From e9450e32a330d32848f2222eba1ab640b984700a Mon Sep 17 00:00:00 2001 From: Jakub Nyckowski Date: Tue, 28 Dec 2021 22:33:22 -0500 Subject: [PATCH] Add ARM64 support for buildbox docker image (#9572) * Update buildbox to use Python3. * Remove non default rust targets from arm64 image. * Add ETCD_UNSUPPORTED_ARCH for arm64 to etcd script to allow running etcd on arm64. --- build.assets/Dockerfile | 33 +++++++++++++++++++-------------- build.assets/Makefile | 14 +++++++------- examples/etcd/start-etcd.sh | 11 +++++++++-- 3 files changed, 35 insertions(+), 23 deletions(-) diff --git a/build.assets/Dockerfile b/build.assets/Dockerfile index ac6546604d4ea..805be231730b3 100644 --- a/build.assets/Dockerfile +++ b/build.assets/Dockerfile @@ -17,8 +17,13 @@ ENV LANGUAGE="en_US.UTF-8" \ LC_CTYPE="en_US.UTF-8" \ DEBIAN_FRONTEND="noninteractive" +# BUILDARCH is automatically set by DOCKER when building the image with Build Kit (MacOS by deafult). +# https://docs.docker.com/engine/reference/builder/#automatic-platform-args-in-the-global-scope +ARG BUILDARCH + # Install packages. # We install curl first to allow setting up the Google SDK as part of the same layer. +# NOTE: gcc-multilib is not available on ARM, so ony amd64 version includes it. RUN apt-get update -y --fix-missing && \ apt-get -q -y upgrade && \ apt-get install -y --no-install-recommends apt-utils ca-certificates curl gnupg && \ @@ -31,7 +36,7 @@ RUN apt-get update -y --fix-missing && \ clang-format-10 \ curl \ gcc \ - gcc-multilib \ + `if [ "$BUILDARCH" = "amd64" ] ; then echo gcc-multilib; fi` \ git \ google-cloud-sdk \ google-cloud-sdk-firestore-emulator \ @@ -48,7 +53,9 @@ RUN apt-get update -y --fix-missing && \ net-tools \ openssh-client \ osslsigncode \ - python-pip \ + python3-pip \ + python3-setuptools \ + python3-wheel \ pkg-config \ shellcheck \ softhsm2 \ @@ -58,7 +65,7 @@ RUN apt-get update -y --fix-missing && \ zip \ zlib1g-dev \ && \ - pip --no-cache-dir install yamllint && \ + pip3 --no-cache-dir install yamllint && \ dpkg-reconfigure locales && \ apt-get -y clean && \ rm -rf /var/lib/apt/lists/* @@ -69,12 +76,12 @@ RUN (groupadd ci --gid=$GID -o && useradd ci --uid=$UID --gid=$GID --create-home mkdir -p -m0700 /var/lib/teleport && chown -R ci /var/lib/teleport) # Install etcd. -RUN (curl -L https://github.com/coreos/etcd/releases/download/v3.3.9/etcd-v3.3.9-linux-amd64.tar.gz | tar -xz && \ - cp etcd-v3.3.9-linux-amd64/etcd* /bin/) +RUN (curl -L https://github.com/coreos/etcd/releases/download/v3.3.9/etcd-v3.3.9-linux-${BUILDARCH}.tar.gz | tar -xz && \ + cp etcd-v3.3.9-linux-${BUILDARCH}/etcd* /bin/) # Install Go. ARG RUNTIME -RUN mkdir -p /opt && cd /opt && curl https://storage.googleapis.com/golang/$RUNTIME.linux-amd64.tar.gz | tar xz && \ +RUN mkdir -p /opt && cd /opt && curl https://storage.googleapis.com/golang/$RUNTIME.linux-${BUILDARCH}.tar.gz | tar xz && \ mkdir -p /go/src/github.com/gravitational/teleport && \ chmod a+w /go && \ chmod a+w /var/lib && \ @@ -111,13 +118,11 @@ RUN (curl -L https://github.com/bats-core/bats-core/archive/v1.2.1.tar.gz | tar # Install protobuf and grpc build tools. ARG PROTOC_VER -ARG PROTOC_PLATFORM ARG GOGO_PROTO_TAG - -ENV PROTOC_TARBALL protoc-${PROTOC_VER}-${PROTOC_PLATFORM}.zip ENV GOGOPROTO_ROOT ${GOPATH}/src/github.com/gogo/protobuf -RUN (curl -L -o /tmp/${PROTOC_TARBALL} https://github.com/protocolbuffers/protobuf/releases/download/v${PROTOC_VER}/${PROTOC_TARBALL} && \ +RUN (export PROTOC_TARBALL=protoc-${PROTOC_VER}-linux-$(if [ "$BUILDARCH" = "amd64" ]; then echo "x86_64"; else echo "aarch_64"; fi).zip && \ + curl -L -o /tmp/${PROTOC_TARBALL} https://github.com/protocolbuffers/protobuf/releases/download/v${PROTOC_VER}/${PROTOC_TARBALL} && \ cd /tmp && unzip /tmp/${PROTOC_TARBALL} -d /usr/local && \ chmod -R a+r /usr/local/include/google/protobuf && \ rm /tmp/${PROTOC_TARBALL}) @@ -148,15 +153,15 @@ RUN mkdir -p $RUSTUP_HOME && chmod a+w $RUSTUP_HOME && \ # Install Rust using the ci user, as that is the user that # will run builds using the Rust toolchains we install here. +# Cross-compilation targets are only installed on amd64, as +# this image doesn't contain gcc-multilib. USER ci RUN curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y --profile minimal --default-toolchain $RUST_VERSION && \ rustup --version && \ cargo --version && \ rustc --version && \ - rustup component add --toolchain $RUST_VERSION-x86_64-unknown-linux-gnu rustfmt clippy && \ - rustup target add i686-unknown-linux-gnu && \ - rustup target add arm-unknown-linux-gnueabihf && \ - rustup target add aarch64-unknown-linux-gnu && \ + rustup component add rustfmt clippy && \ + if [ "$BUILDARCH" = "amd64" ]; then rustup target add i686-unknown-linux-gnu arm-unknown-linux-gnueabihf aarch64-unknown-linux-gnu; fi && \ cargo install cbindgen USER root diff --git a/build.assets/Makefile b/build.assets/Makefile index fce26f1f78658..2a379a2691356 100644 --- a/build.assets/Makefile +++ b/build.assets/Makefile @@ -25,9 +25,9 @@ UID := $$(id -u) GID := $$(id -g) HOST_ARCH := $(shell uname -m) -DEVBOX_RUNTIME_ARCH_x86_64 := amd64 -DEVBOX_RUNTIME_ARCH_arm64 := arm64 -DEVBOX_RUNTIME_ARCH := $(DEVBOX_RUNTIME_ARCH_$(HOST_ARCH)) +RUNTIME_ARCH_x86_64 := amd64 +RUNTIME_ARCH_arm64 := arm64 +RUNTIME_ARCH := $(RUNTIME_ARCH_$(HOST_ARCH)) DEVBOX_BASE_IMAGE_x86_64 = ubuntu:20.04 DEVBOX_BASE_IMAGE_arm64 = arm64v8/ubuntu:20.04 @@ -39,7 +39,6 @@ DEVBOX_PROTOC_PLATFORM := $(DEVBOX_PROTOC_PLATFORM_$(HOST_ARCH)) PROTOC_VER ?= 3.6.1 GOGO_PROTO_TAG ?= v1.3.2 -PROTOC_PLATFORM := linux-x86_64 BUILDBOX=quay.io/gravitational/teleport-buildbox:$(RUNTIME) BUILDBOX_FIPS=quay.io/gravitational/teleport-buildbox-fips:$(RUNTIME) @@ -115,19 +114,20 @@ build-binaries-fips: buildbox-fips # If running in CI and there is no image with the buildbox name:tag combination present locally, # the image is pulled from the Docker repository. If this pull fails (i.e. when a new Go runtime is # first used), the error is ignored and the buildbox is built using the Dockerfile. +# BUILDARCH is set explicitly, so it's set with and without BuildKit enabled. # .PHONY:buildbox buildbox: if [[ "$(BUILDBOX_NAME)" == "$(BUILDBOX)" ]]; then \ if [[ $${DRONE} == "true" ]] && ! docker inspect --type=image $(BUILDBOX) 2>&1 >/dev/null; then docker pull $(BUILDBOX) || true; fi; \ - docker build --platform=linux/amd64 \ + docker build --platform=linux/$(RUNTIME_ARCH) \ --build-arg UID=$(UID) \ --build-arg GID=$(GID) \ + --build-arg BUILDARCH=$(RUNTIME_ARCH) \ --build-arg RUNTIME=$(RUNTIME) \ --build-arg RUST_VERSION=$(RUST_VERSION) \ --build-arg PROTOC_VER=$(PROTOC_VER) \ --build-arg GOGO_PROTO_TAG=$(GOGO_PROTO_TAG) \ - --build-arg PROTOC_PLATFORM=$(PROTOC_PLATFORM) \ --build-arg LIBBPF_VERSION=$(LIBBPF_VERSION) \ --cache-from $(BUILDBOX) \ --tag $(BUILDBOX) . ; \ @@ -138,7 +138,7 @@ devbox: docker build \ --build-arg BASE_IMAGE=$(DEVBOX_BASE_IMAGE) \ --build-arg RUNTIME=$(RUNTIME) \ - --build-arg RUNTIME_ARCH=$(DEVBOX_RUNTIME_ARCH) \ + --build-arg RUNTIME_ARCH=$(RUNTIME_ARCH) \ --build-arg PROTOC_VER=$(PROTOC_VER) \ --build-arg GOGO_PROTO_TAG=$(GOGO_PROTO_TAG) \ --build-arg PROTOC_PLATFORM=$(DEVBOX_PROTOC_PLATFORM) \ diff --git a/examples/etcd/start-etcd.sh b/examples/etcd/start-etcd.sh index 71208ba683ee4..e6a74f6860930 100755 --- a/examples/etcd/start-etcd.sh +++ b/examples/etcd/start-etcd.sh @@ -7,8 +7,15 @@ # NOTE: this file is also used to run etcd tests. # -HERE=$(readlink -f $0) -cd "$(dirname $HERE)" || exit +set -e + +# Etcd before v3.5.0 requires ETCD_UNSUPPORTED_ARCH to be set in order to run on arm64. +if [ "$(uname -m)" = "aarch64" ]; then +export ETCD_UNSUPPORTED_ARCH=arm64 +fi + +HERE=$(readlink -f "$0") +cd "$(dirname "$HERE")" || exit mkdir -p data etcd --name teleportstorage \