disable_abort_fault_injection.sh send_request.sh / 37 38 39 FROM envoy-base as envoy-jaeger-native 40 # 41 # for discussion on jaeger binary compatibility, and the source of the file, see here: 42 # https://github.com/envoyproxy/envoy/issues/11382#issuecomment-638012072 43 # 44 RUN echo "4a7d17d4724ee890490bcd6cfdedb12a02316a3d33214348d30979abd201f1ca /usr/local/lib/libjaegertracing_plugin.so" > /tmp/checksum \ 45 && curl -Ls https://github.com/envoyproxy/misc/releases/download/jaegertracing-plugin/jaegertracing-plugin-centos.tar.gz \ 46 | tar zxf - -C /usr/local/lib \ 47 && mv /usr/local/lib/libjaegertracing.so.0.4.2 /usr/local/lib/libjaegertracing_plugin.so \ 48 && sha256sum -c /tmp/checksum \ 49 && rm /tmp/checksum 50 51 52 FROM envoy-base as envoy-load-balancing 53 RUN --mount=type=cache,target=/var/cache/apt,sharing=locked \ 54 --mount=type=cache,target=/var/lib/apt/lists,sharing=locked \ 55 apt-get -qq update -y \ 56 && apt-get -qq install --no-install-recommends -y python3 57 COPY ./client.py /client.py 58 EXPOSE 8001 59 60 61 FROM envoy-base as envoy-double-proxy-base 62 COPY --chmod=777 ./certs/ca.crt /certs/cacert.pem 63 64 65 FROM envoy-double-proxy-base as envoy-double-proxy-frontend 66 COPY --chmod=777 ./certs/postgres-frontend.example.com.crt /certs/clientcert.pem 67 COPY --chmod=777 ./certs/example.com.key /certs/clientkey.pem 68 69 70 FROM envoy-double-proxy-base as envoy-double-proxy-backend 71 COPY --chmod=777 ./certs/postgres-backend.example.com.crt /certs/servercert.pem 72 COPY --chmod=777 ./certs/example.com.key /certs/serverkey.pem 73 74 75 FROM envoy-base as envoy-certs 76 COPY --chmod=777 ./certs /certs 77 78 79 FROM envoy-base as envoy-lua 80 ADD --chmod=777 ./lib/mylibrary.lua /lib/mylibrary.lua 81 82 83 FROM envoy-base as envoy-go 84 ENV GODEBUG=cgocheck=0 85 COPY --chmod=777 ./lib/simple.so /lib/simple.so 86 87 88 FROM envoy-base as envoy-ext_authz 89 COPY --chmod=777 ./config /etc/envoy-config 90 COPY --chmod=777 ./run_envoy.sh /run_envoy.sh 91 CMD ["/bin/sh", "/run_envoy.sh"] 92 93 94 FROM envoy-base as envoy-dynamic-fs 95 COPY --chmod=777 ./configs /var/lib/envoy 96 97 98 FROM envoy-base