From 4261e94f6375892d09086f4d5d43f3298eb1a7d7 Mon Sep 17 00:00:00 2001
From: Aldo Culquicondor <acondor@google.com>
Date: Fri, 27 Aug 2021 13:58:29 -0400
Subject: [PATCH] Add base images and make PI samples inherit from it

---
 .dockerignore                             | 17 ++++++-
 Makefile                                  |  5 ++
 examples/base/Dockerfile                  | 24 +++++++++
 examples/base/intel-builder.Dockerfile    | 24 +++++++++
 examples/{pi => base}/intel-entrypoint.sh |  0
 examples/base/intel.Dockerfile            | 25 ++++++++++
 examples/base/openmpi-builder.Dockerfile  |  7 +++
 examples/base/openmpi.Dockerfile          |  5 ++
 examples/{pi => base}/sshd_config         |  0
 examples/pi/Dockerfile                    | 30 +-----------
 examples/pi/intel.Dockerfile              | 59 +----------------------
 11 files changed, 110 insertions(+), 86 deletions(-)
 mode change 120000 => 100644 .dockerignore
 create mode 100644 examples/base/Dockerfile
 create mode 100644 examples/base/intel-builder.Dockerfile
 rename examples/{pi => base}/intel-entrypoint.sh (100%)
 create mode 100644 examples/base/intel.Dockerfile
 create mode 100644 examples/base/openmpi-builder.Dockerfile
 create mode 100644 examples/base/openmpi.Dockerfile
 rename examples/{pi => base}/sshd_config (100%)

diff --git a/.dockerignore b/.dockerignore
deleted file mode 120000
index 3e4e48b0..00000000
--- a/.dockerignore
+++ /dev/null
@@ -1 +0,0 @@
-.gitignore
\ No newline at end of file
diff --git a/.dockerignore b/.dockerignore
new file mode 100644
index 00000000..4d38ab59
--- /dev/null
+++ b/.dockerignore
@@ -0,0 +1,16 @@
+# From .gitignore
+.idea/
+.vscode/
+_output/
+bin/
+profile.cov
+
+# Additional
+.gitignore
+.github/
+deploy/
+examples/
+hack/
+manifests/
+proposals/
+sdk/
diff --git a/Makefile b/Makefile
index eff82529..c54f9d50 100644
--- a/Makefile
+++ b/Makefile
@@ -99,7 +99,12 @@ images:
 
 .PHONY: test_images
 test_images:
+	${IMG_BUILDER} build -t mpioperator/base examples/base
+	${IMG_BUILDER} build -t mpioperator/openmpi examples/base -f examples/base/openmpi.Dockerfile
+	${IMG_BUILDER} build -t mpioperator/openmpi-builder examples/base -f examples/base/openmpi-builder.Dockerfile
 	${IMG_BUILDER} build -t mpioperator/mpi-pi:openmpi examples/pi
+	${IMG_BUILDER} build -t mpioperator/intel examples/base -f examples/base/intel.Dockerfile
+	${IMG_BUILDER} build -t mpioperator/intel-builder examples/base -f examples/base/intel-builder.Dockerfile
 	${IMG_BUILDER} build -t mpioperator/mpi-pi:intel examples/pi -f examples/pi/intel.Dockerfile
 
