Gitiles
Code Review Sign In
osm.etsi.org / osm / devops / c5fba0d7f6bc7e977f30aacf2e9c9e8c53226f12 / . / docker / LCM / Dockerfile
blob: 0e025f76e96a91fbf9257acd3ab91d550d73ad83 [file] [log] [blame]
beierlme7646252022-01-13 10:53:08 -0500[diff] [blame]1#######################################################################################
2# Copyright ETSI Contributors and Others.
calvinosanchbfb77902019-07-31 13:31:16 +0000[diff] [blame]3#
beierlme7646252022-01-13 10:53:08 -0500[diff] [blame]4# Licensed under the Apache License, Version 2.0 (the "License");
5# you may not use this file except in compliance with the License.
6# You may obtain a copy of the License at
calvinosanchbfb77902019-07-31 13:31:16 +0000[diff] [blame]7#
beierlme7646252022-01-13 10:53:08 -0500[diff] [blame]8# http://www.apache.org/licenses/LICENSE-2.0
calvinosanchbfb77902019-07-31 13:31:16 +0000[diff] [blame]9#
10# Unless required by applicable law or agreed to in writing, software
beierlme7646252022-01-13 10:53:08 -0500[diff] [blame]11# distributed under the License is distributed on an "AS IS" BASIS,
12# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
13# implied.
14# See the License for the specific language governing permissions and
15# limitations under the License.
16#######################################################################################
calvinosanchbfb77902019-07-31 13:31:16 +0000[diff] [blame]17
Mark Beierl02feb8e2023-05-10 11:44:11 -0400[diff] [blame]18FROM ubuntu:22.04 as INSTALL
Mike Marchetti13d76c82018-09-19 15:00:36 -0400[diff] [blame]19
beierlme7646252022-01-13 10:53:08 -0500[diff] [blame]20ARG APT_PROXY
21RUN if [ ! -z $APT_PROXY ] ; then \
22 echo "Acquire::http::Proxy \"$APT_PROXY\";" > /etc/apt/apt.conf.d/proxy.conf ;\
23 echo "Acquire::https::Proxy \"$APT_PROXY\";" >> /etc/apt/apt.conf.d/proxy.conf ;\
24 fi
25
David Garciaa60ec732021-03-17 15:28:47 +0100[diff] [blame]26RUN DEBIAN_FRONTEND=noninteractive apt-get --yes update && \
27 DEBIAN_FRONTEND=noninteractive apt-get --yes install \
Mark Beierl02feb8e2023-05-10 11:44:11 -0400[diff] [blame]28 gcc=4:11.* \
29 python3=3.10.* \
30 python3-dev=3.10.* \
31 python3-pip=22.0.* \
32 curl=7.81.* \
33 && rm -rf /var/lib/apt/lists/*
34
garciadeblas21503ab2023-06-28 14:31:27 +0200[diff] [blame]35########### End of common preparation
beierlmd7449362022-01-13 10:53:08 -0500[diff] [blame]36
garciadeblas10285302022-02-10 00:49:51 +0100[diff] [blame]37RUN DEBIAN_FRONTEND=noninteractive apt-get --yes update && \
38 DEBIAN_FRONTEND=noninteractive apt-get --yes install \
Mark Beierl02feb8e2023-05-10 11:44:11 -0400[diff] [blame]39 apt-transport-https=2.4.* \
sousaedufd164af2021-08-12 15:35:51 +0100[diff] [blame]40 gnupg2=2.2.* \
Mark Beierl02feb8e2023-05-10 11:44:11 -0400[diff] [blame]41 openssh-client=1:8.* \
garciadeblas2fc3deb2025-11-25 17:26:14 +0100[diff] [blame]42 git \
