diff options
author | Venkata Harish K Kajur <vk250x@att.com> | 2017-09-18 10:33:06 -0400 |
---|---|---|
committer | Venkata Harish K Kajur <vk250x@att.com> | 2017-09-18 10:33:13 -0400 |
commit | 277be05aa962be97bed336acaafb808185fd20e9 (patch) | |
tree | 65b13a1b2492172ab3268ed21ad840f01bb5acce | |
parent | 741ca84296546a70ae1ad204b1b6ee4940eecfe7 (diff) |
Modify dockerfile to use common docker image
In order to decrease image size as well as
decrease the build time of docker image everyday
Issue-ID: AAI-219
Change-Id: I6c5aea3672a24f0512ef95eead32b04b642400e9
Signed-off-by: Venkata Harish K Kajur <vk250x@att.com>
3 files changed, 107 insertions, 105 deletions
diff --git a/aai-traversal/src/main/resources/docker/Dockerfile b/aai-traversal/src/main/resources/docker/Dockerfile index 596c71d..dc28e15 100644 --- a/aai-traversal/src/main/resources/docker/Dockerfile +++ b/aai-traversal/src/main/resources/docker/Dockerfile @@ -1,88 +1,31 @@ -FROM ubuntu:14.04 +FROM aaionap/aai-common:1.1.0 -ENV DEBIAN_FRONTEND noninteractive - -ARG HTTP_PROXY -ARG HTTPS_PROXY - -ENV HTTP_PROXY ${HTTP_PROXY} -ENV HTTPS_PROXY ${HTTPS_PROXY} -ENV https_proxy ${HTTPS_PROXY} -ENV http_proxy ${HTTP_PROXY} - -# Setup JAVA_HOME, this is useful for docker commandline -ENV JAVA_HOME /usr/lib/jvm/java-8-openjdk-amd64 - -# Install all the application requirements such as curl ksh and git -# Also install the chef and then remove it in one RUN command -# Because the docker files work like git commits and each command is committed -# So removing the chef in a different command will still have its in its build image -# Its good to be optimizing and removing any files that are not needed for docker images -# for the best possible performance out of your image - -RUN if [ ! -z ${HTTP_PROXY} ]; then echo "Acquire::http::proxy \"${HTTP_PROXY}\";" >> /etc/apt/apt.conf; fi && \ - if [ ! -z ${HTTPS_PROXY} ]; then echo "Acquire::https::proxy \"${HTTPS_PROXY}\";" >> /etc/apt/apt.conf; fi && \ - apt-get update && \ - apt-get install -y software-properties-common uuid-runtime && \ - apt-get install --reinstall ca-certificates && \ - sudo -E add-apt-repository ppa:openjdk-r/ppa && \ - apt-get update && \ - apt-get -qq install -y openjdk-8-jre-headless git curl ksh && \ - curl -k -LO https://packages.chef.io/stable/ubuntu/14.04/chefdk_0.17.17-1_amd64.deb || \ - curl --tlsv1 -LO https://packages.chef.io/stable/ubuntu/14.04/chefdk_0.17.17-1_amd64.deb && \ - dpkg -i chefdk_0.17.17-1_amd64.deb && \ - rm chefdk_0.17.17-1_amd64.deb && \ - rm -rf /var/lib/apt/lists/* +RUN mkdir -p /opt/aaihome/aaiadmin /opt/aai/logroot/AAI-RES /opt/app/aai-traversal/bin /opt/app/aai-traversal/extApps; # Add the proper files into the docker image from your build -ADD ./opt/app /opt/app -ADD ./commonLibs/ /opt/app/commonLibs/ -ADD init-chef.sh /init-chef.sh -ADD docker-entrypoint.sh /docker-entrypoint.sh -ADD aai.sh /etc/profile.d/aai.sh - -# Expose the ports for outside linux to use -# 8446 is the important one to be used - -EXPOSE 8446 - -# Create the /var/chef if it doesn't exist -WORKDIR /var/chef - -# Create the directory structure of aai application resembling the development server -# hard-coding path to match ajsc version +ADD ./opt/app/aai-traversal /opt/app/aai-traversal +ADD ./commonLibs/ /opt/app/commonLibs/ +ADD init-chef.sh /opt/app/aai-traversal/init-chef.sh +ADD docker-entrypoint.sh /opt/app/aai-traversal/docker-entrypoint.sh +ADD aai.sh /etc/profile.d/aai.sh -RUN chmod 755 /init-chef.sh /docker-entrypoint.sh && chmod 644 /etc/profile.d/aai.sh && \ - mkdir /opt/aaihome && \ - useradd -r -ms /bin/bash -d /opt/aaihome/aaiadmin aaiadmin && \ - mkdir -p /opt/app/${project.artifactId} && \ - chown aaiadmin:aaiadmin /opt/app/${project.artifactId} && \ - chown -R aaiadmin:aaiadmin /opt/app/${project.artifactId} && \ - mkdir -p /opt/aai/logroot && \ - chown -R aaiadmin:aaiadmin /opt/aai/logroot && \ - ln -s /opt/app/${project.artifactId}/bin scripts && \ - mkdir -p /opt/app/${project.artifactId}/extApps && chown -R aaiadmin:aaiadmin /opt/app/${project.artifactId}/extApps && \ - find /opt/app/${project.artifactId}/bin -name "*.sh" -exec chmod 755 {} + && \ - chown aaiadmin:aaiadmin /docker-entrypoint.sh && \ - chown -R aaiadmin:aaiadmin /var/chef && \ - mkdir -p /opt/aai/logroot/AAI-GQ && \ - chown aaiadmin:aaiadmin /opt/aai/logroot/AAI-GQ && \ - ln -s /opt/aai/logroot/AAI-GQ /opt/app/${project.artifactId}/logs && \ - chown -R aaiadmin:aaiadmin /opt/app/${project.artifactId}/logs +# Change the permissions of aai shell script and all scripts in the microservice to be executable +RUN chmod 644 /etc/profile.d/aai.sh && \ + find /opt/app/aai-traversal -name "*.sh" -exec chmod 755 {} + +# Set the log directory to be mountable so the logs will be persisted VOLUME /opt/aai/logroot/AAI-GQ -WORKDIR / +# Expose the ports that needs to be available from the container +EXPOSE 8447 -USER aaiadmin +# During the startup of the container, this will be the starting directory +WORKDIR /opt/app/aai-traversal # When the container is started this is the entrypoint script # that docker will run. Make sure this script doesn't end abruptly -# If you want the container running even if the main application stops -# You can run a ever lasting process like tail -f /dev/null -# Or something like that at the end of the docker-entrypoint script -# So if the main application you are planning on running fails -# the docker container keeps on running forever +# Docker entrypoint will run exec command to make that main process +# Using the exec form here will ensure the java process is main -ENTRYPOINT ./docker-entrypoint.sh +ENTRYPOINT ["/bin/bash", "/opt/app/aai-traversal/docker-entrypoint.sh"] diff --git a/aai-traversal/src/main/resources/docker/docker-entrypoint.sh b/aai-traversal/src/main/resources/docker/docker-entrypoint.sh index 0f14860..52c6bfa 100644 --- a/aai-traversal/src/main/resources/docker/docker-entrypoint.sh +++ b/aai-traversal/src/main/resources/docker/docker-entrypoint.sh @@ -18,39 +18,76 @@ # ============LICENSE_END========================================================= ### -cd /var/chef; +# Set the current path to be the application home and common libs home +APP_HOME=$(pwd); +COMMONLIBS_HOME="/opt/app/commonLibs"; -CHEF_CONFIG_REPO=${CHEF_CONFIG_REPO:-aai-config}; +export CHEF_CONFIG_REPO=${CHEF_CONFIG_REPO:-aai-config}; +export CHEF_GIT_URL=${CHEF_GIT_URL:-http://gerrit.onap.org/r/aai}; +export CHEF_CONFIG_GIT_URL=${CHEF_CONFIG_GIT_URL:-$CHEF_GIT_URL}; +export