github.com/m3db/m3@v1.5.1-0.20231129193456-75a402aa583b/docker/m3dbnode/Dockerfile-setcap (about) 1 # stage 1: build 2 FROM golang:1.18-alpine3.15 AS builder 3 LABEL maintainer="The M3DB Authors <m3db@googlegroups.com>" 4 5 # Install deps 6 RUN apk add --update git make bash 7 8 # Add source code 9 RUN mkdir -p /go/src/github.com/m3db/m3 10 ADD . /go/src/github.com/m3db/m3 11 12 # Build m3dbnode binary 13 RUN cd /go/src/github.com/m3db/m3/ && \ 14 git submodule update --init && \ 15 make m3dbnode-linux-amd64 16 17 # Stage 2: lightweight "release" 18 FROM alpine:3.15 19 LABEL maintainer="The M3DB Authors <m3db@googlegroups.com>" 20 21 ENV GODEBUG madvdontneed=1 22 23 EXPOSE 2379/tcp 2380/tcp 7201/tcp 7203/tcp 9000-9004/tcp 24 25 COPY --from=builder /go/src/github.com/m3db/m3/src/dbnode/config/m3dbnode-local-etcd.yml /etc/m3dbnode/m3dbnode.yml 26 COPY --from=builder /go/src/github.com/m3db/m3/bin/m3dbnode \ 27 /go/src/github.com/m3db/m3/scripts/m3dbnode_bootstrapped.sh \ 28 /bin/ 29 30 # Use setcap to set +e "effective" and +p "permitted" to adjust the SYS_RESOURCE 31 # so the process can raise the hard file limit with setrlimit. 32 # Also provide timezone data to allow TZ environment variable to be set 33 # for parsing relative times such as "9am" correctly and respect 34 # the TZ environment variable. 35 RUN apk add --no-cache tzdata curl jq libcap && \ 36 setcap cap_sys_resource=+ep /bin/m3dbnode 37 38 ENV GODEBUG madvdontneed=1 39 40 ENTRYPOINT [ "/bin/m3dbnode" ] 41 CMD [ "-f", "/etc/m3dbnode/m3dbnode.yml" ]