DevFW-CICD/ingress-nginx-helm
12
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Merge pull request #587 from mkumatag/multi-arch-image

Browse source 
Multi arch nginx-slim docker image
This commit is contained in:
Manuel Alejandro de Brito Fontes 2017-05-03 12:00:52 -03:00 committed by GitHub
commit 4fc965f75d
6 changed files with 197 additions and 30 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
images/nginx-slim/Dockerfile
View file

@ -13,7 +13,9 @@
# limitations under the License. # limitations under the License.
FROM gcr.io/google_containers/ubuntu-slim:0.8 FROM BASEIMAGE
CROSS_BUILD_COPY qemu-ARCH-static /usr/bin/
COPY build.sh /tmp COPY build.sh /tmp

70
images/nginx-slim/Makefile
View file

@ -1,14 +1,76 @@
# Copyright 2017 The Kubernetes Authors. All rights reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
all: push all: push
# 0.0.0 shouldn't clobber any released builds # 0.0.0 shouldn't clobber any released builds
TAG = 0.15 TAG = 0.16
PREFIX = gcr.io/google_containers/nginx-slim REGISTRY = gcr.io/google_containers
ARCH ?= $(shell go env GOARCH)
QEMUVERSION=v2.7.0
IMGNAME = nginx-slim
IMAGE = $(REGISTRY)/$(IMGNAME)
MULTI_ARCH_IMG = $(IMAGE)-$(ARCH)
# Set default base image dynamically for each arch
BASEIMAGE?=gcr.io/google_containers/ubuntu-slim-$(ARCH):0.9
ifeq ($(ARCH),arm)
QEMUARCH=arm
endif
#ifeq ($(ARCH),arm64)
# QEMUARCH=aarch64
#endif
ifeq ($(ARCH),ppc64le)
QEMUARCH=ppc64le
endif
#ifeq ($(ARCH),s390x)
# QEMUARCH=s390x
#endif
TEMP_DIR := $(shell mktemp -d)
container: container:
docker build --pull -t $(PREFIX):$(TAG) . cp ./* $(TEMP_DIR)
cd $(TEMP_DIR) && sed -i 's|BASEIMAGE|$(BASEIMAGE)|g' Dockerfile
cd $(TEMP_DIR) && sed -i "s|ARCH|$(QEMUARCH)|g" Dockerfile
ifeq ($(ARCH),amd64)
# When building "normally" for amd64, remove the whole line, it has no part in the amd64 image
cd $(TEMP_DIR) && sed -i "/CROSS_BUILD_/d" Dockerfile
else
# When cross-building, only the placeholder "CROSS_BUILD_" should be removed
# Register /usr/bin/qemu-ARCH-static as the handler for ARM binaries in the kernel
docker run --rm --privileged multiarch/qemu-user-static:register --reset
curl -sSL https://github.com/multiarch/qemu-user-static/releases/download/$(QEMUVERSION)/x86_64_qemu-$(QEMUARCH)-static.tar.gz | tar -xz -C $(TEMP_DIR)
cd $(TEMP_DIR) && sed -i "s/CROSS_BUILD_//g" Dockerfile
endif
docker build -t $(MULTI_ARCH_IMG):$(TAG) $(TEMP_DIR)
ifeq ($(ARCH), amd64)
# This is for to maintain the backward compatibility
docker tag $(MULTI_ARCH_IMG):$(TAG) $(IMAGE):$(TAG)
endif
push: container push: container
gcloud docker -- push $(PREFIX):$(TAG) gcloud docker -- push $(MULTI_ARCH_IMG):$(TAG)
ifeq ($(ARCH), amd64)
gcloud docker -- push $(IMAGE):$(TAG)
endif
clean: clean:
docker rmi -f $(PREFIX):$(TAG) || true docker rmi -f $(PREFIX):$(TAG) || true

