From 3a0cabd49731b9597ad876138f088944dbdd46f4 Mon Sep 17 00:00:00 2001 From: Bogumil Zebek Date: Thu, 27 Aug 2020 11:53:41 +0200 Subject: Switch to Ubuntu 20.04 - remove unused configuration from Dockerfile - improve Dockerfile configuration: follow best practices described at https://docs.docker.com/develop/develop-images/dockerfile_best-practices/ - switch to Ubuntu 20.04 - reduce size of docker image Issue-ID: VNFSDK-646 Signed-off-by: Zebek Bogumil Change-Id: I2d07524ef42913aa3c032f65a1fc771da5b185d4 --- .../docker-refrepo/src/main/docker/Dockerfile | 151 ++++++++------------- .../docker-refrepo/src/main/docker/certgen.sh | 4 +- .../src/main/docker/docker-entrypoint.sh | 5 +- .../docker-refrepo/src/main/docker/install-vtp.sh | 5 +- .../docker-refrepo/src/main/docker/instance-run.sh | 5 +- 5 files changed, 67 insertions(+), 103 deletions(-) (limited to 'vnfmarket-be') diff --git a/vnfmarket-be/deployment/docker/docker-refrepo/src/main/docker/Dockerfile b/vnfmarket-be/deployment/docker/docker-refrepo/src/main/docker/Dockerfile index f2388977..21086fc5 100644 --- a/vnfmarket-be/deployment/docker/docker-refrepo/src/main/docker/Dockerfile +++ b/vnfmarket-be/deployment/docker/docker-refrepo/src/main/docker/Dockerfile @@ -13,37 +13,40 @@ # See the License for the specific language governing permissions and # limitations under the License. # -# This file was auto-generated by gen-all-dockerfiles.sh; do not modify manually. -# # vnf-sdk-marketplace/target/Dockerfile # # 10-basebuild.txt -FROM ubuntu:16.04 -#RUN echo 'debconf debconf/frontend select Noninteractive' | debconf-set-selections -RUN apt-get install -y -RUN apt-get update --fix-missing -y -RUN apt-get install wget -y - -WORKDIR /service - - +FROM ubuntu:20.04 +ARG DEBIAN_FRONTEND=noninteractive ENV JAVA_VERSION_MAJOR=11 \ - JAVA_VERSION_MINOR=111 \ + JAVA_VERSION_MINOR=08 \ JAVA_HOME=/usr/lib/jvm/default-jvm \ - PATH=${PATH}:/usr/lib/jvm/default-jvm/bin/ - -RUN DEBIAN_FRONTEND=noninteractive apt-get -y dist-upgrade -RUN DEBIAN_FRONTEND=noninteractive apt-get -y install python-software-properties -RUN DEBIAN_FRONTEND=noninteractive apt-get -y install software-properties-common sudo - + PATH=${PATH}:/usr/lib/jvm/default-jvm/bin/ \ + CATALINA_HOME=/service + +# Install required libraries +RUN apt-get update && apt-get install -y \ + curl \ + g++ \ + make \ + nano \ + nginx \ + nodejs \ + npm \ + software-properties-common \ + sudo \ + unzip \ + wget \ + && rm -rf /var/lib/apt/lists/* + +# Install Java +WORKDIR /service RUN add-apt-repository ppa:openjdk-r/ppa -y && \ # update data from repositories - apt-get update --fix-missing -y && \ - # upgrade OS - apt-get -y dist-upgrade && \ + apt-get update && \ # Make info file about this build printf "Build of java:openjdk-11-jre-headless, date: %s\n" `date -u +"%Y-%m-%dT%H:%M:%SZ"` > /service/java && \ # install application @@ -51,59 +54,20 @@ RUN add-apt-repository ppa:openjdk-r/ppa -y && \ # fix default setting ln -s java-11-openjdk-amd64 /usr/lib/jvm/default-jvm && \ # remove apt cache from image - apt-get clean all - -# Set up tomcat -RUN wget -q https://archive.apache.org/dist/tomcat/tomcat-8/v8.5.30/bin/apache-tomcat-8.5.30.tar.gz && tar --strip-components=1 -xf apache-tomcat-8.5.30.tar.gz && rm -f apache-tomcat-8.5.30.tar.gz && rm -rf webapps && mkdir -p webapps/ROOT -RUN echo 'export CATALINA_OPTS="$CATALINA_OPTS -Xms64m -Xmx256m -XX:MaxPermSize=64m"' > /service/bin/setenv.sh -ENV CATALINA_HOME /service - - -# Set up microservice -#ADD ./STAGE /service -#RUN apt-get install -y g++ make && curl -sL https://rpm.nodesource.com/setup_6.x | bash - -#RUN apt-get install -y nodejs -#RUN apt-get install -y npm -#RUN cd /service/webapps/onapui/vnfmarket && npm install phantomjs-prebuilt@2.1.14 --ignore-scripts && npm install - - - -RUN add-apt-repository -y ppa:nginx/stable && \ - apt-get update && \ - apt-get install -y nginx && \ - rm -rf /var/lib/apt/lists/* && \ - echo "\ndaemon off;" >> /etc/nginx/nginx.conf && \ - chown -R www-data:www-data /var/lib/nginx - -# Define mountable directories. -VOLUME ["/etc/nginx/sites-enabled", "/etc/nginx/certs", "/etc/nginx/conf.d", "/var/log/nginx", "/var/www/html"] - -# Define working directory. -WORKDIR /etc/nginx - -#CMD ["nginx"] - - -EXPOSE 8702 -EXPOSE 8703 + apt-get clean all && \ + rm -rf /var/lib/apt/lists/* +# Download and set up Tomcat WORKDIR /service +RUN wget -q https://archive.apache.org/dist/tomcat/tomcat-8/v8.5.30/bin/apache-tomcat-8.5.30.tar.gz && \ + tar --strip-components=1 -xf apache-tomcat-8.5.30.tar.gz && \ + rm -f apache-tomcat-8.5.30.tar.gz && rm -rf webapps && mkdir -p webapps/ROOT && \ + echo 'export CATALINA_OPTS="$CATALINA_OPTS -Xms64m -Xmx256m -XX:MaxPermSize=64m"' > /service/bin/setenv.sh -RUN mkdir -p /etc/nginx/ssl +# Copy artifacts +WORKDIR /service COPY nginx.conf /etc/nginx/nginx.conf COPY certgen.sh /service -RUN chmod +x /service/certgen.sh -RUN /service/certgen.sh - - - -RUN apt-get update && apt-get install nano -y -RUN apt-get install curl -y - - -#RUN apt-get install vim -y - - COPY instance-config.sh . COPY instance-init.sh . COPY instance-run.sh . @@ -111,43 +75,40 @@ COPY instance-workaround.sh . COPY docker-entrypoint.sh . COPY install-vtp.sh . COPY vtp-tc.sh . +COPY LICENSE ./ONAP_LICENSE + +# Configure NGINX +RUN mkdir -p /etc/nginx/ssl && \ + chown -R www-data:www-data /var/lib/nginx +# Generate certificates +RUN chmod +x /service/certgen.sh && \ + /service/certgen.sh # Set up microservice ADD ./STAGE /service -RUN apt-get install -y g++ make && curl -sL https://rpm.nodesource.com/setup_6.x -RUN apt-get install -y nodejs -RUN apt-get install -y npm -RUN apt-get -qq update && apt-get -qq -y install bzip2 -RUN chmod +x /service/bin/*.sh -RUN service nginx start & -RUN cd /service/webapps/onapui/vnfmarket && npm install phantomjs-prebuilt@2.1.14 --ignore-scripts && npm install - -#VTP setup -RUN chmod a+x /service/install-vtp.sh -RUN chmod a+x /service/vtp-tc.sh -RUN /service/install-vtp.sh -EXPOSE 50051 +RUN chmod +x /service/bin/*.sh && \ + cd /service/webapps/onapui/vnfmarket && \ + npm install phantomjs-prebuilt@2.1.14 --ignore-scripts && \ + npm install + +# VTP setup +RUN chmod a+x /service/install-vtp.sh && \ + chmod a+x /service/vtp-tc.sh && \ + /service/install-vtp.sh +# Create group and user RUN groupadd -r vnfadmin && useradd -m --no-log-init -r -g vnfadmin vnfadmin && \ usermod -aG sudo vnfadmin && echo "vnfadmin ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers && \ chmod -R 777 /usr/local/ USER vnfadmin -RUN umask 000 && sudo chmod +x /service/bin/*.sh /service/*.sh && \ - mkdir -p /service/logs && mkdir -p /var/log/nginx/ && \ - sudo chown -R vnfadmin:vnfadmin /var/log/nginx/ && \ - sudo chown -R vnfadmin:vnfadmin /service/ /opt/vtp /var/log && \ - sudo chmod -R +w /service/ /opt/vtp /var/log && \ - sudo touch /run/nginx.pid && sudo chown -R vnfadmin:vnfadmin /run/nginx.pid && \ - chmod +w /run/nginx.pid && sudo chown -R vnfadmin:vnfadmin /var/log/nginx/ && \ - sudo usermod -aG www-data vnfadmin && sudo chmod -R a+w /var/lib/nginx +# Define mountable directories. +VOLUME ["/etc/nginx/sites-enabled", "/etc/nginx/certs", "/etc/nginx/conf.d", "/var/log/nginx", "/var/www/html"] +EXPOSE 8702 +EXPOSE 8703 +EXPOSE 50051 -#ENTRYPOINT /service/docker-entrypoint.sh ENTRYPOINT ["/service/docker-entrypoint.sh"] - - - -COPY LICENSE ./ONAP_LICENSE diff --git a/vnfmarket-be/deployment/docker/docker-refrepo/src/main/docker/certgen.sh b/vnfmarket-be/deployment/docker/docker-refrepo/src/main/docker/certgen.sh index ae3d3515..5c038dd4 100755 --- a/vnfmarket-be/deployment/docker/docker-refrepo/src/main/docker/certgen.sh +++ b/vnfmarket-be/deployment/docker/docker-refrepo/src/main/docker/certgen.sh @@ -1,6 +1,7 @@ #!