From e8df3200fc98f7c0939e64984ea5f65600e5ef2c Mon Sep 17 00:00:00 2001 From: Guillaume Smet Date: Wed, 9 Nov 2022 14:12:55 +0100 Subject: [PATCH] [RELEASE] - Bump version to 2.14.0.Final --- amazon-dynamodb-quickstart/pom.xml | 2 +- .../src/main/docker/Dockerfile.jvm | 98 +++++++++++++------ .../src/main/docker/Dockerfile.legacy-jar | 93 +++++++++++++----- .../src/main/docker/Dockerfile.native | 8 +- .../src/main/docker/Dockerfile.native-micro | 17 +++- amazon-kms-quickstart/pom.xml | 2 +- .../src/main/docker/Dockerfile.jvm | 98 +++++++++++++------ .../src/main/docker/Dockerfile.legacy-jar | 93 +++++++++++++----- .../src/main/docker/Dockerfile.native | 8 +- .../src/main/docker/Dockerfile.native-micro | 17 +++- amazon-s3-quickstart/pom.xml | 2 +- .../src/main/docker/Dockerfile.jvm | 98 +++++++++++++------ .../src/main/docker/Dockerfile.legacy-jar | 93 +++++++++++++----- .../src/main/docker/Dockerfile.native | 8 +- .../src/main/docker/Dockerfile.native-micro | 17 +++- amazon-ses-quickstart/pom.xml | 2 +- .../src/main/docker/Dockerfile.jvm | 98 +++++++++++++------ .../src/main/docker/Dockerfile.legacy-jar | 93 +++++++++++++----- .../src/main/docker/Dockerfile.native | 8 +- .../src/main/docker/Dockerfile.native-micro | 17 +++- amazon-sns-quickstart/pom.xml | 2 +- .../src/main/docker/Dockerfile.jvm | 98 +++++++++++++------ .../src/main/docker/Dockerfile.legacy-jar | 93 +++++++++++++----- .../src/main/docker/Dockerfile.native | 8 +- .../src/main/docker/Dockerfile.native-micro | 17 +++- amazon-sqs-quickstart/pom.xml | 2 +- .../src/main/docker/Dockerfile.jvm | 98 +++++++++++++------ .../src/main/docker/Dockerfile.legacy-jar | 93 +++++++++++++----- .../src/main/docker/Dockerfile.native | 8 +- .../src/main/docker/Dockerfile.native-micro | 17 +++- amazon-ssm-quickstart/pom.xml | 2 +- .../src/main/docker/Dockerfile.jvm | 98 +++++++++++++------ .../src/main/docker/Dockerfile.legacy-jar | 93 +++++++++++++----- .../src/main/docker/Dockerfile.native | 8 +- .../src/main/docker/Dockerfile.native-micro | 17 +++- .../amqp-quickstart-processor/pom.xml | 2 +- .../amqp-quickstart-producer/pom.xml | 2 +- awt-graphics-rest-quickstart/pom.xml | 2 +- .../src/main/docker/Dockerfile.jvm | 98 +++++++++++++------ .../src/main/docker/Dockerfile.legacy-jar | 93 +++++++++++++----- .../src/main/docker/Dockerfile.native | 16 +-- .../src/main/docker/Dockerfile.native-micro | 66 +++---------- cache-quickstart/pom.xml | 2 +- .../src/main/docker/Dockerfile.jvm | 98 +++++++++++++------ .../src/main/docker/Dockerfile.legacy-jar | 93 +++++++++++++----- .../src/main/docker/Dockerfile.native | 8 +- .../src/main/docker/Dockerfile.native-micro | 17 +++- .../resources/META-INF/resources/index.html | 2 +- config-quickstart/pom.xml | 2 +- .../src/main/docker/Dockerfile.jvm | 98 +++++++++++++------ .../src/main/docker/Dockerfile.legacy-jar | 93 +++++++++++++----- .../src/main/docker/Dockerfile.native | 8 +- .../src/main/docker/Dockerfile.native-micro | 17 +++- context-propagation-quickstart/pom.xml | 2 +- .../src/main/docker/Dockerfile.jvm | 98 +++++++++++++------ .../src/main/docker/Dockerfile.legacy-jar | 93 +++++++++++++----- .../src/main/docker/Dockerfile.native | 8 +- .../src/main/docker/Dockerfile.native-micro | 17 +++- .../pom.xml | 2 +- .../funqy-amazon-lambda-quickstart/pom.xml | 2 +- .../pom.xml | 2 +- .../pom.xml | 2 +- .../funqy-http-quickstart/pom.xml | 2 +- .../funqy-knative-events-quickstart/pom.xml | 2 +- getting-started-async/pom.xml | 2 +- getting-started-command-mode/pom.xml | 2 +- getting-started-knative/pom.xml | 2 +- getting-started-reactive-crud/pom.xml | 2 +- getting-started-reactive/pom.xml | 2 +- getting-started-testing/pom.xml | 2 +- getting-started/pom.xml | 2 +- .../pom.xml | 2 +- .../src/main/docker/Dockerfile.jvm | 98 +++++++++++++------ .../src/main/docker/Dockerfile.legacy-jar | 93 +++++++++++++----- .../src/main/docker/Dockerfile.native | 8 +- .../src/main/docker/Dockerfile.native-micro | 17 +++- .../resources/META-INF/resources/index.html | 2 +- google-cloud-functions-quickstart/pom.xml | 2 +- .../src/main/docker/Dockerfile.jvm | 98 +++++++++++++------ .../src/main/docker/Dockerfile.legacy-jar | 93 +++++++++++++----- .../src/main/docker/Dockerfile.native | 8 +- .../src/main/docker/Dockerfile.native-micro | 17 +++- grpc-plain-text-quickstart/pom.xml | 2 +- .../src/main/docker/Dockerfile.jvm | 98 +++++++++++++------ .../src/main/docker/Dockerfile.legacy-jar | 93 +++++++++++++----- .../src/main/docker/Dockerfile.native | 8 +- .../src/main/docker/Dockerfile.native-micro | 17 +++- grpc-tls-quickstart/pom.xml | 2 +- .../src/main/docker/Dockerfile.jvm | 98 +++++++++++++------ .../src/main/docker/Dockerfile.legacy-jar | 93 +++++++++++++----- .../src/main/docker/Dockerfile.native | 8 +- .../src/main/docker/Dockerfile.native-micro | 17 +++- .../pom.xml | 2 +- .../src/main/docker/Dockerfile.jvm | 98 +++++++++++++------ .../src/main/docker/Dockerfile.legacy-jar | 93 +++++++++++++----- .../src/main/docker/Dockerfile.native | 8 +- .../src/main/docker/Dockerfile.native-micro | 17 +++- .../pom.xml | 2 +- .../src/main/docker/Dockerfile.jvm | 98 +++++++++++++------ .../src/main/docker/Dockerfile.legacy-jar | 93 +++++++++++++----- .../src/main/docker/Dockerfile.native | 8 +- hibernate-orm-panache-quickstart/pom.xml | 2 +- .../src/main/docker/Dockerfile.jvm | 98 +++++++++++++------ .../src/main/docker/Dockerfile.legacy-jar | 93 +++++++++++++----- .../src/main/docker/Dockerfile.native | 8 +- .../src/main/docker/Dockerfile.native-micro | 17 +++- hibernate-orm-quickstart/pom.xml | 2 +- .../src/main/docker/Dockerfile.jvm | 98 +++++++++++++------ .../src/main/docker/Dockerfile.legacy-jar | 93 +++++++++++++----- .../src/main/docker/Dockerfile.native | 8 +- .../src/main/docker/Dockerfile.native-micro | 17 +++- hibernate-reactive-panache-quickstart/pom.xml | 2 +- .../src/main/docker/Dockerfile.jvm | 98 +++++++++++++------ .../src/main/docker/Dockerfile.legacy-jar | 93 +++++++++++++----- .../src/main/docker/Dockerfile.native | 8 +- .../src/main/docker/Dockerfile.native-micro | 17 +++- hibernate-reactive-quickstart/pom.xml | 2 +- .../src/main/docker/Dockerfile.jvm | 98 +++++++++++++------ .../src/main/docker/Dockerfile.legacy-jar | 93 +++++++++++++----- .../src/main/docker/Dockerfile.native | 8 +- .../src/main/docker/Dockerfile.native-micro | 17 +++- hibernate-reactive-routes-quickstart/pom.xml | 2 +- .../src/main/docker/Dockerfile.jvm | 98 +++++++++++++------ .../src/main/docker/Dockerfile.legacy-jar | 93 +++++++++++++----- .../src/main/docker/Dockerfile.native | 8 +- .../src/main/docker/Dockerfile.native-micro | 17 +++- .../pom.xml | 2 +- .../src/main/docker/Dockerfile.jvm | 98 +++++++++++++------ .../src/main/docker/Dockerfile.legacy-jar | 93 +++++++++++++----- .../src/main/docker/Dockerfile.native | 8 +- .../pom.xml | 2 +- .../src/main/docker/Dockerfile.jvm | 98 +++++++++++++------ .../src/main/docker/Dockerfile.legacy-jar | 93 +++++++++++++----- .../src/main/docker/Dockerfile.native | 8 +- .../src/main/docker/Dockerfile.native-micro | 17 +++- infinispan-client-quickstart/pom.xml | 2 +- .../src/main/docker/Dockerfile.jvm | 98 +++++++++++++------ .../src/main/docker/Dockerfile.legacy-jar | 93 +++++++++++++----- .../src/main/docker/Dockerfile.native | 8 +- .../src/main/docker/Dockerfile.native-micro | 17 +++- jms-quickstart/pom.xml | 2 +- jms-quickstart/src/main/docker/Dockerfile.jvm | 98 +++++++++++++------ .../src/main/docker/Dockerfile.legacy-jar | 93 +++++++++++++----- .../src/main/docker/Dockerfile.native | 8 +- .../src/main/docker/Dockerfile.native-micro | 17 +++- jta-quickstart/pom.xml | 2 +- .../resources/META-INF/resources/index.html | 2 +- kafka-avro-schema-quickstart/pom.xml | 2 +- kafka-bare-quickstart/pom.xml | 2 +- kafka-panache-quickstart/pom.xml | 2 +- .../src/main/docker/Dockerfile.jvm | 98 +++++++++++++------ .../src/main/docker/Dockerfile.legacy-jar | 93 +++++++++++++----- .../src/main/docker/Dockerfile.native | 8 +- .../src/main/docker/Dockerfile.native-micro | 17 +++- .../resources/META-INF/resources/index.html | 2 +- kafka-panache-reactive-quickstart/pom.xml | 2 +- .../src/main/docker/Dockerfile.jvm | 98 +++++++++++++------ .../src/main/docker/Dockerfile.legacy-jar | 93 +++++++++++++----- .../src/main/docker/Dockerfile.native | 8 +- .../src/main/docker/Dockerfile.native-micro | 17 +++- .../resources/META-INF/resources/index.html | 2 +- kafka-quickstart/processor/pom.xml | 2 +- kafka-quickstart/producer/pom.xml | 2 +- kafka-streams-quickstart/aggregator/pom.xml | 2 +- kafka-streams-quickstart/producer/pom.xml | 2 +- .../src/main/docker/Dockerfile.jvm | 98 +++++++++++++------ .../src/main/docker/Dockerfile.legacy-jar | 93 +++++++++++++----- .../src/main/docker/Dockerfile.native | 8 +- .../src/main/docker/Dockerfile.native-micro | 17 +++- kogito-dmn-quickstart/pom.xml | 2 +- .../src/main/docker/Dockerfile.jvm | 93 +++++++++++++----- .../src/main/docker/Dockerfile.legacy-jar | 87 +++++++++++----- .../src/main/docker/Dockerfile.native | 4 +- .../src/main/docker/Dockerfile.native-micro | 13 ++- kogito-drl-quickstart/pom.xml | 2 +- .../src/main/docker/Dockerfile.jvm | 98 +++++++++++++------ .../src/main/docker/Dockerfile.legacy-jar | 93 +++++++++++++----- .../src/main/docker/Dockerfile.native | 8 +- .../src/main/docker/Dockerfile.native-micro | 17 +++- kogito-pmml-quickstart/pom.xml | 2 +- .../src/main/docker/Dockerfile.jvm | 98 +++++++++++++------ .../src/main/docker/Dockerfile.legacy-jar | 93 +++++++++++++----- .../src/main/docker/Dockerfile.native | 8 +- .../src/main/docker/Dockerfile.native-micro | 17 +++- kogito-quickstart/pom.xml | 2 +- .../src/main/docker/Dockerfile.jvm | 98 +++++++++++++------ .../src/main/docker/Dockerfile.legacy-jar | 93 +++++++++++++----- .../src/main/docker/Dockerfile.native | 8 +- .../src/main/docker/Dockerfile.native-micro | 17 +++- lifecycle-quickstart/pom.xml | 2 +- .../src/main/docker/Dockerfile.jvm | 98 +++++++++++++------ .../src/main/docker/Dockerfile.legacy-jar | 93 +++++++++++++----- .../src/main/docker/Dockerfile.native | 8 +- .../src/main/docker/Dockerfile.native-micro | 17 +++- liquibase-mongodb-quickstart/pom.xml | 2 +- .../src/main/docker/Dockerfile.jvm | 93 +++++++++++++----- .../src/main/docker/Dockerfile.legacy-jar | 87 +++++++++++----- .../src/main/docker/Dockerfile.native | 4 +- .../src/main/docker/Dockerfile.native-micro | 13 ++- liquibase-quickstart/pom.xml | 2 +- .../src/main/docker/Dockerfile.jvm | 98 +++++++++++++------ .../src/main/docker/Dockerfile.legacy-jar | 93 +++++++++++++----- .../src/main/docker/Dockerfile.native | 8 +- .../src/main/docker/Dockerfile.native-micro | 17 +++- mailer-quickstart/pom.xml | 2 +- .../src/main/docker/Dockerfile.jvm | 98 +++++++++++++------ .../src/main/docker/Dockerfile.legacy-jar | 93 +++++++++++++----- .../src/main/docker/Dockerfile.native | 8 +- .../src/main/docker/Dockerfile.native-micro | 17 +++- micrometer-quickstart/pom.xml | 2 +- .../src/main/docker/Dockerfile.jvm | 98 +++++++++++++------ .../src/main/docker/Dockerfile.legacy-jar | 93 +++++++++++++----- .../src/main/docker/Dockerfile.native | 8 +- .../src/main/docker/Dockerfile.native-micro | 17 +++- .../pom.xml | 2 +- .../src/main/docker/Dockerfile.jvm | 98 +++++++++++++------ .../src/main/docker/Dockerfile.legacy-jar | 93 +++++++++++++----- .../src/main/docker/Dockerfile.native | 8 +- .../src/main/docker/Dockerfile.native-micro | 17 +++- .../pom.xml | 2 +- microprofile-graphql-quickstart/pom.xml | 2 +- .../src/main/docker/Dockerfile.jvm | 98 +++++++++++++------ .../src/main/docker/Dockerfile.legacy-jar | 93 +++++++++++++----- .../src/main/docker/Dockerfile.native | 8 +- .../src/main/docker/Dockerfile.native-micro | 17 +++- microprofile-health-quickstart/pom.xml | 2 +- .../src/main/docker/Dockerfile.jvm | 98 +++++++++++++------ .../src/main/docker/Dockerfile.legacy-jar | 93 +++++++++++++----- .../src/main/docker/Dockerfile.native | 8 +- .../src/main/docker/Dockerfile.native-micro | 17 +++- .../resources/META-INF/resources/index.html | 2 +- microprofile-metrics-quickstart/pom.xml | 2 +- .../src/main/docker/Dockerfile.jvm | 98 +++++++++++++------ .../src/main/docker/Dockerfile.legacy-jar | 93 +++++++++++++----- .../src/main/docker/Dockerfile.native | 8 +- .../src/main/docker/Dockerfile.native-micro | 17 +++- mongodb-panache-quickstart/pom.xml | 2 +- .../src/main/docker/Dockerfile.jvm | 98 +++++++++++++------ .../src/main/docker/Dockerfile.legacy-jar | 93 +++++++++++++----- .../src/main/docker/Dockerfile.native | 8 +- .../src/main/docker/Dockerfile.native-micro | 17 +++- .../resources/META-INF/resources/index.html | 2 +- mongodb-quickstart/pom.xml | 2 +- .../src/main/docker/Dockerfile.jvm | 98 +++++++++++++------ .../src/main/docker/Dockerfile.legacy-jar | 93 +++++++++++++----- .../src/main/docker/Dockerfile.native | 8 +- .../src/main/docker/Dockerfile.native-micro | 17 +++- .../resources/META-INF/resources/index.html | 2 +- mqtt-quickstart/pom.xml | 2 +- .../src/main/docker/Dockerfile.jvm | 98 +++++++++++++------ .../src/main/docker/Dockerfile.legacy-jar | 93 +++++++++++++----- .../src/main/docker/Dockerfile.native | 8 +- .../src/main/docker/Dockerfile.native-micro | 17 +++- .../resources/META-INF/resources/index.html | 2 +- neo4j-quickstart/pom.xml | 2 +- .../src/main/docker/Dockerfile.jvm | 98 +++++++++++++------ .../src/main/docker/Dockerfile.legacy-jar | 93 +++++++++++++----- .../src/main/docker/Dockerfile.native | 8 +- .../src/main/docker/Dockerfile.native-micro | 17 +++- .../resources/META-INF/resources/index.html | 2 +- openapi-swaggerui-quickstart/pom.xml | 2 +- .../src/main/docker/Dockerfile.jvm | 98 +++++++++++++------ .../src/main/docker/Dockerfile.legacy-jar | 93 +++++++++++++----- .../src/main/docker/Dockerfile.native | 8 +- .../src/main/docker/Dockerfile.native-micro | 17 +++- .../resources/META-INF/resources/index.html | 2 +- opentelemetry-quickstart/pom.xml | 2 +- .../src/main/docker/Dockerfile.jvm | 98 +++++++++++++------ .../src/main/docker/Dockerfile.legacy-jar | 93 +++++++++++++----- .../src/main/docker/Dockerfile.native | 8 +- .../src/main/docker/Dockerfile.native-micro | 17 +++- .../resources/META-INF/resources/index.html | 2 +- opentracing-quickstart/pom.xml | 2 +- .../src/main/docker/Dockerfile.jvm | 98 +++++++++++++------ .../src/main/docker/Dockerfile.legacy-jar | 93 +++++++++++++----- .../src/main/docker/Dockerfile.native | 8 +- .../src/main/docker/Dockerfile.native-micro | 17 +++- .../resources/META-INF/resources/index.html | 2 +- optaplanner-quickstart/pom.xml | 2 +- .../src/main/docker/Dockerfile.jvm | 98 +++++++++++++------ .../src/main/docker/Dockerfile.legacy-jar | 93 +++++++++++++----- .../src/main/docker/Dockerfile.native | 8 +- .../src/main/docker/Dockerfile.native-micro | 17 +++- quartz-quickstart/pom.xml | 2 +- .../src/main/docker/Dockerfile.jvm | 98 +++++++++++++------ .../src/main/docker/Dockerfile.legacy-jar | 93 +++++++++++++----- .../src/main/docker/Dockerfile.native | 8 +- .../src/main/docker/Dockerfile.native-micro | 17 +++- qute-quickstart/pom.xml | 2 +- .../src/main/docker/Dockerfile.jvm | 98 +++++++++++++------ .../src/main/docker/Dockerfile.legacy-jar | 93 +++++++++++++----- .../src/main/docker/Dockerfile.native | 8 +- .../src/main/docker/Dockerfile.native-micro | 17 +++- .../rabbitmq-quickstart-processor/pom.xml | 2 +- .../rabbitmq-quickstart-producer/pom.xml | 2 +- reactive-messaging-http-quickstart/pom.xml | 2 +- .../src/main/docker/Dockerfile.jvm | 98 +++++++++++++------ .../src/main/docker/Dockerfile.legacy-jar | 93 +++++++++++++----- .../src/main/docker/Dockerfile.native | 8 +- .../src/main/docker/Dockerfile.native-micro | 17 +++- .../pom.xml | 2 +- .../src/main/docker/Dockerfile.jvm | 98 +++++++++++++------ .../src/main/docker/Dockerfile.legacy-jar | 93 +++++++++++++----- .../src/main/docker/Dockerfile.native | 8 +- .../src/main/docker/Dockerfile.native-micro | 17 +++- reactive-routes-quickstart/pom.xml | 2 +- .../src/main/docker/Dockerfile.jvm | 98 +++++++++++++------ .../src/main/docker/Dockerfile.legacy-jar | 93 +++++++++++++----- .../src/main/docker/Dockerfile.native | 8 +- .../src/main/docker/Dockerfile.native-micro | 17 +++- redis-quickstart/pom.xml | 2 +- .../src/main/docker/Dockerfile.jvm | 98 +++++++++++++------ .../src/main/docker/Dockerfile.legacy-jar | 93 +++++++++++++----- .../src/main/docker/Dockerfile.native | 8 +- .../src/main/docker/Dockerfile.native-micro | 17 +++- rest-client-multipart-quickstart/pom.xml | 2 +- .../src/main/docker/Dockerfile.jvm | 98 +++++++++++++------ .../src/main/docker/Dockerfile.legacy-jar | 93 +++++++++++++----- .../src/main/docker/Dockerfile.native | 8 +- .../src/main/docker/Dockerfile.native-micro | 17 +++- rest-client-quickstart/pom.xml | 2 +- .../src/main/docker/Dockerfile.jvm | 98 +++++++++++++------ .../src/main/docker/Dockerfile.legacy-jar | 93 +++++++++++++----- .../src/main/docker/Dockerfile.native | 8 +- .../src/main/docker/Dockerfile.native-micro | 17 +++- rest-client-reactive-quickstart/pom.xml | 2 +- rest-json-quickstart/pom.xml | 2 +- .../src/main/docker/Dockerfile.jvm | 98 +++++++++++++------ .../src/main/docker/Dockerfile.legacy-jar | 93 +++++++++++++----- .../src/main/docker/Dockerfile.native | 8 +- .../src/main/docker/Dockerfile.native-micro | 17 +++- scheduler-quickstart/pom.xml | 2 +- .../src/main/docker/Dockerfile.jvm | 98 +++++++++++++------ .../src/main/docker/Dockerfile.legacy-jar | 93 +++++++++++++----- .../src/main/docker/Dockerfile.native | 8 +- .../src/main/docker/Dockerfile.native-micro | 17 +++- security-jdbc-quickstart/pom.xml | 2 +- .../src/main/docker/Dockerfile.jvm | 98 +++++++++++++------ .../src/main/docker/Dockerfile.legacy-jar | 93 +++++++++++++----- .../src/main/docker/Dockerfile.native | 8 +- .../src/main/docker/Dockerfile.native-micro | 17 +++- .../resources/META-INF/resources/index.html | 2 +- security-jpa-quickstart/pom.xml | 2 +- .../src/main/docker/Dockerfile.jvm | 98 +++++++++++++------ .../src/main/docker/Dockerfile.legacy-jar | 93 +++++++++++++----- .../src/main/docker/Dockerfile.native | 8 +- .../src/main/docker/Dockerfile.native-micro | 17 +++- .../resources/META-INF/resources/index.html | 2 +- security-jwt-quickstart/pom.xml | 2 +- .../src/main/docker/Dockerfile.jvm | 98 +++++++++++++------ .../src/main/docker/Dockerfile.legacy-jar | 93 +++++++++++++----- .../src/main/docker/Dockerfile.native | 8 +- .../src/main/docker/Dockerfile.native-micro | 17 +++- .../resources/META-INF/resources/index.html | 2 +- .../pom.xml | 2 +- .../src/main/docker/Dockerfile.jvm | 98 +++++++++++++------ .../src/main/docker/Dockerfile.legacy-jar | 93 +++++++++++++----- .../src/main/docker/Dockerfile.native | 8 +- .../src/main/docker/Dockerfile.native-micro | 17 +++- security-ldap-quickstart/pom.xml | 2 +- .../src/main/docker/Dockerfile.jvm | 98 +++++++++++++------ .../src/main/docker/Dockerfile.legacy-jar | 89 ++++++++++++----- .../src/main/docker/Dockerfile.native | 4 +- .../src/main/docker/Dockerfile.native-micro | 13 ++- security-oauth2-quickstart/pom.xml | 2 +- .../src/main/docker/Dockerfile.jvm | 98 +++++++++++++------ .../src/main/docker/Dockerfile.legacy-jar | 93 +++++++++++++----- .../src/main/docker/Dockerfile.native | 8 +- .../src/main/docker/Dockerfile.native-micro | 17 +++- .../resources/META-INF/resources/index.html | 2 +- .../pom.xml | 2 +- .../src/main/docker/Dockerfile.jvm | 98 +++++++++++++------ .../src/main/docker/Dockerfile.legacy-jar | 93 +++++++++++++----- .../src/main/docker/Dockerfile.native | 8 +- .../src/main/docker/Dockerfile.native-micro | 17 +++- .../pom.xml | 2 +- .../src/main/docker/Dockerfile.jvm | 98 +++++++++++++------ .../src/main/docker/Dockerfile.legacy-jar | 93 +++++++++++++----- .../src/main/docker/Dockerfile.native | 8 +- .../src/main/docker/Dockerfile.native-micro | 17 +++- security-openid-connect-quickstart/pom.xml | 2 +- .../src/main/docker/Dockerfile.jvm | 98 +++++++++++++------ .../src/main/docker/Dockerfile.legacy-jar | 93 +++++++++++++----- .../src/main/docker/Dockerfile.native | 8 +- .../src/main/docker/Dockerfile.native-micro | 17 +++- .../pom.xml | 2 +- .../src/main/docker/Dockerfile.jvm | 98 +++++++++++++------ .../src/main/docker/Dockerfile.legacy-jar | 93 +++++++++++++----- .../src/main/docker/Dockerfile.native | 8 +- .../src/main/docker/Dockerfile.native-micro | 17 +++- security-webauthn-quickstart/pom.xml | 2 +- .../src/main/docker/Dockerfile.jvm | 4 +- .../src/main/docker/Dockerfile.legacy-jar | 4 +- .../src/main/docker/Dockerfile.native | 2 +- .../src/main/docker/Dockerfile.native-micro | 2 +- .../pom.xml | 2 +- .../src/main/docker/Dockerfile.jvm | 98 +++++++++++++------ .../src/main/docker/Dockerfile.legacy-jar | 93 +++++++++++++----- .../src/main/docker/Dockerfile.native | 8 +- .../src/main/docker/Dockerfile.native-micro | 17 +++- spring-boot-properties-quickstart/pom.xml | 2 +- .../src/main/docker/Dockerfile.jvm | 98 +++++++++++++------ .../src/main/docker/Dockerfile.legacy-jar | 93 +++++++++++++----- .../src/main/docker/Dockerfile.native | 8 +- .../src/main/docker/Dockerfile.native-micro | 17 +++- .../resources/META-INF/resources/index.html | 2 +- spring-data-jpa-quickstart/pom.xml | 2 +- .../src/main/docker/Dockerfile.jvm | 98 +++++++++++++------ .../src/main/docker/Dockerfile.legacy-jar | 93 +++++++++++++----- .../src/main/docker/Dockerfile.native | 8 +- .../src/main/docker/Dockerfile.native-micro | 17 +++- spring-data-rest-quickstart/pom.xml | 2 +- .../src/main/docker/Dockerfile.jvm | 98 +++++++++++++------ .../src/main/docker/Dockerfile.legacy-jar | 93 +++++++++++++----- .../src/main/docker/Dockerfile.native | 8 +- .../src/main/docker/Dockerfile.native-micro | 17 +++- spring-di-quickstart/pom.xml | 2 +- .../src/main/docker/Dockerfile.jvm | 98 +++++++++++++------ .../src/main/docker/Dockerfile.legacy-jar | 93 +++++++++++++----- .../src/main/docker/Dockerfile.native | 8 +- .../src/main/docker/Dockerfile.native-micro | 17 +++- spring-scheduled-quickstart/pom.xml | 2 +- .../src/main/docker/Dockerfile.jvm | 98 +++++++++++++------ .../src/main/docker/Dockerfile.legacy-jar | 93 +++++++++++++----- .../src/main/docker/Dockerfile.native | 8 +- .../src/main/docker/Dockerfile.native-micro | 17 +++- spring-security-quickstart/pom.xml | 2 +- .../src/main/docker/Dockerfile.jvm | 98 +++++++++++++------ .../src/main/docker/Dockerfile.legacy-jar | 93 +++++++++++++----- .../src/main/docker/Dockerfile.native | 8 +- .../src/main/docker/Dockerfile.native-micro | 17 +++- .../resources/META-INF/resources/index.html | 2 +- spring-web-quickstart/pom.xml | 2 +- .../src/main/docker/Dockerfile.jvm | 98 +++++++++++++------ .../src/main/docker/Dockerfile.legacy-jar | 93 +++++++++++++----- .../src/main/docker/Dockerfile.native | 8 +- .../src/main/docker/Dockerfile.native-micro | 17 +++- stork-dns-quickstart/pom.xml | 2 +- .../resources/META-INF/resources/index.html | 2 +- stork-kubernetes-quickstart/pom.xml | 2 +- .../resources/META-INF/resources/index.html | 2 +- stork-quickstart/pom.xml | 2 +- .../resources/META-INF/resources/index.html | 2 +- tests-with-coverage-quickstart/pom.xml | 2 +- .../src/main/docker/Dockerfile.jvm | 98 +++++++++++++------ .../src/main/docker/Dockerfile.legacy-jar | 93 +++++++++++++----- .../src/main/docker/Dockerfile.native | 8 +- .../src/main/docker/Dockerfile.native-micro | 17 +++- tika-quickstart/pom.xml | 2 +- .../src/main/docker/Dockerfile.jvm | 98 +++++++++++++------ .../src/main/docker/Dockerfile.legacy-jar | 93 +++++++++++++----- .../src/main/docker/Dockerfile.native | 8 +- .../src/main/docker/Dockerfile.native-micro | 17 +++- validation-quickstart/pom.xml | 2 +- .../src/main/docker/Dockerfile.jvm | 98 +++++++++++++------ .../src/main/docker/Dockerfile.legacy-jar | 93 +++++++++++++----- .../src/main/docker/Dockerfile.native | 8 +- .../src/main/docker/Dockerfile.native-micro | 17 +++- vertx-quickstart/pom.xml | 2 +- .../src/main/docker/Dockerfile.jvm | 98 +++++++++++++------ .../src/main/docker/Dockerfile.legacy-jar | 93 +++++++++++++----- .../src/main/docker/Dockerfile.native | 8 +- .../src/main/docker/Dockerfile.native-micro | 17 +++- websockets-quickstart/pom.xml | 2 +- .../src/main/docker/Dockerfile.jvm | 98 +++++++++++++------ .../src/main/docker/Dockerfile.legacy-jar | 93 +++++++++++++----- .../src/main/docker/Dockerfile.native | 8 +- .../src/main/docker/Dockerfile.native-micro | 17 +++- 468 files changed, 12624 insertions(+), 5557 deletions(-) diff --git a/amazon-dynamodb-quickstart/pom.xml b/amazon-dynamodb-quickstart/pom.xml index 1fbb3b6215..c183d6e9fb 100644 --- a/amazon-dynamodb-quickstart/pom.xml +++ b/amazon-dynamodb-quickstart/pom.xml @@ -11,7 +11,7 @@ quarkus-bom io.quarkus - 999-SNAPSHOT + 2.14.0.Final 3.0.0-M7 UTF-8 11 diff --git a/amazon-dynamodb-quickstart/src/main/docker/Dockerfile.jvm b/amazon-dynamodb-quickstart/src/main/docker/Dockerfile.jvm index 9578552d5e..aaf49ad51f 100644 --- a/amazon-dynamodb-quickstart/src/main/docker/Dockerfile.jvm +++ b/amazon-dynamodb-quickstart/src/main/docker/Dockerfile.jvm @@ -7,48 +7,88 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/amazon-dynamodb-jvm . +# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/amazon-dynamodb-quickstart-jvm . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/amazon-dynamodb-jvm +# docker run -i --rm -p 8080:8080 quarkus/amazon-dynamodb-quickstart-jvm # # If you want to include the debug port into your docker image -# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5005 # # Then run the container using : # -# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/amazon-dynamodb-jvm +# docker run -i --rm -p 8080:8080 quarkus/amazon-dynamodb-quickstart-jvm +# +# This image uses the `run-java.sh` script to run the application. +# This scripts computes the command line to execute your Java application, and +# includes memory/GC tuning. +# You can configure the behavior using the following environment properties: +# - JAVA_OPTS: JVM options passed to the `java` command (example: "-verbose:class") +# - JAVA_OPTS_APPEND: User specified Java options to be appended to generated options +# in JAVA_OPTS (example: "-Dsome.property=foo") +# - JAVA_MAX_MEM_RATIO: Is used when no `-Xmx` option is given in JAVA_OPTS. This is +# used to calculate a default maximal heap memory based on a containers restriction. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xmx` is set to a ratio +# of the container available memory as set here. The default is `50` which means 50% +# of the available memory is used as an upper boundary. You can skip this mechanism by +# setting this value to `0` in which case no `-Xmx` option is added. +# - JAVA_INITIAL_MEM_RATIO: Is used when no `-Xms` option is given in JAVA_OPTS. This +# is used to calculate a default initial heap memory based on the maximum heap memory. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xms` is set to a ratio +# of the `-Xmx` memory as set here. The default is `25` which means 25% of the `-Xmx` +# is used as the initial heap size. You can skip this mechanism by setting this value +# to `0` in which case no `-Xms` option is added (example: "25") +# - JAVA_MAX_INITIAL_MEM: Is used when no `-Xms` option is given in JAVA_OPTS. +# This is used to calculate the maximum value of the initial heap memory. If used in +# a container without any memory constraints for the container then this option has +# no effect. If there is a memory constraint then `-Xms` is limited to the value set +# here. The default is 4096MB which means the calculated value of `-Xms` never will +# be greater than 4096MB. The value of this variable is expressed in MB (example: "4096") +# - JAVA_DIAGNOSTICS: Set this to get some diagnostics information to standard output +# when things are happening. This option, if set to true, will set +# `-XX:+UnlockDiagnosticVMOptions`. Disabled by default (example: "true"). +# - JAVA_DEBUG: If set remote debugging will be switched on. Disabled by default (example: +# true"). +# - JAVA_DEBUG_PORT: Port used for remote debugging. Defaults to 5005 (example: "8787"). +# - CONTAINER_CORE_LIMIT: A calculated core limit as described in +# https://www.kernel.org/doc/Documentation/scheduler/sched-bwc.txt. (example: "2") +# - CONTAINER_MAX_MEMORY: Memory limit given to the container (example: "1024"). +# - GC_MIN_HEAP_FREE_RATIO: Minimum percentage of heap free after GC to avoid expansion. +# (example: "20") +# - GC_MAX_HEAP_FREE_RATIO: Maximum percentage of heap free after GC to avoid shrinking. +# (example: "40") +# - GC_TIME_RATIO: Specifies the ratio of the time spent outside the garbage collection. +# (example: "4") +# - GC_ADAPTIVE_SIZE_POLICY_WEIGHT: The weighting given to the current GC time versus +# previous GC times. (example: "90") +# - GC_METASPACE_SIZE: The initial metaspace size. (example: "20") +# - GC_MAX_METASPACE_SIZE: The maximum metaspace size. (example: "100") +# - GC_CONTAINER_OPTIONS: Specify Java GC to use. The value of this variable should +# contain the necessary JRE command-line options to specify the required GC, which +# will override the default of `-XX:+UseParallelGC` (example: -XX:+UseG1GC). +# - HTTPS_PROXY: The location of the https proxy. (example: "myuser@127.0.0.1:8080") +# - HTTP_PROXY: The location of the http proxy. (example: "myuser@127.0.0.1:8080") +# - NO_PROXY: A comma separated lists of hosts, IP addresses or domains that can be +# accessed directly. (example: "foo.example.com,bar.example.com") # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/openjdk-11:1.14 + +ENV LANGUAGE='en_US:en' -ARG JAVA_PACKAGE=java-11-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.8 -ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' -# Install java and the run-java script -# Also set up permissions for user `1001` -RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ - && microdnf update \ - && microdnf clean all \ - && mkdir /deployments \ - && chown 1001 /deployments \ - && chmod "g+rwX" /deployments \ - && chown 1001:root /deployments \ - && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ - && chown 1001 /deployments/run-java.sh \ - && chmod 540 /deployments/run-java.sh \ - && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security -# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. -ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" # We make four distinct layers so if there are application changes the library layers can be re-used -COPY --chown=1001 target/quarkus-app/lib/ /deployments/lib/ -COPY --chown=1001 target/quarkus-app/*.jar /deployments/ -COPY --chown=1001 target/quarkus-app/app/ /deployments/app/ -COPY --chown=1001 target/quarkus-app/quarkus/ /deployments/quarkus/ +COPY --chown=185 target/quarkus-app/lib/ /deployments/lib/ +COPY --chown=185 target/quarkus-app/*.jar /deployments/ +COPY --chown=185 target/quarkus-app/app/ /deployments/app/ +COPY --chown=185 target/quarkus-app/quarkus/ /deployments/quarkus/ EXPOSE 8080 -USER 1001 +USER 185 +ENV AB_JOLOKIA_OFF="" +ENV JAVA_OPTS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +ENV JAVA_APP_JAR="/deployments/quarkus-run.jar" -ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/amazon-dynamodb-quickstart/src/main/docker/Dockerfile.legacy-jar b/amazon-dynamodb-quickstart/src/main/docker/Dockerfile.legacy-jar index dbc1219fb3..f2ea6076cd 100644 --- a/amazon-dynamodb-quickstart/src/main/docker/Dockerfile.legacy-jar +++ b/amazon-dynamodb-quickstart/src/main/docker/Dockerfile.legacy-jar @@ -7,45 +7,84 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/amazon-dynamodb-legacy-jar . +# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/amazon-dynamodb-quickstart-legacy-jar . