Skip to content

Commit

Permalink
Support build&deploy dragonfly within none root user
Browse files Browse the repository at this point in the history
Signed-off-by: TommyLike <[email protected]>
  • Loading branch information
TommyLike committed Jan 7, 2024
1 parent 1e39879 commit 10e9e32
Show file tree
Hide file tree
Showing 12 changed files with 152 additions and 30 deletions.
7 changes: 7 additions & 0 deletions build/images/base/Dockerfile
Original file line number Diff line number Diff line change
Expand Up @@ -22,3 +22,10 @@ RUN curl -fsSL "$GOLANG_DOWNLOAD_URL" -o golang.tar.gz \
&& tar -C /usr/local -xzf golang.tar.gz \
&& rm golang.tar.gz \
&& go install github.com/go-delve/delve/cmd/[email protected]

# Create none root user and group
ARG USER_NAME=dragonfly
ARG USER_UID=1000
ARG GROUP_NAME=dragonfly
ARG GROUP_GID=1000
RUN groupadd -g $GROUP_GID $GROUP_NAME && useradd -u $USER_UID -g $GROUP_GID -m -s /bin/bash $USER_NAME
21 changes: 19 additions & 2 deletions build/images/dfdaemon/Dockerfile
Original file line number Diff line number Diff line change
Expand Up @@ -29,11 +29,28 @@ RUN if [ "$(uname -m)" = "ppc64le" ]; then \

FROM ${BASE_IMAGE}

ARG USER_NAME=dragonfly
ARG USER_UID=1000
ARG GROUP_NAME=dragonfly
ARG GROUP_GID=1000

ENV PATH=/opt/dragonfly/bin:$PATH
RUN echo "hosts: files dns" > /etc/nsswitch.conf

COPY --from=builder /opt/dragonfly/bin/dfget /opt/dragonfly/bin/dfget
COPY --from=health /bin/grpc_health_probe /bin/grpc_health_probe
# NOTE: Command works for alpine linux, for other distro please update run statement or create user/group in base image
RUN if [ getent group "$GROUP_NAME" ]; then \
echo "group exists"; \
else \
addgroup -S -g $GROUP_GID $GROUP_NAME; \
fi
RUN if [ getent passwd "$USER_NAME" ]; then \
echo "user exists"; \
else \
adduser -S -u $USER_UID -G $GROUP_NAME -D $USER_NAME; \
fi

COPY --from=builder --chown=$GROUP_NAME:$USER_NAME /opt/dragonfly/bin/dfget /opt/dragonfly/bin/dfget
COPY --from=health --chown=$GROUP_NAME:$USER_NAME /bin/grpc_health_probe /bin/grpc_health_probe

EXPOSE 65001

Expand Down
21 changes: 19 additions & 2 deletions build/images/manager/Dockerfile
Original file line number Diff line number Diff line change
Expand Up @@ -43,15 +43,32 @@ RUN if [ "$(uname -m)" = "ppc64le" ]; then \

FROM ${BASE_IMAGE}

ARG USER_NAME=dragonfly
ARG USER_UID=1000
ARG GROUP_NAME=dragonfly
ARG GROUP_GID=1000

WORKDIR /opt/dragonfly

ENV PATH=/opt/dragonfly/bin:$PATH

RUN mkdir -p /opt/dragonfly/bin/manager/console \
&& echo "hosts: files dns" > /etc/nsswitch.conf

COPY --from=server-builder /opt/dragonfly/bin/manager /opt/dragonfly/bin/server
COPY --from=health /bin/grpc_health_probe /bin/grpc_health_probe
# NOTE: Command works for alpine linux, for other distro please update run statement or create user/group in base image
RUN if [ getent group "$GROUP_NAME" ]; then \
echo "group exists"; \
else \
addgroup -S -g $GROUP_GID $GROUP_NAME; \
fi
RUN if [ getent passwd "$USER_NAME" ]; then \
echo "user exists"; \
else \
adduser -S -u $USER_UID -G $GROUP_NAME -D $USER_NAME; \
fi

COPY --from=server-builder --chown=$GROUP_NAME:$USER_NAME /opt/dragonfly/bin/manager /opt/dragonfly/bin/server
COPY --from=health --chown=$GROUP_NAME:$USER_NAME /bin/grpc_health_probe /bin/grpc_health_probe

EXPOSE 8080 65003

Expand Down
21 changes: 19 additions & 2 deletions build/images/scheduler/Dockerfile
Original file line number Diff line number Diff line change
Expand Up @@ -29,11 +29,28 @@ RUN if [ "$(uname -m)" = "ppc64le" ]; then \