65
images/nginx-slim/build.sh
View file

@ -1,4 +1,4 @@
#!/bin/sh #!/bin/bash
# Copyright 2015 The Kubernetes Authors. # Copyright 2015 The Kubernetes Authors.
# #
@ -32,6 +32,8 @@ export NGINX_SUBSTITUTIONS=bc58cb11844bc42735bbaef7085ea86ace46d05b
export BUILD_PATH=/tmp/build export BUILD_PATH=/tmp/build
ARCH=$(uname -p)
get_src() get_src()
{ {
hash="$1" hash="$1"
@ -47,6 +49,12 @@ get_src()
mkdir "$BUILD_PATH" mkdir "$BUILD_PATH"
cd "$BUILD_PATH" cd "$BUILD_PATH"
if [[ ${ARCH} == "ppc64le" ]]; then
apt-get update && apt-get install --no-install-recommends -y software-properties-common && \
add-apt-repository -y ppa:ibmpackages/luajit
apt-get update && apt-get install --no-install-recommends -y lua5.1 lua5.1-dev
fi
# install required packages to build # install required packages to build
apt-get update && apt-get install --no-install-recommends -y \ apt-get update && apt-get install --no-install-recommends -y \
bash \ bash \
@ -120,19 +128,7 @@ cd "$BUILD_PATH/nginx-$NGINX_VERSION"
echo "Applying tls nginx patches..." echo "Applying tls nginx patches..."
patch -p1 < $BUILD_PATH/nginx__dynamic_tls_records.patch patch -p1 < $BUILD_PATH/nginx__dynamic_tls_records.patch
./configure \ WITH_FLAGS="--with-debug \
--prefix=/usr/share/nginx \
--conf-path=/etc/nginx/nginx.conf \
--http-log-path=/var/log/nginx/access.log \
--error-log-path=/var/log/nginx/error.log \
--lock-path=/var/lock/nginx.lock \
--pid-path=/run/nginx.pid \
--http-client-body-temp-path=/var/lib/nginx/body \
--http-fastcgi-temp-path=/var/lib/nginx/fastcgi \
--http-proxy-temp-path=/var/lib/nginx/proxy \
--http-scgi-temp-path=/var/lib/nginx/scgi \
--http-uwsgi-temp-path=/var/lib/nginx/uwsgi \
--with-debug \
--with-pcre-jit \ --with-pcre-jit \
--with-http_ssl_module \ --with-http_ssl_module \
--with-http_stub_status_module \ --with-http_stub_status_module \
@ -147,14 +143,37 @@ patch -p1 < $BUILD_PATH/nginx__dynamic_tls_records.patch
--with-stream \ --with-stream \
--with-stream_ssl_module \ --with-stream_ssl_module \
--with-stream_ssl_preread_module \ --with-stream_ssl_preread_module \
--with-threads \ --with-threads"
--with-file-aio \
if [[ ${ARCH} != "armv7l" || ${ARCH} != "aarch64" ]]; then
WITH_FLAGS+=" --with-file-aio"
fi
CC_OPT='-O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector --param=ssp-buffer-size=4'
if [[ ${ARCH} == "x86_64" ]]; then
CC_OPT+=' -m64 -mtune=generic'
fi
./configure \
--prefix=/usr/share/nginx \
--conf-path=/etc/nginx/nginx.conf \
--http-log-path=/var/log/nginx/access.log \
--error-log-path=/var/log/nginx/error.log \
--lock-path=/var/lock/nginx.lock \
--pid-path=/run/nginx.pid \
--http-client-body-temp-path=/var/lib/nginx/body \
--http-fastcgi-temp-path=/var/lib/nginx/fastcgi \
--http-proxy-temp-path=/var/lib/nginx/proxy \
--http-scgi-temp-path=/var/lib/nginx/scgi \
--http-uwsgi-temp-path=/var/lib/nginx/uwsgi \
${WITH_FLAGS} \
--without-mail_pop3_module \ --without-mail_pop3_module \
--without-mail_smtp_module \ --without-mail_smtp_module \
--without-mail_imap_module \ --without-mail_imap_module \
--without-http_uwsgi_module \ --without-http_uwsgi_module \
--without-http_scgi_module \ --without-http_scgi_module \
--with-cc-opt='-O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector --param=ssp-buffer-size=4 -m64 -mtune=generic' \ --with-cc-opt="${CC_OPT}" \
--add-module="$BUILD_PATH/ngx_devel_kit-$NDK_VERSION" \ --add-module="$BUILD_PATH/ngx_devel_kit-$NDK_VERSION" \
--add-module="$BUILD_PATH/set-misc-nginx-module-$SETMISC_VERSION" \ --add-module="$BUILD_PATH/set-misc-nginx-module-$SETMISC_VERSION" \
--add-module="$BUILD_PATH/nginx-module-vts-$VTS_VERSION" \ --add-module="$BUILD_PATH/nginx-module-vts-$VTS_VERSION" \
@ -169,7 +188,13 @@ patch -p1 < $BUILD_PATH/nginx__dynamic_tls_records.patch
echo "Installing CJSON module" echo "Installing CJSON module"
cd "$BUILD_PATH/lua-cjson-$LUA_CJSON_VERSION" cd "$BUILD_PATH/lua-cjson-$LUA_CJSON_VERSION"
make LUA_INCLUDE_DIR=/usr/include/luajit-2.0 && make install
if [[ ${ARCH} == "ppc64le" ]];then
LUA_DIR=/usr/include/luajit-2.1
else
LUA_DIR=/usr/include/luajit-2.0
fi
make LUA_INCLUDE_DIR=${LUA_DIR} && make install
echo "Installing lua-resty-http module" echo "Installing lua-resty-http module"
# copy lua module # copy lua module
@ -195,6 +220,10 @@ apt-mark unmarkauto \
geoip-bin \ geoip-bin \
openssl openssl
if [[ ${ARCH} == "ppc64le" ]]; then
apt-mark unmarkauto liblua5.1-0
fi
apt-get remove -y --purge \ apt-get remove -y --purge \
build-essential \ build-essential \
gcc-5 \ gcc-5 \

