From 4333db3960e1f134bbf606bd5a8ea7f4fd062c93 Mon Sep 17 00:00:00 2001
From: Clayton Coleman <ccoleman@redhat.com>
Date: Wed, 25 Apr 2018 10:55:55 -0400
Subject: [PATCH] Move dependencies out of the base image and into children

Reduces the size of the base image. RPMs explicitly list all their
dependencies to prevent accidental removal.
---
 images/base/Dockerfile                              |  7 ++-----
 images/base/Dockerfile.centos7                      |  7 ++-----
 images/base/Dockerfile.rhel7                        |  5 ++---
 images/builder/docker/docker-builder/Dockerfile     | 13 +++++++++++--
 images/node/Dockerfile                              | 13 ++++++++++---
 images/node/Dockerfile.centos7                      | 13 ++++++++++---
 images/origin/Dockerfile                            |  1 -
 images/origin/Dockerfile.centos7                    |  1 -
 test/extended/testdata/bindata.go                   |  2 +-
 test/extended/testdata/router-http-echo-server.yaml |  2 +-
 10 files changed, 39 insertions(+), 25 deletions(-)

diff --git a/images/base/Dockerfile b/images/base/Dockerfile
index 7f7fec3e6348..8eb089c7c343 100644
--- a/images/base/Dockerfile
+++ b/images/base/Dockerfile
@@ -8,12 +8,9 @@ FROM openshift/origin-source
 
 COPY *.repo /etc/yum.repos.d/
 RUN INSTALL_PKGS=" \
-      which git tar wget hostname sysvinit-tools util-linux bsdtar \
-      socat ethtool device-mapper iptables tree findutils nmap-ncat e2fsprogs \
-      xfsprogs lsof device-mapper-persistent-data ceph-common \
+      which tar wget hostname sysvinit-tools util-linux \
+      socat tree findutils lsof bind-utils \
       " && \
-    yum install -y centos-release-ceph-luminous && \
-    rpm -V centos-release-ceph-luminous && \
     yum install -y ${INSTALL_PKGS} && \
     rpm -V ${INSTALL_PKGS} && \
     yum clean all && \
diff --git a/images/base/Dockerfile.centos7 b/images/base/Dockerfile.centos7
index ce0088ac8b0e..821d122e8b53 100644
--- a/images/base/Dockerfile.centos7
+++ b/images/base/Dockerfile.centos7
@@ -7,12 +7,9 @@
 FROM openshift/origin-source
 
 RUN INSTALL_PKGS=" \
-      which git tar wget hostname sysvinit-tools util-linux bsdtar \
-      socat ethtool device-mapper iptables tree findutils nmap-ncat e2fsprogs \
-      xfsprogs lsof device-mapper-persistent-data ceph-common \
+      which tar wget hostname sysvinit-tools util-linux \
+      socat tree findutils lsof bind-utils \
       " && \
-    yum install -y centos-release-ceph-luminous && \
-    rpm -V centos-release-ceph-luminous && \
     yum install -y ${INSTALL_PKGS} && \
     rpm -V ${INSTALL_PKGS} && \
     yum clean all && \
diff --git a/images/base/Dockerfile.rhel7 b/images/base/Dockerfile.rhel7
index 7422160370d7..59c2de56d59b 100644
--- a/images/base/Dockerfile.rhel7
+++ b/images/base/Dockerfile.rhel7
@@ -7,9 +7,8 @@
 FROM rhel7
 