FROM ${BASE_IMAGE}

ARG USER_NAME=dragonfly
ARG USER_UID=1000
ARG GROUP_NAME=dragonfly
ARG GROUP_GID=1000

ENV PATH=/opt/dragonfly/bin:$PATH
RUN echo "hosts: files dns" > /etc/nsswitch.conf

COPY --from=builder /opt/dragonfly/bin/scheduler /opt/dragonfly/bin/scheduler
COPY --from=health /bin/grpc_health_probe /bin/grpc_health_probe
# NOTE: Command works for alpine linux, for other distro please update run statement or create user/group in base image
RUN if [ getent group "$GROUP_NAME" ]; then \
echo "group exists"; \
else \
addgroup -S -g $GROUP_GID $GROUP_NAME; \
fi
RUN if [ getent passwd "$USER_NAME" ]; then \
echo "user exists"; \
else \
adduser -S -u $USER_UID -G $GROUP_NAME -D $USER_NAME; \
fi

COPY --from=builder --chown=$GROUP_NAME:$USER_NAME /opt/dragonfly/bin/scheduler /opt/dragonfly/bin/scheduler
COPY --from=health --chown=$GROUP_NAME:$USER_NAME /bin/grpc_health_probe /bin/grpc_health_probe

EXPOSE 8002

Expand Down
21 changes: 19 additions & 2 deletions build/images/trainer/Dockerfile
Original file line number Diff line number Diff line change
Expand Up @@ -29,11 +29,28 @@ RUN if [ "$(uname -m)" = "ppc64le" ]; then \

FROM ${BASE_IMAGE}

ARG USER_NAME=dragonfly
ARG USER_UID=1000
ARG GROUP_NAME=dragonfly
ARG GROUP_GID=1000

ENV PATH=/opt/dragonfly/bin:$PATH
RUN echo "hosts: files dns" > /etc/nsswitch.conf

COPY --from=builder /opt/dragonfly/bin/trainer /opt/dragonfly/bin/trainer
COPY --from=health /bin/grpc_health_probe /bin/grpc_health_probe
# NOTE: Command works for alpine linux, for other distro please update run statement or create user/group in base image
RUN if [ getent group "$GROUP_NAME" ]; then \
echo "group exists"; \
else \
addgroup -S -g $GROUP_GID $GROUP_NAME; \
fi
RUN if [ getent passwd "$USER_NAME" ]; then \
echo "user exists"; \
else \
adduser -S -u $USER_UID -G $GROUP_NAME -D $USER_NAME; \
fi

COPY --from=builder --chown=$GROUP_NAME:$USER_NAME /opt/dragonfly/bin/trainer /opt/dragonfly/bin/trainer
COPY --from=health --chown=$GROUP_NAME:$USER_NAME /bin/grpc_health_probe /bin/grpc_health_probe

EXPOSE 9090

Expand Down
4 changes: 4 additions & 0 deletions cmd/manager/cmd/root.go
Original file line number Diff line number Diff line change
Expand Up @@ -107,6 +107,10 @@ func initDfpath(cfg *config.ServerConfig) (dfpath.Dfpath, error) {
options = append(options, dfpath.WithPluginDir(cfg.PluginDir))
}

if cfg.DataDir != "" {
options = append(options, dfpath.WithDataDir(cfg.DataDir))
}

return dfpath.New(options...)
}

Expand Down
8 changes: 8 additions & 0 deletions deploy/docker-compose/docker-compose.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -44,6 +44,8 @@ services:
interval: 1s
timeout: 2s
retries: 30
user: "1000:1000"
command: ["--verbose", "--console"]
ports:
- 65003:65003
- 8080:8080
Expand All @@ -61,6 +63,8 @@ services:
interval: 1s
timeout: 2s
retries: 30
command: ["--verbose", "--console"]
user: "1000:1000"
volumes:
- ./log/peer:/var/log/dragonfly/daemon
- ./config/dfget.yaml:/etc/dragonfly/dfget.yaml:ro
Expand All @@ -83,6 +87,8 @@ services:
volumes:
- ./log/scheduler:/var/log/dragonfly/scheduler
- ./config/scheduler.yaml:/etc/dragonfly/scheduler.yaml:ro
user: "1000:1000"
command: ["--verbose", "--console"]
ports:
- 8002:8002