1
images/ubuntu-slim/.gitignore vendored Normal file
View file

@ -0,0 +1 @@
rootfs.tar

4
images/ubuntu-slim/Dockerfile.build
View file

@ -1,7 +1,9 @@
FROM ubuntu:16.04 FROM BASEIMAGE
ENV DEBIAN_FRONTEND=noninteractive ENV DEBIAN_FRONTEND=noninteractive
CROSS_BUILD_COPY qemu-ARCH-static /usr/bin/
COPY excludes /etc/dpkg/dpkg.cfg.d/excludes COPY excludes /etc/dpkg/dpkg.cfg.d/excludes
RUN apt-get update \ RUN apt-get update \

83
images/ubuntu-slim/Makefile
View file

@ -1,22 +1,93 @@
# Copyright 2017 The Kubernetes Authors. All rights reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
all: push all: push
TAG ?= 0.8 TAG ?= 0.9
PREFIX ?= gcr.io/google-containers/ubuntu-slim REGISTRY = gcr.io/google_containers
ARCH ?= $(shell go env GOARCH)
QEMUVERSION=v2.7.0
IMGNAME = ubuntu-slim
IMAGE = $(REGISTRY)/$(IMGNAME)
MULTI_ARCH_IMG = $(IMAGE)-$(ARCH)
BUILD_IMAGE ?= ubuntu-build BUILD_IMAGE ?= ubuntu-build
TAR_FILE ?= rootfs.tar TAR_FILE ?= rootfs.tar
PUSH_TOOL ?= gcloud PUSH_TOOL ?= gcloud
# Set default base image dynamically for each arch
ifeq ($(ARCH),amd64)
BASEIMAGE?=ubuntu:16.04
endif
ifeq ($(ARCH),arm)
BASEIMAGE?=armhf/ubuntu:16.04
QEMUARCH=arm
endif
ifeq ($(ARCH),arm64)
BASEIMAGE?=aarch64/ubuntu:16.04
QEMUARCH=aarch64
endif
ifeq ($(ARCH),ppc64le)
BASEIMAGE?=ppc64le/ubuntu:16.04
QEMUARCH=ppc64le
endif
#ifeq ($(ARCH),s390x)
# BASEIMAGE?=s390x/ubuntu:16.04
# QEMUARCH=s390x
#endif
TEMP_DIR := $(shell mktemp -d)
container: clean container: clean
docker build --pull -t $(BUILD_IMAGE) -f Dockerfile.build . cp ./* $(TEMP_DIR)
cd $(TEMP_DIR) && sed -i 's|BASEIMAGE|$(BASEIMAGE)|g' Dockerfile.build
cd $(TEMP_DIR) && sed -i "s|ARCH|$(QEMUARCH)|g" Dockerfile.build
ifeq ($(ARCH),amd64)
# When building "normally" for amd64, remove the whole line, it has no part in the amd64 image
cd $(TEMP_DIR) && sed -i "/CROSS_BUILD_/d" Dockerfile.build
else
# When cross-building, only the placeholder "CROSS_BUILD_" should be removed
# Register /usr/bin/qemu-ARCH-static as the handler for ARM binaries in the kernel
docker run --rm --privileged multiarch/qemu-user-static:register --reset
curl -sSL https://github.com/multiarch/qemu-user-static/releases/download/$(QEMUVERSION)/x86_64_qemu-$(QEMUARCH)-static.tar.gz | tar -xz -C $(TEMP_DIR)
cd $(TEMP_DIR) && sed -i "s/CROSS_BUILD_//g" Dockerfile.build
endif
docker build --pull -t $(BUILD_IMAGE) -f $(TEMP_DIR)/Dockerfile.build $(TEMP_DIR)
docker create --name $(BUILD_IMAGE) $(BUILD_IMAGE) docker create --name $(BUILD_IMAGE) $(BUILD_IMAGE)
docker export $(BUILD_IMAGE) > $(TAR_FILE) docker export $(BUILD_IMAGE) > $(TAR_FILE)
docker build --pull -t $(PREFIX):$(TAG) . cp rootfs.tar $(TEMP_DIR)
docker build --pull -t $(MULTI_ARCH_IMG):$(TAG) $(TEMP_DIR)
ifeq ($(ARCH), amd64)
# This is for to maintain the backward compatibility
docker tag $(MULTI_ARCH_IMG):$(TAG) $(IMAGE):$(TAG)
endif
push: container push: container
$(PUSH_TOOL) docker -- push $(PREFIX):$(TAG) $(PUSH_TOOL) docker -- push $(MULTI_ARCH_IMG):$(TAG)
ifeq ($(ARCH),amd64)
$(PUSH_TOOL) docker -- push $(IMAGE):$(TAG)
endif
clean: clean:
docker rmi -f $(PREFIX):$(TAG) || true docker rmi -f $(IMAGE):$(TAG) || true
docker rmi -f $(BUILD_IMAGE) || true docker rmi -f $(BUILD_IMAGE) || true
docker rm -f $(BUILD_IMAGE) || true docker rm -f $(BUILD_IMAGE) || true
rm -f $(TAR_FILE) rm -f $(TAR_FILE)