Mark Beierl02feb8e2023-05-10 11:44:11 -0400[diff] [blame]43 && rm -rf /var/lib/apt/lists/*
Mike Marchetti13d76c82018-09-19 15:00:36 -0400[diff] [blame]44
garciadeblasf6f45842021-12-14 17:46:08 +0100[diff] [blame]45# https://kubernetes.io/releases/
garciadeblas437867e2024-05-30 14:46:54 +0200[diff] [blame]46RUN curl -fsSL https://pkgs.k8s.io/core:/stable:/v1.30/deb/Release.key | gpg --dearmor -o /etc/apt/keyrings/kubernetes-apt-keyring.gpg \
47 && echo 'deb [signed-by=/etc/apt/keyrings/kubernetes-apt-keyring.gpg] https://pkgs.k8s.io/core:/stable:/v1.30/deb/ /' | tee /etc/apt/sources.list.d/kubernetes.list \
48 && apt-get update && apt-get install -y kubectl=1.30.1-1.1
garciadeblas0ccc31e2019-11-22 15:28:50 +0100[diff] [blame]49
garciadeblasf6f45842021-12-14 17:46:08 +0100[diff] [blame]50# https://github.com/helm/helm/releases
garciadeblas437867e2024-05-30 14:46:54 +0200[diff] [blame]51RUN curl https://get.helm.sh/helm-v3.15.1-linux-amd64.tar.gz --output helm-v3.15.1.tar.gz \
52 && tar -zxvf helm-v3.15.1.tar.gz \
lloretgalleg5926de22020-11-16 10:27:49 +0000[diff] [blame]53 && mv linux-amd64/helm /usr/local/bin/helm3 \
54 && rm -r linux-amd64/
55
garciadeblas2fc3deb2025-11-25 17:26:14 +0100[diff] [blame]56ARG COMMON_GERRIT_REFSPEC=master
57RUN git clone --filter=blob:none --tags https://osm.etsi.org/gerrit/osm/common.git /tmp/osm-common && \
58 cd /tmp/osm-common && \
59 git fetch origin ${COMMON_GERRIT_REFSPEC} && \
60 git checkout FETCH_HEAD && \
61 cd - && \
62 pip install --no-cache-dir -r /tmp/osm-common/requirements.txt && \
63 pip install /tmp/osm-common
64
David Garciaa60ec732021-03-17 15:28:47 +0100[diff] [blame]65ARG PYTHON3_OSM_LCM_URL
garciadeblasca6cf4a2024-07-16 18:14:34 +0200[diff] [blame]66RUN curl $PYTHON3_OSM_LCM_URL -o osm_lcm.deb
67RUN dpkg -i ./osm_lcm.deb
68
David Garciaa60ec732021-03-17 15:28:47 +0100[diff] [blame]69RUN pip3 install \
garciadeblasca6cf4a2024-07-16 18:14:34 +0200[diff] [blame]70 -r /usr/lib/python3/dist-packages/osm_lcm/requirements.txt
David Garciaa60ec732021-03-17 15:28:47 +0100[diff] [blame]71
beierlmd7449362022-01-13 10:53:08 -0500[diff] [blame]72#######################################################################################
Mark Beierl02feb8e2023-05-10 11:44:11 -0400[diff] [blame]73FROM ubuntu:22.04 as FINAL
beierlmd7449362022-01-13 10:53:08 -0500[diff] [blame]74
75ARG APT_PROXY
76RUN if [ ! -z $APT_PROXY ] ; then \
77 echo "Acquire::http::Proxy \"$APT_PROXY\";" > /etc/apt/apt.conf.d/proxy.conf ;\
78 echo "Acquire::https::Proxy \"$APT_PROXY\";" >> /etc/apt/apt.conf.d/proxy.conf ;\
79 fi
David Garciaa60ec732021-03-17 15:28:47 +0100[diff] [blame]80
81RUN DEBIAN_FRONTEND=noninteractive apt-get --yes update && \
garciadeblas15897d62021-09-22 18:11:54 +0200[diff] [blame]82 DEBIAN_FRONTEND=noninteractive apt-get --yes install \
Mark Beierl02feb8e2023-05-10 11:44:11 -0400[diff] [blame]83 python3-minimal=3.10.* \
