From 0d64272d5431bf60534c2d5436d0db4c64b94dff Mon Sep 17 00:00:00 2001 From: Venkata Harish K Kajur Date: Sun, 17 Sep 2017 23:55:27 -0400 Subject: Modify dockerfile to use common docker image In order to decrease image size as well as decrease the build time of docker image everyday Issue-ID: AAI-219 Change-Id: Id007092977b539d8a27f92511f7ced56a61068e4 Signed-off-by: Venkata Harish K Kajur --- aai-resources/src/main/resources/docker/Dockerfile | 93 +++++----------------- .../src/main/resources/docker/docker-entrypoint.sh | 90 ++++++++++++++------- .../src/main/resources/docker/init-chef.sh | 35 +++++++- 3 files changed, 110 insertions(+), 108 deletions(-) (limited to 'aai-resources') diff --git a/aai-resources/src/main/resources/docker/Dockerfile b/aai-resources/src/main/resources/docker/Dockerfile index 8da5740..dcbae0c 100644 --- a/aai-resources/src/main/resources/docker/Dockerfile +++ b/aai-resources/src/main/resources/docker/Dockerfile @@ -1,88 +1,31 @@ -FROM ubuntu:14.04 +FROM aaionap/aai-common:1.1.0 -ENV DEBIAN_FRONTEND noninteractive - -ARG HTTP_PROXY -ARG HTTPS_PROXY - -ENV HTTP_PROXY ${HTTP_PROXY} -ENV HTTPS_PROXY ${HTTPS_PROXY} -ENV https_proxy ${HTTPS_PROXY} -ENV http_proxy ${HTTP_PROXY} - -# Setup JAVA_HOME, this is useful for docker commandline -ENV JAVA_HOME /usr/lib/jvm/java-8-openjdk-amd64 - -# Install all the application requirements such as curl ksh and git -# Also install the chef and then remove it in one RUN command -# Because the docker files work like git commits and each command is committed -# So removing the chef in a different command will still have its in its build image -# Its good to be optimizing and removing any files that are not needed for docker images -# for the best possible performance out of your image - -RUN if [ ! -z ${HTTP_PROXY} ]; then echo "Acquire::http::proxy \"${HTTP_PROXY}\";" >> /etc/apt/apt.conf; fi && \ - if [ ! -z ${HTTPS_PROXY} ]; then echo "Acquire::https::proxy \"${HTTPS_PROXY}\";" >> /etc/apt/apt.conf; fi && \ - apt-get update && \ - apt-get install -y software-properties-common && \ - apt-get install --reinstall ca-certificates && \ - sudo -E add-apt-repository ppa:openjdk-r/ppa && \ - apt-get update && \ - apt-get -qq install -y openjdk-8-jre-headless git curl ksh && \ - curl -k -LO https://packages.chef.io/stable/ubuntu/14.04/chefdk_0.17.17-1_amd64.deb || \ - curl --tlsv1 -LO https://packages.chef.io/stable/ubuntu/14.04/chefdk_0.17.17-1_amd64.deb && \ - dpkg -i chefdk_0.17.17-1_amd64.deb && \ - rm chefdk_0.17.17-1_amd64.deb && \ - rm -rf /var/lib/apt/lists/* +RUN mkdir -p /opt/aaihome/aaiadmin /opt/aai/logroot/AAI-RES /opt/app/aai-resources/bin /opt/app/aai-resources/extApps; # Add the proper files into the docker image from your build -ADD ./opt/app /opt/app -ADD ./commonLibs/ /opt/app/commonLibs/ -ADD init-chef.sh /init-chef.sh -ADD docker-entrypoint.sh /docker-entrypoint.sh -ADD aai.sh /etc/profile.d/aai.sh +ADD ./opt/app/aai-resources /opt/app/aai-resources +ADD ./commonLibs/ /opt/app/commonLibs/ +ADD init-chef.sh /opt/app/aai-resources/init-chef.sh +ADD docker-entrypoint.sh /opt/app/aai-resources/docker-entrypoint.sh +ADD aai.sh /etc/profile.d/aai.sh -# Expose the ports for outside linux to use -# 8447 is the important one to be used - -EXPOSE 8447 - -# Create the /var/chef if it doesn't exist -WORKDIR /var/chef - -# Create the