vitess.io/vitess@v0.16.2/docker/lite/Dockerfile.ubi7.percona57

vitess.io/vitess@v0.16.2/docker/lite/Dockerfile.ubi7.percona57 (about)

     1  # Copyright 2019 The Vitess Authors.
     2  #
     3  # Licensed under the Apache License, Version 2.0 (the "License");
     4  # you may not use this file except in compliance with the License.
     5  # You may obtain a copy of the License at
     6  #
     7  #     http://www.apache.org/licenses/LICENSE-2.0
     8  #
     9  # Unless required by applicable law or agreed to in writing, software
    10  # distributed under the License is distributed on an "AS IS" BASIS,
    11  # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    12  # See the License for the specific language governing permissions and
    13  # limitations under the License.
    14  
    15  # NOTE: We have to build the Vitess binaries from scratch instead of sharing
    16  #       a base image because Docker Hub dropped the feature we relied upon to
    17  #       ensure images contain the right binaries.
    18  
    19  # Use a temporary layer for the build stage.
    20  ARG bootstrap_version=14.3
    21  ARG image="vitess/bootstrap:${bootstrap_version}-percona57"
    22  
    23  FROM "${image}" AS builder
    24  
    25  # Allows docker builds to set the BUILD_NUMBER
    26  ARG BUILD_NUMBER
    27  
    28  # Re-copy sources from working tree.
    29  COPY --chown=vitess:vitess . /vt/src/vitess.io/vitess
    30  
    31  # Build and install Vitess in a temporary output directory.
    32  USER vitess
    33  RUN make install PREFIX=/vt/install
    34  
    35  # Start over and build the final image.
    36  FROM registry.access.redhat.com/ubi7/ubi:latest
    37  
    38  # Install keys and dependencies
    39  RUN mkdir /tmp/gpg && chmod 700 /tmp/gpg && export GNUPGHOME=/tmp/gpg \
    40   && yum install -y --setopt=alwaysprompt=no gnupg \
    41   && ( gpg --keyserver keyserver.ubuntu.com --recv-keys 430BDF5C56E7C94E848EE60C1C4CBDCDCD2EFD2A 4D1BB29D63D98E422B2113B19334A25F8507EFA5 6341AB2753D78A78A7C27BB124C6A8A7F4A80EB5 ) \
    42   && gpg --export --armor 430BDF5C56E7C94E848EE60C1C4CBDCDCD2EFD2A > ${GNUPGHOME}/RPM-GPG-KEY-Percona.1 \
    43   && gpg --export --armor 4D1BB29D63D98E422B2113B19334A25F8507EFA5 > ${GNUPGHOME}/RPM-GPG-KEY-Percona.2 \
    44   && gpg --export --armor 6341AB2753D78A78A7C27BB124C6A8A7F4A80EB5 > ${GNUPGHOME}/RPM-GPG-KEY-CentOS-7 \
    45   && rpmkeys --import ${GNUPGHOME}/RPM-GPG-KEY-Percona.1 ${GNUPGHOME}/RPM-GPG-KEY-Percona.2 ${GNUPGHOME}/RPM-GPG-KEY-CentOS-7 /etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release \
    46   && curl -L --retry-delay 10 --retry 3 -o /tmp/perconarepo.rpm https://repo.percona.com/yum/percona-release-latest.noarch.rpm \
    47   && rpmkeys --checksig /tmp/perconarepo.rpm \
    48   && rpm -Uvh /tmp/perconarepo.rpm \
    49   && rm -f /tmp/perconarepo.rpm
    50  RUN echo H4sICH852V8CA2ZvbwC1jr0OgkAQhPt7CgrbY7W6xOQaDaEgRqKxMMTiOFYg/F2WI9G39xCttKGg2UxmJrNfokWqeryxVjUo99ja45kLj3s757IxGqiWhbVmC9CURB352rW63u8oh0mCAHdWY1uRLoDlJtcF6kpuRlnhU97LGt0CoNVgqhLINNxFcIoPPIxDHgVX/v3OsFVpjZlcM5ZoMZhMWex/ES9TMIPyM7UYKj4sqT+kwdufAToNLcP5AvRgmV7zAQAA | base64 -d | gzip -dc > /etc/yum.repos.d/CentOS-Base.repo \
    51   && yum install -y --setopt=alwaysprompt=no --setopt=tsflags=nodocs --enablerepo c7base --enablerepo c7updates --enablerepo c7extras install libev gperftools-libs numactl-libs sysstat strace
    52  RUN yum update -y --setopt=alwaysprompt=no --setopt=tsflags=nodocs \
    53   && yum install -y --setopt=alwaysprompt=no --setopt=tsflags=nodocs bzip2 ca-certificates gnupg libaio libcurl \
    54      jemalloc gperftools-libs procps-ng rsync wget openssl hostname curl tzdata make \
    55  # Can't use alwaysprompt=no here, since we need to pick up deps
    56  #   No way to separate key imports and accept deps separately in yum/dnf
    57   && yum install -y --setopt=tsflags=nodocs Percona-Server-server-57 percona-xtrabackup-24 percona-toolkit \
    58   && yum clean all \
    59   && rm -rf /etc/my.cnf /var/lib/mysql /tmp/gpg /sbin/mysqld-debug
    60  
    61  # Set up Vitess user and directory tree.
    62  RUN groupadd -g 1001 -r vitess && useradd -r -u 1001 -g vitess vitess
    63  RUN mkdir -p /vt/vtdataroot && chown -R vitess:vitess /vt
    64  
    65  # Set up Vitess environment (just enough to run pre-built Go binaries)
    66  ENV VTROOT /vt/src/vitess.io/vitess
    67  ENV VTDATAROOT /vt/vtdataroot
    68  ENV PATH $VTROOT/bin:$PATH
    69  
    70  # Copy artifacts from builder layer.
    71  COPY --from=builder --chown=vitess:vitess /vt/install /vt
    72  COPY --from=builder --chown=vitess:vitess /vt/src/vitess.io/vitess/web/vtadmin /vt/web/vtadmin
    73  
    74  RUN mkdir -p /licenses
    75  COPY LICENSE /licenses
    76  
    77  # Create mount point for actual data (e.g. MySQL data dir)
    78  VOLUME /vt/vtdataroot
    79  USER vitess
    80  
    81  LABEL name="Vitess Lite image - Percona Server 5.7" \
    82        io.k8s.display-name="Vitess Lite image - Percona Server 5.7" \
    83        maintainer="cncf-vitess-maintainers@lists.cncf.io" \
    84        vendor="CNCF" \
    85        version="6.0.0" \
    86        release="1" \
    87        summary="Vitess base container image, containing Vitess components along with Percona Server 5.7" \
    88        description="Vitess base container image, containing Vitess components along with Percona Server 5.7" \
    89        io.k8s.description="Vitess base container image, containing Vitess components along with Percona Server 5.7" \
    90        distribution-scope="public" \
    91        url="https://vitess.io"