beierlmd7449362022-01-13 10:53:08 -0500[diff] [blame]84 && rm -rf /var/lib/apt/lists/*
85
Mark Beierl02feb8e2023-05-10 11:44:11 -0400[diff] [blame]86COPY --from=INSTALL /usr/lib/python3/dist-packages /usr/lib/python3/dist-packages
87COPY --from=INSTALL /usr/local/lib/python3.10/dist-packages /usr/local/lib/python3.10/dist-packages
88
89#######################################################################################
garciadeblas21503ab2023-06-28 14:31:27 +0200[diff] [blame]90# End of common preparation
Mark Beierl02feb8e2023-05-10 11:44:11 -0400[diff] [blame]91
beierlmd7449362022-01-13 10:53:08 -0500[diff] [blame]92RUN DEBIAN_FRONTEND=noninteractive apt-get --yes update && \
93 DEBIAN_FRONTEND=noninteractive apt-get --yes install \
garciadeblas6ba74b52021-09-23 17:43:15 +0200[diff] [blame]94 ca-certificates \
95 && rm -rf /var/lib/apt/lists/*
beierlm9c33b5a2021-04-13 10:04:22 -0400[diff] [blame]96
Mark Beierle5b9ba62022-09-08 05:44:06 -0400[diff] [blame]97RUN rm -f /etc/apt/apt.conf.d/proxy.conf
98
David Garciaa60ec732021-03-17 15:28:47 +0100[diff] [blame]99COPY --from=INSTALL /usr/bin/kubectl /usr/bin/kubectl
David Garciaa60ec732021-03-17 15:28:47 +0100[diff] [blame]100COPY --from=INSTALL /usr/local/bin/helm3 /usr/local/bin/helm3
beierlm3b36f4d2021-04-13 17:01:53 -0400[diff] [blame]101COPY --from=INSTALL /usr/bin/scp /usr/bin/scp
beierlm249cd462021-04-07 14:19:03 -0400[diff] [blame]102COPY --from=INSTALL /usr/bin/ssh-keygen /usr/bin/ssh-keygen
beierlm9c33b5a2021-04-13 10:04:22 -0400[diff] [blame]103COPY --from=INSTALL /usr/bin/ssh /usr/bin/ssh
beierlm249cd462021-04-07 14:19:03 -0400[diff] [blame]104COPY --from=INSTALL /usr/lib/x86_64-linux-gnu/ /usr/lib/x86_64-linux-gnu/
beierlm9c33b5a2021-04-13 10:04:22 -0400[diff] [blame]105COPY --from=INSTALL /lib/x86_64-linux-gnu/ /lib/x86_64-linux-gnu/
David Garciaa60ec732021-03-17 15:28:47 +0100[diff] [blame]106
Mark Beierlabc56a92022-02-11 08:56:32 -0500[diff] [blame]107COPY scripts/ /app/osm_lcm/scripts/
108
109# Creating the user for the app
110RUN groupadd -g 1000 appuser && \
111 useradd -u 1000 -g 1000 -d /app appuser && \
112 mkdir -p /app/osm_lcm && \
113 mkdir -p /app/storage/kafka && \
114 mkdir /app/log && \
David Garcia85130462022-04-27 13:46:34 +0200[diff] [blame]115 chown -R appuser:appuser /app && \
116 chown appuser: /etc/ssl/certs/ca-certificates.crt
117
Mark Beierlabc56a92022-02-11 08:56:32 -0500[diff] [blame]118
119WORKDIR /app/osm_lcm
120
121# Changing the security context
122USER appuser
sousaedu7389cfc2021-07-30 11:52:48 +0200[diff] [blame]123
David Garciaa60ec732021-03-17 15:28:47 +0100[diff] [blame]124########################################################################
Mike Marchetti13d76c82018-09-19 15:00:36 -0400[diff] [blame]125
Mike Marchetti13d76c82018-09-19 15:00:36 -0400[diff] [blame]126# The following ENV can be added with "docker run -e xxx' to configure LCM