Expand All @@ -101,6 +107,8 @@ services:
volumes:
- ./log/seed-peer:/var/log/dragonfly/daemon
- ./config/seed-peer.yaml:/etc/dragonfly/dfget.yaml:ro
user: "1000:1000"
command: ["--verbose", "--console"]
ports:
- 65006:65006
- 65007:65007
Expand Down
17 changes: 11 additions & 6 deletions deploy/docker-compose/template/dfget.template.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -8,27 +8,32 @@ gcInterval: 1m0s
# WorkHome is working directory.
# In linux, default value is /usr/local/dragonfly.
# In macos(just for testing), default value is /Users/$USER/.dragonfly.
workHome: ''
# With docker compose deployment, the path located to homedir since it's running as a none root user.
workHome: '/home/dragonfly/.dragonfly'

# logDir is the log directory.
# In linux, default value is /var/log/dragonfly.
# In macos(just for testing), default value is /Users/$USER/.dragonfly/logs.
logDir: ''
# With docker compose deployment, the path located to homedir since it's running as a none root user.
logDir: '/home/dragonfly/.dragonfly/logs'

# cacheDir is dynconfig cache directory.
# In linux, default value is /var/cache/dragonfly.
# In macos(just for testing), default value is /Users/$USER/.dragonfly/cache.
cacheDir: ''
# With docker compose deployment, the path located to homedir since it's running as a none root user.
cacheDir: '/home/dragonfly/.dragonfly/cache'

# pluginDir is the plugin directory.
# In linux, default value is /usr/local/dragonfly/plugins.
# In macos(just for testing), default value is /Users/$USER/.dragonfly/plugins.
pluginDir: ''
# With docker compose deployment, the path located to homedir since it's running as a none root user.
pluginDir: '/home/dragonfly/.dragonfly/plugins'

# dataDir is the download data directory.
# In linux, default value is /var/lib/dragonfly.
# In macos(just for testing), default value is /Users/$USER/.dragonfly/data.
dataDir: ''
# With docker compose deployment, the path located to homedir since it's running as a none root user.
dataDir: '/home/dragonfly/data'

# when daemon exit, keep peer task data or not
# it is usefully when upgrade daemon service, all local cache will be saved
Expand Down Expand Up @@ -135,7 +140,7 @@ download:
unixListen:
# In linux, default value is /var/run/dfdaemon.sock.
# In macos(just for testing), default value is /tmp/dfdaemon.sock.
socket: ''
socket: '/home/dragonfly/dfdaemon.sock'
# peer grpc option
# peer grpc service send pieces info to other peers
peerGRPC:
Expand Down
21 changes: 17 additions & 4 deletions deploy/docker-compose/template/manager.template.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -18,19 +18,32 @@ server:
# WorkHome is working directory.
# In linux, default value is /usr/local/dragonfly.
# In macos(just for testing), default value is /Users/$USER/.dragonfly.
workHome: ''
# With docker compose deployment, the path located to homedir since it's running as a none root user.
workHome: '/home/dragonfly/.dragonfly'

# logDir is the log directory.
# In linux, default value is /var/log/dragonfly.
# In macos(just for testing), default value is /Users/$USER/.dragonfly/logs.
logDir: ''
# With docker compose deployment, the path located to homedir since it's running as a none root user.
logDir: '/home/dragonfly/.dragonfly/logs'

# cacheDir is dynconfig cache directory.
# In linux, default value is /var/cache/dragonfly.
# In macos(just for testing), default value is /Users/$USER/.dragonfly/cache.
cacheDir: ''
# With docker compose deployment, the path located to homedir since it's running as a none root user.
cacheDir: '/home/dragonfly/.dragonfly/cache'

# pluginDir is the plugin directory.
# In linux, default value is /usr/local/dragonfly/plugins.
# In macos(just for testing), default value is /Users/$USER/.dragonfly/plugins.
pluginDir: ''
# With docker compose deployment, the path located to homedir since it's running as a none root user.
pluginDir: '/home/dragonfly/.dragonfly/plugins'

# dataDir is the download data directory.
# In linux, default value is /var/lib/dragonfly.
# In macos(just for testing), default value is /Users/$USER/.dragonfly/data.
# With docker compose deployment, the path located to homedir since it's running as a none root user.
dataDir: '/home/dragonfly/data'

auth:
jwt:
Expand Down
21 changes: 15 additions & 6 deletions deploy/docker-compose/template/scheduler.template.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -11,23 +11,32 @@ server:
# WorkHome is working directory.
# In linux, default value is /usr/local/dragonfly.
# In macos(just for testing), default value is /Users/$USER/.dragonfly.
workHome: ''
# With docker compose deployment, the path located to homedir since it's running as a none root user.
workHome: '/home/dragonfly/.dragonfly'