 RUN INSTALL_PKGS=" \
-      which git tar wget hostname sysvinit-tools util-linux bsdtar \
-      socat ethtool device-mapper iptables tree findutils nmap-ncat e2fsprogs \
-      xfsprogs lsof device-mapper-persistent-data ceph-common \
+      which tar wget hostname sysvinit-tools util-linux \
+      socat tree findutils lsof bind-utils \
       " && \
     yum --disablerepo=origin-local-release install -y $INSTALL_PKGS && \
     rpm -V $INSTALL_PKGS && \
diff --git a/images/builder/docker/docker-builder/Dockerfile b/images/builder/docker/docker-builder/Dockerfile
index de2341849320..7215bf28e829 100644
--- a/images/builder/docker/docker-builder/Dockerfile
+++ b/images/builder/docker/docker-builder/Dockerfile
@@ -12,7 +12,16 @@
 #
 FROM openshift/origin-control-plane
 
-LABEL io.k8s.display-name="OpenShift Origin Docker Builder" \
-      io.k8s.description="This is a component of OpenShift Origin and is responsible for executing Docker image builds." \
+RUN INSTALL_PKGS=" \
+      which tar wget hostname sysvinit-tools util-linux \
+      socat tree findutils lsof bind-utils \
+      git tar bsdtar \
+      " && \
+    yum install -y ${INSTALL_PKGS} && \
+    rpm -V ${INSTALL_PKGS} && \
+    yum clean all
+
+LABEL io.k8s.display-name="OpenShift Origin Builder" \
+      io.k8s.description="This is a component of OpenShift Origin and is responsible for executing image builds." \
       io.openshift.tags="openshift,builder"
 ENTRYPOINT ["/usr/bin/openshift-docker-build"]
diff --git a/images/node/Dockerfile b/images/node/Dockerfile
index df26538247be..7ba4a84a7222 100644
--- a/images/node/Dockerfile
+++ b/images/node/Dockerfile
@@ -13,10 +13,16 @@ COPY scripts/* /usr/local/bin/
 COPY system-container/system-container-wrapper.sh /usr/local/bin/
 COPY system-container/manifest.json system-container/config.json.template system-container/service.template system-container/tmpfiles.template /exports/
 
-RUN INSTALL_PKGS="origin-sdn-ovs libmnl libnetfilter_conntrack conntrack-tools \
+RUN INSTALL_PKGS=" \
+      socat ethtool device-mapper iptables nmap-ncat e2fsprogs \
+      xfsprogs device-mapper-persistent-data ceph-common \
+      origin-sdn-ovs libmnl libnetfilter_conntrack conntrack-tools \
       libnfnetlink iptables iproute bridge-utils procps-ng ethtool socat openssl \
       binutils xz kmod-libs kmod sysvinit-tools device-mapper-libs dbus \
-      iscsi-initiator-utils bind-utils" && \
+      iscsi-initiator-utils bind-utils \
+      " && \
+    yum install -y centos-release-ceph-luminous && \
+    rpm -V centos-release-ceph-luminous && \
     yum --enablerepo=origin-local-release install -y $INSTALL_PKGS && \
     rpm -V $INSTALL_PKGS && \
     yum clean all
@@ -25,6 +31,7 @@ LABEL io.k8s.display-name="OpenShift Origin Node" \
       io.k8s.description="This is a component of OpenShift Origin and contains the software for individual nodes when using SDN." \
       io.openshift.tags="openshift,node"
 
-ENV KUBECONFIG=/etc/origin/node/node.kubeconfig
+ENV OPENSHIFT_CONTAINERIZED=true \
+    KUBECONFIG=/etc/origin/node/node.kubeconfig
 
 ENTRYPOINT [ "/usr/local/bin/origin-node-run.sh" ]
diff --git a/images/node/Dockerfile.centos7 b/images/node/Dockerfile.centos7
index 5f21df6573e6..d44442b935cd 100644
--- a/images/node/Dockerfile.centos7
+++ b/images/node/Dockerfile.centos7
@@ -9,10 +9,16 @@ COPY scripts/* /usr/local/bin/
 COPY system-container/system-container-wrapper.sh /usr/local/bin/
 COPY system-container/manifest.json system-container/config.json.template system-container/service.template system-container/tmpfiles.template /exports/
 