127ENV OSMLCM_RO_HOST ro
128ENV OSMLCM_RO_PORT 9090
129ENV OSMLCM_RO_TENANT osm
130
131# VCA
132ENV OSMLCM_VCA_HOST vca
garciadeblasa2e41842019-12-18 11:05:24 +0100[diff] [blame]133ENV OSMLCM_VCA_PORT 17070
134ENV OSMLCM_VCA_USER admin
135ENV OSMLCM_VCA_SECRET secret
136# ENV OSMLCM_VCA_PUBKEY pubkey
137# ENV OSMLCM_VCA_CACERT cacert
138# ENV OSMLCM_VCA_ENABLEOSUPGRADE false
139# ENV OSMLCM_VCA_APTMIRROR http://archive.ubuntu.com/ubuntu/
Mike Marchetti13d76c82018-09-19 15:00:36 -0400[diff] [blame]140
141# database
142ENV OSMLCM_DATABASE_DRIVER mongo
Juancc084d72018-11-16 11:08:07 -0300[diff] [blame]143ENV OSMLCM_DATABASE_URI mongodb://mongo:27017
144#ENV OSMLCM_DATABASE_HOST mongo
145#ENV OSMLCM_DATABASE_PORT 27017
146
147
Mike Marchetti13d76c82018-09-19 15:00:36 -0400[diff] [blame]148ENV OSMLCM_STORAGE_DRIVER local
149ENV OSMLCM_STORAGE_PATH /app/storage
150
151# message
152ENV OSMLCM_MESSAGE_DRIVER kafka
153ENV OSMLCM_MESSAGE_HOST kafka
154ENV OSMLCM_MESSAGE_PORT 9092
155
garciadeblas0ccc31e2019-11-22 15:28:50 +0100[diff] [blame]156# k8s
garciadeblas09bc8092024-05-30 22:35:30 +0200[diff] [blame]157ENV OSMLCM_VCA_HELMPATH /usr/local/bin/helm3
garciadeblas0ccc31e2019-11-22 15:28:50 +0100[diff] [blame]158ENV OSMLCM_VCA_KUBECTLPATH /usr/bin/kubectl
Adam Israel3f16fd52019-12-03 10:14:06 -0500[diff] [blame]159ENV OSMLCM_VCA_JUJUPATH /usr/local/bin/juju
garciadeblas0ccc31e2019-11-22 15:28:50 +0100[diff] [blame]160
Pedro Pereirac09bd232024-06-19 20:59:36 +0100[diff] [blame]161# post-renderers
garciadeblas2ed535b2024-12-16 17:02:11 +0100[diff] [blame]162ENV OSMLCM_MAINPOSTRENDERERPATH /app/osm_lcm/n2vc/post-renderer-scripts/mainPostRenderer/mainPostRenderer
163ENV OSMLCM_PODLABELSPOSTRENDERERPATH /app/osm_lcm/n2vc/post-renderer-scripts/podLabels/podLabels
164ENV OSMLCM_NODESELECTORPOSTRENDERERPATH /app/osm_lcm/n2vc/post-renderer-scripts/nodeSelector/nodeSelector
Pedro Pereirac09bd232024-06-19 20:59:36 +0100[diff] [blame]165
David Garcia1d5c2212021-05-28 16:24:24 +0200[diff] [blame]166# helm
167ENV OSMLCM_VCA_STABLEREPOURL https://charts.helm.sh/stable
sousaedu7389cfc2021-07-30 11:52:48 +0200[diff] [blame]168# ENV OSMLCM_VCA_HELM_CA_CERTS <ca-cert>
David Garcia1d5c2212021-05-28 16:24:24 +0200[diff] [blame]169
garciadeblas0ccc31e2019-11-22 15:28:50 +0100[diff] [blame]170# logs
171# ENV OSMLCM_GLOBAL_LOGFILE /app/log/lcm.log
172# ENV OSMLCM_GLOBAL_LOGLEVEL DEBUG
173
tierno9f8b53b2019-09-13 13:19:48 +0000[diff] [blame]174HEALTHCHECK --start-period=120s --interval=30s --timeout=30s --retries=1 \
tierno62478d12020-01-09 17:25:29 +0000[diff] [blame]175 CMD python3 -m osm_lcm.lcm_hc || exit 1
tierno84a3c9a2018-10-24 11:02:57 +0200[diff] [blame]176
Mike Marchetti13d76c82018-09-19 15:00:36 -0400[diff] [blame]177# Run app.py when the container launches
sousaedu7389cfc2021-07-30 11:52:48 +0200[diff] [blame]178CMD [ "/bin/bash", "scripts/start.sh" ]