/bin/sh # # Copyright 2020 Huawei Technologies Co., Ltd. +# Copyright 2020 Nokia # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -19,4 +20,5 @@ openssl req -nodes -newkey rsa:2048 -keyout example.key -out example.csr -subj " openssl x509 -req -in example.csr -signkey example.key -out cert.crt cp -p cert.crt /etc/nginx/ssl/ cp -p example.key /etc/nginx/ssl/cert.key -#service nginx start & +chmod 644 /etc/nginx/ssl/cert.crt +chmod 644 /etc/nginx/ssl/cert.key diff --git a/vnfmarket-be/deployment/docker/docker-refrepo/src/main/docker/docker-entrypoint.sh b/vnfmarket-be/deployment/docker/docker-refrepo/src/main/docker/docker-entrypoint.sh index 3bb1414c..9428d7f3 100755 --- a/vnfmarket-be/deployment/docker/docker-refrepo/src/main/docker/docker-entrypoint.sh +++ b/vnfmarket-be/deployment/docker/docker-refrepo/src/main/docker/docker-entrypoint.sh @@ -14,13 +14,10 @@ # See the License for the specific language governing permissions and # limitations under the License. # -# -# This file was auto-generated by gen-all-dockerfiles.sh; do not modify manually. -# # vnf-sdk-marketplace/target/docker-entrypoint.sh # -umask 000 && sudo chmod +x /service/bin/*.sh /service/*.sh && mkdir -p /service/logs && mkdir -p /var/log/nginx/ && sudo chown -R vnfadmin:vnfadmin /var/log/nginx/ /service/ /opt/vtp /var/log && sudo chmod -R +w /service/ /opt/vtp /var/log && sudo touch /run/nginx.pid && sudo chown -R vnfadmin:vnfadmin /run/nginx.pid && chmod +w /run/nginx.pid && sudo chown -R vnfadmin:vnfadmin /var/log/nginx/ && sudo usermod -aG www-data vnfadmin && sudo chmod -R a+w /var/lib/nginx +umask 000 && sudo chmod +x /service/bin/*.sh /service/*.sh && mkdir -p /service/logs && mkdir -p /var/log/nginx/ && sudo chown -R vnfadmin:vnfadmin /var/log/nginx/ /service/ /opt/vtp /var/log && sudo chmod -R +w /service/ /opt/vtp /var/log && sudo touch /run/nginx.pid && sudo chown -R vnfadmin:vnfadmin /run/nginx.pid && chmod 644 /run/nginx.pid && sudo chown -R vnfadmin:vnfadmin /var/log/nginx/ && sudo usermod -aG www-data vnfadmin && sudo chmod -R a+w /var/lib/nginx if [ -z "$SERVICE_IP" ]; then export SERVICE_IP=`hostname -i` diff --git a/vnfmarket-be/deployment/docker/docker-refrepo/src/main/docker/install-vtp.sh b/vnfmarket-be/deployment/docker/docker-refrepo/src/main/docker/install-vtp.sh index c3364da4..6109d408 100644 --- a/vnfmarket-be/deployment/docker/docker-refrepo/src/main/docker/install-vtp.sh +++ b/vnfmarket-be/deployment/docker/docker-refrepo/src/main/docker/install-vtp.sh @@ -17,14 +17,15 @@ export _PWD=`pwd` -echo ################ Check for java +echo ################ Make sure that mandatory libraries are installed +sudo apt-get update --fix-missing -y sudo apt-get install -y wget unzip #check for java java -version if [ $? == 127 ] then - sudo apt-get install -y openjdk-8-jre + sudo apt-get install -y openjdk-11-jre fi echo ################ Install OCLIP diff --git a/vnfmarket-be/deployment/docker/docker-refrepo/src/main/docker/instance-run.sh b/vnfmarket-be/deployment/docker/docker-refrepo/src/main/docker/instance-run.sh index 1f0d14d0..058937c7 100755 --- a/vnfmarket-be/deployment/docker/docker-refrepo/src/main/docker/instance-run.sh +++ b/vnfmarket-be/deployment/docker/docker-refrepo/src/main/docker/instance-run.sh @@ -1,6 +1,7 @@ #!/bin/bash # # Copyright 2017 Huawei Technologies Co., Ltd. +# Copyright 2020 Nokia # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -21,7 +22,9 @@ # Start tomcat service ./bin/start.sh -service nginx start +# Start NGINX service +service nginx start& + # Show log files echo Waiting for log file... while [ ! -f /service/logs/* ]; do -- cgit 1.2.3-korg