-RUN INSTALL_PKGS="origin-sdn-ovs libmnl libnetfilter_conntrack conntrack-tools \
+RUN INSTALL_PKGS=" \
+      socat ethtool device-mapper iptables nmap-ncat e2fsprogs \
+      xfsprogs device-mapper-persistent-data ceph-common \
+      origin-sdn-ovs libmnl libnetfilter_conntrack conntrack-tools \
       libnfnetlink iptables iproute bridge-utils procps-ng ethtool socat openssl \
       binutils xz kmod-libs kmod sysvinit-tools device-mapper-libs dbus \
-      iscsi-initiator-utils bind-utils" && \
+      iscsi-initiator-utils bind-utils \
+      " && \
+    yum install -y centos-release-ceph-luminous && \
+    rpm -V centos-release-ceph-luminous && \
     yum --enablerepo=origin-local-release install -y $INSTALL_PKGS && \
     rpm -V $INSTALL_PKGS && \
     yum clean all
@@ -21,6 +27,7 @@ LABEL io.k8s.display-name="OpenShift Origin Node" \
       io.k8s.description="This is a component of OpenShift Origin and contains the software for individual nodes when using SDN." \
       io.openshift.tags="openshift,node"
 
-ENV KUBECONFIG=/etc/origin/node/node.kubeconfig
+ENV OPENSHIFT_CONTAINERIZED=true \
+    KUBECONFIG=/etc/origin/node/node.kubeconfig
 
 ENTRYPOINT [ "/usr/local/bin/origin-node-run.sh" ]
diff --git a/images/origin/Dockerfile b/images/origin/Dockerfile
index 8070bf2a7d62..1dd70d7c1c99 100644
--- a/images/origin/Dockerfile
+++ b/images/origin/Dockerfile
@@ -17,7 +17,6 @@ LABEL io.k8s.display-name="OpenShift Origin Application Platform" \
       io.openshift.tags="openshift,core"
 
 ENV HOME=/root \
-    OPENSHIFT_CONTAINERIZED=true \
     KUBECONFIG=/var/lib/origin/openshift.local.config/master/admin.kubeconfig
 
 WORKDIR /var/lib/origin
diff --git a/images/origin/Dockerfile.centos7 b/images/origin/Dockerfile.centos7
index 8070bf2a7d62..1dd70d7c1c99 100644
--- a/images/origin/Dockerfile.centos7
+++ b/images/origin/Dockerfile.centos7
@@ -17,7 +17,6 @@ LABEL io.k8s.display-name="OpenShift Origin Application Platform" \
       io.openshift.tags="openshift,core"
 
 ENV HOME=/root \
-    OPENSHIFT_CONTAINERIZED=true \
     KUBECONFIG=/var/lib/origin/openshift.local.config/master/admin.kubeconfig
 
 WORKDIR /var/lib/origin
diff --git a/test/extended/testdata/bindata.go b/test/extended/testdata/bindata.go
index 307d8bc15733..2eedbfb4a2e5 100644
--- a/test/extended/testdata/bindata.go
+++ b/test/extended/testdata/bindata.go
@@ -9843,7 +9843,7 @@ items:
           deploymentconfig: router-http-echo
       spec:
         containers:
-        - image: openshift/origin-base
+        - image: openshift/origin-node
           name: router-http-echo
           command:
             - /usr/bin/socat
diff --git a/test/extended/testdata/router-http-echo-server.yaml b/test/extended/testdata/router-http-echo-server.yaml
index 4a17bbd91e54..240b052eab95 100644
--- a/test/extended/testdata/router-http-echo-server.yaml
+++ b/test/extended/testdata/router-http-echo-server.yaml
@@ -20,7 +20,7 @@ items:
           deploymentconfig: router-http-echo
       spec:
         containers:
-        - image: openshift/origin-base
+        - image: openshift/origin-node
           name: router-http-echo
           command:
             - /usr/bin/socat