 .PHONY: tidy
diff --git a/examples/base/Dockerfile b/examples/base/Dockerfile
new file mode 100644
index 00000000..bc6692ae
--- /dev/null
+++ b/examples/base/Dockerfile
@@ -0,0 +1,24 @@
+FROM debian:buster
+
+RUN apt update && apt install -y --no-install-recommends \
+			openssh-server \
+			openssh-client \
+		&& rm -rf /var/lib/apt/lists/*
+# Add priviledge separation directoy to run sshd as root.
+RUN mkdir -p /var/run/sshd
+# Add capability to run sshd as non-root.
+RUN setcap CAP_NET_BIND_SERVICE=+eip /usr/sbin/sshd
+
+# Allow OpenSSH to talk to containers without asking for confirmation
+# by disabling StrictHostKeyChecking.
+# mpi-operator mounts the .ssh folder from a Secret. For that to work, we need
+# to disable UserKnownHostsFile to avoid write permissions.
+# Disabling StrictModes avoids directory and files read permission checks.
+RUN sed -i 's/[ #]\(.*StrictHostKeyChecking \).*/ \1no/g' /etc/ssh/ssh_config \
+    && echo "    UserKnownHostsFile /dev/null" >> /etc/ssh/ssh_config \
+    && sed -i 's/#\(StrictModes \).*/\1no/g' /etc/ssh/sshd_config
+
+RUN useradd -m mpiuser
+WORKDIR /home/mpiuser
+# Configurations for running sshd as non-root.
+COPY --chown=mpiuser sshd_config .sshd_config
diff --git a/examples/base/intel-builder.Dockerfile b/examples/base/intel-builder.Dockerfile
new file mode 100644
index 00000000..5234e6c7
--- /dev/null
+++ b/examples/base/intel-builder.Dockerfile
@@ -0,0 +1,24 @@
+FROM bash AS downloader
+
+RUN wget https://apt.repos.intel.com/intel-gpg-keys/GPG-PUB-KEY-INTEL-SW-PRODUCTS.PUB -O key.PUB
+
+FROM debian:buster
+
+COPY --from=downloader key.PUB /tmp/key.PUB
+
+# Install Intel oneAPI keys.
+RUN apt update \
+    && apt install -y --no-install-recommends gnupg2 ca-certificates \
+    && apt-key add /tmp/key.PUB \
+    && rm /tmp/key.PUB \
+    && echo "deb https://apt.repos.intel.com/oneapi all main" | tee /etc/apt/sources.list.d/oneAPI.list \
+    && apt remove -y gnupg2 ca-certificates \
+    && apt autoremove -y \
+    && apt update \
+    && apt install -y --no-install-recommends \
+        libstdc++-8-dev binutils \
+        intel-oneapi-compiler-dpcpp-cpp \
+        intel-oneapi-mpi-devel \
+    && rm -rf /var/lib/apt/lists/*
+
+ENV I_MPI_CC=clang I_MPI_CXX=clang++
diff --git a/examples/pi/intel-entrypoint.sh b/examples/base/intel-entrypoint.sh
similarity index 100%
rename from examples/pi/intel-entrypoint.sh
rename to examples/base/intel-entrypoint.sh
diff --git a/examples/base/intel.Dockerfile b/examples/base/intel.Dockerfile
new file mode 100644
index 00000000..09579281
--- /dev/null
+++ b/examples/base/intel.Dockerfile
@@ -0,0 +1,25 @@
+FROM bash AS downloader
+
+RUN wget https://apt.repos.intel.com/intel-gpg-keys/GPG-PUB-KEY-INTEL-SW-PRODUCTS.PUB -O key.PUB
+
+
+FROM mpioperator/base
+
+COPY --from=downloader key.PUB /tmp/key.PUB
+
+# Install Intel oneAPI keys.
+RUN apt update \
+    && apt install -y --no-install-recommends gnupg2 ca-certificates \
+    && apt-key add /tmp/key.PUB \
+    && rm /tmp/key.PUB \
+    && echo "deb https://apt.repos.intel.com/oneapi all main" | tee /etc/apt/sources.list.d/oneAPI.list \
+    && apt remove -y gnupg2 ca-certificates \
+    && apt autoremove -y \
+    && apt update \
+    && apt install -y --no-install-recommends \
+        dnsutils \
+        intel-oneapi-mpi \
+    && rm -rf /var/lib/apt/lists/*
+
+COPY intel-entrypoint.sh /entrypoint.sh
+ENTRYPOINT ["/entrypoint.sh"]
diff --git a/examples/base/openmpi-builder.Dockerfile b/examples/base/openmpi-builder.Dockerfile
new file mode 100644
index 00000000..ba4ac800
--- /dev/null
+++ b/examples/base/openmpi-builder.Dockerfile
@@ -0,0 +1,7 @@
+FROM debian:buster as builder
+
+RUN apt update \
+    && apt install -y --no-install-recommends \
+        g++ \
+        libopenmpi-dev \
+    && rm -rf /var/lib/apt/lists/*
diff --git a/examples/base/openmpi.Dockerfile b/examples/base/openmpi.Dockerfile
new file mode 100644
index 00000000..a98f29e1
--- /dev/null
+++ b/examples/base/openmpi.Dockerfile
@@ -0,0 +1,5 @@
+FROM mpioperator/base
+
+RUN apt update \
+    && apt install -y --no-install-recommends openmpi-bin \
+    && rm -rf /var/lib/apt/lists/*
diff --git a/examples/pi/sshd_config b/examples/base/sshd_config
similarity index 100%
rename from examples/pi/sshd_config
rename to examples/base/sshd_config
diff --git a/examples/pi/Dockerfile b/examples/pi/Dockerfile
index 684cfd21..4506f8a8 100644
--- a/examples/pi/Dockerfile
+++ b/examples/pi/Dockerfile
@@ -1,35 +1,9 @@
-FROM debian:buster as builder
-
-RUN apt update && apt install -y --no-install-recommends \
-			g++ \
-			libopenmpi-dev \
-			&& rm -rf /var/lib/apt/lists/*
+FROM mpioperator/openmpi-builder as builder
 