CHEF_DATA_GIT_URL=${CHEF_DATA_GIT_URL:-$CHEF_GIT_URL}; -CHEF_GIT_URL=${CHEF_GIT_URL:-http://nexus.onap.org/r/aai}; +USER_ID=${LOCAL_USER_ID:-9001} -CHEF_CONFIG_GIT_URL=${CHEF_CONFIG_GIT_URL:-$CHEF_GIT_URL}; -CHEF_DATA_GIT_URL=${CHEF_DATA_GIT_URL:-$CHEF_GIT_URL}; +if [ $(cat /etc/passwd | grep aaiadmin | wc -l) -eq 0 ]; then + useradd --shell=/bin/bash -u ${USER_ID} -o -c "" -m aaiadmin || { + echo "Unable to create the user id for ${USER_ID}"; + exit 1; + } +fi; -if [ ! -d "aai-config" ]; then +chown -R aaiadmin:aaiadmin /opt/app /var/chef /opt/aai/logroot - git clone --depth 1 -b ${CHEF_BRANCH} --single-branch ${CHEF_CONFIG_GIT_URL}/${CHEF_CONFIG_REPO}.git aai-config || { - echo "Error: Unable to clone the aai-config repo with url: ${CHEF_GIT_URL}/${CHEF_CONFIG_REPO}.git"; - exit; - } - - (cd aai-config/cookbooks/${project.artifactId}/ && \ - for f in $(ls); do mv $f ../; done && \ - cd ../ && rmdir ${project.artifactId}); -fi +gosu aaiadmin ./init-chef.sh -if [ ! -d "aai-data" ]; then +httpPort=8086; +httpsPort=8446; - git clone --depth 1 -b ${CHEF_BRANCH} --single-branch ${CHEF_DATA_GIT_URL}/aai-data.git aai-data || { - echo "Error: Unable to clone the aai-data repo with url: ${CHEF_GIT_URL}"; - exit; - } +cd ${APP_HOME}; -fi +CP=${COMMONLIBS_HOME}/*; +CP="$CP":${APP_HOME}/etc; +CP="$CP":${APP_HOME}/lib/*; +CP="$CP":${APP_HOME}/extJars/logback-access-1.1.7.jar; +CP="$CP":${APP_HOME}/extJars/logback-core-1.1.7.jar; +CP="$CP":${APP_HOME}/extJars/aai-core-${AAI_CORE_VERSION}.jar; -chef-solo \ - -c /var/chef/aai-data/chef-config/dev/.knife/solo.rb \ - -j /var/chef/aai-config/cookbooks/runlist-${project.artifactId}.json \ - -E ${AAI_CHEF_ENV}; +# You can add additional jvm options by adding environment variable JVM_PRE_OPTS +# If you need to add more jvm options at the end then you can use JVM_POST_OPTS +JVM_OPTS="${JVM_PRE_OPTS} ${JVM_OPTS}"; +JVM_OPTS="${JVM_OPTS} -server -XX:NewSize=512m -XX:MaxNewSize=512m"; +JVM_OPTS="${JVM_OPTS} -XX:SurvivorRatio=8"; +JVM_OPTS="${JVM_OPTS} -XX:+DisableExplicitGC -verbose:gc -XX:+UseParNewGC"; +JVM_OPTS="${JVM_OPTS} -XX:+CMSParallelRemarkEnabled -XX:+CMSClassUnloadingEnabled"; +JVM_OPTS="${JVM_OPTS} -XX:+UseConcMarkSweepGC -XX:-UseBiasedLocking"; +JVM_OPTS="${JVM_OPTS} -XX:ParallelGCThreads=4"; +JVM_OPTS="${JVM_OPTS} -XX:LargePageSizeInBytes=128m "; +JVM_OPTS="${JVM_OPTS} -XX:+PrintGCDetails -XX:+PrintGCTimeStamps"; +JVM_OPTS="${JVM_OPTS} -Xloggc:${APP_HOME}/logs/gc/graph-query_gc.log"; +JVM_OPTS="${JVM_OPTS} -XX:+HeapDumpOnOutOfMemoryError"; +JVM_OPTS="${JVM_OPTS} ${JVM_POST_OPTS}"; -java -cp ${CLASSPATH}:/opt/app/commonLibs/*:/opt/app/aai-traversal/etc:/opt/app/aai-traversal/lib/*:/opt/app/aai-traversal/extJars/logback-access-1.1.7.jar:/opt/app/aai-traversal/extJars/logback-core-1.1.7.jar:/opt/app/aai-traversal/extJars/aai-core-${AAI_CORE_VERSION}.jar -server -XX:NewSize=512m -XX:MaxNewSize=512m -XX:SurvivorRatio=8 -XX:+DisableExplicitGC -verbose:gc -XX:+UseParNewGC -XX:+CMSParallelRemarkEnabled -XX:+CMSClassUnloadingEnabled -XX:+UseConcMarkSweepGC -XX:-UseBiasedLocking -XX:ParallelGCThreads=4 -XX:LargePageSizeInBytes=128m -XX:+PrintGCDetails -XX:+PrintGCTimeStamps -Dsun.net.inetaddr.ttl=180 -XX:+HeapDumpOnOutOfMemoryError -Dhttps.protocols=TLSv1.1,TLSv1.2 -DSOACLOUD_SERVICE_VERSION=1.0.1 -DAJSC_HOME=/opt/app/aai-traversal/ -DAJSC_CONF_HOME=/opt/app/aai-traversal/bundleconfig -DAJSC_SHARED_CONFIG=/opt/app/aai-traversal/bundleconfig -DAFT_HOME=/opt/app/aai-traversal -DAAI_CORE_VERSION=${AAI_CORE_VERSION} -Daai-core.version=${AAI_CORE_VERSION} -Dlogback.configurationFile=/opt/app/aai-traversal/bundleconfig/etc/logback.xml -Xloggc:/opt/app/aai-traversal/logs/ajsc-jetty/gc/graph-query_gc.log com.att.ajsc.runner.Runner context=/ port=8086 sslport=8446 +# You can add additional java options by adding environment variable JAVA_PRE_OPTS +# If you need to add more jvm options at the end then you can use JAVA_POST_OPTS +JAVA_OPTS="${JAVA_PRE_OPTS} ${JAVA_OPTS}"; +JAVA_OPTS="${JAVA_OPTS} -Dsun.net.inetaddr.ttl=180"; +JAVA_OPTS="${JAVA_OPTS} -Dhttps.protocols=TLSv1.1,TLSv1.2"; +JAVA_OPTS="${JAVA_OPTS} -DSOACLOUD_SERVICE_VERSION=1.0.1"; +JAVA_OPTS="${JAVA_OPTS} -DAJSC_HOME=${APP_HOME}"; +JAVA_OPTS="${JAVA_OPTS} -DAJSC_CONF_HOME=${APP_HOME}/bundleconfig"; +JAVA_OPTS="${JAVA_OPTS} -DAJSC_SHARED_CONFIG=${APP_HOME}/bundleconfig"; +JAVA_OPTS="${JAVA_OPTS} -DAFT_HOME=${APP_HOME}"; +JAVA_OPTS="${JAVA_OPTS} -DAAI_CORE_VERSION=${AAI_CORE_VERSION}"; +JAVA_OPTS="${JAVA_OPTS} -Daai-core.version=${AAI_CORE_VERSION}"; +JAVA_OPTS="${JAVA_OPTS} -Dlogback.configurationFile=${APP_HOME}/bundleconfig/etc/logback.xml"; +JAVA_OPTS="${JAVA_OPTS} ${JAVA_POST_OPTS}"; + +JAVA_ARGS="${JAVA_PRE_ARGS} ${JAVA_ARGS}"; +JAVA_ARGS="${JAVA_ARGS} context=/"; +JAVA_ARGS="${JAVA_ARGS} port=$httpPort"; +JAVA_ARGS="${JAVA_ARGS} sslport=$httpsPort"; +JAVA_ARGS="${JAVA_ARGS} ${JAVA_POST_ARGS}"; + +JAVA_CMD="exec gosu aaiadmin java"; +# Run the following command as aai-admin using gosu and make that process main +${JAVA_CMD} -cp ${CLASSPATH}:${CP} ${JVM_OPTS} ${JAVA_OPTS} com.att.ajsc.runner.Runner ${JAVA_ARGS} "$@" diff --git a/aai-traversal/src/main/resources/docker/init-chef.sh b/aai-traversal/src/main/resources/docker/init-chef.sh index 112b0b3..0e10055 100644 --- a/aai-traversal/src/main/resources/docker/init-chef.sh +++ b/aai-traversal/src/main/resources/docker/init-chef.sh @@ -25,8 +25,30 @@ # ############################################################################## -#echo "AAI_CHEF_ENV=${AAI_CHEF_ENV}" >> /etc/environment -#echo "AAI_CHEF_LOC=${AAI_CHEF_LOC}" >> /etc/environment -#touch /root/.bash_profile -chef-solo -c /var/chef/aai-data/chef-config/dev/.knife/solo.rb -j /var/chef/aai-config/cookbooks/runlist-app-server.json -E ${AAI_CHEF_ENV} +cd /var/chef; +if [ ! -d "aai-config" ]; then + + git clone --depth 1 -b ${CHEF_BRANCH} --single-branch ${CHEF_CONFIG_GIT_URL}/${CHEF_CONFIG_REPO}.git aai-config || { + echo "Error: Unable to clone the aai-config repo with url: ${CHEF_GIT_URL}/${CHEF_CONFIG_REPO}.git"; + exit; + } + + (cd aai-config/cookbooks/aai-traversal/ && \ + for f in $(ls); do mv $f ../; done && \ + cd ../ && rmdir aai-traversal); +fi + +if [ ! -d "aai-data" ]; then + + git clone --depth 1 -b ${CHEF_BRANCH} --single-branch ${CHEF_DATA_GIT_URL}/aai-data.git aai-data || { + echo "Error: Unable to clone the aai-data repo with url: ${CHEF_GIT_URL}"; + exit; + } + + chef-solo \ + -c /var/chef/aai-data/chef-config/dev/.knife/solo.rb \ + -j /var/chef/aai-config/cookbooks/runlist-aai-traversal.json \ + -E ${AAI_CHEF_ENV}; + +fi |