# logDir is the log directory.
# In linux, default value is /var/log/dragonfly.
# In macos(just for testing), default value is /Users/$USER/.dragonfly/logs.
logDir: ''
# With docker compose deployment, the path located to homedir since it's running as a none root user.
logDir: '/home/dragonfly/.dragonfly/logs'

# cacheDir is dynconfig cache directory.
# In linux, default value is /var/cache/dragonfly.
# In macos(just for testing), default value is /Users/$USER/.dragonfly/cache.
cacheDir: ''
# With docker compose deployment, the path located to homedir since it's running as a none root user.
cacheDir: '/home/dragonfly/.dragonfly/cache'

# pluginDir is the plugin directory.
# In linux, default value is /usr/local/dragonfly/plugins.
# In macos(just for testing), default value is /Users/$USER/.dragonfly/plugins.
pluginDir: ''
# dataDir is the directory.
# With docker compose deployment, the path located to homedir since it's running as a none root user.
pluginDir: '/home/dragonfly/.dragonfly/plugins'

# dataDir is the download data directory.
# In linux, default value is /var/lib/dragonfly.
# In macos(just for testing), default value is /Users/$USER/.dragonfly/data.
dataDir: ''
# With docker compose deployment, the path located to homedir since it's running as a none root user.
dataDir: '/home/dragonfly/data'

# scheduler policy configuration
scheduler:
Expand Down
17 changes: 11 additions & 6 deletions deploy/docker-compose/template/seed-peer.template.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -8,27 +8,32 @@ gcInterval: 1m0s
# WorkHome is working directory.
# In linux, default value is /usr/local/dragonfly.
# In macos(just for testing), default value is /Users/$USER/.dragonfly.
workHome: ''
# With docker compose deployment, the path located to homedir since it's running as a none root user.
workHome: '/home/dragonfly/.dragonfly'

# logDir is the log directory.
# In linux, default value is /var/log/dragonfly.
# In macos(just for testing), default value is /Users/$USER/.dragonfly/logs.
logDir: ''
# With docker compose deployment, the path located to homedir since it's running as a none root user.
logDir: '/home/dragonfly/.dragonfly/logs'

# cacheDir is dynconfig cache directory.
# In linux, default value is /var/cache/dragonfly.
# In macos(just for testing), default value is /Users/$USER/.dragonfly/cache.
cacheDir: ''
# With docker compose deployment, the path located to homedir since it's running as a none root user.
cacheDir: '/home/dragonfly/.dragonfly/cache'

# pluginDir is the plugin directory.
# In linux, default value is /usr/local/dragonfly/plugins.
# In macos(just for testing), default value is /Users/$USER/.dragonfly/plugins.
pluginDir: ''
# With docker compose deployment, the path located to homedir since it's running as a none root user.
pluginDir: '/home/dragonfly/.dragonfly/plugins'

# dataDir is the download data directory.
# In linux, default value is /var/lib/dragonfly.
# In macos(just for testing), default value is /Users/$USER/.dragonfly/data.
dataDir: ''
# With docker compose deployment, the path located to homedir since it's running as a none root user.
dataDir: '/home/dragonfly/data'

# when daemon exit, keep peer task data or not
# it is usefully when upgrade daemon service, all local cache will be saved
Expand Down Expand Up @@ -147,7 +152,7 @@ download:
unixListen:
# In linux, default value is /var/run/dfdaemon.sock.
# In macos(just for testing), default value is /tmp/dfdaemon.sock.
socket: ''
socket: '/home/dragonfly/dfdaemon.sock'
# Peer grpc option.
# Peer grpc service send pieces info to other peers.
peerGRPC:
Expand Down
3 changes: 3 additions & 0 deletions manager/config/config.go
Original file line number Diff line number Diff line change
Expand Up @@ -81,6 +81,9 @@ type ServerConfig struct {
// Server plugin directory.
PluginDir string `yaml:"pluginDir" mapstructure:"pluginDir"`

// Server storage data directory.
DataDir string `yaml:"dataDir" mapstructure:"dataDir"`

// GRPC server configuration.
GRPC GRPCConfig `yaml:"grpc" mapstructure:"grpc"`

Expand Down

0 comments on commit 10e9e32

Please sign in to comment.