 COPY pi.cc /src/pi.cc
 RUN mpic++ /src/pi.cc -o /pi
 
 
-FROM debian:buster
-
-RUN apt update && apt install -y --no-install-recommends \
-			openmpi-bin \
-			openssh-server \
-			openssh-client \
-			&& rm -rf /var/lib/apt/lists/*
-# Add priviledge separation directoy to run sshd as root.
-RUN mkdir -p /var/run/sshd
-# Add capability to run sshd as non-root.
-RUN setcap CAP_NET_BIND_SERVICE=+eip /usr/sbin/sshd
+FROM mpioperator/openmpi
 
-RUN useradd -m mpiuser
-WORKDIR /home/mpiuser
-COPY --chown=mpiuser sshd_config .sshd_config
-# Allow OpenSSH to talk to containers without asking for confirmation
-# by disabling StrictHostKeyChecking.
-# mpi-operator mounts the .ssh folder from a Secret. For that to work, we need
-# to disable UserKnownHostsFile to avoid write permissions.
-# Disabling StrictModes avoids directory and files read permission checks.
-RUN sed -i 's/[ #]\(.*StrictHostKeyChecking \).*/ \1no/g' /etc/ssh/ssh_config && \
-    echo "    UserKnownHostsFile /dev/null" >> /etc/ssh/ssh_config && \
-    sed -i 's/#\(StrictModes \).*/\1no/g' /etc/ssh/sshd_config
 COPY --from=builder /pi /home/mpiuser/pi
\ No newline at end of file
diff --git a/examples/pi/intel.Dockerfile b/examples/pi/intel.Dockerfile
index 75e4ab7b..5aa8dfe4 100644
--- a/examples/pi/intel.Dockerfile
+++ b/examples/pi/intel.Dockerfile
@@ -1,64 +1,9 @@
-FROM bash AS downloader
+FROM mpioperator/intel-builder as builder
 
-RUN wget https://apt.repos.intel.com/intel-gpg-keys/GPG-PUB-KEY-INTEL-SW-PRODUCTS.PUB -O key.PUB
-
-
-FROM debian:buster as base
-
-COPY --from=downloader key.PUB /tmp/key.PUB
-
-# Install Intel oneAPI keys.
-RUN apt update \
-		&& apt install -y --no-install-recommends gnupg2 ca-certificates \
-    && apt-key add /tmp/key.PUB \
-		&& rm /tmp/key.PUB \
-		&& echo "deb https://apt.repos.intel.com/oneapi all main" | tee /etc/apt/sources.list.d/oneAPI.list \
-		&& apt remove -y gnupg2 ca-certificates \
-		&& apt autoremove -y \
-		&& rm -rf /var/lib/apt/lists/*
-
-
-FROM base as builder
-
-RUN apt update \
-		&& apt install -y --no-install-recommends \
-			libstdc++-8-dev binutils \
-			intel-oneapi-compiler-dpcpp-cpp \
-			intel-oneapi-mpi-devel \
-		&& rm -rf /var/lib/apt/lists/*
-
-ENV I_MPI_CC=clang I_MPI_CXX=clang++
 COPY pi.cc /src/pi.cc
 RUN bash -c "source /opt/intel/oneapi/setvars.sh && mpicxx /src/pi.cc -o /pi"
 
 
-FROM base
-
-RUN apt update \
-		&& apt install -y --no-install-recommends \
-			openssh-server \
-			openssh-client \
-			dnsutils \
-			intel-oneapi-mpi \
-		&& rm -rf /var/lib/apt/lists/*
-
-# Add priviledge separation directoy to run sshd as root.
-RUN mkdir -p /var/run/sshd
-# Add capability to run sshd as non-root.
-RUN setcap CAP_NET_BIND_SERVICE=+eip /usr/sbin/sshd
-
-RUN useradd -m mpiuser
-WORKDIR /home/mpiuser
-COPY intel-entrypoint.sh /entrypoint.sh
-ENTRYPOINT ["/entrypoint.sh"]
-COPY --chown=mpiuser sshd_config .sshd_config
-# Allow OpenSSH to talk to containers without asking for confirmation
-# by disabling StrictHostKeyChecking.
-# mpi-operator mounts the .ssh folder from a Secret. For that to work, we need
-# to disable UserKnownHostsFile to avoid write permissions.
-# Disabling StrictModes avoids directory and files read permission checks.
-RUN sed -i 's/[ #]\(.*StrictHostKeyChecking \).*/ \1no/g' /etc/ssh/ssh_config && \
-    echo "    UserKnownHostsFile /dev/null" >> /etc/ssh/ssh_config && \
-    sed -i 's/#\(StrictModes \).*/\1no/g' /etc/ssh/sshd_config
+FROM mpioperator/intel
 
 COPY --from=builder /pi /home/mpiuser/pi
\ No newline at end of file