directory structure of aai application resembling the development server -# hard-coding path to match ajsc version - -RUN chmod 755 /init-chef.sh /docker-entrypoint.sh && chmod 644 /etc/profile.d/aai.sh && \ - mkdir /opt/aaihome && \ - useradd -r -ms /bin/bash -d /opt/aaihome/aaiadmin aaiadmin && \ - mkdir -p /opt/app/${project.artifactId} && \ - chown aaiadmin:aaiadmin /opt/app/${project.artifactId} && \ - chown -R aaiadmin:aaiadmin /opt/app/${project.artifactId} && \ - mkdir -p /opt/aai/logroot && \ - chown -R aaiadmin:aaiadmin /opt/aai/logroot && \ - ln -s /opt/app/${project.artifactId}/bin scripts && \ - mkdir -p /opt/app/${project.artifactId}/extApps && chown -R aaiadmin:aaiadmin /opt/app/${project.artifactId}/extApps && \ - find /opt/app/${project.artifactId}/bin -name "*.sh" -exec chmod 755 {} + && \ - chown aaiadmin:aaiadmin /docker-entrypoint.sh && \ - chown -R aaiadmin:aaiadmin /var/chef && \ - mkdir -p /opt/aai/logroot/AAI-RES && \ - chown aaiadmin:aaiadmin /opt/aai/logroot/AAI-RES && \ - ln -s /opt/aai/logroot/AAI-RES /opt/app/${project.artifactId}/logs && \ - chown -R aaiadmin:aaiadmin /opt/app/${project.artifactId}/logs +# Change the permissions of aai shell script and all scripts in the microservice to be executable +RUN chmod 644 /etc/profile.d/aai.sh && \ + find /opt/app/aai-resources -name "*.sh" -exec chmod 755 {} + +# Set the log directory to be mountable so the logs will be persisted VOLUME /opt/aai/logroot/AAI-RES -WORKDIR / +# Expose the ports that needs to be available from the container +EXPOSE 8447 -USER aaiadmin +# During the startup of the container, this will be the starting directory +WORKDIR /opt/app/aai-resources # When the container is started this is the entrypoint script # that docker will run. Make sure this script doesn't end abruptly -# If you want the container running even if the main application stops -# You can run a ever lasting process like tail -f /dev/null -# Or something like that at the end of the docker-entrypoint script -# So if the main application you are planning on running fails -# the docker container keeps on running forever +# Docker entrypoint will run exec command to make that main process +# Using the exec form here will ensure the java process is main -ENTRYPOINT ./docker-entrypoint.sh +ENTRYPOINT ["/bin/bash", "/opt/app/aai-resources/docker-entrypoint.sh"] diff --git a/aai-resources/src/main/resources/docker/docker-entrypoint.sh b/aai-resources/src/main/resources/docker/docker-entrypoint.sh index 47ee81f..ab7098a 100644 --- a/aai-resources/src/main/resources/docker/docker-entrypoint.sh +++ b/aai-resources/src/main/resources/docker/docker-entrypoint.sh @@ -18,44 +18,76 @@ # ============LICENSE_END========================================================= ### -cd /var/chef; +# Set the current path to be the application home and common libs home +APP_HOME=$(pwd); +COMMONLIBS_HOME="/opt/app/commonLibs"; -CHEF_CONFIG_REPO=${CHEF_CONFIG_REPO:-aai-config}; +export CHEF_CONFIG_REPO=${CHEF_CONFIG_REPO:-aai-config}; +export CHEF_GIT_URL=${CHEF_GIT_URL:-http://gerrit.onap.org/r/aai}; +export CHEF_CONFIG_GIT_URL=${CHEF_CONFIG_GIT_URL:-$CHEF_GIT_URL}; +export CHEF_DATA_GIT_URL=${CHEF_DATA_GIT_URL:-$CHEF_GIT_URL}; -CHEF_GIT_URL=${CHEF_GIT_URL:-http://nexus.onap.org/r/aai}; +USER_ID=${LOCAL_USER_ID:-9001} -CHEF_CONFIG_GIT_URL=${CHEF_CONFIG_GIT_URL:-$CHEF_GIT_URL}; -CHEF_DATA_GIT_URL=${CHEF_DATA_GIT_URL:-$CHEF_GIT_URL}; +if [ $(cat /etc/passwd | grep aaiadmin | wc -l) -eq 0 ]; then + useradd --shell=/bin/bash -u ${USER_ID} -o -c "" -m aaiadmin || { + echo "Unable to create the user id for ${USER_ID}"; + exit 1; + } +fi; -if [ ! -d "aai-config" ]; then +chown -R aaiadmin:aaiadmin /opt/app /var/chef /opt/aai/logroot - git clone --depth 1 -b ${CHEF_BRANCH} --single-branch ${CHEF_CONFIG_GIT_URL}/${CHEF_CONFIG_REPO}.git aai-config || { - echo "Error: Unable to clone the aai-config repo with url: ${CHEF_GIT_URL}/${CHEF_CONFIG_REPO}.git"; - exit; - } +gosu aaiadmin ./init-chef.sh - (cd aai-config/cookbooks/${project.artifactId}/ && \ - for f in $(ls); do mv $f ../; done && \ - cd ../ && rmdir ${project.artifactId}); -fi +httpPort=8087; +httpsPort=8447; -if [ ! -d "aai-data" ]; then +cd ${APP_HOME}; - git clone --depth 1 -b ${CHEF_BRANCH} --single-branch ${CHEF_DATA_GIT_URL}/aai-data.git aai-data || { - echo "Error: Unable to clone the aai-data repo with url: ${CHEF_GIT_URL}"; - exit; - } +CP=${COMMONLIBS_HOME}/*; +CP="$CP":${APP_HOME}/etc; +CP="$CP":${APP_HOME}/lib/*; +CP="$CP":${APP_HOME}/extJars/logback-access-1.1.7.jar; +CP="$CP":${APP_HOME}/extJars/logback-core-1.1.7.jar; +CP="$CP":${APP_HOME}/extJars/aai-core-${AAI_CORE_VERSION}.jar; - chef-solo \ - -c /var/chef/aai-data/chef-config/dev/.knife/solo.rb \ - -j /var/chef/aai-config/cookbooks/runlist-${project.artifactId}.json \ - -E ${AAI_CHEF_ENV}; +# You can add additional jvm options by adding environment variable JVM_PRE_OPTS +# If you need to add more jvm options at the end then you can use JVM_POST_OPTS +JVM_OPTS="${JVM_PRE_OPTS} ${JVM_OPTS}"; +JVM_OPTS="${JVM_OPTS} -server -XX:NewSize=512m -XX:MaxNewSize=512m"; +JVM_OPTS="${JVM_OPTS} -XX:SurvivorRatio=8"; +JVM_OPTS="${JVM_OPTS} -XX:+DisableExplicitGC -verbose:gc -XX:+UseParNewGC"; +JVM_OPTS="${JVM_OPTS} -XX:+CMSParallelRemarkEnabled -XX:+CMSClassUnloadingEnabled"; +JVM_OPTS="${JVM_OPTS} -XX:+UseConcMarkSweepGC -XX:-UseBiasedLocking"; +JVM_OPTS="${JVM_OPTS} -XX:ParallelGCThreads=4"; +JVM_OPTS="${JVM_OPTS} -XX:LargePageSizeInBytes=128m "; +JVM_OPTS="${JVM_OPTS} -XX:+PrintGCDetails -XX:+PrintGCTimeStamps"; +JVM_OPTS="${JVM_OPTS} -Xloggc:${APP_HOME}/logs/gc/graph-query_gc.log"; +JVM_OPTS="${JVM_OPTS} -XX:+HeapDumpOnOutOfMemoryError"; +JVM_OPTS="${JVM_OPTS} ${JVM_POST_OPTS}"; - /opt/app/aai-resources/bin/createDBSchema.sh || { - echo "Error: Unable to create the db schema, please check if the hbase host is configured and up"; - exit; - } +# You can add additional java options by adding environment variable JAVA_PRE_OPTS +# If you need to add more jvm options at the end then you can use JAVA_POST_OPTS +JAVA_OPTS="${JAVA_PRE_OPTS} ${JAVA_OPTS}"; +JAVA_OPTS="${JAVA_OPTS} -Dsun.net.inetaddr.ttl=180"; +JAVA_OPTS="${JAVA_OPTS} -Dhttps.protocols=TLSv1.1,TLSv1.2"; +JAVA_OPTS="${JAVA_OPTS} -DSOACLOUD_SERVICE_VERSION=1.0.1"; +JAVA_OPTS="${JAVA_OPTS} -DAJSC_HOME=${APP_HOME}"; +JAVA_OPTS="${JAVA_OPTS} -DAJSC_CONF_HOME=${APP_HOME}/bundleconfig"; +JAVA_OPTS="${JAVA_OPTS} -DAJSC_SHARED_CONFIG=${APP_HOME}/bundleconfig"; +JAVA_OPTS="${JAVA_OPTS} -DAFT_HOME=${APP_HOME}"; +JAVA_OPTS="${JAVA_OPTS} -DAAI_CORE_VERSION=${AAI_CORE_VERSION}"; +JAVA_OPTS="${JAVA_OPTS} -Daai-core.version=${AAI_CORE_VERSION}"; +JAVA_OPTS="${JAVA_OPTS} -Dlogback.configurationFile=${APP_HOME}/bundleconfig/etc/logback.xml"; +JAVA_OPTS="${JAVA_OPTS} ${JAVA_POST_OPTS}"; -fi +JAVA_ARGS="${JAVA_PRE_ARGS} ${JAVA_ARGS}"; +JAVA_ARGS="${JAVA_ARGS} context=/"; +JAVA_ARGS="${JAVA_ARGS} port=$httpPort"; +JAVA_ARGS="${JAVA_ARGS} sslport=$httpsPort"; +JAVA_ARGS="${JAVA_ARGS} ${JAVA_POST_ARGS}"; -java -cp ${CLASSPATH}:/opt/app/commonLibs/*:/opt/app/aai-resources/etc:/opt/app/aai-resources/lib/*:/opt/app/aai-resources/extJars/logback-access-1.1.7.jar:/opt/app/aai-resources/extJars/logback-core-1.1.7.jar:/opt/app/aai-resources/extJars/aai-core-${AAI_CORE_VERSION}.jar -server -XX:NewSize=512m -XX:MaxNewSize=512m -XX:SurvivorRatio=8 -XX:+DisableExplicitGC -verbose:gc -XX:+UseParNewGC -XX:+CMSParallelRemarkEnabled -XX:+CMSClassUnloadingEnabled -XX:+UseConcMarkSweepGC -XX:-UseBiasedLocking -XX:ParallelGCThreads=4 -XX:LargePageSizeInBytes=128m -XX:+PrintGCDetails -XX:+PrintGCTimeStamps -Dsun.net.inetaddr.ttl=180 -XX:+HeapDumpOnOutOfMemoryError -Dhttps.protocols=TLSv1.1,TLSv1.2 -DSOACLOUD_SERVICE_VERSION=1.0.1 -DAJSC_HOME=/opt/app/aai-resources/ -DAJSC_CONF_HOME=/opt/app/aai-resources/bundleconfig -DAJSC_SHARED_CONFIG=/opt/app/aai-resources/bundleconfig -DAFT_HOME=/opt/app/aai-resources -DAAI_CORE_VERSION=${AAI_CORE_VERSION} -Daai-core.version=${AAI_CORE_VERSION} -Dlogback.configurationFile=/opt/app/aai-resources/bundleconfig/etc/logback.xml -Xloggc:/opt/app/aai-resources/logs/ajsc-jetty/gc/graph-query_gc.log com.att.ajsc.runner.Runner context=/ port=8087 sslport=8447 +JAVA_CMD="exec gosu aaiadmin java"; +# Run the following command as aai-admin using gosu and make that process main +${JAVA_CMD} -cp ${CLASSPATH}:${CP} ${JVM_OPTS} ${JAVA_OPTS} com.att.ajsc.runner.Runner ${JAVA_ARGS} "$@" diff --git a/aai-resources/src/main/resources/docker/init-chef.sh b/aai-resources/src/main/resources/docker/init-chef.sh index 112b0b3..ed56b00 100644 --- a/aai-resources/src/main/resources/docker/init-chef.sh +++ b/aai-resources/src/main/resources/docker/init-chef.sh @@ -25,8 +25,35 @@ # ############################################################################## -#echo "AAI_CHEF_ENV=${AAI_CHEF_ENV}" >> /etc/environment -#echo "AAI_CHEF_LOC=${AAI_CHEF_LOC}" >> /etc/environment -#touch /root/.bash_profile -chef-solo -c /var/chef/aai-data/chef-config/dev/.knife/solo.rb -j /var/chef/aai-config/cookbooks/runlist-app-server.json -E ${AAI_CHEF_ENV} +cd /var/chef; +if [ ! -d "aai-config" ]; then + + git clone --depth 1 -b ${CHEF_BRANCH} --single-branch ${CHEF_CONFIG_GIT_URL}/${CHEF_CONFIG_REPO}.git aai-config || { + echo "Error: Unable to clone the aai-config repo with url: ${CHEF_GIT_URL}/${CHEF_CONFIG_REPO}.git"; + exit; + } + + (cd aai-config/cookbooks/aai-resources/ && \ + for f in $(ls); do mv $f ../; done && \ + cd ../ && rmdir aai-resources); +fi + +if [ ! -d "aai-data" ]; then + + git clone --depth 1 -b ${CHEF_BRANCH} --single-branch ${CHEF_DATA_GIT_URL}/aai-data.git aai-data || { + echo "Error: Unable to clone the aai-data repo with url: ${CHEF_GIT_URL}"; + exit; + } + + chef-solo \ + -c /var/chef/aai-data/chef-config/dev/.knife/solo.rb \ + -j /var/chef/aai-config/cookbooks/runlist-aai-resources.json \ + -E ${AAI_CHEF_ENV}; + + /opt/app/aai-resources/bin/createDBSchema.sh || { + echo "Error: Unable to create the db schema, please check if the hbase host is configured and up"; + exit; + } + +fi -- cgit 1.2.3-korg