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/amazon-dynamodb-legacy-jar +# docker run -i --rm -p 8080:8080 quarkus/amazon-dynamodb-quickstart-legacy-jar # # If you want to include the debug port into your docker image -# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5005 # # Then run the container using : # -# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/amazon-dynamodb-legacy-jar +# docker run -i --rm -p 8080:8080 quarkus/amazon-dynamodb-quickstart-legacy-jar +# +# This image uses the `run-java.sh` script to run the application. +# This scripts computes the command line to execute your Java application, and +# includes memory/GC tuning. +# You can configure the behavior using the following environment properties: +# - JAVA_OPTS: JVM options passed to the `java` command (example: "-verbose:class") +# - JAVA_OPTS_APPEND: User specified Java options to be appended to generated options +# in JAVA_OPTS (example: "-Dsome.property=foo") +# - JAVA_MAX_MEM_RATIO: Is used when no `-Xmx` option is given in JAVA_OPTS. This is +# used to calculate a default maximal heap memory based on a containers restriction. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xmx` is set to a ratio +# of the container available memory as set here. The default is `50` which means 50% +# of the available memory is used as an upper boundary. You can skip this mechanism by +# setting this value to `0` in which case no `-Xmx` option is added. +# - JAVA_INITIAL_MEM_RATIO: Is used when no `-Xms` option is given in JAVA_OPTS. This +# is used to calculate a default initial heap memory based on the maximum heap memory. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xms` is set to a ratio +# of the `-Xmx` memory as set here. The default is `25` which means 25% of the `-Xmx` +# is used as the initial heap size. You can skip this mechanism by setting this value +# to `0` in which case no `-Xms` option is added (example: "25") +# - JAVA_MAX_INITIAL_MEM: Is used when no `-Xms` option is given in JAVA_OPTS. +# This is used to calculate the maximum value of the initial heap memory. If used in +# a container without any memory constraints for the container then this option has +# no effect. If there is a memory constraint then `-Xms` is limited to the value set +# here. The default is 4096MB which means the calculated value of `-Xms` never will +# be greater than 4096MB. The value of this variable is expressed in MB (example: "4096") +# - JAVA_DIAGNOSTICS: Set this to get some diagnostics information to standard output +# when things are happening. This option, if set to true, will set +# `-XX:+UnlockDiagnosticVMOptions`. Disabled by default (example: "true"). +# - JAVA_DEBUG: If set remote debugging will be switched on. Disabled by default (example: +# true"). +# - JAVA_DEBUG_PORT: Port used for remote debugging. Defaults to 5005 (example: "8787"). +# - CONTAINER_CORE_LIMIT: A calculated core limit as described in +# https://www.kernel.org/doc/Documentation/scheduler/sched-bwc.txt. (example: "2") +# - CONTAINER_MAX_MEMORY: Memory limit given to the container (example: "1024"). +# - GC_MIN_HEAP_FREE_RATIO: Minimum percentage of heap free after GC to avoid expansion. +# (example: "20") +# - GC_MAX_HEAP_FREE_RATIO: Maximum percentage of heap free after GC to avoid shrinking. +# (example: "40") +# - GC_TIME_RATIO: Specifies the ratio of the time spent outside the garbage collection. +# (example: "4") +# - GC_ADAPTIVE_SIZE_POLICY_WEIGHT: The weighting given to the current GC time versus +# previous GC times. (example: "90") +# - GC_METASPACE_SIZE: The initial metaspace size. (example: "20") +# - GC_MAX_METASPACE_SIZE: The maximum metaspace size. (example: "100") +# - GC_CONTAINER_OPTIONS: Specify Java GC to use. The value of this variable should +# contain the necessary JRE command-line options to specify the required GC, which +# will override the default of `-XX:+UseParallelGC` (example: -XX:+UseG1GC). +# - HTTPS_PROXY: The location of the https proxy. (example: "myuser@127.0.0.1:8080") +# - HTTP_PROXY: The location of the http proxy. (example: "myuser@127.0.0.1:8080") +# - NO_PROXY: A comma separated lists of hosts, IP addresses or domains that can be +# accessed directly. (example: "foo.example.com,bar.example.com") # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/openjdk-11:1.14 + +ENV LANGUAGE='en_US:en' -ARG JAVA_PACKAGE=java-11-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.8 -ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' -# Install java and the run-java script -# Also set up permissions for user `1001` -RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ - && microdnf update \ - && microdnf clean all \ - && mkdir /deployments \ - && chown 1001 /deployments \ - && chmod "g+rwX" /deployments \ - && chown 1001:root /deployments \ - && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ - && chown 1001 /deployments/run-java.sh \ - && chmod 540 /deployments/run-java.sh \ - && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security -# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. -ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" COPY target/lib/* /deployments/lib/ -COPY target/*-runner.jar /deployments/app.jar +COPY target/*-runner.jar /deployments/quarkus-run.jar EXPOSE 8080 -USER 1001 - -ENTRYPOINT [ "/deployments/run-java.sh" ] +USER 185 +ENV AB_JOLOKIA_OFF="" +ENV JAVA_OPTS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +ENV JAVA_APP_JAR="/deployments/quarkus-run.jar" diff --git a/amazon-dynamodb-quickstart/src/main/docker/Dockerfile.native b/amazon-dynamodb-quickstart/src/main/docker/Dockerfile.native index 0317ffc915..4dd17f3b42 100644 --- a/amazon-dynamodb-quickstart/src/main/docker/Dockerfile.native +++ b/amazon-dynamodb-quickstart/src/main/docker/Dockerfile.native @@ -1,5 +1,5 @@ #### -# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode. # # Before building the container image run: # @@ -7,14 +7,14 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native -t quarkus/amazon-dynamodb . +# docker build -f src/main/docker/Dockerfile.native -t quarkus/amazon-dynamodb-quickstart . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/amazon-dynamodb +# docker run -i --rm -p 8080:8080 quarkus/amazon-dynamodb-quickstart # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.6 WORKDIR /work/ RUN chown 1001 /work \ && chmod "g+rwX" /work \ diff --git a/amazon-dynamodb-quickstart/src/main/docker/Dockerfile.native-micro b/amazon-dynamodb-quickstart/src/main/docker/Dockerfile.native-micro index 5119be9665..96a4b82805 100644 --- a/amazon-dynamodb-quickstart/src/main/docker/Dockerfile.native-micro +++ b/amazon-dynamodb-quickstart/src/main/docker/Dockerfile.native-micro @@ -1,5 +1,8 @@ #### -# This Dockerfile is used in order to build a distroless container that runs the Quarkus application in native (no JVM) mode +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode. +# It uses a micro base image, tuned for Quarkus native executables. +# It reduces the size of the resulting container image. +# Check https://quarkus.io/guides/quarkus-runtime-base-image for further information about this image. # # Before building the container image run: # @@ -7,15 +10,19 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native-micro -t quarkus/amazon-dynamodb . +# docker build -f src/main/docker/Dockerfile.native-micro -t quarkus/amazon-dynamodb-quickstart . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/amazon-dynamodb +# docker run -i --rm -p 8080:8080 quarkus/amazon-dynamodb-quickstart # ### -FROM quay.io/quarkus/quarkus-micro-image:1.0 -COPY target/*-runner /application +FROM quay.io/quarkus/quarkus-micro-image:2.0 +WORKDIR /work/ +RUN chown 1001 /work \ + && chmod "g+rwX" /work \ + && chown 1001:root /work +COPY --chown=1001:root target/*-runner /work/application EXPOSE 8080 USER 1001 diff --git a/amazon-kms-quickstart/pom.xml b/amazon-kms-quickstart/pom.xml index 9ec668c661..9f4d21d8b9 100644 --- a/amazon-kms-quickstart/pom.xml +++ b/amazon-kms-quickstart/pom.xml @@ -11,7 +11,7 @@ quarkus-bom io.quarkus - 999-SNAPSHOT + 2.14.0.Final 3.0.0-M7 UTF-8 11 diff --git a/amazon-kms-quickstart/src/main/docker/Dockerfile.jvm b/amazon-kms-quickstart/src/main/docker/Dockerfile.jvm index 6ad4c73c49..c19f8eb7d9 100644 --- a/amazon-kms-quickstart/src/main/docker/Dockerfile.jvm +++ b/amazon-kms-quickstart/src/main/docker/Dockerfile.jvm @@ -7,48 +7,88 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/amazon-kms-jvm . +# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/amazon-kms-quickstart-jvm . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/amazon-kms-jvm +# docker run -i --rm -p 8080:8080 quarkus/amazon-kms-quickstart-jvm # # If you want to include the debug port into your docker image -# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5005 # # Then run the container using : # -# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/amazon-kms-jvm +# docker run -i --rm -p 8080:8080 quarkus/amazon-kms-quickstart-jvm +# +# This image uses the `run-java.sh` script to run the application. +# This scripts computes the command line to execute your Java application, and +# includes memory/GC tuning. +# You can configure the behavior using the following environment properties: +# - JAVA_OPTS: JVM options passed to the `java` command (example: "-verbose:class") +# - JAVA_OPTS_APPEND: User specified Java options to be appended to generated options +# in JAVA_OPTS (example: "-Dsome.property=foo") +# - JAVA_MAX_MEM_RATIO: Is used when no `-Xmx` option is given in JAVA_OPTS. This is +# used to calculate a default maximal heap memory based on a containers restriction. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xmx` is set to a ratio +# of the container available memory as set here. The default is `50` which means 50% +# of the available memory is used as an upper boundary. You can skip this mechanism by +# setting this value to `0` in which case no `-Xmx` option is added. +# - JAVA_INITIAL_MEM_RATIO: Is used when no `-Xms` option is given in JAVA_OPTS. This +# is used to calculate a default initial heap memory based on the maximum heap memory. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xms` is set to a ratio +# of the `-Xmx` memory as set here. The default is `25` which means 25% of the `-Xmx` +# is used as the initial heap size. You can skip this mechanism by setting this value +# to `0` in which case no `-Xms` option is added (example: "25") +# - JAVA_MAX_INITIAL_MEM: Is used when no `-Xms` option is given in JAVA_OPTS. +# This is used to calculate the maximum value of the initial heap memory. If used in +# a container without any memory constraints for the container then this option has +# no effect. If there is a memory constraint then `-Xms` is limited to the value set +# here. The default is 4096MB which means the calculated value of `-Xms` never will +# be greater than 4096MB. The value of this variable is expressed in MB (example: "4096") +# - JAVA_DIAGNOSTICS: Set this to get some diagnostics information to standard output +# when things are happening. This option, if set to true, will set +# `-XX:+UnlockDiagnosticVMOptions`. Disabled by default (example: "true"). +# - JAVA_DEBUG: If set remote debugging will be switched on. Disabled by default (example: +# true"). +# - JAVA_DEBUG_PORT: Port used for remote debugging. Defaults to 5005 (example: "8787"). +# - CONTAINER_CORE_LIMIT: A calculated core limit as described in +# https://www.kernel.org/doc/Documentation/scheduler/sched-bwc.txt. (example: "2") +# - CONTAINER_MAX_MEMORY: Memory limit given to the container (example: "1024"). +# - GC_MIN_HEAP_FREE_RATIO: Minimum percentage of heap free after GC to avoid expansion. +# (example: "20") +# - GC_MAX_HEAP_FREE_RATIO: Maximum percentage of heap free after GC to avoid shrinking. +# (example: "40") +# - GC_TIME_RATIO: Specifies the ratio of the time spent outside the garbage collection. +# (example: "4") +# - GC_ADAPTIVE_SIZE_POLICY_WEIGHT: The weighting given to the current GC time versus +# previous GC times. (example: "90") +# - GC_METASPACE_SIZE: The initial metaspace size. (example: "20") +# - GC_MAX_METASPACE_SIZE: The maximum metaspace size. (example: "100") +# - GC_CONTAINER_OPTIONS: Specify Java GC to use. The value of this variable should +# contain the necessary JRE command-line options to specify the required GC, which +# will override the default of `-XX:+UseParallelGC` (example: -XX:+UseG1GC). +# - HTTPS_PROXY: The location of the https proxy. (example: "myuser@127.0.0.1:8080") +# - HTTP_PROXY: The location of the http proxy. (example: "myuser@127.0.0.1:8080") +# - NO_PROXY: A comma separated lists of hosts, IP addresses or domains that can be +# accessed directly. (example: "foo.example.com,bar.example.com") # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/openjdk-11:1.14 + +ENV LANGUAGE='en_US:en' -ARG JAVA_PACKAGE=java-11-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.8 -ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' -# Install java and the run-java script -# Also set up permissions for user `1001` -RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ - && microdnf update \ - && microdnf clean all \ - && mkdir /deployments \ - && chown 1001 /deployments \ - && chmod "g+rwX" /deployments \ - && chown 1001:root /deployments \ - && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ - && chown 1001 /deployments/run-java.sh \ - && chmod 540 /deployments/run-java.sh \ - && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security -# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. -ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" # We make four distinct layers so if there are application changes the library layers can be re-used -COPY --chown=1001 target/quarkus-app/lib/ /deployments/lib/ -COPY --chown=1001 target/quarkus-app/*.jar /deployments/ -COPY --chown=1001 target/quarkus-app/app/ /deployments/app/ -COPY --chown=1001 target/quarkus-app/quarkus/ /deployments/quarkus/ +COPY --chown=185 target/quarkus-app/lib/ /deployments/lib/ +COPY --chown=185 target/quarkus-app/*.jar /deployments/ +COPY --chown=185 target/quarkus-app/app/ /deployments/app/ +COPY --chown=185 target/quarkus-app/quarkus/ /deployments/quarkus/ EXPOSE 8080 -USER 1001 +USER 185 +ENV AB_JOLOKIA_OFF="" +ENV JAVA_OPTS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +ENV JAVA_APP_JAR="/deployments/quarkus-run.jar" -ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/amazon-kms-quickstart/src/main/docker/Dockerfile.legacy-jar b/amazon-kms-quickstart/src/main/docker/Dockerfile.legacy-jar index f41eb25a46..be5293ac3b 100644 --- a/amazon-kms-quickstart/src/main/docker/Dockerfile.legacy-jar +++ b/amazon-kms-quickstart/src/main/docker/Dockerfile.legacy-jar @@ -7,45 +7,84 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/amazon-kms-legacy-jar . +# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/amazon-kms-quickstart-legacy-jar . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/amazon-kms-legacy-jar +# docker run -i --rm -p 8080:8080 quarkus/amazon-kms-quickstart-legacy-jar # # If you want to include the debug port into your docker image -# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5005 # # Then run the container using : # -# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/amazon-kms-legacy-jar +# docker run -i --rm -p 8080:8080 quarkus/amazon-kms-quickstart-legacy-jar +# +# This image uses the `run-java.sh` script to run the application. +# This scripts computes the command line to execute your Java application, and +# includes memory/GC tuning. +# You can configure the behavior using the following environment properties: +# - JAVA_OPTS: JVM options passed to the `java` command (example: "-verbose:class") +# - JAVA_OPTS_APPEND: User specified Java options to be appended to generated options +# in JAVA_OPTS (example: "-Dsome.property=foo") +# - JAVA_MAX_MEM_RATIO: Is used when no `-Xmx` option is given in JAVA_OPTS. This is +# used to calculate a default maximal heap memory based on a containers restriction. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xmx` is set to a ratio +# of the container available memory as set here. The default is `50` which means 50% +# of the available memory is used as an upper boundary. You can skip this mechanism by +# setting this value to `0` in which case no `-Xmx` option is added. +# - JAVA_INITIAL_MEM_RATIO: Is used when no `-Xms` option is given in JAVA_OPTS. This +# is used to calculate a default initial heap memory based on the maximum heap memory. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xms` is set to a ratio +# of the `-Xmx` memory as set here. The default is `25` which means 25% of the `-Xmx` +# is used as the initial heap size. You can skip this mechanism by setting this value +# to `0` in which case no `-Xms` option is added (example: "25") +# - JAVA_MAX_INITIAL_MEM: Is used when no `-Xms` option is given in JAVA_OPTS. +# This is used to calculate the maximum value of the initial heap memory. If used in +# a container without any memory constraints for the container then this option has +# no effect. If there is a memory constraint then `-Xms` is limited to the value set +# here. The default is 4096MB which means the calculated value of `-Xms` never will +# be greater than 4096MB. The value of this variable is expressed in MB (example: "4096") +# - JAVA_DIAGNOSTICS: Set this to get some diagnostics information to standard output +# when things are happening. This option, if set to true, will set +# `-XX:+UnlockDiagnosticVMOptions`. Disabled by default (example: "true"). +# - JAVA_DEBUG: If set remote debugging will be switched on. Disabled by default (example: +# true"). +# - JAVA_DEBUG_PORT: Port used for remote debugging. Defaults to 5005 (example: "8787"). +# - CONTAINER_CORE_LIMIT: A calculated core limit as described in +# https://www.kernel.org/doc/Documentation/scheduler/sched-bwc.txt. (example: "2") +# - CONTAINER_MAX_MEMORY: Memory limit given to the container (example: "1024"). +# - GC_MIN_HEAP_FREE_RATIO: Minimum percentage of heap free after GC to avoid expansion. +# (example: "20") +# - GC_MAX_HEAP_FREE_RATIO: Maximum percentage of heap free after GC to avoid shrinking. +# (example: "40") +# - GC_TIME_RATIO: Specifies the ratio of the time spent outside the garbage collection. +# (example: "4") +# - GC_ADAPTIVE_SIZE_POLICY_WEIGHT: The weighting given to the current GC time versus +# previous GC times. (example: "90") +# - GC_METASPACE_SIZE: The initial metaspace size. (example: "20") +# - GC_MAX_METASPACE_SIZE: The maximum metaspace size. (example: "100") +# - GC_CONTAINER_OPTIONS: Specify Java GC to use. The value of this variable should +# contain the necessary JRE command-line options to specify the required GC, which +# will override the default of `-XX:+UseParallelGC` (example: -XX:+UseG1GC). +# - HTTPS_PROXY: The location of the https proxy. (example: "myuser@127.0.0.1:8080") +# - HTTP_PROXY: The location of the http proxy. (example: "myuser@127.0.0.1:8080") +# - NO_PROXY: A comma separated lists of hosts, IP addresses or domains that can be +# accessed directly. (example: "foo.example.com,bar.example.com") # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/openjdk-11:1.14 + +ENV LANGUAGE='en_US:en' -ARG JAVA_PACKAGE=java-11-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.8 -ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' -# Install java and the run-java script -# Also set up permissions for user `1001` -RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ - && microdnf update \ - && microdnf clean all \ - && mkdir /deployments \ - && chown 1001 /deployments \ - && chmod "g+rwX" /deployments \ - && chown 1001:root /deployments \ - && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ - && chown 1001 /deployments/run-java.sh \ - && chmod 540 /deployments/run-java.sh \ - && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security -# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. -ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" COPY target/lib/* /deployments/lib/ -COPY target/*-runner.jar /deployments/app.jar +COPY target/*-runner.jar /deployments/quarkus-run.jar EXPOSE 8080 -USER 1001 - -ENTRYPOINT [ "/deployments/run-java.sh" ] +USER 185 +ENV AB_JOLOKIA_OFF="" +ENV JAVA_OPTS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +ENV JAVA_APP_JAR="/deployments/quarkus-run.jar" diff --git a/amazon-kms-quickstart/src/main/docker/Dockerfile.native b/amazon-kms-quickstart/src/main/docker/Dockerfile.native index a65867c9f1..24eae9a424 100644 --- a/amazon-kms-quickstart/src/main/docker/Dockerfile.native +++ b/amazon-kms-quickstart/src/main/docker/Dockerfile.native @@ -1,5 +1,5 @@ #### -# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode. # # Before building the container image run: # @@ -7,14 +7,14 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native -t quarkus/amazon-kms . +# docker build -f src/main/docker/Dockerfile.native -t quarkus/amazon-kms-quickstart . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/amazon-kms +# docker run -i --rm -p 8080:8080 quarkus/amazon-kms-quickstart # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.6 WORKDIR /work/ RUN chown 1001 /work \ && chmod "g+rwX" /work \ diff --git a/amazon-kms-quickstart/src/main/docker/Dockerfile.native-micro b/amazon-kms-quickstart/src/main/docker/Dockerfile.native-micro index 107498a7a5..19de7f82e8 100644 --- a/amazon-kms-quickstart/src/main/docker/Dockerfile.native-micro +++ b/amazon-kms-quickstart/src/main/docker/Dockerfile.native-micro @@ -1,5 +1,8 @@ #### -# This Dockerfile is used in order to build a distroless container that runs the Quarkus application in native (no JVM) mode +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode. +# It uses a micro base image, tuned for Quarkus native executables. +# It reduces the size of the resulting container image. +# Check https://quarkus.io/guides/quarkus-runtime-base-image for further information about this image. # # Before building the container image run: # @@ -7,15 +10,19 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native-micro -t quarkus/amazon-kms . +# docker build -f src/main/docker/Dockerfile.native-micro -t quarkus/amazon-kms-quickstart . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/amazon-kms +# docker run -i --rm -p 8080:8080 quarkus/amazon-kms-quickstart # ### -FROM quay.io/quarkus/quarkus-micro-image:1.0 -COPY target/*-runner /application +FROM quay.io/quarkus/quarkus-micro-image:2.0 +WORKDIR /work/ +RUN chown 1001 /work \ + && chmod "g+rwX" /work \ + && chown 1001:root /work +COPY --chown=1001:root target/*-runner /work/application EXPOSE 8080 USER 1001 diff --git a/amazon-s3-quickstart/pom.xml b/amazon-s3-quickstart/pom.xml index 91b282c27d..f7201fdde7 100644 --- a/amazon-s3-quickstart/pom.xml +++ b/amazon-s3-quickstart/pom.xml @@ -11,7 +11,7 @@ quarkus-bom io.quarkus - 999-SNAPSHOT + 2.14.0.Final 3.0.0-M7 UTF-8 11 diff --git a/amazon-s3-quickstart/src/main/docker/Dockerfile.jvm b/amazon-s3-quickstart/src/main/docker/Dockerfile.jvm index 7dc8125f6f..3ba970d679 100644 --- a/amazon-s3-quickstart/src/main/docker/Dockerfile.jvm +++ b/amazon-s3-quickstart/src/main/docker/Dockerfile.jvm @@ -7,48 +7,88 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/amazon-s3-jvm . +# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/amazon-s3-quickstart-jvm . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/amazon-s3-jvm +# docker run -i --rm -p 8080:8080 quarkus/amazon-s3-quickstart-jvm # # If you want to include the debug port into your docker image -# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5005 # # Then run the container using : # -# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/amazon-s3-jvm +# docker run -i --rm -p 8080:8080 quarkus/amazon-s3-quickstart-jvm +# +# This image uses the `run-java.sh` script to run the application. +# This scripts computes the command line to execute your Java application, and +# includes memory/GC tuning. +# You can configure the behavior using the following environment properties: +# - JAVA_OPTS: JVM options passed to the `java` command (example: "-verbose:class") +# - JAVA_OPTS_APPEND: User specified Java options to be appended to generated options +# in JAVA_OPTS (example: "-Dsome.property=foo") +# - JAVA_MAX_MEM_RATIO: Is used when no `-Xmx` option is given in JAVA_OPTS. This is +# used to calculate a default maximal heap memory based on a containers restriction. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xmx` is set to a ratio +# of the container available memory as set here. The default is `50` which means 50% +# of the available memory is used as an upper boundary. You can skip this mechanism by +# setting this value to `0` in which case no `-Xmx` option is added. +# - JAVA_INITIAL_MEM_RATIO: Is used when no `-Xms` option is given in JAVA_OPTS. This +# is used to calculate a default initial heap memory based on the maximum heap memory. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xms` is set to a ratio +# of the `-Xmx` memory as set here. The default is `25` which means 25% of the `-Xmx` +# is used as the initial heap size. You can skip this mechanism by setting this value +# to `0` in which case no `-Xms` option is added (example: "25") +# - JAVA_MAX_INITIAL_MEM: Is used when no `-Xms` option is given in JAVA_OPTS. +# This is used to calculate the maximum value of the initial heap memory. If used in +# a container without any memory constraints for the container then this option has +# no effect. If there is a memory constraint then `-Xms` is limited to the value set +# here. The default is 4096MB which means the calculated value of `-Xms` never will +# be greater than 4096MB. The value of this variable is expressed in MB (example: "4096") +# - JAVA_DIAGNOSTICS: Set this to get some diagnostics information to standard output +# when things are happening. This option, if set to true, will set +# `-XX:+UnlockDiagnosticVMOptions`. Disabled by default (example: "true"). +# - JAVA_DEBUG: If set remote debugging will be switched on. Disabled by default (example: +# true"). +# - JAVA_DEBUG_PORT: Port used for remote debugging. Defaults to 5005 (example: "8787"). +# - CONTAINER_CORE_LIMIT: A calculated core limit as described in +# https://www.kernel.org/doc/Documentation/scheduler/sched-bwc.txt. (example: "2") +# - CONTAINER_MAX_MEMORY: Memory limit given to the container (example: "1024"). +# - GC_MIN_HEAP_FREE_RATIO: Minimum percentage of heap free after GC to avoid expansion. +# (example: "20") +# - GC_MAX_HEAP_FREE_RATIO: Maximum percentage of heap free after GC to avoid shrinking. +# (example: "40") +# - GC_TIME_RATIO: Specifies the ratio of the time spent outside the garbage collection. +# (example: "4") +# - GC_ADAPTIVE_SIZE_POLICY_WEIGHT: The weighting given to the current GC time versus +# previous GC times. (example: "90") +# - GC_METASPACE_SIZE: The initial metaspace size. (example: "20") +# - GC_MAX_METASPACE_SIZE: The maximum metaspace size. (example: "100") +# - GC_CONTAINER_OPTIONS: Specify Java GC to use. The value of this variable should +# contain the necessary JRE command-line options to specify the required GC, which +# will override the default of `-XX:+UseParallelGC` (example: -XX:+UseG1GC). +# - HTTPS_PROXY: The location of the https proxy. (example: "myuser@127.0.0.1:8080") +# - HTTP_PROXY: The location of the http proxy. (example: "myuser@127.0.0.1:8080") +# - NO_PROXY: A comma separated lists of hosts, IP addresses or domains that can be +# accessed directly. (example: "foo.example.com,bar.example.com") # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/openjdk-11:1.14 + +ENV LANGUAGE='en_US:en' -ARG JAVA_PACKAGE=java-11-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.8 -ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' -# Install java and the run-java script -# Also set up permissions for user `1001` -RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ - && microdnf update \ - && microdnf clean all \ - && mkdir /deployments \ - && chown 1001 /deployments \ - && chmod "g+rwX" /deployments \ - && chown 1001:root /deployments \ - && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ - && chown 1001 /deployments/run-java.sh \ - && chmod 540 /deployments/run-java.sh \ - && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security -# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. -ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" # We make four distinct layers so if there are application changes the library layers can be re-used -COPY --chown=1001 target/quarkus-app/lib/ /deployments/lib/ -COPY --chown=1001 target/quarkus-app/*.jar /deployments/ -COPY --chown=1001 target/quarkus-app/app/ /deployments/app/ -COPY --chown=1001 target/quarkus-app/quarkus/ /deployments/quarkus/ +COPY --chown=185 target/quarkus-app/lib/ /deployments/lib/ +COPY --chown=185 target/quarkus-app/*.jar /deployments/ +COPY --chown=185 target/quarkus-app/app/ /deployments/app/ +COPY --chown=185 target/quarkus-app/quarkus/ /deployments/quarkus/ EXPOSE 8080 -USER 1001 +USER 185 +ENV AB_JOLOKIA_OFF="" +ENV JAVA_OPTS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +ENV JAVA_APP_JAR="/deployments/quarkus-run.jar" -ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/amazon-s3-quickstart/src/main/docker/Dockerfile.legacy-jar b/amazon-s3-quickstart/src/main/docker/Dockerfile.legacy-jar index ab009b6635..488d98b165 100644 --- a/amazon-s3-quickstart/src/main/docker/Dockerfile.legacy-jar +++ b/amazon-s3-quickstart/src/main/docker/Dockerfile.legacy-jar @@ -7,45 +7,84 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/amazon-s3-legacy-jar . +# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/amazon-s3-quickstart-legacy-jar . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/amazon-s3-legacy-jar +# docker run -i --rm -p 8080:8080 quarkus/amazon-s3-quickstart-legacy-jar # # If you want to include the debug port into your docker image -# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5005 # # Then run the container using : # -# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/amazon-s3-legacy-jar +# docker run -i --rm -p 8080:8080 quarkus/amazon-s3-quickstart-legacy-jar +# +# This image uses the `run-java.sh` script to run the application. +# This scripts computes the command line to execute your Java application, and +# includes memory/GC tuning. +# You can configure the behavior using the following environment properties: +# - JAVA_OPTS: JVM options passed to the `java` command (example: "-verbose:class") +# - JAVA_OPTS_APPEND: User specified Java options to be appended to generated options +# in JAVA_OPTS (example: "-Dsome.property=foo") +# - JAVA_MAX_MEM_RATIO: Is used when no `-Xmx` option is given in JAVA_OPTS. This is +# used to calculate a default maximal heap memory based on a containers restriction. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xmx` is set to a ratio +# of the container available memory as set here. The default is `50` which means 50% +# of the available memory is used as an upper boundary. You can skip this mechanism by +# setting this value to `0` in which case no `-Xmx` option is added. +# - JAVA_INITIAL_MEM_RATIO: Is used when no `-Xms` option is given in JAVA_OPTS. This +# is used to calculate a default initial heap memory based on the maximum heap memory. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xms` is set to a ratio +# of the `-Xmx` memory as set here. The default is `25` which means 25% of the `-Xmx` +# is used as the initial heap size. You can skip this mechanism by setting this value +# to `0` in which case no `-Xms` option is added (example: "25") +# - JAVA_MAX_INITIAL_MEM: Is used when no `-Xms` option is given in JAVA_OPTS. +# This is used to calculate the maximum value of the initial heap memory. If used in +# a container without any memory constraints for the container then this option has +# no effect. If there is a memory constraint then `-Xms` is limited to the value set +# here. The default is 4096MB which means the calculated value of `-Xms` never will +# be greater than 4096MB. The value of this variable is expressed in MB (example: "4096") +# - JAVA_DIAGNOSTICS: Set this to get some diagnostics information to standard output +# when things are happening. This option, if set to true, will set +# `-XX:+UnlockDiagnosticVMOptions`. Disabled by default (example: "true"). +# - JAVA_DEBUG: If set remote debugging will be switched on. Disabled by default (example: +# true"). +# - JAVA_DEBUG_PORT: Port used for remote debugging. Defaults to 5005 (example: "8787"). +# - CONTAINER_CORE_LIMIT: A calculated core limit as described in +# https://www.kernel.org/doc/Documentation/scheduler/sched-bwc.txt. (example: "2") +# - CONTAINER_MAX_MEMORY: Memory limit given to the container (example: "1024"). +# - GC_MIN_HEAP_FREE_RATIO: Minimum percentage of heap free after GC to avoid expansion. +# (example: "20") +# - GC_MAX_HEAP_FREE_RATIO: Maximum percentage of heap free after GC to avoid shrinking. +# (example: "40") +# - GC_TIME_RATIO: Specifies the ratio of the time spent outside the garbage collection. +# (example: "4") +# - GC_ADAPTIVE_SIZE_POLICY_WEIGHT: The weighting given to the current GC time versus +# previous GC times. (example: "90") +# - GC_METASPACE_SIZE: The initial metaspace size. (example: "20") +# - GC_MAX_METASPACE_SIZE: The maximum metaspace size. (example: "100") +# - GC_CONTAINER_OPTIONS: Specify Java GC to use. The value of this variable should +# contain the necessary JRE command-line options to specify the required GC, which +# will override the default of `-XX:+UseParallelGC` (example: -XX:+UseG1GC). +# - HTTPS_PROXY: The location of the https proxy. (example: "myuser@127.0.0.1:8080") +# - HTTP_PROXY: The location of the http proxy. (example: "myuser@127.0.0.1:8080") +# - NO_PROXY: A comma separated lists of hosts, IP addresses or domains that can be +# accessed directly. (example: "foo.example.com,bar.example.com") # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/openjdk-11:1.14 + +ENV LANGUAGE='en_US:en' -ARG JAVA_PACKAGE=java-11-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.8 -ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' -# Install java and the run-java script -# Also set up permissions for user `1001` -RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ - && microdnf update \ - && microdnf clean all \ - && mkdir /deployments \ - && chown 1001 /deployments \ - && chmod "g+rwX" /deployments \ - && chown 1001:root /deployments \ - && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ - && chown 1001 /deployments/run-java.sh \ - && chmod 540 /deployments/run-java.sh \ - && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security -# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. -ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" COPY target/lib/* /deployments/lib/ -COPY target/*-runner.jar /deployments/app.jar +COPY target/*-runner.jar /deployments/quarkus-run.jar EXPOSE 8080 -USER 1001 - -ENTRYPOINT [ "/deployments/run-java.sh" ] +USER 185 +ENV AB_JOLOKIA_OFF="" +ENV JAVA_OPTS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +ENV JAVA_APP_JAR="/deployments/quarkus-run.jar" diff --git a/amazon-s3-quickstart/src/main/docker/Dockerfile.native b/amazon-s3-quickstart/src/main/docker/Dockerfile.native index 314da398d4..f369500f18 100644 --- a/amazon-s3-quickstart/src/main/docker/Dockerfile.native +++ b/amazon-s3-quickstart/src/main/docker/Dockerfile.native @@ -1,5 +1,5 @@ #### -# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode. # # Before building the container image run: # @@ -7,14 +7,14 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native -t quarkus/amazon-s3 . +# docker build -f src/main/docker/Dockerfile.native -t quarkus/amazon-s3-quickstart . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/amazon-s3 +# docker run -i --rm -p 8080:8080 quarkus/amazon-s3-quickstart # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.6 WORKDIR /work/ RUN chown 1001 /work \ && chmod "g+rwX" /work \ diff --git a/amazon-s3-quickstart/src/main/docker/Dockerfile.native-micro b/amazon-s3-quickstart/src/main/docker/Dockerfile.native-micro index 9e44edd03f..1b9e7d943a 100644 --- a/amazon-s3-quickstart/src/main/docker/Dockerfile.native-micro +++ b/amazon-s3-quickstart/src/main/docker/Dockerfile.native-micro @@ -1,5 +1,8 @@ #### -# This Dockerfile is used in order to build a distroless container that runs the Quarkus application in native (no JVM) mode +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode. +# It uses a micro base image, tuned for Quarkus native executables. +# It reduces the size of the resulting container image. +# Check https://quarkus.io/guides/quarkus-runtime-base-image for further information about this image. # # Before building the container image run: # @@ -7,15 +10,19 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native-micro -t quarkus/amazon-s3 . +# docker build -f src/main/docker/Dockerfile.native-micro -t quarkus/amazon-s3-quickstart . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/amazon-s3 +# docker run -i --rm -p 8080:8080 quarkus/amazon-s3-quickstart # ### -FROM quay.io/quarkus/quarkus-micro-image:1.0 -COPY target/*-runner /application +FROM quay.io/quarkus/quarkus-micro-image:2.0 +WORKDIR /work/ +RUN chown 1001 /work \ + && chmod "g+rwX" /work \ + && chown 1001:root /work +COPY --chown=1001:root target/*-runner /work/application EXPOSE 8080 USER 1001 diff --git a/amazon-ses-quickstart/pom.xml b/amazon-ses-quickstart/pom.xml index 2430ac0419..0b10ec258c 100644 --- a/amazon-ses-quickstart/pom.xml +++ b/amazon-ses-quickstart/pom.xml @@ -11,7 +11,7 @@ quarkus-bom io.quarkus - 999-SNAPSHOT + 2.14.0.Final 3.0.0-M7 UTF-8 11 diff --git a/amazon-ses-quickstart/src/main/docker/Dockerfile.jvm b/amazon-ses-quickstart/src/main/docker/Dockerfile.jvm index 011d1cd152..f0c6eb655e 100644 --- a/amazon-ses-quickstart/src/main/docker/Dockerfile.jvm +++ b/amazon-ses-quickstart/src/main/docker/Dockerfile.jvm @@ -7,48 +7,88 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/amazon-ses-jvm . +# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/amazon-ses-quickstart-jvm . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/amazon-ses-jvm +# docker run -i --rm -p 8080:8080 quarkus/amazon-ses-quickstart-jvm # # If you want to include the debug port into your docker image -# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5005 # # Then run the container using : # -# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/amazon-ses-jvm +# docker run -i --rm -p 8080:8080 quarkus/amazon-ses-quickstart-jvm +# +# This image uses the `run-java.sh` script to run the application. +# This scripts computes the command line to execute your Java application, and +# includes memory/GC tuning. +# You can configure the behavior using the following environment properties: +# - JAVA_OPTS: JVM options passed to the `java` command (example: "-verbose:class") +# - JAVA_OPTS_APPEND: User specified Java options to be appended to generated options +# in JAVA_OPTS (example: "-Dsome.property=foo") +# - JAVA_MAX_MEM_RATIO: Is used when no `-Xmx` option is given in JAVA_OPTS. This is +# used to calculate a default maximal heap memory based on a containers restriction. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xmx` is set to a ratio +# of the container available memory as set here. The default is `50` which means 50% +# of the available memory is used as an upper boundary. You can skip this mechanism by +# setting this value to `0` in which case no `-Xmx` option is added. +# - JAVA_INITIAL_MEM_RATIO: Is used when no `-Xms` option is given in JAVA_OPTS. This +# is used to calculate a default initial heap memory based on the maximum heap memory. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xms` is set to a ratio +# of the `-Xmx` memory as set here. The default is `25` which means 25% of the `-Xmx` +# is used as the initial heap size. You can skip this mechanism by setting this value +# to `0` in which case no `-Xms` option is added (example: "25") +# - JAVA_MAX_INITIAL_MEM: Is used when no `-Xms` option is given in JAVA_OPTS. +# This is used to calculate the maximum value of the initial heap memory. If used in +# a container without any memory constraints for the container then this option has +# no effect. If there is a memory constraint then `-Xms` is limited to the value set +# here. The default is 4096MB which means the calculated value of `-Xms` never will +# be greater than 4096MB. The value of this variable is expressed in MB (example: "4096") +# - JAVA_DIAGNOSTICS: Set this to get some diagnostics information to standard output +# when things are happening. This option, if set to true, will set +# `-XX:+UnlockDiagnosticVMOptions`. Disabled by default (example: "true"). +# - JAVA_DEBUG: If set remote debugging will be switched on. Disabled by default (example: +# true"). +# - JAVA_DEBUG_PORT: Port used for remote debugging. Defaults to 5005 (example: "8787"). +# - CONTAINER_CORE_LIMIT: A calculated core limit as described in +# https://www.kernel.org/doc/Documentation/scheduler/sched-bwc.txt. (example: "2") +# - CONTAINER_MAX_MEMORY: Memory limit given to the container (example: "1024"). +# - GC_MIN_HEAP_FREE_RATIO: Minimum percentage of heap free after GC to avoid expansion. +# (example: "20") +# - GC_MAX_HEAP_FREE_RATIO: Maximum percentage of heap free after GC to avoid shrinking. +# (example: "40") +# - GC_TIME_RATIO: Specifies the ratio of the time spent outside the garbage collection. +# (example: "4") +# - GC_ADAPTIVE_SIZE_POLICY_WEIGHT: The weighting given to the current GC time versus +# previous GC times. (example: "90") +# - GC_METASPACE_SIZE: The initial metaspace size. (example: "20") +# - GC_MAX_METASPACE_SIZE: The maximum metaspace size. (example: "100") +# - GC_CONTAINER_OPTIONS: Specify Java GC to use. The value of this variable should +# contain the necessary JRE command-line options to specify the required GC, which +# will override the default of `-XX:+UseParallelGC` (example: -XX:+UseG1GC). +# - HTTPS_PROXY: The location of the https proxy. (example: "myuser@127.0.0.1:8080") +# - HTTP_PROXY: The location of the http proxy. (example: "myuser@127.0.0.1:8080") +# - NO_PROXY: A comma separated lists of hosts, IP addresses or domains that can be +# accessed directly. (example: "foo.example.com,bar.example.com") # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/openjdk-11:1.14 + +ENV LANGUAGE='en_US:en' -ARG JAVA_PACKAGE=java-11-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.8 -ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' -# Install java and the run-java script -# Also set up permissions for user `1001` -RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ - && microdnf update \ - && microdnf clean all \ - && mkdir /deployments \ - && chown 1001 /deployments \ - && chmod "g+rwX" /deployments \ - && chown 1001:root /deployments \ - && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ - && chown 1001 /deployments/run-java.sh \ - && chmod 540 /deployments/run-java.sh \ - && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security -# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. -ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" # We make four distinct layers so if there are application changes the library layers can be re-used -COPY --chown=1001 target/quarkus-app/lib/ /deployments/lib/ -COPY --chown=1001 target/quarkus-app/*.jar /deployments/ -COPY --chown=1001 target/quarkus-app/app/ /deployments/app/ -COPY --chown=1001 target/quarkus-app/quarkus/ /deployments/quarkus/ +COPY --chown=185 target/quarkus-app/lib/ /deployments/lib/ +COPY --chown=185 target/quarkus-app/*.jar /deployments/ +COPY --chown=185 target/quarkus-app/app/ /deployments/app/ +COPY --chown=185 target/quarkus-app/quarkus/ /deployments/quarkus/ EXPOSE 8080 -USER 1001 +USER 185 +ENV AB_JOLOKIA_OFF="" +ENV JAVA_OPTS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +ENV JAVA_APP_JAR="/deployments/quarkus-run.jar" -ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/amazon-ses-quickstart/src/main/docker/Dockerfile.legacy-jar b/amazon-ses-quickstart/src/main/docker/Dockerfile.legacy-jar index 441fe3f3f1..ddb9ffc677 100644 --- a/amazon-ses-quickstart/src/main/docker/Dockerfile.legacy-jar +++ b/amazon-ses-quickstart/src/main/docker/Dockerfile.legacy-jar @@ -7,45 +7,84 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/amazon-ses-legacy-jar . +# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/amazon-ses-quickstart-legacy-jar . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/amazon-ses-legacy-jar +# docker run -i --rm -p 8080:8080 quarkus/amazon-ses-quickstart-legacy-jar # # If you want to include the debug port into your docker image -# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5005 # # Then run the container using : # -# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/amazon-ses-legacy-jar +# docker run -i --rm -p 8080:8080 quarkus/amazon-ses-quickstart-legacy-jar +# +# This image uses the `run-java.sh` script to run the application. +# This scripts computes the command line to execute your Java application, and +# includes memory/GC tuning. +# You can configure the behavior using the following environment properties: +# - JAVA_OPTS: JVM options passed to the `java` command (example: "-verbose:class") +# - JAVA_OPTS_APPEND: User specified Java options to be appended to generated options +# in JAVA_OPTS (example: "-Dsome.property=foo") +# - JAVA_MAX_MEM_RATIO: Is used when no `-Xmx` option is given in JAVA_OPTS. This is +# used to calculate a default maximal heap memory based on a containers restriction. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xmx` is set to a ratio +# of the container available memory as set here. The default is `50` which means 50% +# of the available memory is used as an upper boundary. You can skip this mechanism by +# setting this value to `0` in which case no `-Xmx` option is added. +# - JAVA_INITIAL_MEM_RATIO: Is used when no `-Xms` option is given in JAVA_OPTS. This +# is used to calculate a default initial heap memory based on the maximum heap memory. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xms` is set to a ratio +# of the `-Xmx` memory as set here. The default is `25` which means 25% of the `-Xmx` +# is used as the initial heap size. You can skip this mechanism by setting this value +# to `0` in which case no `-Xms` option is added (example: "25") +# - JAVA_MAX_INITIAL_MEM: Is used when no `-Xms` option is given in JAVA_OPTS. +# This is used to calculate the maximum value of the initial heap memory. If used in +# a container without any memory constraints for the container then this option has +# no effect. If there is a memory constraint then `-Xms` is limited to the value set +# here. The default is 4096MB which means the calculated value of `-Xms` never will +# be greater than 4096MB. The value of this variable is expressed in MB (example: "4096") +# - JAVA_DIAGNOSTICS: Set this to get some diagnostics information to standard output +# when things are happening. This option, if set to true, will set +# `-XX:+UnlockDiagnosticVMOptions`. Disabled by default (example: "true"). +# - JAVA_DEBUG: If set remote debugging will be switched on. Disabled by default (example: +# true"). +# - JAVA_DEBUG_PORT: Port used for remote debugging. Defaults to 5005 (example: "8787"). +# - CONTAINER_CORE_LIMIT: A calculated core limit as described in +# https://www.kernel.org/doc/Documentation/scheduler/sched-bwc.txt. (example: "2") +# - CONTAINER_MAX_MEMORY: Memory limit given to the container (example: "1024"). +# - GC_MIN_HEAP_FREE_RATIO: Minimum percentage of heap free after GC to avoid expansion. +# (example: "20") +# - GC_MAX_HEAP_FREE_RATIO: Maximum percentage of heap free after GC to avoid shrinking. +# (example: "40") +# - GC_TIME_RATIO: Specifies the ratio of the time spent outside the garbage collection. +# (example: "4") +# - GC_ADAPTIVE_SIZE_POLICY_WEIGHT: The weighting given to the current GC time versus +# previous GC times. (example: "90") +# - GC_METASPACE_SIZE: The initial metaspace size. (example: "20") +# - GC_MAX_METASPACE_SIZE: The maximum metaspace size. (example: "100") +# - GC_CONTAINER_OPTIONS: Specify Java GC to use. The value of this variable should +# contain the necessary JRE command-line options to specify the required GC, which +# will override the default of `-XX:+UseParallelGC` (example: -XX:+UseG1GC). +# - HTTPS_PROXY: The location of the https proxy. (example: "myuser@127.0.0.1:8080") +# - HTTP_PROXY: The location of the http proxy. (example: "myuser@127.0.0.1:8080") +# - NO_PROXY: A comma separated lists of hosts, IP addresses or domains that can be +# accessed directly. (example: "foo.example.com,bar.example.com") # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/openjdk-11:1.14 + +ENV LANGUAGE='en_US:en' -ARG JAVA_PACKAGE=java-11-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.8 -ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' -# Install java and the run-java script -# Also set up permissions for user `1001` -RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ - && microdnf update \ - && microdnf clean all \ - && mkdir /deployments \ - && chown 1001 /deployments \ - && chmod "g+rwX" /deployments \ - && chown 1001:root /deployments \ - && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ - && chown 1001 /deployments/run-java.sh \ - && chmod 540 /deployments/run-java.sh \ - && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security -# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. -ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" COPY target/lib/* /deployments/lib/ -COPY target/*-runner.jar /deployments/app.jar +COPY target/*-runner.jar /deployments/quarkus-run.jar EXPOSE 8080 -USER 1001 - -ENTRYPOINT [ "/deployments/run-java.sh" ] +USER 185 +ENV AB_JOLOKIA_OFF="" +ENV JAVA_OPTS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +ENV JAVA_APP_JAR="/deployments/quarkus-run.jar" diff --git a/amazon-ses-quickstart/src/main/docker/Dockerfile.native b/amazon-ses-quickstart/src/main/docker/Dockerfile.native index 1b076353fd..d4a07783f2 100644 --- a/amazon-ses-quickstart/src/main/docker/Dockerfile.native +++ b/amazon-ses-quickstart/src/main/docker/Dockerfile.native @@ -1,5 +1,5 @@ #### -# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode. # # Before building the container image run: # @@ -7,14 +7,14 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native -t quarkus/amazon-ses . +# docker build -f src/main/docker/Dockerfile.native -t quarkus/amazon-ses-quickstart . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/amazon-ses +# docker run -i --rm -p 8080:8080 quarkus/amazon-ses-quickstart # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.6 WORKDIR /work/ RUN chown 1001 /work \ && chmod "g+rwX" /work \ diff --git a/amazon-ses-quickstart/src/main/docker/Dockerfile.native-micro b/amazon-ses-quickstart/src/main/docker/Dockerfile.native-micro index d1ec14e554..b0828ac17d 100644 --- a/amazon-ses-quickstart/src/main/docker/Dockerfile.native-micro +++ b/amazon-ses-quickstart/src/main/docker/Dockerfile.native-micro @@ -1,5 +1,8 @@ #### -# This Dockerfile is used in order to build a distroless container that runs the Quarkus application in native (no JVM) mode +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode. +# It uses a micro base image, tuned for Quarkus native executables. +# It reduces the size of the resulting container image. +# Check https://quarkus.io/guides/quarkus-runtime-base-image for further information about this image. # # Before building the container image run: # @@ -7,15 +10,19 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native-micro -t quarkus/amazon-ses . +# docker build -f src/main/docker/Dockerfile.native-micro -t quarkus/amazon-ses-quickstart . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/amazon-ses +# docker run -i --rm -p 8080:8080 quarkus/amazon-ses-quickstart # ### -FROM quay.io/quarkus/quarkus-micro-image:1.0 -COPY target/*-runner /application +FROM quay.io/quarkus/quarkus-micro-image:2.0 +WORKDIR /work/ +RUN chown 1001 /work \ + && chmod "g+rwX" /work \ + && chown 1001:root /work +COPY --chown=1001:root target/*-runner /work/application EXPOSE 8080 USER 1001 diff --git a/amazon-sns-quickstart/pom.xml b/amazon-sns-quickstart/pom.xml index 0324bf68b6..3c8f16ddbc 100644 --- a/amazon-sns-quickstart/pom.xml +++ b/amazon-sns-quickstart/pom.xml @@ -11,7 +11,7 @@ quarkus-bom io.quarkus - 999-SNAPSHOT + 2.14.0.Final 3.0.0-M7 UTF-8 11 diff --git a/amazon-sns-quickstart/src/main/docker/Dockerfile.jvm b/amazon-sns-quickstart/src/main/docker/Dockerfile.jvm index 780729e57f..1af6c107a6 100644 --- a/amazon-sns-quickstart/src/main/docker/Dockerfile.jvm +++ b/amazon-sns-quickstart/src/main/docker/Dockerfile.jvm @@ -7,48 +7,88 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/amazon-sns-jvm . +# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/amazon-sns-quickstart-jvm . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/amazon-sns-jvm +# docker run -i --rm -p 8080:8080 quarkus/amazon-sns-quickstart-jvm # # If you want to include the debug port into your docker image -# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5005 # # Then run the container using : # -# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/amazon-sns-jvm +# docker run -i --rm -p 8080:8080 quarkus/amazon-sns-quickstart-jvm +# +# This image uses the `run-java.sh` script to run the application. +# This scripts computes the command line to execute your Java application, and +# includes memory/GC tuning. +# You can configure the behavior using the following environment properties: +# - JAVA_OPTS: JVM options passed to the `java` command (example: "-verbose:class") +# - JAVA_OPTS_APPEND: User specified Java options to be appended to generated options +# in JAVA_OPTS (example: "-Dsome.property=foo") +# - JAVA_MAX_MEM_RATIO: Is used when no `-Xmx` option is given in JAVA_OPTS. This is +# used to calculate a default maximal heap memory based on a containers restriction. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xmx` is set to a ratio +# of the container available memory as set here. The default is `50` which means 50% +# of the available memory is used as an upper boundary. You can skip this mechanism by +# setting this value to `0` in which case no `-Xmx` option is added. +# - JAVA_INITIAL_MEM_RATIO: Is used when no `-Xms` option is given in JAVA_OPTS. This +# is used to calculate a default initial heap memory based on the maximum heap memory. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xms` is set to a ratio +# of the `-Xmx` memory as set here. The default is `25` which means 25% of the `-Xmx` +# is used as the initial heap size. You can skip this mechanism by setting this value +# to `0` in which case no `-Xms` option is added (example: "25") +# - JAVA_MAX_INITIAL_MEM: Is used when no `-Xms` option is given in JAVA_OPTS. +# This is used to calculate the maximum value of the initial heap memory. If used in +# a container without any memory constraints for the container then this option has +# no effect. If there is a memory constraint then `-Xms` is limited to the value set +# here. The default is 4096MB which means the calculated value of `-Xms` never will +# be greater than 4096MB. The value of this variable is expressed in MB (example: "4096") +# - JAVA_DIAGNOSTICS: Set this to get some diagnostics information to standard output +# when things are happening. This option, if set to true, will set +# `-XX:+UnlockDiagnosticVMOptions`. Disabled by default (example: "true"). +# - JAVA_DEBUG: If set remote debugging will be switched on. Disabled by default (example: +# true"). +# - JAVA_DEBUG_PORT: Port used for remote debugging. Defaults to 5005 (example: "8787"). +# - CONTAINER_CORE_LIMIT: A calculated core limit as described in +# https://www.kernel.org/doc/Documentation/scheduler/sched-bwc.txt. (example: "2") +# - CONTAINER_MAX_MEMORY: Memory limit given to the container (example: "1024"). +# - GC_MIN_HEAP_FREE_RATIO: Minimum percentage of heap free after GC to avoid expansion. +# (example: "20") +# - GC_MAX_HEAP_FREE_RATIO: Maximum percentage of heap free after GC to avoid shrinking. +# (example: "40") +# - GC_TIME_RATIO: Specifies the ratio of the time spent outside the garbage collection. +# (example: "4") +# - GC_ADAPTIVE_SIZE_POLICY_WEIGHT: The weighting given to the current GC time versus +# previous GC times. (example: "90") +# - GC_METASPACE_SIZE: The initial metaspace size. (example: "20") +# - GC_MAX_METASPACE_SIZE: The maximum metaspace size. (example: "100") +# - GC_CONTAINER_OPTIONS: Specify Java GC to use. The value of this variable should +# contain the necessary JRE command-line options to specify the required GC, which +# will override the default of `-XX:+UseParallelGC` (example: -XX:+UseG1GC). +# - HTTPS_PROXY: The location of the https proxy. (example: "myuser@127.0.0.1:8080") +# - HTTP_PROXY: The location of the http proxy. (example: "myuser@127.0.0.1:8080") +# - NO_PROXY: A comma separated lists of hosts, IP addresses or domains that can be +# accessed directly. (example: "foo.example.com,bar.example.com") # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/openjdk-11:1.14 + +ENV LANGUAGE='en_US:en' -ARG JAVA_PACKAGE=java-11-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.8 -ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' -# Install java and the run-java script -# Also set up permissions for user `1001` -RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ - && microdnf update \ - && microdnf clean all \ - && mkdir /deployments \ - && chown 1001 /deployments \ - && chmod "g+rwX" /deployments \ - && chown 1001:root /deployments \ - && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ - && chown 1001 /deployments/run-java.sh \ - && chmod 540 /deployments/run-java.sh \ - && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security -# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. -ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" # We make four distinct layers so if there are application changes the library layers can be re-used -COPY --chown=1001 target/quarkus-app/lib/ /deployments/lib/ -COPY --chown=1001 target/quarkus-app/*.jar /deployments/ -COPY --chown=1001 target/quarkus-app/app/ /deployments/app/ -COPY --chown=1001 target/quarkus-app/quarkus/ /deployments/quarkus/ +COPY --chown=185 target/quarkus-app/lib/ /deployments/lib/ +COPY --chown=185 target/quarkus-app/*.jar /deployments/ +COPY --chown=185 target/quarkus-app/app/ /deployments/app/ +COPY --chown=185 target/quarkus-app/quarkus/ /deployments/quarkus/ EXPOSE 8080 -USER 1001 +USER 185 +ENV AB_JOLOKIA_OFF="" +ENV JAVA_OPTS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +ENV JAVA_APP_JAR="/deployments/quarkus-run.jar" -ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/amazon-sns-quickstart/src/main/docker/Dockerfile.legacy-jar b/amazon-sns-quickstart/src/main/docker/Dockerfile.legacy-jar index f074022cb2..18ba31e311 100644 --- a/amazon-sns-quickstart/src/main/docker/Dockerfile.legacy-jar +++ b/amazon-sns-quickstart/src/main/docker/Dockerfile.legacy-jar @@ -7,45 +7,84 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/amazon-sns-legacy-jar . +# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/amazon-sns-quickstart-legacy-jar . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/amazon-sns-legacy-jar +# docker run -i --rm -p 8080:8080 quarkus/amazon-sns-quickstart-legacy-jar # # If you want to include the debug port into your docker image -# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5005 # # Then run the container using : # -# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/amazon-sns-legacy-jar +# docker run -i --rm -p 8080:8080 quarkus/amazon-sns-quickstart-legacy-jar +# +# This image uses the `run-java.sh` script to run the application. +# This scripts computes the command line to execute your Java application, and +# includes memory/GC tuning. +# You can configure the behavior using the following environment properties: +# - JAVA_OPTS: JVM options passed to the `java` command (example: "-verbose:class") +# - JAVA_OPTS_APPEND: User specified Java options to be appended to generated options +# in JAVA_OPTS (example: "-Dsome.property=foo") +# - JAVA_MAX_MEM_RATIO: Is used when no `-Xmx` option is given in JAVA_OPTS. This is +# used to calculate a default maximal heap memory based on a containers restriction. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xmx` is set to a ratio +# of the container available memory as set here. The default is `50` which means 50% +# of the available memory is used as an upper boundary. You can skip this mechanism by +# setting this value to `0` in which case no `-Xmx` option is added. +# - JAVA_INITIAL_MEM_RATIO: Is used when no `-Xms` option is given in JAVA_OPTS. This +# is used to calculate a default initial heap memory based on the maximum heap memory. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xms` is set to a ratio +# of the `-Xmx` memory as set here. The default is `25` which means 25% of the `-Xmx` +# is used as the initial heap size. You can skip this mechanism by setting this value +# to `0` in which case no `-Xms` option is added (example: "25") +# - JAVA_MAX_INITIAL_MEM: Is used when no `-Xms` option is given in JAVA_OPTS. +# This is used to calculate the maximum value of the initial heap memory. If used in +# a container without any memory constraints for the container then this option has +# no effect. If there is a memory constraint then `-Xms` is limited to the value set +# here. The default is 4096MB which means the calculated value of `-Xms` never will +# be greater than 4096MB. The value of this variable is expressed in MB (example: "4096") +# - JAVA_DIAGNOSTICS: Set this to get some diagnostics information to standard output +# when things are happening. This option, if set to true, will set +# `-XX:+UnlockDiagnosticVMOptions`. Disabled by default (example: "true"). +# - JAVA_DEBUG: If set remote debugging will be switched on. Disabled by default (example: +# true"). +# - JAVA_DEBUG_PORT: Port used for remote debugging. Defaults to 5005 (example: "8787"). +# - CONTAINER_CORE_LIMIT: A calculated core limit as described in +# https://www.kernel.org/doc/Documentation/scheduler/sched-bwc.txt. (example: "2") +# - CONTAINER_MAX_MEMORY: Memory limit given to the container (example: "1024"). +# - GC_MIN_HEAP_FREE_RATIO: Minimum percentage of heap free after GC to avoid expansion. +# (example: "20") +# - GC_MAX_HEAP_FREE_RATIO: Maximum percentage of heap free after GC to avoid shrinking. +# (example: "40") +# - GC_TIME_RATIO: Specifies the ratio of the time spent outside the garbage collection. +# (example: "4") +# - GC_ADAPTIVE_SIZE_POLICY_WEIGHT: The weighting given to the current GC time versus +# previous GC times. (example: "90") +# - GC_METASPACE_SIZE: The initial metaspace size. (example: "20") +# - GC_MAX_METASPACE_SIZE: The maximum metaspace size. (example: "100") +# - GC_CONTAINER_OPTIONS: Specify Java GC to use. The value of this variable should +# contain the necessary JRE command-line options to specify the required GC, which +# will override the default of `-XX:+UseParallelGC` (example: -XX:+UseG1GC). +# - HTTPS_PROXY: The location of the https proxy. (example: "myuser@127.0.0.1:8080") +# - HTTP_PROXY: The location of the http proxy. (example: "myuser@127.0.0.1:8080") +# - NO_PROXY: A comma separated lists of hosts, IP addresses or domains that can be +# accessed directly. (example: "foo.example.com,bar.example.com") # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/openjdk-11:1.14 + +ENV LANGUAGE='en_US:en' -ARG JAVA_PACKAGE=java-11-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.8 -ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' -# Install java and the run-java script -# Also set up permissions for user `1001` -RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ - && microdnf update \ - && microdnf clean all \ - && mkdir /deployments \ - && chown 1001 /deployments \ - && chmod "g+rwX" /deployments \ - && chown 1001:root /deployments \ - && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ - && chown 1001 /deployments/run-java.sh \ - && chmod 540 /deployments/run-java.sh \ - && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security -# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. -ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" COPY target/lib/* /deployments/lib/ -COPY target/*-runner.jar /deployments/app.jar +COPY target/*-runner.jar /deployments/quarkus-run.jar EXPOSE 8080 -USER 1001 - -ENTRYPOINT [ "/deployments/run-java.sh" ] +USER 185 +ENV AB_JOLOKIA_OFF="" +ENV JAVA_OPTS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +ENV JAVA_APP_JAR="/deployments/quarkus-run.jar" diff --git a/amazon-sns-quickstart/src/main/docker/Dockerfile.native b/amazon-sns-quickstart/src/main/docker/Dockerfile.native index 65e904f01c..8cd257bf70 100644 --- a/amazon-sns-quickstart/src/main/docker/Dockerfile.native +++ b/amazon-sns-quickstart/src/main/docker/Dockerfile.native @@ -1,5 +1,5 @@ #### -# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode. # # Before building the container image run: # @@ -7,14 +7,14 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native -t quarkus/amazon-sns . +# docker build -f src/main/docker/Dockerfile.native -t quarkus/amazon-sns-quickstart . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/amazon-sns +# docker run -i --rm -p 8080:8080 quarkus/amazon-sns-quickstart # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.6 WORKDIR /work/ RUN chown 1001 /work \ && chmod "g+rwX" /work \ diff --git a/amazon-sns-quickstart/src/main/docker/Dockerfile.native-micro b/amazon-sns-quickstart/src/main/docker/Dockerfile.native-micro index bee33b2281..15d2a478df 100644 --- a/amazon-sns-quickstart/src/main/docker/Dockerfile.native-micro +++ b/amazon-sns-quickstart/src/main/docker/Dockerfile.native-micro @@ -1,5 +1,8 @@ #### -# This Dockerfile is used in order to build a distroless container that runs the Quarkus application in native (no JVM) mode +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode. +# It uses a micro base image, tuned for Quarkus native executables. +# It reduces the size of the resulting container image. +# Check https://quarkus.io/guides/quarkus-runtime-base-image for further information about this image. # # Before building the container image run: # @@ -7,15 +10,19 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native-micro -t quarkus/amazon-sns . +# docker build -f src/main/docker/Dockerfile.native-micro -t quarkus/amazon-sns-quickstart . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/amazon-sns +# docker run -i --rm -p 8080:8080 quarkus/amazon-sns-quickstart # ### -FROM quay.io/quarkus/quarkus-micro-image:1.0 -COPY target/*-runner /application +FROM quay.io/quarkus/quarkus-micro-image:2.0 +WORKDIR /work/ +RUN chown 1001 /work \ + && chmod "g+rwX" /work \ + && chown 1001:root /work +COPY --chown=1001:root target/*-runner /work/application EXPOSE 8080 USER 1001 diff --git a/amazon-sqs-quickstart/pom.xml b/amazon-sqs-quickstart/pom.xml index 983105738b..9267e65032 100644 --- a/amazon-sqs-quickstart/pom.xml +++ b/amazon-sqs-quickstart/pom.xml @@ -11,7 +11,7 @@ quarkus-bom io.quarkus - 999-SNAPSHOT + 2.14.0.Final 3.0.0-M7 UTF-8 11 diff --git a/amazon-sqs-quickstart/src/main/docker/Dockerfile.jvm b/amazon-sqs-quickstart/src/main/docker/Dockerfile.jvm index 529c797e2b..5cf4438ed6 100644 --- a/amazon-sqs-quickstart/src/main/docker/Dockerfile.jvm +++ b/amazon-sqs-quickstart/src/main/docker/Dockerfile.jvm @@ -7,48 +7,88 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/amazon-sqs-jvm . +# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/amazon-sqs-quickstart-jvm . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/amazon-sqs-jvm +# docker run -i --rm -p 8080:8080 quarkus/amazon-sqs-quickstart-jvm # # If you want to include the debug port into your docker image -# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5005 # # Then run the container using : # -# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/amazon-sqs-jvm +# docker run -i --rm -p 8080:8080 quarkus/amazon-sqs-quickstart-jvm +# +# This image uses the `run-java.sh` script to run the application. +# This scripts computes the command line to execute your Java application, and +# includes memory/GC tuning. +# You can configure the behavior using the following environment properties: +# - JAVA_OPTS: JVM options passed to the `java` command (example: "-verbose:class") +# - JAVA_OPTS_APPEND: User specified Java options to be appended to generated options +# in JAVA_OPTS (example: "-Dsome.property=foo") +# - JAVA_MAX_MEM_RATIO: Is used when no `-Xmx` option is given in JAVA_OPTS. This is +# used to calculate a default maximal heap memory based on a containers restriction. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xmx` is set to a ratio +# of the container available memory as set here. The default is `50` which means 50% +# of the available memory is used as an upper boundary. You can skip this mechanism by +# setting this value to `0` in which case no `-Xmx` option is added. +# - JAVA_INITIAL_MEM_RATIO: Is used when no `-Xms` option is given in JAVA_OPTS. This +# is used to calculate a default initial heap memory based on the maximum heap memory. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xms` is set to a ratio +# of the `-Xmx` memory as set here. The default is `25` which means 25% of the `-Xmx` +# is used as the initial heap size. You can skip this mechanism by setting this value +# to `0` in which case no `-Xms` option is added (example: "25") +# - JAVA_MAX_INITIAL_MEM: Is used when no `-Xms` option is given in JAVA_OPTS. +# This is used to calculate the maximum value of the initial heap memory. If used in +# a container without any memory constraints for the container then this option has +# no effect. If there is a memory constraint then `-Xms` is limited to the value set +# here. The default is 4096MB which means the calculated value of `-Xms` never will +# be greater than 4096MB. The value of this variable is expressed in MB (example: "4096") +# - JAVA_DIAGNOSTICS: Set this to get some diagnostics information to standard output +# when things are happening. This option, if set to true, will set +# `-XX:+UnlockDiagnosticVMOptions`. Disabled by default (example: "true"). +# - JAVA_DEBUG: If set remote debugging will be switched on. Disabled by default (example: +# true"). +# - JAVA_DEBUG_PORT: Port used for remote debugging. Defaults to 5005 (example: "8787"). +# - CONTAINER_CORE_LIMIT: A calculated core limit as described in +# https://www.kernel.org/doc/Documentation/scheduler/sched-bwc.txt. (example: "2") +# - CONTAINER_MAX_MEMORY: Memory limit given to the container (example: "1024"). +# - GC_MIN_HEAP_FREE_RATIO: Minimum percentage of heap free after GC to avoid expansion. +# (example: "20") +# - GC_MAX_HEAP_FREE_RATIO: Maximum percentage of heap free after GC to avoid shrinking. +# (example: "40") +# - GC_TIME_RATIO: Specifies the ratio of the time spent outside the garbage collection. +# (example: "4") +# - GC_ADAPTIVE_SIZE_POLICY_WEIGHT: The weighting given to the current GC time versus +# previous GC times. (example: "90") +# - GC_METASPACE_SIZE: The initial metaspace size. (example: "20") +# - GC_MAX_METASPACE_SIZE: The maximum metaspace size. (example: "100") +# - GC_CONTAINER_OPTIONS: Specify Java GC to use. The value of this variable should +# contain the necessary JRE command-line options to specify the required GC, which +# will override the default of `-XX:+UseParallelGC` (example: -XX:+UseG1GC). +# - HTTPS_PROXY: The location of the https proxy. (example: "myuser@127.0.0.1:8080") +# - HTTP_PROXY: The location of the http proxy. (example: "myuser@127.0.0.1:8080") +# - NO_PROXY: A comma separated lists of hosts, IP addresses or domains that can be +# accessed directly. (example: "foo.example.com,bar.example.com") # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/openjdk-11:1.14 + +ENV LANGUAGE='en_US:en' -ARG JAVA_PACKAGE=java-11-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.8 -ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' -# Install java and the run-java script -# Also set up permissions for user `1001` -RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ - && microdnf update \ - && microdnf clean all \ - && mkdir /deployments \ - && chown 1001 /deployments \ - && chmod "g+rwX" /deployments \ - && chown 1001:root /deployments \ - && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ - && chown 1001 /deployments/run-java.sh \ - && chmod 540 /deployments/run-java.sh \ - && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security -# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. -ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" # We make four distinct layers so if there are application changes the library layers can be re-used -COPY --chown=1001 target/quarkus-app/lib/ /deployments/lib/ -COPY --chown=1001 target/quarkus-app/*.jar /deployments/ -COPY --chown=1001 target/quarkus-app/app/ /deployments/app/ -COPY --chown=1001 target/quarkus-app/quarkus/ /deployments/quarkus/ +COPY --chown=185 target/quarkus-app/lib/ /deployments/lib/ +COPY --chown=185 target/quarkus-app/*.jar /deployments/ +COPY --chown=185 target/quarkus-app/app/ /deployments/app/ +COPY --chown=185 target/quarkus-app/quarkus/ /deployments/quarkus/ EXPOSE 8080 -USER 1001 +USER 185 +ENV AB_JOLOKIA_OFF="" +ENV JAVA_OPTS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +ENV JAVA_APP_JAR="/deployments/quarkus-run.jar" -ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/amazon-sqs-quickstart/src/main/docker/Dockerfile.legacy-jar b/amazon-sqs-quickstart/src/main/docker/Dockerfile.legacy-jar index 621dcfdfb7..ffbf695414 100644 --- a/amazon-sqs-quickstart/src/main/docker/Dockerfile.legacy-jar +++ b/amazon-sqs-quickstart/src/main/docker/Dockerfile.legacy-jar @@ -7,45 +7,84 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/amazon-sqs-legacy-jar . +# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/amazon-sqs-quickstart-legacy-jar . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/amazon-sqs-legacy-jar +# docker run -i --rm -p 8080:8080 quarkus/amazon-sqs-quickstart-legacy-jar # # If you want to include the debug port into your docker image -# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5005 # # Then run the container using : # -# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/amazon-sqs-legacy-jar +# docker run -i --rm -p 8080:8080 quarkus/amazon-sqs-quickstart-legacy-jar +# +# This image uses the `run-java.sh` script to run the application. +# This scripts computes the command line to execute your Java application, and +# includes memory/GC tuning. +# You can configure the behavior using the following environment properties: +# - JAVA_OPTS: JVM options passed to the `java` command (example: "-verbose:class") +# - JAVA_OPTS_APPEND: User specified Java options to be appended to generated options +# in JAVA_OPTS (example: "-Dsome.property=foo") +# - JAVA_MAX_MEM_RATIO: Is used when no `-Xmx` option is given in JAVA_OPTS. This is +# used to calculate a default maximal heap memory based on a containers restriction. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xmx` is set to a ratio +# of the container available memory as set here. The default is `50` which means 50% +# of the available memory is used as an upper boundary. You can skip this mechanism by +# setting this value to `0` in which case no `-Xmx` option is added. +# - JAVA_INITIAL_MEM_RATIO: Is used when no `-Xms` option is given in JAVA_OPTS. This +# is used to calculate a default initial heap memory based on the maximum heap memory. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xms` is set to a ratio +# of the `-Xmx` memory as set here. The default is `25` which means 25% of the `-Xmx` +# is used as the initial heap size. You can skip this mechanism by setting this value +# to `0` in which case no `-Xms` option is added (example: "25") +# - JAVA_MAX_INITIAL_MEM: Is used when no `-Xms` option is given in JAVA_OPTS. +# This is used to calculate the maximum value of the initial heap memory. If used in +# a container without any memory constraints for the container then this option has +# no effect. If there is a memory constraint then `-Xms` is limited to the value set +# here. The default is 4096MB which means the calculated value of `-Xms` never will +# be greater than 4096MB. The value of this variable is expressed in MB (example: "4096") +# - JAVA_DIAGNOSTICS: Set this to get some diagnostics information to standard output +# when things are happening. This option, if set to true, will set +# `-XX:+UnlockDiagnosticVMOptions`. Disabled by default (example: "true"). +# - JAVA_DEBUG: If set remote debugging will be switched on. Disabled by default (example: +# true"). +# - JAVA_DEBUG_PORT: Port used for remote debugging. Defaults to 5005 (example: "8787"). +# - CONTAINER_CORE_LIMIT: A calculated core limit as described in +# https://www.kernel.org/doc/Documentation/scheduler/sched-bwc.txt. (example: "2") +# - CONTAINER_MAX_MEMORY: Memory limit given to the container (example: "1024"). +# - GC_MIN_HEAP_FREE_RATIO: Minimum percentage of heap free after GC to avoid expansion. +# (example: "20") +# - GC_MAX_HEAP_FREE_RATIO: Maximum percentage of heap free after GC to avoid shrinking. +# (example: "40") +# - GC_TIME_RATIO: Specifies the ratio of the time spent outside the garbage collection. +# (example: "4") +# - GC_ADAPTIVE_SIZE_POLICY_WEIGHT: The weighting given to the current GC time versus +# previous GC times. (example: "90") +# - GC_METASPACE_SIZE: The initial metaspace size. (example: "20") +# - GC_MAX_METASPACE_SIZE: The maximum metaspace size. (example: "100") +# - GC_CONTAINER_OPTIONS: Specify Java GC to use. The value of this variable should +# contain the necessary JRE command-line options to specify the required GC, which +# will override the default of `-XX:+UseParallelGC` (example: -XX:+UseG1GC). +# - HTTPS_PROXY: The location of the https proxy. (example: "myuser@127.0.0.1:8080") +# - HTTP_PROXY: The location of the http proxy. (example: "myuser@127.0.0.1:8080") +# - NO_PROXY: A comma separated lists of hosts, IP addresses or domains that can be +# accessed directly. (example: "foo.example.com,bar.example.com") # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/openjdk-11:1.14 + +ENV LANGUAGE='en_US:en' -ARG JAVA_PACKAGE=java-11-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.8 -ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' -# Install java and the run-java script -# Also set up permissions for user `1001` -RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ - && microdnf update \ - && microdnf clean all \ - && mkdir /deployments \ - && chown 1001 /deployments \ - && chmod "g+rwX" /deployments \ - && chown 1001:root /deployments \ - && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ - && chown 1001 /deployments/run-java.sh \ - && chmod 540 /deployments/run-java.sh \ - && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security -# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. -ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" COPY target/lib/* /deployments/lib/ -COPY target/*-runner.jar /deployments/app.jar +COPY target/*-runner.jar /deployments/quarkus-run.jar EXPOSE 8080 -USER 1001 - -ENTRYPOINT [ "/deployments/run-java.sh" ] +USER 185 +ENV AB_JOLOKIA_OFF="" +ENV JAVA_OPTS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +ENV JAVA_APP_JAR="/deployments/quarkus-run.jar" diff --git a/amazon-sqs-quickstart/src/main/docker/Dockerfile.native b/amazon-sqs-quickstart/src/main/docker/Dockerfile.native index c17154ed79..9959888da7 100644 --- a/amazon-sqs-quickstart/src/main/docker/Dockerfile.native +++ b/amazon-sqs-quickstart/src/main/docker/Dockerfile.native @@ -1,5 +1,5 @@ #### -# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode. # # Before building the container image run: # @@ -7,14 +7,14 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native -t quarkus/amazon-sqs . +# docker build -f src/main/docker/Dockerfile.native -t quarkus/amazon-sqs-quickstart . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/amazon-sqs +# docker run -i --rm -p 8080:8080 quarkus/amazon-sqs-quickstart # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.6 WORKDIR /work/ RUN chown 1001 /work \ && chmod "g+rwX" /work \ diff --git a/amazon-sqs-quickstart/src/main/docker/Dockerfile.native-micro b/amazon-sqs-quickstart/src/main/docker/Dockerfile.native-micro index 8794e2dfb0..dedad8a168 100644 --- a/amazon-sqs-quickstart/src/main/docker/Dockerfile.native-micro +++ b/amazon-sqs-quickstart/src/main/docker/Dockerfile.native-micro @@ -1,5 +1,8 @@ #### -# This Dockerfile is used in order to build a distroless container that runs the Quarkus application in native (no JVM) mode +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode. +# It uses a micro base image, tuned for Quarkus native executables. +# It reduces the size of the resulting container image. +# Check https://quarkus.io/guides/quarkus-runtime-base-image for further information about this image. # # Before building the container image run: # @@ -7,15 +10,19 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native-micro -t quarkus/amazon-sqs . +# docker build -f src/main/docker/Dockerfile.native-micro -t quarkus/amazon-sqs-quickstart . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/amazon-sqs +# docker run -i --rm -p 8080:8080 quarkus/amazon-sqs-quickstart # ### -FROM quay.io/quarkus/quarkus-micro-image:1.0 -COPY target/*-runner /application +FROM quay.io/quarkus/quarkus-micro-image:2.0 +WORKDIR /work/ +RUN chown 1001 /work \ + && chmod "g+rwX" /work \ + && chown 1001:root /work +COPY --chown=1001:root target/*-runner /work/application EXPOSE 8080 USER 1001 diff --git a/amazon-ssm-quickstart/pom.xml b/amazon-ssm-quickstart/pom.xml index 22afd495ea..a3fd354f62 100644 --- a/amazon-ssm-quickstart/pom.xml +++ b/amazon-ssm-quickstart/pom.xml @@ -11,7 +11,7 @@ quarkus-bom io.quarkus - 999-SNAPSHOT + 2.14.0.Final 3.0.0-M7 UTF-8 11 diff --git a/amazon-ssm-quickstart/src/main/docker/Dockerfile.jvm b/amazon-ssm-quickstart/src/main/docker/Dockerfile.jvm index 5d11c9694b..8cdd3e4460 100644 --- a/amazon-ssm-quickstart/src/main/docker/Dockerfile.jvm +++ b/amazon-ssm-quickstart/src/main/docker/Dockerfile.jvm @@ -7,48 +7,88 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/amazon-ssm-jvm . +# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/amazon-ssm-quickstart-jvm . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/amazon-ssm-jvm +# docker run -i --rm -p 8080:8080 quarkus/amazon-ssm-quickstart-jvm # # If you want to include the debug port into your docker image -# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5005 # # Then run the container using : # -# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/amazon-ssm-jvm +# docker run -i --rm -p 8080:8080 quarkus/amazon-ssm-quickstart-jvm +# +# This image uses the `run-java.sh` script to run the application. +# This scripts computes the command line to execute your Java application, and +# includes memory/GC tuning. +# You can configure the behavior using the following environment properties: +# - JAVA_OPTS: JVM options passed to the `java` command (example: "-verbose:class") +# - JAVA_OPTS_APPEND: User specified Java options to be appended to generated options +# in JAVA_OPTS (example: "-Dsome.property=foo") +# - JAVA_MAX_MEM_RATIO: Is used when no `-Xmx` option is given in JAVA_OPTS. This is +# used to calculate a default maximal heap memory based on a containers restriction. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xmx` is set to a ratio +# of the container available memory as set here. The default is `50` which means 50% +# of the available memory is used as an upper boundary. You can skip this mechanism by +# setting this value to `0` in which case no `-Xmx` option is added. +# - JAVA_INITIAL_MEM_RATIO: Is used when no `-Xms` option is given in JAVA_OPTS. This +# is used to calculate a default initial heap memory based on the maximum heap memory. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xms` is set to a ratio +# of the `-Xmx` memory as set here. The default is `25` which means 25% of the `-Xmx` +# is used as the initial heap size. You can skip this mechanism by setting this value +# to `0` in which case no `-Xms` option is added (example: "25") +# - JAVA_MAX_INITIAL_MEM: Is used when no `-Xms` option is given in JAVA_OPTS. +# This is used to calculate the maximum value of the initial heap memory. If used in +# a container without any memory constraints for the container then this option has +# no effect. If there is a memory constraint then `-Xms` is limited to the value set +# here. The default is 4096MB which means the calculated value of `-Xms` never will +# be greater than 4096MB. The value of this variable is expressed in MB (example: "4096") +# - JAVA_DIAGNOSTICS: Set this to get some diagnostics information to standard output +# when things are happening. This option, if set to true, will set +# `-XX:+UnlockDiagnosticVMOptions`. Disabled by default (example: "true"). +# - JAVA_DEBUG: If set remote debugging will be switched on. Disabled by default (example: +# true"). +# - JAVA_DEBUG_PORT: Port used for remote debugging. Defaults to 5005 (example: "8787"). +# - CONTAINER_CORE_LIMIT: A calculated core limit as described in +# https://www.kernel.org/doc/Documentation/scheduler/sched-bwc.txt. (example: "2") +# - CONTAINER_MAX_MEMORY: Memory limit given to the container (example: "1024"). +# - GC_MIN_HEAP_FREE_RATIO: Minimum percentage of heap free after GC to avoid expansion. +# (example: "20") +# - GC_MAX_HEAP_FREE_RATIO: Maximum percentage of heap free after GC to avoid shrinking. +# (example: "40") +# - GC_TIME_RATIO: Specifies the ratio of the time spent outside the garbage collection. +# (example: "4") +# - GC_ADAPTIVE_SIZE_POLICY_WEIGHT: The weighting given to the current GC time versus +# previous GC times. (example: "90") +# - GC_METASPACE_SIZE: The initial metaspace size. (example: "20") +# - GC_MAX_METASPACE_SIZE: The maximum metaspace size. (example: "100") +# - GC_CONTAINER_OPTIONS: Specify Java GC to use. The value of this variable should +# contain the necessary JRE command-line options to specify the required GC, which +# will override the default of `-XX:+UseParallelGC` (example: -XX:+UseG1GC). +# - HTTPS_PROXY: The location of the https proxy. (example: "myuser@127.0.0.1:8080") +# - HTTP_PROXY: The location of the http proxy. (example: "myuser@127.0.0.1:8080") +# - NO_PROXY: A comma separated lists of hosts, IP addresses or domains that can be +# accessed directly. (example: "foo.example.com,bar.example.com") # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/openjdk-11:1.14 + +ENV LANGUAGE='en_US:en' -ARG JAVA_PACKAGE=java-11-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.8 -ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' -# Install java and the run-java script -# Also set up permissions for user `1001` -RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ - && microdnf update \ - && microdnf clean all \ - && mkdir /deployments \ - && chown 1001 /deployments \ - && chmod "g+rwX" /deployments \ - && chown 1001:root /deployments \ - && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ - && chown 1001 /deployments/run-java.sh \ - && chmod 540 /deployments/run-java.sh \ - && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security -# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. -ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" # We make four distinct layers so if there are application changes the library layers can be re-used -COPY --chown=1001 target/quarkus-app/lib/ /deployments/lib/ -COPY --chown=1001 target/quarkus-app/*.jar /deployments/ -COPY --chown=1001 target/quarkus-app/app/ /deployments/app/ -COPY --chown=1001 target/quarkus-app/quarkus/ /deployments/quarkus/ +COPY --chown=185 target/quarkus-app/lib/ /deployments/lib/ +COPY --chown=185 target/quarkus-app/*.jar /deployments/ +COPY --chown=185 target/quarkus-app/app/ /deployments/app/ +COPY --chown=185 target/quarkus-app/quarkus/ /deployments/quarkus/ EXPOSE 8080 -USER 1001 +USER 185 +ENV AB_JOLOKIA_OFF="" +ENV JAVA_OPTS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +ENV JAVA_APP_JAR="/deployments/quarkus-run.jar" -ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/amazon-ssm-quickstart/src/main/docker/Dockerfile.legacy-jar b/amazon-ssm-quickstart/src/main/docker/Dockerfile.legacy-jar index 918f91ebbb..0e60fa404b 100644 --- a/amazon-ssm-quickstart/src/main/docker/Dockerfile.legacy-jar +++ b/amazon-ssm-quickstart/src/main/docker/Dockerfile.legacy-jar @@ -7,45 +7,84 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/amazon--legacy-jar . +# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/amazon-ssm-quickstart-legacy-jar . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/amazon--legacy-jar +# docker run -i --rm -p 8080:8080 quarkus/amazon-ssm-quickstart-legacy-jar # # If you want to include the debug port into your docker image -# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5005 # # Then run the container using : # -# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/amazon--legacy-jar +# docker run -i --rm -p 8080:8080 quarkus/amazon-ssm-quickstart-legacy-jar +# +# This image uses the `run-java.sh` script to run the application. +# This scripts computes the command line to execute your Java application, and +# includes memory/GC tuning. +# You can configure the behavior using the following environment properties: +# - JAVA_OPTS: JVM options passed to the `java` command (example: "-verbose:class") +# - JAVA_OPTS_APPEND: User specified Java options to be appended to generated options +# in JAVA_OPTS (example: "-Dsome.property=foo") +# - JAVA_MAX_MEM_RATIO: Is used when no `-Xmx` option is given in JAVA_OPTS. This is +# used to calculate a default maximal heap memory based on a containers restriction. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xmx` is set to a ratio +# of the container available memory as set here. The default is `50` which means 50% +# of the available memory is used as an upper boundary. You can skip this mechanism by +# setting this value to `0` in which case no `-Xmx` option is added. +# - JAVA_INITIAL_MEM_RATIO: Is used when no `-Xms` option is given in JAVA_OPTS. This +# is used to calculate a default initial heap memory based on the maximum heap memory. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xms` is set to a ratio +# of the `-Xmx` memory as set here. The default is `25` which means 25% of the `-Xmx` +# is used as the initial heap size. You can skip this mechanism by setting this value +# to `0` in which case no `-Xms` option is added (example: "25") +# - JAVA_MAX_INITIAL_MEM: Is used when no `-Xms` option is given in JAVA_OPTS. +# This is used to calculate the maximum value of the initial heap memory. If used in +# a container without any memory constraints for the container then this option has +# no effect. If there is a memory constraint then `-Xms` is limited to the value set +# here. The default is 4096MB which means the calculated value of `-Xms` never will +# be greater than 4096MB. The value of this variable is expressed in MB (example: "4096") +# - JAVA_DIAGNOSTICS: Set this to get some diagnostics information to standard output +# when things are happening. This option, if set to true, will set +# `-XX:+UnlockDiagnosticVMOptions`. Disabled by default (example: "true"). +# - JAVA_DEBUG: If set remote debugging will be switched on. Disabled by default (example: +# true"). +# - JAVA_DEBUG_PORT: Port used for remote debugging. Defaults to 5005 (example: "8787"). +# - CONTAINER_CORE_LIMIT: A calculated core limit as described in +# https://www.kernel.org/doc/Documentation/scheduler/sched-bwc.txt. (example: "2") +# - CONTAINER_MAX_MEMORY: Memory limit given to the container (example: "1024"). +# - GC_MIN_HEAP_FREE_RATIO: Minimum percentage of heap free after GC to avoid expansion. +# (example: "20") +# - GC_MAX_HEAP_FREE_RATIO: Maximum percentage of heap free after GC to avoid shrinking. +# (example: "40") +# - GC_TIME_RATIO: Specifies the ratio of the time spent outside the garbage collection. +# (example: "4") +# - GC_ADAPTIVE_SIZE_POLICY_WEIGHT: The weighting given to the current GC time versus +# previous GC times. (example: "90") +# - GC_METASPACE_SIZE: The initial metaspace size. (example: "20") +# - GC_MAX_METASPACE_SIZE: The maximum metaspace size. (example: "100") +# - GC_CONTAINER_OPTIONS: Specify Java GC to use. The value of this variable should +# contain the necessary JRE command-line options to specify the required GC, which +# will override the default of `-XX:+UseParallelGC` (example: -XX:+UseG1GC). +# - HTTPS_PROXY: The location of the https proxy. (example: "myuser@127.0.0.1:8080") +# - HTTP_PROXY: The location of the http proxy. (example: "myuser@127.0.0.1:8080") +# - NO_PROXY: A comma separated lists of hosts, IP addresses or domains that can be +# accessed directly. (example: "foo.example.com,bar.example.com") # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/openjdk-11:1.14 + +ENV LANGUAGE='en_US:en' -ARG JAVA_PACKAGE=java-11-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.8 -ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' -# Install java and the run-java script -# Also set up permissions for user `1001` -RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ - && microdnf update \ - && microdnf clean all \ - && mkdir /deployments \ - && chown 1001 /deployments \ - && chmod "g+rwX" /deployments \ - && chown 1001:root /deployments \ - && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ - && chown 1001 /deployments/run-java.sh \ - && chmod 540 /deployments/run-java.sh \ - && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security -# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. -ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" COPY target/lib/* /deployments/lib/ -COPY target/*-runner.jar /deployments/app.jar +COPY target/*-runner.jar /deployments/quarkus-run.jar EXPOSE 8080 -USER 1001 - -ENTRYPOINT [ "/deployments/run-java.sh" ] +USER 185 +ENV AB_JOLOKIA_OFF="" +ENV JAVA_OPTS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +ENV JAVA_APP_JAR="/deployments/quarkus-run.jar" diff --git a/amazon-ssm-quickstart/src/main/docker/Dockerfile.native b/amazon-ssm-quickstart/src/main/docker/Dockerfile.native index 5a5790ec9b..ed1a8b0eca 100644 --- a/amazon-ssm-quickstart/src/main/docker/Dockerfile.native +++ b/amazon-ssm-quickstart/src/main/docker/Dockerfile.native @@ -1,5 +1,5 @@ #### -# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode. # # Before building the container image run: # @@ -7,14 +7,14 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native -t quarkus/amazon-ssm . +# docker build -f src/main/docker/Dockerfile.native -t quarkus/amazon-ssm-quickstart . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/amazon-ssm +# docker run -i --rm -p 8080:8080 quarkus/amazon-ssm-quickstart # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.6 WORKDIR /work/ RUN chown 1001 /work \ && chmod "g+rwX" /work \ diff --git a/amazon-ssm-quickstart/src/main/docker/Dockerfile.native-micro b/amazon-ssm-quickstart/src/main/docker/Dockerfile.native-micro index 539b034e45..c2759615d1 100644 --- a/amazon-ssm-quickstart/src/main/docker/Dockerfile.native-micro +++ b/amazon-ssm-quickstart/src/main/docker/Dockerfile.native-micro @@ -1,5 +1,8 @@ #### -# This Dockerfile is used in order to build a distroless container that runs the Quarkus application in native (no JVM) mode +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode. +# It uses a micro base image, tuned for Quarkus native executables. +# It reduces the size of the resulting container image. +# Check https://quarkus.io/guides/quarkus-runtime-base-image for further information about this image. # # Before building the container image run: # @@ -7,15 +10,19 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native-micro -t quarkus/amazon-ssm . +# docker build -f src/main/docker/Dockerfile.native-micro -t quarkus/amazon-ssm-quickstart . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/amazon-ssm +# docker run -i --rm -p 8080:8080 quarkus/amazon-ssm-quickstart # ### -FROM quay.io/quarkus/quarkus-micro-image:1.0 -COPY target/*-runner /application +FROM quay.io/quarkus/quarkus-micro-image:2.0 +WORKDIR /work/ +RUN chown 1001 /work \ + && chmod "g+rwX" /work \ + && chown 1001:root /work +COPY --chown=1001:root target/*-runner /work/application EXPOSE 8080 USER 1001 diff --git a/amqp-quickstart/amqp-quickstart-processor/pom.xml b/amqp-quickstart/amqp-quickstart-processor/pom.xml index d602de4cb6..24a2430785 100644 --- a/amqp-quickstart/amqp-quickstart-processor/pom.xml +++ b/amqp-quickstart/amqp-quickstart-processor/pom.xml @@ -14,7 +14,7 @@ UTF-8 quarkus-bom io.quarkus - 999-SNAPSHOT + 2.14.0.Final 3.0.0-M7 diff --git a/amqp-quickstart/amqp-quickstart-producer/pom.xml b/amqp-quickstart/amqp-quickstart-producer/pom.xml index c99472ad56..2adc47885a 100644 --- a/amqp-quickstart/amqp-quickstart-producer/pom.xml +++ b/amqp-quickstart/amqp-quickstart-producer/pom.xml @@ -14,7 +14,7 @@ UTF-8 quarkus-bom io.quarkus - 999-SNAPSHOT + 2.14.0.Final 3.0.0-M7 diff --git a/awt-graphics-rest-quickstart/pom.xml b/awt-graphics-rest-quickstart/pom.xml index 3b735e3bc4..8b232d9bc8 100644 --- a/awt-graphics-rest-quickstart/pom.xml +++ b/awt-graphics-rest-quickstart/pom.xml @@ -10,7 +10,7 @@ quarkus-bom io.quarkus - 999-SNAPSHOT + 2.14.0.Final 3.8.1 3.0.0-M7 UTF-8 diff --git a/awt-graphics-rest-quickstart/src/main/docker/Dockerfile.jvm b/awt-graphics-rest-quickstart/src/main/docker/Dockerfile.jvm index d331125d1d..7c842f6ab3 100644 --- a/awt-graphics-rest-quickstart/src/main/docker/Dockerfile.jvm +++ b/awt-graphics-rest-quickstart/src/main/docker/Dockerfile.jvm @@ -7,48 +7,88 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/awt-graphics-rest-jvm . +# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/awt-graphics-rest-quickstart-jvm . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/awt-graphics-rest-jvm +# docker run -i --rm -p 8080:8080 quarkus/awt-graphics-rest-quickstart-jvm # # If you want to include the debug port into your docker image -# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5005 # # Then run the container using : # -# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/awt-graphics-rest-jvm +# docker run -i --rm -p 8080:8080 quarkus/awt-graphics-rest-quickstart-jvm +# +# This image uses the `run-java.sh` script to run the application. +# This scripts computes the command line to execute your Java application, and +# includes memory/GC tuning. +# You can configure the behavior using the following environment properties: +# - JAVA_OPTS: JVM options passed to the `java` command (example: "-verbose:class") +# - JAVA_OPTS_APPEND: User specified Java options to be appended to generated options +# in JAVA_OPTS (example: "-Dsome.property=foo") +# - JAVA_MAX_MEM_RATIO: Is used when no `-Xmx` option is given in JAVA_OPTS. This is +# used to calculate a default maximal heap memory based on a containers restriction. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xmx` is set to a ratio +# of the container available memory as set here. The default is `50` which means 50% +# of the available memory is used as an upper boundary. You can skip this mechanism by +# setting this value to `0` in which case no `-Xmx` option is added. +# - JAVA_INITIAL_MEM_RATIO: Is used when no `-Xms` option is given in JAVA_OPTS. This +# is used to calculate a default initial heap memory based on the maximum heap memory. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xms` is set to a ratio +# of the `-Xmx` memory as set here. The default is `25` which means 25% of the `-Xmx` +# is used as the initial heap size. You can skip this mechanism by setting this value +# to `0` in which case no `-Xms` option is added (example: "25") +# - JAVA_MAX_INITIAL_MEM: Is used when no `-Xms` option is given in JAVA_OPTS. +# This is used to calculate the maximum value of the initial heap memory. If used in +# a container without any memory constraints for the container then this option has +# no effect. If there is a memory constraint then `-Xms` is limited to the value set +# here. The default is 4096MB which means the calculated value of `-Xms` never will +# be greater than 4096MB. The value of this variable is expressed in MB (example: "4096") +# - JAVA_DIAGNOSTICS: Set this to get some diagnostics information to standard output +# when things are happening. This option, if set to true, will set +# `-XX:+UnlockDiagnosticVMOptions`. Disabled by default (example: "true"). +# - JAVA_DEBUG: If set remote debugging will be switched on. Disabled by default (example: +# true"). +# - JAVA_DEBUG_PORT: Port used for remote debugging. Defaults to 5005 (example: "8787"). +# - CONTAINER_CORE_LIMIT: A calculated core limit as described in +# https://www.kernel.org/doc/Documentation/scheduler/sched-bwc.txt. (example: "2") +# - CONTAINER_MAX_MEMORY: Memory limit given to the container (example: "1024"). +# - GC_MIN_HEAP_FREE_RATIO: Minimum percentage of heap free after GC to avoid expansion. +# (example: "20") +# - GC_MAX_HEAP_FREE_RATIO: Maximum percentage of heap free after GC to avoid shrinking. +# (example: "40") +# - GC_TIME_RATIO: Specifies the ratio of the time spent outside the garbage collection. +# (example: "4") +# - GC_ADAPTIVE_SIZE_POLICY_WEIGHT: The weighting given to the current GC time versus +# previous GC times. (example: "90") +# - GC_METASPACE_SIZE: The initial metaspace size. (example: "20") +# - GC_MAX_METASPACE_SIZE: The maximum metaspace size. (example: "100") +# - GC_CONTAINER_OPTIONS: Specify Java GC to use. The value of this variable should +# contain the necessary JRE command-line options to specify the required GC, which +# will override the default of `-XX:+UseParallelGC` (example: -XX:+UseG1GC). +# - HTTPS_PROXY: The location of the https proxy. (example: "myuser@127.0.0.1:8080") +# - HTTP_PROXY: The location of the http proxy. (example: "myuser@127.0.0.1:8080") +# - NO_PROXY: A comma separated lists of hosts, IP addresses or domains that can be +# accessed directly. (example: "foo.example.com,bar.example.com") # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.4 +FROM registry.access.redhat.com/ubi8/openjdk-11:1.14 + +ENV LANGUAGE='en_US:en' -ARG JAVA_PACKAGE=java-11-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.8 -ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' -# Install java and the run-java script -# Also set up permissions for user `1001` -RUN microdnf install fontconfig curl ca-certificates ${JAVA_PACKAGE} \ - && microdnf update \ - && microdnf clean all \ - && mkdir /deployments \ - && chown 1001 /deployments \ - && chmod "g+rwX" /deployments \ - && chown 1001:root /deployments \ - && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ - && chown 1001 /deployments/run-java.sh \ - && chmod 540 /deployments/run-java.sh \ - && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security -# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. -ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" # We make four distinct layers so if there are application changes the library layers can be re-used -COPY --chown=1001 target/quarkus-app/lib/ /deployments/lib/ -COPY --chown=1001 target/quarkus-app/*.jar /deployments/ -COPY --chown=1001 target/quarkus-app/app/ /deployments/app/ -COPY --chown=1001 target/quarkus-app/quarkus/ /deployments/quarkus/ +COPY --chown=185 target/quarkus-app/lib/ /deployments/lib/ +COPY --chown=185 target/quarkus-app/*.jar /deployments/ +COPY --chown=185 target/quarkus-app/app/ /deployments/app/ +COPY --chown=185 target/quarkus-app/quarkus/ /deployments/quarkus/ EXPOSE 8080 -USER 1001 +USER 185 +ENV AB_JOLOKIA_OFF="" +ENV JAVA_OPTS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +ENV JAVA_APP_JAR="/deployments/quarkus-run.jar" -ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/awt-graphics-rest-quickstart/src/main/docker/Dockerfile.legacy-jar b/awt-graphics-rest-quickstart/src/main/docker/Dockerfile.legacy-jar index c8d30842d8..8db9c12e77 100644 --- a/awt-graphics-rest-quickstart/src/main/docker/Dockerfile.legacy-jar +++ b/awt-graphics-rest-quickstart/src/main/docker/Dockerfile.legacy-jar @@ -7,45 +7,84 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/awt-graphics-rest-jar . +# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/awt-graphics-rest-quickstart-legacy-jar . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/awt-graphics-rest-jar +# docker run -i --rm -p 8080:8080 quarkus/awt-graphics-rest-quickstart-legacy-jar # # If you want to include the debug port into your docker image -# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5005 # # Then run the container using : # -# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/awt-graphics-rest-jar +# docker run -i --rm -p 8080:8080 quarkus/awt-graphics-rest-quickstart-legacy-jar +# +# This image uses the `run-java.sh` script to run the application. +# This scripts computes the command line to execute your Java application, and +# includes memory/GC tuning. +# You can configure the behavior using the following environment properties: +# - JAVA_OPTS: JVM options passed to the `java` command (example: "-verbose:class") +# - JAVA_OPTS_APPEND: User specified Java options to be appended to generated options +# in JAVA_OPTS (example: "-Dsome.property=foo") +# - JAVA_MAX_MEM_RATIO: Is used when no `-Xmx` option is given in JAVA_OPTS. This is +# used to calculate a default maximal heap memory based on a containers restriction. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xmx` is set to a ratio +# of the container available memory as set here. The default is `50` which means 50% +# of the available memory is used as an upper boundary. You can skip this mechanism by +# setting this value to `0` in which case no `-Xmx` option is added. +# - JAVA_INITIAL_MEM_RATIO: Is used when no `-Xms` option is given in JAVA_OPTS. This +# is used to calculate a default initial heap memory based on the maximum heap memory. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xms` is set to a ratio +# of the `-Xmx` memory as set here. The default is `25` which means 25% of the `-Xmx` +# is used as the initial heap size. You can skip this mechanism by setting this value +# to `0` in which case no `-Xms` option is added (example: "25") +# - JAVA_MAX_INITIAL_MEM: Is used when no `-Xms` option is given in JAVA_OPTS. +# This is used to calculate the maximum value of the initial heap memory. If used in +# a container without any memory constraints for the container then this option has +# no effect. If there is a memory constraint then `-Xms` is limited to the value set +# here. The default is 4096MB which means the calculated value of `-Xms` never will +# be greater than 4096MB. The value of this variable is expressed in MB (example: "4096") +# - JAVA_DIAGNOSTICS: Set this to get some diagnostics information to standard output +# when things are happening. This option, if set to true, will set +# `-XX:+UnlockDiagnosticVMOptions`. Disabled by default (example: "true"). +# - JAVA_DEBUG: If set remote debugging will be switched on. Disabled by default (example: +# true"). +# - JAVA_DEBUG_PORT: Port used for remote debugging. Defaults to 5005 (example: "8787"). +# - CONTAINER_CORE_LIMIT: A calculated core limit as described in +# https://www.kernel.org/doc/Documentation/scheduler/sched-bwc.txt. (example: "2") +# - CONTAINER_MAX_MEMORY: Memory limit given to the container (example: "1024"). +# - GC_MIN_HEAP_FREE_RATIO: Minimum percentage of heap free after GC to avoid expansion. +# (example: "20") +# - GC_MAX_HEAP_FREE_RATIO: Maximum percentage of heap free after GC to avoid shrinking. +# (example: "40") +# - GC_TIME_RATIO: Specifies the ratio of the time spent outside the garbage collection. +# (example: "4") +# - GC_ADAPTIVE_SIZE_POLICY_WEIGHT: The weighting given to the current GC time versus +# previous GC times. (example: "90") +# - GC_METASPACE_SIZE: The initial metaspace size. (example: "20") +# - GC_MAX_METASPACE_SIZE: The maximum metaspace size. (example: "100") +# - GC_CONTAINER_OPTIONS: Specify Java GC to use. The value of this variable should +# contain the necessary JRE command-line options to specify the required GC, which +# will override the default of `-XX:+UseParallelGC` (example: -XX:+UseG1GC). +# - HTTPS_PROXY: The location of the https proxy. (example: "myuser@127.0.0.1:8080") +# - HTTP_PROXY: The location of the http proxy. (example: "myuser@127.0.0.1:8080") +# - NO_PROXY: A comma separated lists of hosts, IP addresses or domains that can be +# accessed directly. (example: "foo.example.com,bar.example.com") # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/openjdk-11:1.14 + +ENV LANGUAGE='en_US:en' -ARG JAVA_PACKAGE=java-11-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.8 -ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' -# Install java and the run-java script -# Also set up permissions for user `1001` -RUN microdnf install fontconfig curl ca-certificates ${JAVA_PACKAGE} \ - && microdnf update \ - && microdnf clean all \ - && mkdir /deployments \ - && chown 1001 /deployments \ - && chmod "g+rwX" /deployments \ - && chown 1001:root /deployments \ - && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ - && chown 1001 /deployments/run-java.sh \ - && chmod 540 /deployments/run-java.sh \ - && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security -# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. -ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" COPY target/lib/* /deployments/lib/ -COPY target/*-runner.jar /deployments/app.jar +COPY target/*-runner.jar /deployments/quarkus-run.jar EXPOSE 8080 -USER 1001 - -ENTRYPOINT [ "/deployments/run-java.sh" ] +USER 185 +ENV AB_JOLOKIA_OFF="" +ENV JAVA_OPTS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +ENV JAVA_APP_JAR="/deployments/quarkus-run.jar" diff --git a/awt-graphics-rest-quickstart/src/main/docker/Dockerfile.native b/awt-graphics-rest-quickstart/src/main/docker/Dockerfile.native index 06d32777ed..065937c7f1 100644 --- a/awt-graphics-rest-quickstart/src/main/docker/Dockerfile.native +++ b/awt-graphics-rest-quickstart/src/main/docker/Dockerfile.native @@ -1,28 +1,20 @@ #### -# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode. # # Before building the container image run: # # ./mvnw package -Pnative # -# or -# -# ./mvnw package -Pnative -Dquarkus.native.container-build=true -Dquarkus.native.builder-image=quay.io/quarkus/ubi-quarkus-mandrel:21.3-java11 -# -# If you don't have necessary libraries installed locally. -# # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native -t quarkus/awt-graphics-rest . +# docker build -f src/main/docker/Dockerfile.native -t quarkus/awt-graphics-rest-quickstart . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/awt-graphics-rest +# docker run -i --rm -p 8080:8080 quarkus/awt-graphics-rest-quickstart # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.4 -RUN microdnf install freetype fontconfig \ - && microdnf clean all +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.6 WORKDIR /work/ RUN chown 1001 /work \ && chmod "g+rwX" /work \ diff --git a/awt-graphics-rest-quickstart/src/main/docker/Dockerfile.native-micro b/awt-graphics-rest-quickstart/src/main/docker/Dockerfile.native-micro index 1637b502e3..2abb6c610d 100644 --- a/awt-graphics-rest-quickstart/src/main/docker/Dockerfile.native-micro +++ b/awt-graphics-rest-quickstart/src/main/docker/Dockerfile.native-micro @@ -1,68 +1,28 @@ #### -# ▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄ -# ████████████░▄▄▀█░▄▄█░███░█░▄▄▀█░▄▄▀█░▄▄█████████████ -# ████████████░▄▄▀█░▄▄█▄▀░▀▄█░▀▀░█░▀▀▄█░▄▄█████████████ -# ████████████░▀▀░█▄▄▄██▄█▄██▄██▄█▄█▄▄█▄▄▄█████████████ -# ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀ -# Preparing distroless Dockerfile in this fashion is highly -# application specific. -# -# The undermentioned example uses ubi-micro image and manually copies necessary -# libraries and files from ubi-minimal image. -# -# See https://www.redhat.com/en/blog/introduction-ubi-micro on how to start using Buildah. -# -# ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀ -# ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀ -# ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀ -# This Dockerfile is used in order to build a distroless container that runs the Quarkus application in native (no JVM) mode +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode. +# It uses a micro base image, tuned for Quarkus native executables. +# It reduces the size of the resulting container image. +# Check https://quarkus.io/guides/quarkus-runtime-base-image for further information about this image. # # Before building the container image run: # -# ./mvnw package -Pnative -Dquarkus.native.container-build=true -Dquarkus.native.builder-image=quay.io/quarkus/ubi-quarkus-mandrel:21.3-java11 -# -# The previous step produces an executable compatible with ubi-minimal. +# ./mvnw package -Pnative # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native-micro -t quarkus/awt-graphics-rest-micro . +# docker build -f src/main/docker/Dockerfile.native-micro -t quarkus/awt-graphics-rest-quickstart . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/awt-graphics-rest-micro +# docker run -i --rm -p 8080:8080 quarkus/awt-graphics-rest-quickstart # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.4 as nativelibs -RUN microdnf install freetype fontconfig - -FROM quay.io/quarkus/quarkus-micro-image:1.0 -COPY --from=nativelibs \ - /lib64/libfreetype.so.6 \ - /lib64/libbz2.so.1 \ - /lib64/libpng16.so.16 \ - /lib64/libm.so.6 \ - /lib64/libbz2.so.1 \ - /lib64/libexpat.so.1 \ - /lib64/libuuid.so.1 \ - /lib64/ - -COPY --from=nativelibs \ - /usr/lib64/libfontconfig.so.1 \ - /usr/lib64/ - -COPY --from=nativelibs \ - /usr/share/fonts /usr/share/fonts - -COPY --from=nativelibs \ - /usr/share/fontconfig /usr/share/fontconfig - -COPY --from=nativelibs \ - /usr/lib/fontconfig /usr/lib/fontconfig - -COPY --from=nativelibs \ - /etc/fonts /etc/fonts - -COPY target/*-runner /application +FROM quay.io/quarkus/quarkus-micro-image:2.0 +WORKDIR /work/ +RUN chown 1001 /work \ + && chmod "g+rwX" /work \ + && chown 1001:root /work +COPY --chown=1001:root target/*-runner /work/application EXPOSE 8080 USER 1001 diff --git a/cache-quickstart/pom.xml b/cache-quickstart/pom.xml index 86f7cb525d..59d98ad64a 100644 --- a/cache-quickstart/pom.xml +++ b/cache-quickstart/pom.xml @@ -14,7 +14,7 @@ UTF-8 quarkus-bom io.quarkus - 999-SNAPSHOT + 2.14.0.Final 3.0.0-M7 diff --git a/cache-quickstart/src/main/docker/Dockerfile.jvm b/cache-quickstart/src/main/docker/Dockerfile.jvm index d19a9719e5..6112cde6f1 100644 --- a/cache-quickstart/src/main/docker/Dockerfile.jvm +++ b/cache-quickstart/src/main/docker/Dockerfile.jvm @@ -7,48 +7,88 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/cache-jvm . +# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/cache-quickstart-jvm . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/cache-jvm +# docker run -i --rm -p 8080:8080 quarkus/cache-quickstart-jvm # # If you want to include the debug port into your docker image -# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5005 # # Then run the container using : # -# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/cache-jvm +# docker run -i --rm -p 8080:8080 quarkus/cache-quickstart-jvm +# +# This image uses the `run-java.sh` script to run the application. +# This scripts computes the command line to execute your Java application, and +# includes memory/GC tuning. +# You can configure the behavior using the following environment properties: +# - JAVA_OPTS: JVM options passed to the `java` command (example: "-verbose:class") +# - JAVA_OPTS_APPEND: User specified Java options to be appended to generated options +# in JAVA_OPTS (example: "-Dsome.property=foo") +# - JAVA_MAX_MEM_RATIO: Is used when no `-Xmx` option is given in JAVA_OPTS. This is +# used to calculate a default maximal heap memory based on a containers restriction. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xmx` is set to a ratio +# of the container available memory as set here. The default is `50` which means 50% +# of the available memory is used as an upper boundary. You can skip this mechanism by +# setting this value to `0` in which case no `-Xmx` option is added. +# - JAVA_INITIAL_MEM_RATIO: Is used when no `-Xms` option is given in JAVA_OPTS. This +# is used to calculate a default initial heap memory based on the maximum heap memory. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xms` is set to a ratio +# of the `-Xmx` memory as set here. The default is `25` which means 25% of the `-Xmx` +# is used as the initial heap size. You can skip this mechanism by setting this value +# to `0` in which case no `-Xms` option is added (example: "25") +# - JAVA_MAX_INITIAL_MEM: Is used when no `-Xms` option is given in JAVA_OPTS. +# This is used to calculate the maximum value of the initial heap memory. If used in +# a container without any memory constraints for the container then this option has +# no effect. If there is a memory constraint then `-Xms` is limited to the value set +# here. The default is 4096MB which means the calculated value of `-Xms` never will +# be greater than 4096MB. The value of this variable is expressed in MB (example: "4096") +# - JAVA_DIAGNOSTICS: Set this to get some diagnostics information to standard output +# when things are happening. This option, if set to true, will set +# `-XX:+UnlockDiagnosticVMOptions`. Disabled by default (example: "true"). +# - JAVA_DEBUG: If set remote debugging will be switched on. Disabled by default (example: +# true"). +# - JAVA_DEBUG_PORT: Port used for remote debugging. Defaults to 5005 (example: "8787"). +# - CONTAINER_CORE_LIMIT: A calculated core limit as described in +# https://www.kernel.org/doc/Documentation/scheduler/sched-bwc.txt. (example: "2") +# - CONTAINER_MAX_MEMORY: Memory limit given to the container (example: "1024"). +# - GC_MIN_HEAP_FREE_RATIO: Minimum percentage of heap free after GC to avoid expansion. +# (example: "20") +# - GC_MAX_HEAP_FREE_RATIO: Maximum percentage of heap free after GC to avoid shrinking. +# (example: "40") +# - GC_TIME_RATIO: Specifies the ratio of the time spent outside the garbage collection. +# (example: "4") +# - GC_ADAPTIVE_SIZE_POLICY_WEIGHT: The weighting given to the current GC time versus +# previous GC times. (example: "90") +# - GC_METASPACE_SIZE: The initial metaspace size. (example: "20") +# - GC_MAX_METASPACE_SIZE: The maximum metaspace size. (example: "100") +# - GC_CONTAINER_OPTIONS: Specify Java GC to use. The value of this variable should +# contain the necessary JRE command-line options to specify the required GC, which +# will override the default of `-XX:+UseParallelGC` (example: -XX:+UseG1GC). +# - HTTPS_PROXY: The location of the https proxy. (example: "myuser@127.0.0.1:8080") +# - HTTP_PROXY: The location of the http proxy. (example: "myuser@127.0.0.1:8080") +# - NO_PROXY: A comma separated lists of hosts, IP addresses or domains that can be +# accessed directly. (example: "foo.example.com,bar.example.com") # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/openjdk-11:1.14 + +ENV LANGUAGE='en_US:en' -ARG JAVA_PACKAGE=java-11-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.8 -ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' -# Install java and the run-java script -# Also set up permissions for user `1001` -RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ - && microdnf update \ - && microdnf clean all \ - && mkdir /deployments \ - && chown 1001 /deployments \ - && chmod "g+rwX" /deployments \ - && chown 1001:root /deployments \ - && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ - && chown 1001 /deployments/run-java.sh \ - && chmod 540 /deployments/run-java.sh \ - && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security -# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. -ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" # We make four distinct layers so if there are application changes the library layers can be re-used -COPY --chown=1001 target/quarkus-app/lib/ /deployments/lib/ -COPY --chown=1001 target/quarkus-app/*.jar /deployments/ -COPY --chown=1001 target/quarkus-app/app/ /deployments/app/ -COPY --chown=1001 target/quarkus-app/quarkus/ /deployments/quarkus/ +COPY --chown=185 target/quarkus-app/lib/ /deployments/lib/ +COPY --chown=185 target/quarkus-app/*.jar /deployments/ +COPY --chown=185 target/quarkus-app/app/ /deployments/app/ +COPY --chown=185 target/quarkus-app/quarkus/ /deployments/quarkus/ EXPOSE 8080 -USER 1001 +USER 185 +ENV AB_JOLOKIA_OFF="" +ENV JAVA_OPTS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +ENV JAVA_APP_JAR="/deployments/quarkus-run.jar" -ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/cache-quickstart/src/main/docker/Dockerfile.legacy-jar b/cache-quickstart/src/main/docker/Dockerfile.legacy-jar index c43ecedbdd..0d2dae581d 100644 --- a/cache-quickstart/src/main/docker/Dockerfile.legacy-jar +++ b/cache-quickstart/src/main/docker/Dockerfile.legacy-jar @@ -7,45 +7,84 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/cache-legacy-jar . +# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/cache-quickstart-legacy-jar . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/cache-legacy-jar +# docker run -i --rm -p 8080:8080 quarkus/cache-quickstart-legacy-jar # # If you want to include the debug port into your docker image -# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5005 # # Then run the container using : # -# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/cache-legacy-jar +# docker run -i --rm -p 8080:8080 quarkus/cache-quickstart-legacy-jar +# +# This image uses the `run-java.sh` script to run the application. +# This scripts computes the command line to execute your Java application, and +# includes memory/GC tuning. +# You can configure the behavior using the following environment properties: +# - JAVA_OPTS: JVM options passed to the `java` command (example: "-verbose:class") +# - JAVA_OPTS_APPEND: User specified Java options to be appended to generated options +# in JAVA_OPTS (example: "-Dsome.property=foo") +# - JAVA_MAX_MEM_RATIO: Is used when no `-Xmx` option is given in JAVA_OPTS. This is +# used to calculate a default maximal heap memory based on a containers restriction. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xmx` is set to a ratio +# of the container available memory as set here. The default is `50` which means 50% +# of the available memory is used as an upper boundary. You can skip this mechanism by +# setting this value to `0` in which case no `-Xmx` option is added. +# - JAVA_INITIAL_MEM_RATIO: Is used when no `-Xms` option is given in JAVA_OPTS. This +# is used to calculate a default initial heap memory based on the maximum heap memory. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xms` is set to a ratio +# of the `-Xmx` memory as set here. The default is `25` which means 25% of the `-Xmx` +# is used as the initial heap size. You can skip this mechanism by setting this value +# to `0` in which case no `-Xms` option is added (example: "25") +# - JAVA_MAX_INITIAL_MEM: Is used when no `-Xms` option is given in JAVA_OPTS. +# This is used to calculate the maximum value of the initial heap memory. If used in +# a container without any memory constraints for the container then this option has +# no effect. If there is a memory constraint then `-Xms` is limited to the value set +# here. The default is 4096MB which means the calculated value of `-Xms` never will +# be greater than 4096MB. The value of this variable is expressed in MB (example: "4096") +# - JAVA_DIAGNOSTICS: Set this to get some diagnostics information to standard output +# when things are happening. This option, if set to true, will set +# `-XX:+UnlockDiagnosticVMOptions`. Disabled by default (example: "true"). +# - JAVA_DEBUG: If set remote debugging will be switched on. Disabled by default (example: +# true"). +# - JAVA_DEBUG_PORT: Port used for remote debugging. Defaults to 5005 (example: "8787"). +# - CONTAINER_CORE_LIMIT: A calculated core limit as described in +# https://www.kernel.org/doc/Documentation/scheduler/sched-bwc.txt. (example: "2") +# - CONTAINER_MAX_MEMORY: Memory limit given to the container (example: "1024"). +# - GC_MIN_HEAP_FREE_RATIO: Minimum percentage of heap free after GC to avoid expansion. +# (example: "20") +# - GC_MAX_HEAP_FREE_RATIO: Maximum percentage of heap free after GC to avoid shrinking. +# (example: "40") +# - GC_TIME_RATIO: Specifies the ratio of the time spent outside the garbage collection. +# (example: "4") +# - GC_ADAPTIVE_SIZE_POLICY_WEIGHT: The weighting given to the current GC time versus +# previous GC times. (example: "90") +# - GC_METASPACE_SIZE: The initial metaspace size. (example: "20") +# - GC_MAX_METASPACE_SIZE: The maximum metaspace size. (example: "100") +# - GC_CONTAINER_OPTIONS: Specify Java GC to use. The value of this variable should +# contain the necessary JRE command-line options to specify the required GC, which +# will override the default of `-XX:+UseParallelGC` (example: -XX:+UseG1GC). +# - HTTPS_PROXY: The location of the https proxy. (example: "myuser@127.0.0.1:8080") +# - HTTP_PROXY: The location of the http proxy. (example: "myuser@127.0.0.1:8080") +# - NO_PROXY: A comma separated lists of hosts, IP addresses or domains that can be +# accessed directly. (example: "foo.example.com,bar.example.com") # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/openjdk-11:1.14 + +ENV LANGUAGE='en_US:en' -ARG JAVA_PACKAGE=java-11-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.8 -ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' -# Install java and the run-java script -# Also set up permissions for user `1001` -RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ - && microdnf update \ - && microdnf clean all \ - && mkdir /deployments \ - && chown 1001 /deployments \ - && chmod "g+rwX" /deployments \ - && chown 1001:root /deployments \ - && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ - && chown 1001 /deployments/run-java.sh \ - && chmod 540 /deployments/run-java.sh \ - && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security -# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. -ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" COPY target/lib/* /deployments/lib/ -COPY target/*-runner.jar /deployments/app.jar +COPY target/*-runner.jar /deployments/quarkus-run.jar EXPOSE 8080 -USER 1001 - -ENTRYPOINT [ "/deployments/run-java.sh" ] +USER 185 +ENV AB_JOLOKIA_OFF="" +ENV JAVA_OPTS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +ENV JAVA_APP_JAR="/deployments/quarkus-run.jar" diff --git a/cache-quickstart/src/main/docker/Dockerfile.native b/cache-quickstart/src/main/docker/Dockerfile.native index 18ade2ea6d..ec4dd6860b 100644 --- a/cache-quickstart/src/main/docker/Dockerfile.native +++ b/cache-quickstart/src/main/docker/Dockerfile.native @@ -1,5 +1,5 @@ #### -# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode. # # Before building the container image run: # @@ -7,14 +7,14 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native -t quarkus/cache . +# docker build -f src/main/docker/Dockerfile.native -t quarkus/cache-quickstart . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/cache +# docker run -i --rm -p 8080:8080 quarkus/cache-quickstart # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.6 WORKDIR /work/ RUN chown 1001 /work \ && chmod "g+rwX" /work \ diff --git a/cache-quickstart/src/main/docker/Dockerfile.native-micro b/cache-quickstart/src/main/docker/Dockerfile.native-micro index 858110de75..54f5b21546 100644 --- a/cache-quickstart/src/main/docker/Dockerfile.native-micro +++ b/cache-quickstart/src/main/docker/Dockerfile.native-micro @@ -1,5 +1,8 @@ #### -# This Dockerfile is used in order to build a distroless container that runs the Quarkus application in native (no JVM) mode +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode. +# It uses a micro base image, tuned for Quarkus native executables. +# It reduces the size of the resulting container image. +# Check https://quarkus.io/guides/quarkus-runtime-base-image for further information about this image. # # Before building the container image run: # @@ -7,15 +10,19 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native-micro -t quarkus/cache . +# docker build -f src/main/docker/Dockerfile.native-micro -t quarkus/cache-quickstart . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/cache +# docker run -i --rm -p 8080:8080 quarkus/cache-quickstart # ### -FROM quay.io/quarkus/quarkus-micro-image:1.0 -COPY target/*-runner /application +FROM quay.io/quarkus/quarkus-micro-image:2.0 +WORKDIR /work/ +RUN chown 1001 /work \ + && chmod "g+rwX" /work \ + && chown 1001:root /work +COPY --chown=1001:root target/*-runner /work/application EXPOSE 8080 USER 1001 diff --git a/cache-quickstart/src/main/resources/META-INF/resources/index.html b/cache-quickstart/src/main/resources/META-INF/resources/index.html index 399d68f476..39e21202b8 100644 --- a/cache-quickstart/src/main/resources/META-INF/resources/index.html +++ b/cache-quickstart/src/main/resources/META-INF/resources/index.html @@ -133,7 +133,7 @@

Application

  • GroupId: org.acme
  • ArtifactId: cache-quickstart
  • Version: 1.0.0-SNAPSHOT
  • -
  • Quarkus Version: 999-SNAPSHOT
  • +
  • Quarkus Version: 2.14.0.Final
  • diff --git a/config-quickstart/pom.xml b/config-quickstart/pom.xml index 49b8e7a94c..28efda40e1 100644 --- a/config-quickstart/pom.xml +++ b/config-quickstart/pom.xml @@ -8,7 +8,7 @@ quarkus-bom io.quarkus - 999-SNAPSHOT + 2.14.0.Final 3.0.0-M7 UTF-8 11 diff --git a/config-quickstart/src/main/docker/Dockerfile.jvm b/config-quickstart/src/main/docker/Dockerfile.jvm index 02c0939f24..fa17ad0831 100644 --- a/config-quickstart/src/main/docker/Dockerfile.jvm +++ b/config-quickstart/src/main/docker/Dockerfile.jvm @@ -7,48 +7,88 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/config-jvm . +# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/config-quickstart-jvm . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/config-jvm +# docker run -i --rm -p 8080:8080 quarkus/config-quickstart-jvm # # If you want to include the debug port into your docker image -# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5005 # # Then run the container using : # -# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/config-jvm +# docker run -i --rm -p 8080:8080 quarkus/config-quickstart-jvm +# +# This image uses the `run-java.sh` script to run the application. +# This scripts computes the command line to execute your Java application, and +# includes memory/GC tuning. +# You can configure the behavior using the following environment properties: +# - JAVA_OPTS: JVM options passed to the `java` command (example: "-verbose:class") +# - JAVA_OPTS_APPEND: User specified Java options to be appended to generated options +# in JAVA_OPTS (example: "-Dsome.property=foo") +# - JAVA_MAX_MEM_RATIO: Is used when no `-Xmx` option is given in JAVA_OPTS. This is +# used to calculate a default maximal heap memory based on a containers restriction. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xmx` is set to a ratio +# of the container available memory as set here. The default is `50` which means 50% +# of the available memory is used as an upper boundary. You can skip this mechanism by +# setting this value to `0` in which case no `-Xmx` option is added. +# - JAVA_INITIAL_MEM_RATIO: Is used when no `-Xms` option is given in JAVA_OPTS. This +# is used to calculate a default initial heap memory based on the maximum heap memory. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xms` is set to a ratio +# of the `-Xmx` memory as set here. The default is `25` which means 25% of the `-Xmx` +# is used as the initial heap size. You can skip this mechanism by setting this value +# to `0` in which case no `-Xms` option is added (example: "25") +# - JAVA_MAX_INITIAL_MEM: Is used when no `-Xms` option is given in JAVA_OPTS. +# This is used to calculate the maximum value of the initial heap memory. If used in +# a container without any memory constraints for the container then this option has +# no effect. If there is a memory constraint then `-Xms` is limited to the value set +# here. The default is 4096MB which means the calculated value of `-Xms` never will +# be greater than 4096MB. The value of this variable is expressed in MB (example: "4096") +# - JAVA_DIAGNOSTICS: Set this to get some diagnostics information to standard output +# when things are happening. This option, if set to true, will set +# `-XX:+UnlockDiagnosticVMOptions`. Disabled by default (example: "true"). +# - JAVA_DEBUG: If set remote debugging will be switched on. Disabled by default (example: +# true"). +# - JAVA_DEBUG_PORT: Port used for remote debugging. Defaults to 5005 (example: "8787"). +# - CONTAINER_CORE_LIMIT: A calculated core limit as described in +# https://www.kernel.org/doc/Documentation/scheduler/sched-bwc.txt. (example: "2") +# - CONTAINER_MAX_MEMORY: Memory limit given to the container (example: "1024"). +# - GC_MIN_HEAP_FREE_RATIO: Minimum percentage of heap free after GC to avoid expansion. +# (example: "20") +# - GC_MAX_HEAP_FREE_RATIO: Maximum percentage of heap free after GC to avoid shrinking. +# (example: "40") +# - GC_TIME_RATIO: Specifies the ratio of the time spent outside the garbage collection. +# (example: "4") +# - GC_ADAPTIVE_SIZE_POLICY_WEIGHT: The weighting given to the current GC time versus +# previous GC times. (example: "90") +# - GC_METASPACE_SIZE: The initial metaspace size. (example: "20") +# - GC_MAX_METASPACE_SIZE: The maximum metaspace size. (example: "100") +# - GC_CONTAINER_OPTIONS: Specify Java GC to use. The value of this variable should +# contain the necessary JRE command-line options to specify the required GC, which +# will override the default of `-XX:+UseParallelGC` (example: -XX:+UseG1GC). +# - HTTPS_PROXY: The location of the https proxy. (example: "myuser@127.0.0.1:8080") +# - HTTP_PROXY: The location of the http proxy. (example: "myuser@127.0.0.1:8080") +# - NO_PROXY: A comma separated lists of hosts, IP addresses or domains that can be +# accessed directly. (example: "foo.example.com,bar.example.com") # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/openjdk-11:1.14 + +ENV LANGUAGE='en_US:en' -ARG JAVA_PACKAGE=java-11-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.8 -ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' -# Install java and the run-java script -# Also set up permissions for user `1001` -RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ - && microdnf update \ - && microdnf clean all \ - && mkdir /deployments \ - && chown 1001 /deployments \ - && chmod "g+rwX" /deployments \ - && chown 1001:root /deployments \ - && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ - && chown 1001 /deployments/run-java.sh \ - && chmod 540 /deployments/run-java.sh \ - && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security -# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. -ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" # We make four distinct layers so if there are application changes the library layers can be re-used -COPY --chown=1001 target/quarkus-app/lib/ /deployments/lib/ -COPY --chown=1001 target/quarkus-app/*.jar /deployments/ -COPY --chown=1001 target/quarkus-app/app/ /deployments/app/ -COPY --chown=1001 target/quarkus-app/quarkus/ /deployments/quarkus/ +COPY --chown=185 target/quarkus-app/lib/ /deployments/lib/ +COPY --chown=185 target/quarkus-app/*.jar /deployments/ +COPY --chown=185 target/quarkus-app/app/ /deployments/app/ +COPY --chown=185 target/quarkus-app/quarkus/ /deployments/quarkus/ EXPOSE 8080 -USER 1001 +USER 185 +ENV AB_JOLOKIA_OFF="" +ENV JAVA_OPTS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +ENV JAVA_APP_JAR="/deployments/quarkus-run.jar" -ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/config-quickstart/src/main/docker/Dockerfile.legacy-jar b/config-quickstart/src/main/docker/Dockerfile.legacy-jar index 62f9a13298..8b267dde98 100644 --- a/config-quickstart/src/main/docker/Dockerfile.legacy-jar +++ b/config-quickstart/src/main/docker/Dockerfile.legacy-jar @@ -7,45 +7,84 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/config-legacy-jar . +# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/config-quickstart-legacy-jar . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/config-legacy-jar +# docker run -i --rm -p 8080:8080 quarkus/config-quickstart-legacy-jar # # If you want to include the debug port into your docker image -# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5005 # # Then run the container using : # -# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/config-legacy-jar +# docker run -i --rm -p 8080:8080 quarkus/config-quickstart-legacy-jar +# +# This image uses the `run-java.sh` script to run the application. +# This scripts computes the command line to execute your Java application, and +# includes memory/GC tuning. +# You can configure the behavior using the following environment properties: +# - JAVA_OPTS: JVM options passed to the `java` command (example: "-verbose:class") +# - JAVA_OPTS_APPEND: User specified Java options to be appended to generated options +# in JAVA_OPTS (example: "-Dsome.property=foo") +# - JAVA_MAX_MEM_RATIO: Is used when no `-Xmx` option is given in JAVA_OPTS. This is +# used to calculate a default maximal heap memory based on a containers restriction. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xmx` is set to a ratio +# of the container available memory as set here. The default is `50` which means 50% +# of the available memory is used as an upper boundary. You can skip this mechanism by +# setting this value to `0` in which case no `-Xmx` option is added. +# - JAVA_INITIAL_MEM_RATIO: Is used when no `-Xms` option is given in JAVA_OPTS. This +# is used to calculate a default initial heap memory based on the maximum heap memory. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xms` is set to a ratio +# of the `-Xmx` memory as set here. The default is `25` which means 25% of the `-Xmx` +# is used as the initial heap size. You can skip this mechanism by setting this value +# to `0` in which case no `-Xms` option is added (example: "25") +# - JAVA_MAX_INITIAL_MEM: Is used when no `-Xms` option is given in JAVA_OPTS. +# This is used to calculate the maximum value of the initial heap memory. If used in +# a container without any memory constraints for the container then this option has +# no effect. If there is a memory constraint then `-Xms` is limited to the value set +# here. The default is 4096MB which means the calculated value of `-Xms` never will +# be greater than 4096MB. The value of this variable is expressed in MB (example: "4096") +# - JAVA_DIAGNOSTICS: Set this to get some diagnostics information to standard output +# when things are happening. This option, if set to true, will set +# `-XX:+UnlockDiagnosticVMOptions`. Disabled by default (example: "true"). +# - JAVA_DEBUG: If set remote debugging will be switched on. Disabled by default (example: +# true"). +# - JAVA_DEBUG_PORT: Port used for remote debugging. Defaults to 5005 (example: "8787"). +# - CONTAINER_CORE_LIMIT: A calculated core limit as described in +# https://www.kernel.org/doc/Documentation/scheduler/sched-bwc.txt. (example: "2") +# - CONTAINER_MAX_MEMORY: Memory limit given to the container (example: "1024"). +# - GC_MIN_HEAP_FREE_RATIO: Minimum percentage of heap free after GC to avoid expansion. +# (example: "20") +# - GC_MAX_HEAP_FREE_RATIO: Maximum percentage of heap free after GC to avoid shrinking. +# (example: "40") +# - GC_TIME_RATIO: Specifies the ratio of the time spent outside the garbage collection. +# (example: "4") +# - GC_ADAPTIVE_SIZE_POLICY_WEIGHT: The weighting given to the current GC time versus +# previous GC times. (example: "90") +# - GC_METASPACE_SIZE: The initial metaspace size. (example: "20") +# - GC_MAX_METASPACE_SIZE: The maximum metaspace size. (example: "100") +# - GC_CONTAINER_OPTIONS: Specify Java GC to use. The value of this variable should +# contain the necessary JRE command-line options to specify the required GC, which +# will override the default of `-XX:+UseParallelGC` (example: -XX:+UseG1GC). +# - HTTPS_PROXY: The location of the https proxy. (example: "myuser@127.0.0.1:8080") +# - HTTP_PROXY: The location of the http proxy. (example: "myuser@127.0.0.1:8080") +# - NO_PROXY: A comma separated lists of hosts, IP addresses or domains that can be +# accessed directly. (example: "foo.example.com,bar.example.com") # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/openjdk-11:1.14 + +ENV LANGUAGE='en_US:en' -ARG JAVA_PACKAGE=java-11-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.8 -ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' -# Install java and the run-java script -# Also set up permissions for user `1001` -RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ - && microdnf update \ - && microdnf clean all \ - && mkdir /deployments \ - && chown 1001 /deployments \ - && chmod "g+rwX" /deployments \ - && chown 1001:root /deployments \ - && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ - && chown 1001 /deployments/run-java.sh \ - && chmod 540 /deployments/run-java.sh \ - && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security -# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. -ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" COPY target/lib/* /deployments/lib/ -COPY target/*-runner.jar /deployments/app.jar +COPY target/*-runner.jar /deployments/quarkus-run.jar EXPOSE 8080 -USER 1001 - -ENTRYPOINT [ "/deployments/run-java.sh" ] +USER 185 +ENV AB_JOLOKIA_OFF="" +ENV JAVA_OPTS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +ENV JAVA_APP_JAR="/deployments/quarkus-run.jar" diff --git a/config-quickstart/src/main/docker/Dockerfile.native b/config-quickstart/src/main/docker/Dockerfile.native index 47e8c5608e..f51b2d2929 100644 --- a/config-quickstart/src/main/docker/Dockerfile.native +++ b/config-quickstart/src/main/docker/Dockerfile.native @@ -1,5 +1,5 @@ #### -# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode. # # Before building the container image run: # @@ -7,14 +7,14 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native -t quarkus/config . +# docker build -f src/main/docker/Dockerfile.native -t quarkus/config-quickstart . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/config +# docker run -i --rm -p 8080:8080 quarkus/config-quickstart # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.6 WORKDIR /work/ RUN chown 1001 /work \ && chmod "g+rwX" /work \ diff --git a/config-quickstart/src/main/docker/Dockerfile.native-micro b/config-quickstart/src/main/docker/Dockerfile.native-micro index a3912e01ef..acd57bc182 100644 --- a/config-quickstart/src/main/docker/Dockerfile.native-micro +++ b/config-quickstart/src/main/docker/Dockerfile.native-micro @@ -1,5 +1,8 @@ #### -# This Dockerfile is used in order to build a distroless container that runs the Quarkus application in native (no JVM) mode +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode. +# It uses a micro base image, tuned for Quarkus native executables. +# It reduces the size of the resulting container image. +# Check https://quarkus.io/guides/quarkus-runtime-base-image for further information about this image. # # Before building the container image run: # @@ -7,15 +10,19 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native-micro -t quarkus/config . +# docker build -f src/main/docker/Dockerfile.native-micro -t quarkus/config-quickstart . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/config +# docker run -i --rm -p 8080:8080 quarkus/config-quickstart # ### -FROM quay.io/quarkus/quarkus-micro-image:1.0 -COPY target/*-runner /application +FROM quay.io/quarkus/quarkus-micro-image:2.0 +WORKDIR /work/ +RUN chown 1001 /work \ + && chmod "g+rwX" /work \ + && chown 1001:root /work +COPY --chown=1001:root target/*-runner /work/application EXPOSE 8080 USER 1001 diff --git a/context-propagation-quickstart/pom.xml b/context-propagation-quickstart/pom.xml index 682dbc4722..7dafa908d7 100644 --- a/context-propagation-quickstart/pom.xml +++ b/context-propagation-quickstart/pom.xml @@ -11,7 +11,7 @@ 3.0.0-M7 quarkus-bom io.quarkus - 999-SNAPSHOT + 2.14.0.Final 11 UTF-8 11 diff --git a/context-propagation-quickstart/src/main/docker/Dockerfile.jvm b/context-propagation-quickstart/src/main/docker/Dockerfile.jvm index 01c01b3cce..e1b670f1d2 100644 --- a/context-propagation-quickstart/src/main/docker/Dockerfile.jvm +++ b/context-propagation-quickstart/src/main/docker/Dockerfile.jvm @@ -7,48 +7,88 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/context-propagation-jvm . +# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/context-propagation-quickstart-jvm . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/context-propagation-jvm +# docker run -i --rm -p 8080:8080 quarkus/context-propagation-quickstart-jvm # # If you want to include the debug port into your docker image -# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5005 # # Then run the container using : # -# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/context-propagation-jvm +# docker run -i --rm -p 8080:8080 quarkus/context-propagation-quickstart-jvm +# +# This image uses the `run-java.sh` script to run the application. +# This scripts computes the command line to execute your Java application, and +# includes memory/GC tuning. +# You can configure the behavior using the following environment properties: +# - JAVA_OPTS: JVM options passed to the `java` command (example: "-verbose:class") +# - JAVA_OPTS_APPEND: User specified Java options to be appended to generated options +# in JAVA_OPTS (example: "-Dsome.property=foo") +# - JAVA_MAX_MEM_RATIO: Is used when no `-Xmx` option is given in JAVA_OPTS. This is +# used to calculate a default maximal heap memory based on a containers restriction. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xmx` is set to a ratio +# of the container available memory as set here. The default is `50` which means 50% +# of the available memory is used as an upper boundary. You can skip this mechanism by +# setting this value to `0` in which case no `-Xmx` option is added. +# - JAVA_INITIAL_MEM_RATIO: Is used when no `-Xms` option is given in JAVA_OPTS. This +# is used to calculate a default initial heap memory based on the maximum heap memory. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xms` is set to a ratio +# of the `-Xmx` memory as set here. The default is `25` which means 25% of the `-Xmx` +# is used as the initial heap size. You can skip this mechanism by setting this value +# to `0` in which case no `-Xms` option is added (example: "25") +# - JAVA_MAX_INITIAL_MEM: Is used when no `-Xms` option is given in JAVA_OPTS. +# This is used to calculate the maximum value of the initial heap memory. If used in +# a container without any memory constraints for the container then this option has +# no effect. If there is a memory constraint then `-Xms` is limited to the value set +# here. The default is 4096MB which means the calculated value of `-Xms` never will +# be greater than 4096MB. The value of this variable is expressed in MB (example: "4096") +# - JAVA_DIAGNOSTICS: Set this to get some diagnostics information to standard output +# when things are happening. This option, if set to true, will set +# `-XX:+UnlockDiagnosticVMOptions`. Disabled by default (example: "true"). +# - JAVA_DEBUG: If set remote debugging will be switched on. Disabled by default (example: +# true"). +# - JAVA_DEBUG_PORT: Port used for remote debugging. Defaults to 5005 (example: "8787"). +# - CONTAINER_CORE_LIMIT: A calculated core limit as described in +# https://www.kernel.org/doc/Documentation/scheduler/sched-bwc.txt. (example: "2") +# - CONTAINER_MAX_MEMORY: Memory limit given to the container (example: "1024"). +# - GC_MIN_HEAP_FREE_RATIO: Minimum percentage of heap free after GC to avoid expansion. +# (example: "20") +# - GC_MAX_HEAP_FREE_RATIO: Maximum percentage of heap free after GC to avoid shrinking. +# (example: "40") +# - GC_TIME_RATIO: Specifies the ratio of the time spent outside the garbage collection. +# (example: "4") +# - GC_ADAPTIVE_SIZE_POLICY_WEIGHT: The weighting given to the current GC time versus +# previous GC times. (example: "90") +# - GC_METASPACE_SIZE: The initial metaspace size. (example: "20") +# - GC_MAX_METASPACE_SIZE: The maximum metaspace size. (example: "100") +# - GC_CONTAINER_OPTIONS: Specify Java GC to use. The value of this variable should +# contain the necessary JRE command-line options to specify the required GC, which +# will override the default of `-XX:+UseParallelGC` (example: -XX:+UseG1GC). +# - HTTPS_PROXY: The location of the https proxy. (example: "myuser@127.0.0.1:8080") +# - HTTP_PROXY: The location of the http proxy. (example: "myuser@127.0.0.1:8080") +# - NO_PROXY: A comma separated lists of hosts, IP addresses or domains that can be +# accessed directly. (example: "foo.example.com,bar.example.com") # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/openjdk-11:1.14 + +ENV LANGUAGE='en_US:en' -ARG JAVA_PACKAGE=java-11-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.8 -ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' -# Install java and the run-java script -# Also set up permissions for user `1001` -RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ - && microdnf update \ - && microdnf clean all \ - && mkdir /deployments \ - && chown 1001 /deployments \ - && chmod "g+rwX" /deployments \ - && chown 1001:root /deployments \ - && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ - && chown 1001 /deployments/run-java.sh \ - && chmod 540 /deployments/run-java.sh \ - && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security -# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. -ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" # We make four distinct layers so if there are application changes the library layers can be re-used -COPY --chown=1001 target/quarkus-app/lib/ /deployments/lib/ -COPY --chown=1001 target/quarkus-app/*.jar /deployments/ -COPY --chown=1001 target/quarkus-app/app/ /deployments/app/ -COPY --chown=1001 target/quarkus-app/quarkus/ /deployments/quarkus/ +COPY --chown=185 target/quarkus-app/lib/ /deployments/lib/ +COPY --chown=185 target/quarkus-app/*.jar /deployments/ +COPY --chown=185 target/quarkus-app/app/ /deployments/app/ +COPY --chown=185 target/quarkus-app/quarkus/ /deployments/quarkus/ EXPOSE 8080 -USER 1001 +USER 185 +ENV AB_JOLOKIA_OFF="" +ENV JAVA_OPTS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +ENV JAVA_APP_JAR="/deployments/quarkus-run.jar" -ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/context-propagation-quickstart/src/main/docker/Dockerfile.legacy-jar b/context-propagation-quickstart/src/main/docker/Dockerfile.legacy-jar index c587d643c4..9e8c2f81b7 100644 --- a/context-propagation-quickstart/src/main/docker/Dockerfile.legacy-jar +++ b/context-propagation-quickstart/src/main/docker/Dockerfile.legacy-jar @@ -7,45 +7,84 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/context-propagation-legacy-jar . +# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/context-propagation-quickstart-legacy-jar . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/context-propagation-legacy-jar +# docker run -i --rm -p 8080:8080 quarkus/context-propagation-quickstart-legacy-jar # # If you want to include the debug port into your docker image -# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5005 # # Then run the container using : # -# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/context-propagation-legacy-jar +# docker run -i --rm -p 8080:8080 quarkus/context-propagation-quickstart-legacy-jar +# +# This image uses the `run-java.sh` script to run the application. +# This scripts computes the command line to execute your Java application, and +# includes memory/GC tuning. +# You can configure the behavior using the following environment properties: +# - JAVA_OPTS: JVM options passed to the `java` command (example: "-verbose:class") +# - JAVA_OPTS_APPEND: User specified Java options to be appended to generated options +# in JAVA_OPTS (example: "-Dsome.property=foo") +# - JAVA_MAX_MEM_RATIO: Is used when no `-Xmx` option is given in JAVA_OPTS. This is +# used to calculate a default maximal heap memory based on a containers restriction. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xmx` is set to a ratio +# of the container available memory as set here. The default is `50` which means 50% +# of the available memory is used as an upper boundary. You can skip this mechanism by +# setting this value to `0` in which case no `-Xmx` option is added. +# - JAVA_INITIAL_MEM_RATIO: Is used when no `-Xms` option is given in JAVA_OPTS. This +# is used to calculate a default initial heap memory based on the maximum heap memory. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xms` is set to a ratio +# of the `-Xmx` memory as set here. The default is `25` which means 25% of the `-Xmx` +# is used as the initial heap size. You can skip this mechanism by setting this value +# to `0` in which case no `-Xms` option is added (example: "25") +# - JAVA_MAX_INITIAL_MEM: Is used when no `-Xms` option is given in JAVA_OPTS. +# This is used to calculate the maximum value of the initial heap memory. If used in +# a container without any memory constraints for the container then this option has +# no effect. If there is a memory constraint then `-Xms` is limited to the value set +# here. The default is 4096MB which means the calculated value of `-Xms` never will +# be greater than 4096MB. The value of this variable is expressed in MB (example: "4096") +# - JAVA_DIAGNOSTICS: Set this to get some diagnostics information to standard output +# when things are happening. This option, if set to true, will set +# `-XX:+UnlockDiagnosticVMOptions`. Disabled by default (example: "true"). +# - JAVA_DEBUG: If set remote debugging will be switched on. Disabled by default (example: +# true"). +# - JAVA_DEBUG_PORT: Port used for remote debugging. Defaults to 5005 (example: "8787"). +# - CONTAINER_CORE_LIMIT: A calculated core limit as described in +# https://www.kernel.org/doc/Documentation/scheduler/sched-bwc.txt. (example: "2") +# - CONTAINER_MAX_MEMORY: Memory limit given to the container (example: "1024"). +# - GC_MIN_HEAP_FREE_RATIO: Minimum percentage of heap free after GC to avoid expansion. +# (example: "20") +# - GC_MAX_HEAP_FREE_RATIO: Maximum percentage of heap free after GC to avoid shrinking. +# (example: "40") +# - GC_TIME_RATIO: Specifies the ratio of the time spent outside the garbage collection. +# (example: "4") +# - GC_ADAPTIVE_SIZE_POLICY_WEIGHT: The weighting given to the current GC time versus +# previous GC times. (example: "90") +# - GC_METASPACE_SIZE: The initial metaspace size. (example: "20") +# - GC_MAX_METASPACE_SIZE: The maximum metaspace size. (example: "100") +# - GC_CONTAINER_OPTIONS: Specify Java GC to use. The value of this variable should +# contain the necessary JRE command-line options to specify the required GC, which +# will override the default of `-XX:+UseParallelGC` (example: -XX:+UseG1GC). +# - HTTPS_PROXY: The location of the https proxy. (example: "myuser@127.0.0.1:8080") +# - HTTP_PROXY: The location of the http proxy. (example: "myuser@127.0.0.1:8080") +# - NO_PROXY: A comma separated lists of hosts, IP addresses or domains that can be +# accessed directly. (example: "foo.example.com,bar.example.com") # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/openjdk-11:1.14 + +ENV LANGUAGE='en_US:en' -ARG JAVA_PACKAGE=java-11-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.8 -ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' -# Install java and the run-java script -# Also set up permissions for user `1001` -RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ - && microdnf update \ - && microdnf clean all \ - && mkdir /deployments \ - && chown 1001 /deployments \ - && chmod "g+rwX" /deployments \ - && chown 1001:root /deployments \ - && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ - && chown 1001 /deployments/run-java.sh \ - && chmod 540 /deployments/run-java.sh \ - && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security -# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. -ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" COPY target/lib/* /deployments/lib/ -COPY target/*-runner.jar /deployments/app.jar +COPY target/*-runner.jar /deployments/quarkus-run.jar EXPOSE 8080 -USER 1001 - -ENTRYPOINT [ "/deployments/run-java.sh" ] +USER 185 +ENV AB_JOLOKIA_OFF="" +ENV JAVA_OPTS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +ENV JAVA_APP_JAR="/deployments/quarkus-run.jar" diff --git a/context-propagation-quickstart/src/main/docker/Dockerfile.native b/context-propagation-quickstart/src/main/docker/Dockerfile.native index 4721e35f0c..b05d23d3fd 100644 --- a/context-propagation-quickstart/src/main/docker/Dockerfile.native +++ b/context-propagation-quickstart/src/main/docker/Dockerfile.native @@ -1,5 +1,5 @@ #### -# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode. # # Before building the container image run: # @@ -7,14 +7,14 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native -t quarkus/context-propagation . +# docker build -f src/main/docker/Dockerfile.native -t quarkus/context-propagation-quickstart . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/context-propagation +# docker run -i --rm -p 8080:8080 quarkus/context-propagation-quickstart # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.6 WORKDIR /work/ RUN chown 1001 /work \ && chmod "g+rwX" /work \ diff --git a/context-propagation-quickstart/src/main/docker/Dockerfile.native-micro b/context-propagation-quickstart/src/main/docker/Dockerfile.native-micro index 87ed78541b..28ef4f4a9a 100644 --- a/context-propagation-quickstart/src/main/docker/Dockerfile.native-micro +++ b/context-propagation-quickstart/src/main/docker/Dockerfile.native-micro @@ -1,5 +1,8 @@ #### -# This Dockerfile is used in order to build a distroless container that runs the Quarkus application in native (no JVM) mode +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode. +# It uses a micro base image, tuned for Quarkus native executables. +# It reduces the size of the resulting container image. +# Check https://quarkus.io/guides/quarkus-runtime-base-image for further information about this image. # # Before building the container image run: # @@ -7,15 +10,19 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native-micro -t quarkus/context-propagation . +# docker build -f src/main/docker/Dockerfile.native-micro -t quarkus/context-propagation-quickstart . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/context-propagation +# docker run -i --rm -p 8080:8080 quarkus/context-propagation-quickstart # ### -FROM quay.io/quarkus/quarkus-micro-image:1.0 -COPY target/*-runner /application +FROM quay.io/quarkus/quarkus-micro-image:2.0 +WORKDIR /work/ +RUN chown 1001 /work \ + && chmod "g+rwX" /work \ + && chown 1001:root /work +COPY --chown=1001:root target/*-runner /work/application EXPOSE 8080 USER 1001 diff --git a/funqy-quickstarts/funqy-amazon-lambda-http-quickstart/pom.xml b/funqy-quickstarts/funqy-amazon-lambda-http-quickstart/pom.xml index 2b6c92b043..73e1277771 100644 --- a/funqy-quickstarts/funqy-amazon-lambda-http-quickstart/pom.xml +++ b/funqy-quickstarts/funqy-amazon-lambda-http-quickstart/pom.xml @@ -10,7 +10,7 @@ quarkus-bom io.quarkus - 999-SNAPSHOT + 2.14.0.Final 3.8.1 3.0.0-M7 UTF-8 diff --git a/funqy-quickstarts/funqy-amazon-lambda-quickstart/pom.xml b/funqy-quickstarts/funqy-amazon-lambda-quickstart/pom.xml index ffffb4c1bf..ff5ee15f41 100644 --- a/funqy-quickstarts/funqy-amazon-lambda-quickstart/pom.xml +++ b/funqy-quickstarts/funqy-amazon-lambda-quickstart/pom.xml @@ -10,7 +10,7 @@ quarkus-bom io.quarkus - 999-SNAPSHOT + 2.14.0.Final 3.8.1 3.0.0-M7 UTF-8 diff --git a/funqy-quickstarts/funqy-google-cloud-functions-http-quickstart/pom.xml b/funqy-quickstarts/funqy-google-cloud-functions-http-quickstart/pom.xml index 115e508c6d..be3f28f079 100644 --- a/funqy-quickstarts/funqy-google-cloud-functions-http-quickstart/pom.xml +++ b/funqy-quickstarts/funqy-google-cloud-functions-http-quickstart/pom.xml @@ -10,7 +10,7 @@ quarkus-bom io.quarkus - 999-SNAPSHOT + 2.14.0.Final 3.8.1 3.0.0-M7 UTF-8 diff --git a/funqy-quickstarts/funqy-google-cloud-functions-quickstart/pom.xml b/funqy-quickstarts/funqy-google-cloud-functions-quickstart/pom.xml index 4bf88cbf59..aede4d5f69 100755 --- a/funqy-quickstarts/funqy-google-cloud-functions-quickstart/pom.xml +++ b/funqy-quickstarts/funqy-google-cloud-functions-quickstart/pom.xml @@ -14,7 +14,7 @@ UTF-8 quarkus-bom io.quarkus - 999-SNAPSHOT + 2.14.0.Final 3.0.0-M7 diff --git a/funqy-quickstarts/funqy-http-quickstart/pom.xml b/funqy-quickstarts/funqy-http-quickstart/pom.xml index 1eed2eaf68..f0b134e0dc 100644 --- a/funqy-quickstarts/funqy-http-quickstart/pom.xml +++ b/funqy-quickstarts/funqy-http-quickstart/pom.xml @@ -10,7 +10,7 @@ quarkus-bom io.quarkus - 999-SNAPSHOT + 2.14.0.Final 3.8.1 3.0.0-M7 UTF-8 diff --git a/funqy-quickstarts/funqy-knative-events-quickstart/pom.xml b/funqy-quickstarts/funqy-knative-events-quickstart/pom.xml index 48cc2ac581..777863e92a 100644 --- a/funqy-quickstarts/funqy-knative-events-quickstart/pom.xml +++ b/funqy-quickstarts/funqy-knative-events-quickstart/pom.xml @@ -10,7 +10,7 @@ quarkus-bom io.quarkus - 999-SNAPSHOT + 2.14.0.Final 3.8.1 3.0.0-M7 UTF-8 diff --git a/getting-started-async/pom.xml b/getting-started-async/pom.xml index 644294b035..5c0158b10c 100644 --- a/getting-started-async/pom.xml +++ b/getting-started-async/pom.xml @@ -9,7 +9,7 @@ quarkus-bom io.quarkus - 999-SNAPSHOT + 2.14.0.Final 3.8.1 3.0.0-M7 UTF-8 diff --git a/getting-started-command-mode/pom.xml b/getting-started-command-mode/pom.xml index 1ce4e0e841..222fbefbb9 100644 --- a/getting-started-command-mode/pom.xml +++ b/getting-started-command-mode/pom.xml @@ -9,7 +9,7 @@ quarkus-bom io.quarkus - 999-SNAPSHOT + 2.14.0.Final 3.8.1 3.0.0-M7 UTF-8 diff --git a/getting-started-knative/pom.xml b/getting-started-knative/pom.xml index 9b41954879..30a246347b 100644 --- a/getting-started-knative/pom.xml +++ b/getting-started-knative/pom.xml @@ -14,7 +14,7 @@ UTF-8 quarkus-bom io.quarkus - 999-SNAPSHOT + 2.14.0.Final 3.3.0 3.0.0-M7 diff --git a/getting-started-reactive-crud/pom.xml b/getting-started-reactive-crud/pom.xml index b5e5e184ac..39f9c764d7 100644 --- a/getting-started-reactive-crud/pom.xml +++ b/getting-started-reactive-crud/pom.xml @@ -11,7 +11,7 @@ quarkus-bom io.quarkus - 999-SNAPSHOT + 2.14.0.Final 3.8.1 3.0.0-M7 0.28.0 diff --git a/getting-started-reactive/pom.xml b/getting-started-reactive/pom.xml index 0ab3ae3915..05f5021b11 100644 --- a/getting-started-reactive/pom.xml +++ b/getting-started-reactive/pom.xml @@ -9,7 +9,7 @@ quarkus-bom io.quarkus - 999-SNAPSHOT + 2.14.0.Final 3.8.1 3.0.0-M7 UTF-8 diff --git a/getting-started-testing/pom.xml b/getting-started-testing/pom.xml index 818f3632e1..347cdb1eb3 100644 --- a/getting-started-testing/pom.xml +++ b/getting-started-testing/pom.xml @@ -9,7 +9,7 @@ quarkus-bom io.quarkus - 999-SNAPSHOT + 2.14.0.Final 3.8.1 3.0.0-M7 UTF-8 diff --git a/getting-started/pom.xml b/getting-started/pom.xml index 0e4baaab63..f5b6c6a426 100644 --- a/getting-started/pom.xml +++ b/getting-started/pom.xml @@ -9,7 +9,7 @@ quarkus-bom io.quarkus - 999-SNAPSHOT + 2.14.0.Final 3.8.1 3.0.0-M7 UTF-8 diff --git a/google-cloud-functions-http-quickstart/pom.xml b/google-cloud-functions-http-quickstart/pom.xml index 8c4b69a947..89464fb9c8 100755 --- a/google-cloud-functions-http-quickstart/pom.xml +++ b/google-cloud-functions-http-quickstart/pom.xml @@ -14,7 +14,7 @@ UTF-8 quarkus-bom io.quarkus - 999-SNAPSHOT + 2.14.0.Final 3.0.0-M7 diff --git a/google-cloud-functions-http-quickstart/src/main/docker/Dockerfile.jvm b/google-cloud-functions-http-quickstart/src/main/docker/Dockerfile.jvm index efe089de12..8c5157e2d7 100644 --- a/google-cloud-functions-http-quickstart/src/main/docker/Dockerfile.jvm +++ b/google-cloud-functions-http-quickstart/src/main/docker/Dockerfile.jvm @@ -7,48 +7,88 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/google-cloud-functions-http-jvm . +# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/google-cloud-functions-http-quickstart-jvm . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/google-cloud-functions-http-jvm +# docker run -i --rm -p 8080:8080 quarkus/google-cloud-functions-http-quickstart-jvm # # If you want to include the debug port into your docker image -# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5005 # # Then run the container using : # -# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/google-cloud-functions-http-jvm +# docker run -i --rm -p 8080:8080 quarkus/google-cloud-functions-http-quickstart-jvm +# +# This image uses the `run-java.sh` script to run the application. +# This scripts computes the command line to execute your Java application, and +# includes memory/GC tuning. +# You can configure the behavior using the following environment properties: +# - JAVA_OPTS: JVM options passed to the `java` command (example: "-verbose:class") +# - JAVA_OPTS_APPEND: User specified Java options to be appended to generated options +# in JAVA_OPTS (example: "-Dsome.property=foo") +# - JAVA_MAX_MEM_RATIO: Is used when no `-Xmx` option is given in JAVA_OPTS. This is +# used to calculate a default maximal heap memory based on a containers restriction. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xmx` is set to a ratio +# of the container available memory as set here. The default is `50` which means 50% +# of the available memory is used as an upper boundary. You can skip this mechanism by +# setting this value to `0` in which case no `-Xmx` option is added. +# - JAVA_INITIAL_MEM_RATIO: Is used when no `-Xms` option is given in JAVA_OPTS. This +# is used to calculate a default initial heap memory based on the maximum heap memory. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xms` is set to a ratio +# of the `-Xmx` memory as set here. The default is `25` which means 25% of the `-Xmx` +# is used as the initial heap size. You can skip this mechanism by setting this value +# to `0` in which case no `-Xms` option is added (example: "25") +# - JAVA_MAX_INITIAL_MEM: Is used when no `-Xms` option is given in JAVA_OPTS. +# This is used to calculate the maximum value of the initial heap memory. If used in +# a container without any memory constraints for the container then this option has +# no effect. If there is a memory constraint then `-Xms` is limited to the value set +# here. The default is 4096MB which means the calculated value of `-Xms` never will +# be greater than 4096MB. The value of this variable is expressed in MB (example: "4096") +# - JAVA_DIAGNOSTICS: Set this to get some diagnostics information to standard output +# when things are happening. This option, if set to true, will set +# `-XX:+UnlockDiagnosticVMOptions`. Disabled by default (example: "true"). +# - JAVA_DEBUG: If set remote debugging will be switched on. Disabled by default (example: +# true"). +# - JAVA_DEBUG_PORT: Port used for remote debugging. Defaults to 5005 (example: "8787"). +# - CONTAINER_CORE_LIMIT: A calculated core limit as described in +# https://www.kernel.org/doc/Documentation/scheduler/sched-bwc.txt. (example: "2") +# - CONTAINER_MAX_MEMORY: Memory limit given to the container (example: "1024"). +# - GC_MIN_HEAP_FREE_RATIO: Minimum percentage of heap free after GC to avoid expansion. +# (example: "20") +# - GC_MAX_HEAP_FREE_RATIO: Maximum percentage of heap free after GC to avoid shrinking. +# (example: "40") +# - GC_TIME_RATIO: Specifies the ratio of the time spent outside the garbage collection. +# (example: "4") +# - GC_ADAPTIVE_SIZE_POLICY_WEIGHT: The weighting given to the current GC time versus +# previous GC times. (example: "90") +# - GC_METASPACE_SIZE: The initial metaspace size. (example: "20") +# - GC_MAX_METASPACE_SIZE: The maximum metaspace size. (example: "100") +# - GC_CONTAINER_OPTIONS: Specify Java GC to use. The value of this variable should +# contain the necessary JRE command-line options to specify the required GC, which +# will override the default of `-XX:+UseParallelGC` (example: -XX:+UseG1GC). +# - HTTPS_PROXY: The location of the https proxy. (example: "myuser@127.0.0.1:8080") +# - HTTP_PROXY: The location of the http proxy. (example: "myuser@127.0.0.1:8080") +# - NO_PROXY: A comma separated lists of hosts, IP addresses or domains that can be +# accessed directly. (example: "foo.example.com,bar.example.com") # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/openjdk-11:1.14 + +ENV LANGUAGE='en_US:en' -ARG JAVA_PACKAGE=java-11-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.8 -ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' -# Install java and the run-java script -# Also set up permissions for user `1001` -RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ - && microdnf update \ - && microdnf clean all \ - && mkdir /deployments \ - && chown 1001 /deployments \ - && chmod "g+rwX" /deployments \ - && chown 1001:root /deployments \ - && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ - && chown 1001 /deployments/run-java.sh \ - && chmod 540 /deployments/run-java.sh \ - && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security -# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. -ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" # We make four distinct layers so if there are application changes the library layers can be re-used -COPY --chown=1001 target/quarkus-app/lib/ /deployments/lib/ -COPY --chown=1001 target/quarkus-app/*.jar /deployments/ -COPY --chown=1001 target/quarkus-app/app/ /deployments/app/ -COPY --chown=1001 target/quarkus-app/quarkus/ /deployments/quarkus/ +COPY --chown=185 target/quarkus-app/lib/ /deployments/lib/ +COPY --chown=185 target/quarkus-app/*.jar /deployments/ +COPY --chown=185 target/quarkus-app/app/ /deployments/app/ +COPY --chown=185 target/quarkus-app/quarkus/ /deployments/quarkus/ EXPOSE 8080 -USER 1001 +USER 185 +ENV AB_JOLOKIA_OFF="" +ENV JAVA_OPTS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +ENV JAVA_APP_JAR="/deployments/quarkus-run.jar" -ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/google-cloud-functions-http-quickstart/src/main/docker/Dockerfile.legacy-jar b/google-cloud-functions-http-quickstart/src/main/docker/Dockerfile.legacy-jar index 1ba1af00b2..ff1ca966ed 100644 --- a/google-cloud-functions-http-quickstart/src/main/docker/Dockerfile.legacy-jar +++ b/google-cloud-functions-http-quickstart/src/main/docker/Dockerfile.legacy-jar @@ -7,45 +7,84 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/google-cloud-functions-http-legacy-jar . +# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/google-cloud-functions-http-quickstart-legacy-jar . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/google-cloud-functions-http-legacy-jar +# docker run -i --rm -p 8080:8080 quarkus/google-cloud-functions-http-quickstart-legacy-jar # # If you want to include the debug port into your docker image -# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5005 # # Then run the container using : # -# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/google-cloud-functions-http-legacy-jar +# docker run -i --rm -p 8080:8080 quarkus/google-cloud-functions-http-quickstart-legacy-jar +# +# This image uses the `run-java.sh` script to run the application. +# This scripts computes the command line to execute your Java application, and +# includes memory/GC tuning. +# You can configure the behavior using the following environment properties: +# - JAVA_OPTS: JVM options passed to the `java` command (example: "-verbose:class") +# - JAVA_OPTS_APPEND: User specified Java options to be appended to generated options +# in JAVA_OPTS (example: "-Dsome.property=foo") +# - JAVA_MAX_MEM_RATIO: Is used when no `-Xmx` option is given in JAVA_OPTS. This is +# used to calculate a default maximal heap memory based on a containers restriction. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xmx` is set to a ratio +# of the container available memory as set here. The default is `50` which means 50% +# of the available memory is used as an upper boundary. You can skip this mechanism by +# setting this value to `0` in which case no `-Xmx` option is added. +# - JAVA_INITIAL_MEM_RATIO: Is used when no `-Xms` option is given in JAVA_OPTS. This +# is used to calculate a default initial heap memory based on the maximum heap memory. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xms` is set to a ratio +# of the `-Xmx` memory as set here. The default is `25` which means 25% of the `-Xmx` +# is used as the initial heap size. You can skip this mechanism by setting this value +# to `0` in which case no `-Xms` option is added (example: "25") +# - JAVA_MAX_INITIAL_MEM: Is used when no `-Xms` option is given in JAVA_OPTS. +# This is used to calculate the maximum value of the initial heap memory. If used in +# a container without any memory constraints for the container then this option has +# no effect. If there is a memory constraint then `-Xms` is limited to the value set +# here. The default is 4096MB which means the calculated value of `-Xms` never will +# be greater than 4096MB. The value of this variable is expressed in MB (example: "4096") +# - JAVA_DIAGNOSTICS: Set this to get some diagnostics information to standard output +# when things are happening. This option, if set to true, will set +# `-XX:+UnlockDiagnosticVMOptions`. Disabled by default (example: "true"). +# - JAVA_DEBUG: If set remote debugging will be switched on. Disabled by default (example: +# true"). +# - JAVA_DEBUG_PORT: Port used for remote debugging. Defaults to 5005 (example: "8787"). +# - CONTAINER_CORE_LIMIT: A calculated core limit as described in +# https://www.kernel.org/doc/Documentation/scheduler/sched-bwc.txt. (example: "2") +# - CONTAINER_MAX_MEMORY: Memory limit given to the container (example: "1024"). +# - GC_MIN_HEAP_FREE_RATIO: Minimum percentage of heap free after GC to avoid expansion. +# (example: "20") +# - GC_MAX_HEAP_FREE_RATIO: Maximum percentage of heap free after GC to avoid shrinking. +# (example: "40") +# - GC_TIME_RATIO: Specifies the ratio of the time spent outside the garbage collection. +# (example: "4") +# - GC_ADAPTIVE_SIZE_POLICY_WEIGHT: The weighting given to the current GC time versus +# previous GC times. (example: "90") +# - GC_METASPACE_SIZE: The initial metaspace size. (example: "20") +# - GC_MAX_METASPACE_SIZE: The maximum metaspace size. (example: "100") +# - GC_CONTAINER_OPTIONS: Specify Java GC to use. The value of this variable should +# contain the necessary JRE command-line options to specify the required GC, which +# will override the default of `-XX:+UseParallelGC` (example: -XX:+UseG1GC). +# - HTTPS_PROXY: The location of the https proxy. (example: "myuser@127.0.0.1:8080") +# - HTTP_PROXY: The location of the http proxy. (example: "myuser@127.0.0.1:8080") +# - NO_PROXY: A comma separated lists of hosts, IP addresses or domains that can be +# accessed directly. (example: "foo.example.com,bar.example.com") # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/openjdk-11:1.14 + +ENV LANGUAGE='en_US:en' -ARG JAVA_PACKAGE=java-11-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.8 -ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' -# Install java and the run-java script -# Also set up permissions for user `1001` -RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ - && microdnf update \ - && microdnf clean all \ - && mkdir /deployments \ - && chown 1001 /deployments \ - && chmod "g+rwX" /deployments \ - && chown 1001:root /deployments \ - && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ - && chown 1001 /deployments/run-java.sh \ - && chmod 540 /deployments/run-java.sh \ - && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security -# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. -ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" COPY target/lib/* /deployments/lib/ -COPY target/*-runner.jar /deployments/app.jar +COPY target/*-runner.jar /deployments/quarkus-run.jar EXPOSE 8080 -USER 1001 - -ENTRYPOINT [ "/deployments/run-java.sh" ] +USER 185 +ENV AB_JOLOKIA_OFF="" +ENV JAVA_OPTS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +ENV JAVA_APP_JAR="/deployments/quarkus-run.jar" diff --git a/google-cloud-functions-http-quickstart/src/main/docker/Dockerfile.native b/google-cloud-functions-http-quickstart/src/main/docker/Dockerfile.native index 7254e61591..821d3eaf54 100644 --- a/google-cloud-functions-http-quickstart/src/main/docker/Dockerfile.native +++ b/google-cloud-functions-http-quickstart/src/main/docker/Dockerfile.native @@ -1,5 +1,5 @@ #### -# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode. # # Before building the container image run: # @@ -7,14 +7,14 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native -t quarkus/google-cloud-functions-http . +# docker build -f src/main/docker/Dockerfile.native -t quarkus/google-cloud-functions-http-quickstart . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/google-cloud-functions-http +# docker run -i --rm -p 8080:8080 quarkus/google-cloud-functions-http-quickstart # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.6 WORKDIR /work/ RUN chown 1001 /work \ && chmod "g+rwX" /work \ diff --git a/google-cloud-functions-http-quickstart/src/main/docker/Dockerfile.native-micro b/google-cloud-functions-http-quickstart/src/main/docker/Dockerfile.native-micro index 6bce9bcb39..c1507d184f 100644 --- a/google-cloud-functions-http-quickstart/src/main/docker/Dockerfile.native-micro +++ b/google-cloud-functions-http-quickstart/src/main/docker/Dockerfile.native-micro @@ -1,5 +1,8 @@ #### -# This Dockerfile is used in order to build a distroless container that runs the Quarkus application in native (no JVM) mode +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode. +# It uses a micro base image, tuned for Quarkus native executables. +# It reduces the size of the resulting container image. +# Check https://quarkus.io/guides/quarkus-runtime-base-image for further information about this image. # # Before building the container image run: # @@ -7,15 +10,19 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native-micro -t quarkus/google-cloud-functions-http . +# docker build -f src/main/docker/Dockerfile.native-micro -t quarkus/google-cloud-functions-http-quickstart . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/google-cloud-functions-http +# docker run -i --rm -p 8080:8080 quarkus/google-cloud-functions-http-quickstart # ### -FROM quay.io/quarkus/quarkus-micro-image:1.0 -COPY target/*-runner /application +FROM quay.io/quarkus/quarkus-micro-image:2.0 +WORKDIR /work/ +RUN chown 1001 /work \ + && chmod "g+rwX" /work \ + && chown 1001:root /work +COPY --chown=1001:root target/*-runner /work/application EXPOSE 8080 USER 1001 diff --git a/google-cloud-functions-http-quickstart/src/main/resources/META-INF/resources/index.html b/google-cloud-functions-http-quickstart/src/main/resources/META-INF/resources/index.html index 122bbdcee1..1697233ce4 100755 --- a/google-cloud-functions-http-quickstart/src/main/resources/META-INF/resources/index.html +++ b/google-cloud-functions-http-quickstart/src/main/resources/META-INF/resources/index.html @@ -136,7 +136,7 @@

    Application

  • GroupId: org.acme
  • ArtifactId: google-cloud-functions-http
  • Version: 1.0.0-SNAPSHOT
  • -
  • Quarkus Version: 1.6.1.Final
  • +
  • Quarkus Version: 2.14.0.Final
  • diff --git a/google-cloud-functions-quickstart/pom.xml b/google-cloud-functions-quickstart/pom.xml index d09b85b3dd..089c3ba631 100755 --- a/google-cloud-functions-quickstart/pom.xml +++ b/google-cloud-functions-quickstart/pom.xml @@ -14,7 +14,7 @@ UTF-8 quarkus-bom io.quarkus - 999-SNAPSHOT + 2.14.0.Final 3.0.0-M7 diff --git a/google-cloud-functions-quickstart/src/main/docker/Dockerfile.jvm b/google-cloud-functions-quickstart/src/main/docker/Dockerfile.jvm index 00e1121ffa..0371f5bb1a 100644 --- a/google-cloud-functions-quickstart/src/main/docker/Dockerfile.jvm +++ b/google-cloud-functions-quickstart/src/main/docker/Dockerfile.jvm @@ -7,48 +7,88 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/google-cloud-functions-jvm . +# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/google-cloud-functions-quickstart-jvm . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/google-cloud-functions-jvm +# docker run -i --rm -p 8080:8080 quarkus/google-cloud-functions-quickstart-jvm # # If you want to include the debug port into your docker image -# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5005 # # Then run the container using : # -# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/google-cloud-functions-jvm +# docker run -i --rm -p 8080:8080 quarkus/google-cloud-functions-quickstart-jvm +# +# This image uses the `run-java.sh` script to run the application. +# This scripts computes the command line to execute your Java application, and +# includes memory/GC tuning. +# You can configure the behavior using the following environment properties: +# - JAVA_OPTS: JVM options passed to the `java` command (example: "-verbose:class") +# - JAVA_OPTS_APPEND: User specified Java options to be appended to generated options +# in JAVA_OPTS (example: "-Dsome.property=foo") +# - JAVA_MAX_MEM_RATIO: Is used when no `-Xmx` option is given in JAVA_OPTS. This is +# used to calculate a default maximal heap memory based on a containers restriction. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xmx` is set to a ratio +# of the container available memory as set here. The default is `50` which means 50% +# of the available memory is used as an upper boundary. You can skip this mechanism by +# setting this value to `0` in which case no `-Xmx` option is added. +# - JAVA_INITIAL_MEM_RATIO: Is used when no `-Xms` option is given in JAVA_OPTS. This +# is used to calculate a default initial heap memory based on the maximum heap memory. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xms` is set to a ratio +# of the `-Xmx` memory as set here. The default is `25` which means 25% of the `-Xmx` +# is used as the initial heap size. You can skip this mechanism by setting this value +# to `0` in which case no `-Xms` option is added (example: "25") +# - JAVA_MAX_INITIAL_MEM: Is used when no `-Xms` option is given in JAVA_OPTS. +# This is used to calculate the maximum value of the initial heap memory. If used in +# a container without any memory constraints for the container then this option has +# no effect. If there is a memory constraint then `-Xms` is limited to the value set +# here. The default is 4096MB which means the calculated value of `-Xms` never will +# be greater than 4096MB. The value of this variable is expressed in MB (example: "4096") +# - JAVA_DIAGNOSTICS: Set this to get some diagnostics information to standard output +# when things are happening. This option, if set to true, will set +# `-XX:+UnlockDiagnosticVMOptions`. Disabled by default (example: "true"). +# - JAVA_DEBUG: If set remote debugging will be switched on. Disabled by default (example: +# true"). +# - JAVA_DEBUG_PORT: Port used for remote debugging. Defaults to 5005 (example: "8787"). +# - CONTAINER_CORE_LIMIT: A calculated core limit as described in +# https://www.kernel.org/doc/Documentation/scheduler/sched-bwc.txt. (example: "2") +# - CONTAINER_MAX_MEMORY: Memory limit given to the container (example: "1024"). +# - GC_MIN_HEAP_FREE_RATIO: Minimum percentage of heap free after GC to avoid expansion. +# (example: "20") +# - GC_MAX_HEAP_FREE_RATIO: Maximum percentage of heap free after GC to avoid shrinking. +# (example: "40") +# - GC_TIME_RATIO: Specifies the ratio of the time spent outside the garbage collection. +# (example: "4") +# - GC_ADAPTIVE_SIZE_POLICY_WEIGHT: The weighting given to the current GC time versus +# previous GC times. (example: "90") +# - GC_METASPACE_SIZE: The initial metaspace size. (example: "20") +# - GC_MAX_METASPACE_SIZE: The maximum metaspace size. (example: "100") +# - GC_CONTAINER_OPTIONS: Specify Java GC to use. The value of this variable should +# contain the necessary JRE command-line options to specify the required GC, which +# will override the default of `-XX:+UseParallelGC` (example: -XX:+UseG1GC). +# - HTTPS_PROXY: The location of the https proxy. (example: "myuser@127.0.0.1:8080") +# - HTTP_PROXY: The location of the http proxy. (example: "myuser@127.0.0.1:8080") +# - NO_PROXY: A comma separated lists of hosts, IP addresses or domains that can be +# accessed directly. (example: "foo.example.com,bar.example.com") # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/openjdk-11:1.14 + +ENV LANGUAGE='en_US:en' -ARG JAVA_PACKAGE=java-11-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.8 -ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' -# Install java and the run-java script -# Also set up permissions for user `1001` -RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ - && microdnf update \ - && microdnf clean all \ - && mkdir /deployments \ - && chown 1001 /deployments \ - && chmod "g+rwX" /deployments \ - && chown 1001:root /deployments \ - && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ - && chown 1001 /deployments/run-java.sh \ - && chmod 540 /deployments/run-java.sh \ - && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security -# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. -ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" # We make four distinct layers so if there are application changes the library layers can be re-used -COPY --chown=1001 target/quarkus-app/lib/ /deployments/lib/ -COPY --chown=1001 target/quarkus-app/*.jar /deployments/ -COPY --chown=1001 target/quarkus-app/app/ /deployments/app/ -COPY --chown=1001 target/quarkus-app/quarkus/ /deployments/quarkus/ +COPY --chown=185 target/quarkus-app/lib/ /deployments/lib/ +COPY --chown=185 target/quarkus-app/*.jar /deployments/ +COPY --chown=185 target/quarkus-app/app/ /deployments/app/ +COPY --chown=185 target/quarkus-app/quarkus/ /deployments/quarkus/ EXPOSE 8080 -USER 1001 +USER 185 +ENV AB_JOLOKIA_OFF="" +ENV JAVA_OPTS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +ENV JAVA_APP_JAR="/deployments/quarkus-run.jar" -ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/google-cloud-functions-quickstart/src/main/docker/Dockerfile.legacy-jar b/google-cloud-functions-quickstart/src/main/docker/Dockerfile.legacy-jar index ecfa817a74..3049668f8d 100644 --- a/google-cloud-functions-quickstart/src/main/docker/Dockerfile.legacy-jar +++ b/google-cloud-functions-quickstart/src/main/docker/Dockerfile.legacy-jar @@ -7,45 +7,84 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/google-cloud-functions-legacy-jar . +# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/google-cloud-functions-quickstart-legacy-jar . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/google-cloud-functions-legacy-jar +# docker run -i --rm -p 8080:8080 quarkus/google-cloud-functions-quickstart-legacy-jar # # If you want to include the debug port into your docker image -# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5005 # # Then run the container using : # -# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/google-cloud-functions-legacy-jar +# docker run -i --rm -p 8080:8080 quarkus/google-cloud-functions-quickstart-legacy-jar +# +# This image uses the `run-java.sh` script to run the application. +# This scripts computes the command line to execute your Java application, and +# includes memory/GC tuning. +# You can configure the behavior using the following environment properties: +# - JAVA_OPTS: JVM options passed to the `java` command (example: "-verbose:class") +# - JAVA_OPTS_APPEND: User specified Java options to be appended to generated options +# in JAVA_OPTS (example: "-Dsome.property=foo") +# - JAVA_MAX_MEM_RATIO: Is used when no `-Xmx` option is given in JAVA_OPTS. This is +# used to calculate a default maximal heap memory based on a containers restriction. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xmx` is set to a ratio +# of the container available memory as set here. The default is `50` which means 50% +# of the available memory is used as an upper boundary. You can skip this mechanism by +# setting this value to `0` in which case no `-Xmx` option is added. +# - JAVA_INITIAL_MEM_RATIO: Is used when no `-Xms` option is given in JAVA_OPTS. This +# is used to calculate a default initial heap memory based on the maximum heap memory. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xms` is set to a ratio +# of the `-Xmx` memory as set here. The default is `25` which means 25% of the `-Xmx` +# is used as the initial heap size. You can skip this mechanism by setting this value +# to `0` in which case no `-Xms` option is added (example: "25") +# - JAVA_MAX_INITIAL_MEM: Is used when no `-Xms` option is given in JAVA_OPTS. +# This is used to calculate the maximum value of the initial heap memory. If used in +# a container without any memory constraints for the container then this option has +# no effect. If there is a memory constraint then `-Xms` is limited to the value set +# here. The default is 4096MB which means the calculated value of `-Xms` never will +# be greater than 4096MB. The value of this variable is expressed in MB (example: "4096") +# - JAVA_DIAGNOSTICS: Set this to get some diagnostics information to standard output +# when things are happening. This option, if set to true, will set +# `-XX:+UnlockDiagnosticVMOptions`. Disabled by default (example: "true"). +# - JAVA_DEBUG: If set remote debugging will be switched on. Disabled by default (example: +# true"). +# - JAVA_DEBUG_PORT: Port used for remote debugging. Defaults to 5005 (example: "8787"). +# - CONTAINER_CORE_LIMIT: A calculated core limit as described in +# https://www.kernel.org/doc/Documentation/scheduler/sched-bwc.txt. (example: "2") +# - CONTAINER_MAX_MEMORY: Memory limit given to the container (example: "1024"). +# - GC_MIN_HEAP_FREE_RATIO: Minimum percentage of heap free after GC to avoid expansion. +# (example: "20") +# - GC_MAX_HEAP_FREE_RATIO: Maximum percentage of heap free after GC to avoid shrinking. +# (example: "40") +# - GC_TIME_RATIO: Specifies the ratio of the time spent outside the garbage collection. +# (example: "4") +# - GC_ADAPTIVE_SIZE_POLICY_WEIGHT: The weighting given to the current GC time versus +# previous GC times. (example: "90") +# - GC_METASPACE_SIZE: The initial metaspace size. (example: "20") +# - GC_MAX_METASPACE_SIZE: The maximum metaspace size. (example: "100") +# - GC_CONTAINER_OPTIONS: Specify Java GC to use. The value of this variable should +# contain the necessary JRE command-line options to specify the required GC, which +# will override the default of `-XX:+UseParallelGC` (example: -XX:+UseG1GC). +# - HTTPS_PROXY: The location of the https proxy. (example: "myuser@127.0.0.1:8080") +# - HTTP_PROXY: The location of the http proxy. (example: "myuser@127.0.0.1:8080") +# - NO_PROXY: A comma separated lists of hosts, IP addresses or domains that can be +# accessed directly. (example: "foo.example.com,bar.example.com") # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/openjdk-11:1.14 + +ENV LANGUAGE='en_US:en' -ARG JAVA_PACKAGE=java-11-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.8 -ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' -# Install java and the run-java script -# Also set up permissions for user `1001` -RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ - && microdnf update \ - && microdnf clean all \ - && mkdir /deployments \ - && chown 1001 /deployments \ - && chmod "g+rwX" /deployments \ - && chown 1001:root /deployments \ - && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ - && chown 1001 /deployments/run-java.sh \ - && chmod 540 /deployments/run-java.sh \ - && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security -# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. -ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" COPY target/lib/* /deployments/lib/ -COPY target/*-runner.jar /deployments/app.jar +COPY target/*-runner.jar /deployments/quarkus-run.jar EXPOSE 8080 -USER 1001 - -ENTRYPOINT [ "/deployments/run-java.sh" ] +USER 185 +ENV AB_JOLOKIA_OFF="" +ENV JAVA_OPTS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +ENV JAVA_APP_JAR="/deployments/quarkus-run.jar" diff --git a/google-cloud-functions-quickstart/src/main/docker/Dockerfile.native b/google-cloud-functions-quickstart/src/main/docker/Dockerfile.native index c20f810e4c..40ecbce4d2 100644 --- a/google-cloud-functions-quickstart/src/main/docker/Dockerfile.native +++ b/google-cloud-functions-quickstart/src/main/docker/Dockerfile.native @@ -1,5 +1,5 @@ #### -# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode. # # Before building the container image run: # @@ -7,14 +7,14 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native -t quarkus/google-cloud-functions . +# docker build -f src/main/docker/Dockerfile.native -t quarkus/google-cloud-functions-quickstart . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/google-cloud-functions +# docker run -i --rm -p 8080:8080 quarkus/google-cloud-functions-quickstart # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.6 WORKDIR /work/ RUN chown 1001 /work \ && chmod "g+rwX" /work \ diff --git a/google-cloud-functions-quickstart/src/main/docker/Dockerfile.native-micro b/google-cloud-functions-quickstart/src/main/docker/Dockerfile.native-micro index 458a8d9c5b..5d05787fc1 100644 --- a/google-cloud-functions-quickstart/src/main/docker/Dockerfile.native-micro +++ b/google-cloud-functions-quickstart/src/main/docker/Dockerfile.native-micro @@ -1,5 +1,8 @@ #### -# This Dockerfile is used in order to build a distroless container that runs the Quarkus application in native (no JVM) mode +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode. +# It uses a micro base image, tuned for Quarkus native executables. +# It reduces the size of the resulting container image. +# Check https://quarkus.io/guides/quarkus-runtime-base-image for further information about this image. # # Before building the container image run: # @@ -7,15 +10,19 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native-micro -t quarkus/google-cloud-functions . +# docker build -f src/main/docker/Dockerfile.native-micro -t quarkus/google-cloud-functions-quickstart . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/google-cloud-functions +# docker run -i --rm -p 8080:8080 quarkus/google-cloud-functions-quickstart # ### -FROM quay.io/quarkus/quarkus-micro-image:1.0 -COPY target/*-runner /application +FROM quay.io/quarkus/quarkus-micro-image:2.0 +WORKDIR /work/ +RUN chown 1001 /work \ + && chmod "g+rwX" /work \ + && chown 1001:root /work +COPY --chown=1001:root target/*-runner /work/application EXPOSE 8080 USER 1001 diff --git a/grpc-plain-text-quickstart/pom.xml b/grpc-plain-text-quickstart/pom.xml index 1c330ccfe4..bb7508a8ea 100644 --- a/grpc-plain-text-quickstart/pom.xml +++ b/grpc-plain-text-quickstart/pom.xml @@ -11,7 +11,7 @@ quarkus-bom io.quarkus - 999-SNAPSHOT + 2.14.0.Final 3.0.0-M7 3.8.0 3.22.0 diff --git a/grpc-plain-text-quickstart/src/main/docker/Dockerfile.jvm b/grpc-plain-text-quickstart/src/main/docker/Dockerfile.jvm index 2adcc76940..5d1f175281 100644 --- a/grpc-plain-text-quickstart/src/main/docker/Dockerfile.jvm +++ b/grpc-plain-text-quickstart/src/main/docker/Dockerfile.jvm @@ -7,48 +7,88 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/grpc-plain-text-jvm . +# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/grpc-plain-text-quickstart-jvm . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/grpc-plain-text-jvm +# docker run -i --rm -p 8080:8080 quarkus/grpc-plain-text-quickstart-jvm # # If you want to include the debug port into your docker image -# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5005 # # Then run the container using : # -# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/grpc-plain-text-jvm +# docker run -i --rm -p 8080:8080 quarkus/grpc-plain-text-quickstart-jvm +# +# This image uses the `run-java.sh` script to run the application. +# This scripts computes the command line to execute your Java application, and +# includes memory/GC tuning. +# You can configure the behavior using the following environment properties: +# - JAVA_OPTS: JVM options passed to the `java` command (example: "-verbose:class") +# - JAVA_OPTS_APPEND: User specified Java options to be appended to generated options +# in JAVA_OPTS (example: "-Dsome.property=foo") +# - JAVA_MAX_MEM_RATIO: Is used when no `-Xmx` option is given in JAVA_OPTS. This is +# used to calculate a default maximal heap memory based on a containers restriction. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xmx` is set to a ratio +# of the container available memory as set here. The default is `50` which means 50% +# of the available memory is used as an upper boundary. You can skip this mechanism by +# setting this value to `0` in which case no `-Xmx` option is added. +# - JAVA_INITIAL_MEM_RATIO: Is used when no `-Xms` option is given in JAVA_OPTS. This +# is used to calculate a default initial heap memory based on the maximum heap memory. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xms` is set to a ratio +# of the `-Xmx` memory as set here. The default is `25` which means 25% of the `-Xmx` +# is used as the initial heap size. You can skip this mechanism by setting this value +# to `0` in which case no `-Xms` option is added (example: "25") +# - JAVA_MAX_INITIAL_MEM: Is used when no `-Xms` option is given in JAVA_OPTS. +# This is used to calculate the maximum value of the initial heap memory. If used in +# a container without any memory constraints for the container then this option has +# no effect. If there is a memory constraint then `-Xms` is limited to the value set +# here. The default is 4096MB which means the calculated value of `-Xms` never will +# be greater than 4096MB. The value of this variable is expressed in MB (example: "4096") +# - JAVA_DIAGNOSTICS: Set this to get some diagnostics information to standard output +# when things are happening. This option, if set to true, will set +# `-XX:+UnlockDiagnosticVMOptions`. Disabled by default (example: "true"). +# - JAVA_DEBUG: If set remote debugging will be switched on. Disabled by default (example: +# true"). +# - JAVA_DEBUG_PORT: Port used for remote debugging. Defaults to 5005 (example: "8787"). +# - CONTAINER_CORE_LIMIT: A calculated core limit as described in +# https://www.kernel.org/doc/Documentation/scheduler/sched-bwc.txt. (example: "2") +# - CONTAINER_MAX_MEMORY: Memory limit given to the container (example: "1024"). +# - GC_MIN_HEAP_FREE_RATIO: Minimum percentage of heap free after GC to avoid expansion. +# (example: "20") +# - GC_MAX_HEAP_FREE_RATIO: Maximum percentage of heap free after GC to avoid shrinking. +# (example: "40") +# - GC_TIME_RATIO: Specifies the ratio of the time spent outside the garbage collection. +# (example: "4") +# - GC_ADAPTIVE_SIZE_POLICY_WEIGHT: The weighting given to the current GC time versus +# previous GC times. (example: "90") +# - GC_METASPACE_SIZE: The initial metaspace size. (example: "20") +# - GC_MAX_METASPACE_SIZE: The maximum metaspace size. (example: "100") +# - GC_CONTAINER_OPTIONS: Specify Java GC to use. The value of this variable should +# contain the necessary JRE command-line options to specify the required GC, which +# will override the default of `-XX:+UseParallelGC` (example: -XX:+UseG1GC). +# - HTTPS_PROXY: The location of the https proxy. (example: "myuser@127.0.0.1:8080") +# - HTTP_PROXY: The location of the http proxy. (example: "myuser@127.0.0.1:8080") +# - NO_PROXY: A comma separated lists of hosts, IP addresses or domains that can be +# accessed directly. (example: "foo.example.com,bar.example.com") # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/openjdk-11:1.14 + +ENV LANGUAGE='en_US:en' -ARG JAVA_PACKAGE=java-11-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.8 -ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' -# Install java and the run-java script -# Also set up permissions for user `1001` -RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ - && microdnf update \ - && microdnf clean all \ - && mkdir /deployments \ - && chown 1001 /deployments \ - && chmod "g+rwX" /deployments \ - && chown 1001:root /deployments \ - && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ - && chown 1001 /deployments/run-java.sh \ - && chmod 540 /deployments/run-java.sh \ - && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security -# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. -ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" # We make four distinct layers so if there are application changes the library layers can be re-used -COPY --chown=1001 target/quarkus-app/lib/ /deployments/lib/ -COPY --chown=1001 target/quarkus-app/*.jar /deployments/ -COPY --chown=1001 target/quarkus-app/app/ /deployments/app/ -COPY --chown=1001 target/quarkus-app/quarkus/ /deployments/quarkus/ +COPY --chown=185 target/quarkus-app/lib/ /deployments/lib/ +COPY --chown=185 target/quarkus-app/*.jar /deployments/ +COPY --chown=185 target/quarkus-app/app/ /deployments/app/ +COPY --chown=185 target/quarkus-app/quarkus/ /deployments/quarkus/ EXPOSE 8080 -USER 1001 +USER 185 +ENV AB_JOLOKIA_OFF="" +ENV JAVA_OPTS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +ENV JAVA_APP_JAR="/deployments/quarkus-run.jar" -ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/grpc-plain-text-quickstart/src/main/docker/Dockerfile.legacy-jar b/grpc-plain-text-quickstart/src/main/docker/Dockerfile.legacy-jar index 88ea7e1fdf..a864f51fac 100644 --- a/grpc-plain-text-quickstart/src/main/docker/Dockerfile.legacy-jar +++ b/grpc-plain-text-quickstart/src/main/docker/Dockerfile.legacy-jar @@ -7,45 +7,84 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/grpc-plain-text-legacy-jar . +# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/grpc-plain-text-quickstart-legacy-jar . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/grpc-plain-text-legacy-jar +# docker run -i --rm -p 8080:8080 quarkus/grpc-plain-text-quickstart-legacy-jar # # If you want to include the debug port into your docker image -# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5005 # # Then run the container using : # -# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/grpc-plain-text-legacy-jar +# docker run -i --rm -p 8080:8080 quarkus/grpc-plain-text-quickstart-legacy-jar +# +# This image uses the `run-java.sh` script to run the application. +# This scripts computes the command line to execute your Java application, and +# includes memory/GC tuning. +# You can configure the behavior using the following environment properties: +# - JAVA_OPTS: JVM options passed to the `java` command (example: "-verbose:class") +# - JAVA_OPTS_APPEND: User specified Java options to be appended to generated options +# in JAVA_OPTS (example: "-Dsome.property=foo") +# - JAVA_MAX_MEM_RATIO: Is used when no `-Xmx` option is given in JAVA_OPTS. This is +# used to calculate a default maximal heap memory based on a containers restriction. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xmx` is set to a ratio +# of the container available memory as set here. The default is `50` which means 50% +# of the available memory is used as an upper boundary. You can skip this mechanism by +# setting this value to `0` in which case no `-Xmx` option is added. +# - JAVA_INITIAL_MEM_RATIO: Is used when no `-Xms` option is given in JAVA_OPTS. This +# is used to calculate a default initial heap memory based on the maximum heap memory. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xms` is set to a ratio +# of the `-Xmx` memory as set here. The default is `25` which means 25% of the `-Xmx` +# is used as the initial heap size. You can skip this mechanism by setting this value +# to `0` in which case no `-Xms` option is added (example: "25") +# - JAVA_MAX_INITIAL_MEM: Is used when no `-Xms` option is given in JAVA_OPTS. +# This is used to calculate the maximum value of the initial heap memory. If used in +# a container without any memory constraints for the container then this option has +# no effect. If there is a memory constraint then `-Xms` is limited to the value set +# here. The default is 4096MB which means the calculated value of `-Xms` never will +# be greater than 4096MB. The value of this variable is expressed in MB (example: "4096") +# - JAVA_DIAGNOSTICS: Set this to get some diagnostics information to standard output +# when things are happening. This option, if set to true, will set +# `-XX:+UnlockDiagnosticVMOptions`. Disabled by default (example: "true"). +# - JAVA_DEBUG: If set remote debugging will be switched on. Disabled by default (example: +# true"). +# - JAVA_DEBUG_PORT: Port used for remote debugging. Defaults to 5005 (example: "8787"). +# - CONTAINER_CORE_LIMIT: A calculated core limit as described in +# https://www.kernel.org/doc/Documentation/scheduler/sched-bwc.txt. (example: "2") +# - CONTAINER_MAX_MEMORY: Memory limit given to the container (example: "1024"). +# - GC_MIN_HEAP_FREE_RATIO: Minimum percentage of heap free after GC to avoid expansion. +# (example: "20") +# - GC_MAX_HEAP_FREE_RATIO: Maximum percentage of heap free after GC to avoid shrinking. +# (example: "40") +# - GC_TIME_RATIO: Specifies the ratio of the time spent outside the garbage collection. +# (example: "4") +# - GC_ADAPTIVE_SIZE_POLICY_WEIGHT: The weighting given to the current GC time versus +# previous GC times. (example: "90") +# - GC_METASPACE_SIZE: The initial metaspace size. (example: "20") +# - GC_MAX_METASPACE_SIZE: The maximum metaspace size. (example: "100") +# - GC_CONTAINER_OPTIONS: Specify Java GC to use. The value of this variable should +# contain the necessary JRE command-line options to specify the required GC, which +# will override the default of `-XX:+UseParallelGC` (example: -XX:+UseG1GC). +# - HTTPS_PROXY: The location of the https proxy. (example: "myuser@127.0.0.1:8080") +# - HTTP_PROXY: The location of the http proxy. (example: "myuser@127.0.0.1:8080") +# - NO_PROXY: A comma separated lists of hosts, IP addresses or domains that can be +# accessed directly. (example: "foo.example.com,bar.example.com") # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/openjdk-11:1.14 + +ENV LANGUAGE='en_US:en' -ARG JAVA_PACKAGE=java-11-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.8 -ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' -# Install java and the run-java script -# Also set up permissions for user `1001` -RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ - && microdnf update \ - && microdnf clean all \ - && mkdir /deployments \ - && chown 1001 /deployments \ - && chmod "g+rwX" /deployments \ - && chown 1001:root /deployments \ - && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ - && chown 1001 /deployments/run-java.sh \ - && chmod 540 /deployments/run-java.sh \ - && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security -# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. -ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" COPY target/lib/* /deployments/lib/ -COPY target/*-runner.jar /deployments/app.jar +COPY target/*-runner.jar /deployments/quarkus-run.jar EXPOSE 8080 -USER 1001 - -ENTRYPOINT [ "/deployments/run-java.sh" ] +USER 185 +ENV AB_JOLOKIA_OFF="" +ENV JAVA_OPTS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +ENV JAVA_APP_JAR="/deployments/quarkus-run.jar" diff --git a/grpc-plain-text-quickstart/src/main/docker/Dockerfile.native b/grpc-plain-text-quickstart/src/main/docker/Dockerfile.native index 8856f8c797..77746be9c0 100644 --- a/grpc-plain-text-quickstart/src/main/docker/Dockerfile.native +++ b/grpc-plain-text-quickstart/src/main/docker/Dockerfile.native @@ -1,5 +1,5 @@ #### -# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode. # # Before building the container image run: # @@ -7,14 +7,14 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native -t quarkus/grpc-plain-text . +# docker build -f src/main/docker/Dockerfile.native -t quarkus/grpc-plain-text-quickstart . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/grpc-plain-text +# docker run -i --rm -p 8080:8080 quarkus/grpc-plain-text-quickstart # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.6 WORKDIR /work/ RUN chown 1001 /work \ && chmod "g+rwX" /work \ diff --git a/grpc-plain-text-quickstart/src/main/docker/Dockerfile.native-micro b/grpc-plain-text-quickstart/src/main/docker/Dockerfile.native-micro index e46c70d838..f47cfb03fb 100644 --- a/grpc-plain-text-quickstart/src/main/docker/Dockerfile.native-micro +++ b/grpc-plain-text-quickstart/src/main/docker/Dockerfile.native-micro @@ -1,5 +1,8 @@ #### -# This Dockerfile is used in order to build a distroless container that runs the Quarkus application in native (no JVM) mode +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode. +# It uses a micro base image, tuned for Quarkus native executables. +# It reduces the size of the resulting container image. +# Check https://quarkus.io/guides/quarkus-runtime-base-image for further information about this image. # # Before building the container image run: # @@ -7,15 +10,19 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native-micro -t quarkus/grpc-plain-text . +# docker build -f src/main/docker/Dockerfile.native-micro -t quarkus/grpc-plain-text-quickstart . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/grpc-plain-text +# docker run -i --rm -p 8080:8080 quarkus/grpc-plain-text-quickstart # ### -FROM quay.io/quarkus/quarkus-micro-image:1.0 -COPY target/*-runner /application +FROM quay.io/quarkus/quarkus-micro-image:2.0 +WORKDIR /work/ +RUN chown 1001 /work \ + && chmod "g+rwX" /work \ + && chown 1001:root /work +COPY --chown=1001:root target/*-runner /work/application EXPOSE 8080 USER 1001 diff --git a/grpc-tls-quickstart/pom.xml b/grpc-tls-quickstart/pom.xml index 2aac71d639..3ead39eab3 100644 --- a/grpc-tls-quickstart/pom.xml +++ b/grpc-tls-quickstart/pom.xml @@ -11,7 +11,7 @@ quarkus-bom io.quarkus - 999-SNAPSHOT + 2.14.0.Final 3.0.0-M7 3.8.0 3.22.0 diff --git a/grpc-tls-quickstart/src/main/docker/Dockerfile.jvm b/grpc-tls-quickstart/src/main/docker/Dockerfile.jvm index 04afff1eca..aa6594c8de 100644 --- a/grpc-tls-quickstart/src/main/docker/Dockerfile.jvm +++ b/grpc-tls-quickstart/src/main/docker/Dockerfile.jvm @@ -7,48 +7,88 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/grpc-tls-jvm . +# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/grpc-tls-quickstart-jvm . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/grpc-tls-jvm +# docker run -i --rm -p 8080:8080 quarkus/grpc-tls-quickstart-jvm # # If you want to include the debug port into your docker image -# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5005 # # Then run the container using : # -# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/grpc-tls-jvm +# docker run -i --rm -p 8080:8080 quarkus/grpc-tls-quickstart-jvm +# +# This image uses the `run-java.sh` script to run the application. +# This scripts computes the command line to execute your Java application, and +# includes memory/GC tuning. +# You can configure the behavior using the following environment properties: +# - JAVA_OPTS: JVM options passed to the `java` command (example: "-verbose:class") +# - JAVA_OPTS_APPEND: User specified Java options to be appended to generated options +# in JAVA_OPTS (example: "-Dsome.property=foo") +# - JAVA_MAX_MEM_RATIO: Is used when no `-Xmx` option is given in JAVA_OPTS. This is +# used to calculate a default maximal heap memory based on a containers restriction. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xmx` is set to a ratio +# of the container available memory as set here. The default is `50` which means 50% +# of the available memory is used as an upper boundary. You can skip this mechanism by +# setting this value to `0` in which case no `-Xmx` option is added. +# - JAVA_INITIAL_MEM_RATIO: Is used when no `-Xms` option is given in JAVA_OPTS. This +# is used to calculate a default initial heap memory based on the maximum heap memory. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xms` is set to a ratio +# of the `-Xmx` memory as set here. The default is `25` which means 25% of the `-Xmx` +# is used as the initial heap size. You can skip this mechanism by setting this value +# to `0` in which case no `-Xms` option is added (example: "25") +# - JAVA_MAX_INITIAL_MEM: Is used when no `-Xms` option is given in JAVA_OPTS. +# This is used to calculate the maximum value of the initial heap memory. If used in +# a container without any memory constraints for the container then this option has +# no effect. If there is a memory constraint then `-Xms` is limited to the value set +# here. The default is 4096MB which means the calculated value of `-Xms` never will +# be greater than 4096MB. The value of this variable is expressed in MB (example: "4096") +# - JAVA_DIAGNOSTICS: Set this to get some diagnostics information to standard output +# when things are happening. This option, if set to true, will set +# `-XX:+UnlockDiagnosticVMOptions`. Disabled by default (example: "true"). +# - JAVA_DEBUG: If set remote debugging will be switched on. Disabled by default (example: +# true"). +# - JAVA_DEBUG_PORT: Port used for remote debugging. Defaults to 5005 (example: "8787"). +# - CONTAINER_CORE_LIMIT: A calculated core limit as described in +# https://www.kernel.org/doc/Documentation/scheduler/sched-bwc.txt. (example: "2") +# - CONTAINER_MAX_MEMORY: Memory limit given to the container (example: "1024"). +# - GC_MIN_HEAP_FREE_RATIO: Minimum percentage of heap free after GC to avoid expansion. +# (example: "20") +# - GC_MAX_HEAP_FREE_RATIO: Maximum percentage of heap free after GC to avoid shrinking. +# (example: "40") +# - GC_TIME_RATIO: Specifies the ratio of the time spent outside the garbage collection. +# (example: "4") +# - GC_ADAPTIVE_SIZE_POLICY_WEIGHT: The weighting given to the current GC time versus +# previous GC times. (example: "90") +# - GC_METASPACE_SIZE: The initial metaspace size. (example: "20") +# - GC_MAX_METASPACE_SIZE: The maximum metaspace size. (example: "100") +# - GC_CONTAINER_OPTIONS: Specify Java GC to use. The value of this variable should +# contain the necessary JRE command-line options to specify the required GC, which +# will override the default of `-XX:+UseParallelGC` (example: -XX:+UseG1GC). +# - HTTPS_PROXY: The location of the https proxy. (example: "myuser@127.0.0.1:8080") +# - HTTP_PROXY: The location of the http proxy. (example: "myuser@127.0.0.1:8080") +# - NO_PROXY: A comma separated lists of hosts, IP addresses or domains that can be +# accessed directly. (example: "foo.example.com,bar.example.com") # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/openjdk-11:1.14 + +ENV LANGUAGE='en_US:en' -ARG JAVA_PACKAGE=java-11-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.8 -ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' -# Install java and the run-java script -# Also set up permissions for user `1001` -RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ - && microdnf update \ - && microdnf clean all \ - && mkdir /deployments \ - && chown 1001 /deployments \ - && chmod "g+rwX" /deployments \ - && chown 1001:root /deployments \ - && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ - && chown 1001 /deployments/run-java.sh \ - && chmod 540 /deployments/run-java.sh \ - && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security -# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. -ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" # We make four distinct layers so if there are application changes the library layers can be re-used -COPY --chown=1001 target/quarkus-app/lib/ /deployments/lib/ -COPY --chown=1001 target/quarkus-app/*.jar /deployments/ -COPY --chown=1001 target/quarkus-app/app/ /deployments/app/ -COPY --chown=1001 target/quarkus-app/quarkus/ /deployments/quarkus/ +COPY --chown=185 target/quarkus-app/lib/ /deployments/lib/ +COPY --chown=185 target/quarkus-app/*.jar /deployments/ +COPY --chown=185 target/quarkus-app/app/ /deployments/app/ +COPY --chown=185 target/quarkus-app/quarkus/ /deployments/quarkus/ EXPOSE 8080 -USER 1001 +USER 185 +ENV AB_JOLOKIA_OFF="" +ENV JAVA_OPTS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +ENV JAVA_APP_JAR="/deployments/quarkus-run.jar" -ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/grpc-tls-quickstart/src/main/docker/Dockerfile.legacy-jar b/grpc-tls-quickstart/src/main/docker/Dockerfile.legacy-jar index 2f724dd8d8..082336e50a 100644 --- a/grpc-tls-quickstart/src/main/docker/Dockerfile.legacy-jar +++ b/grpc-tls-quickstart/src/main/docker/Dockerfile.legacy-jar @@ -7,45 +7,84 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/grpc-tls-legacy-jar . +# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/grpc-tls-quickstart-legacy-jar . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/grpc-tls-legacy-jar +# docker run -i --rm -p 8080:8080 quarkus/grpc-tls-quickstart-legacy-jar # # If you want to include the debug port into your docker image -# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5005 # # Then run the container using : # -# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/grpc-tls-legacy-jar +# docker run -i --rm -p 8080:8080 quarkus/grpc-tls-quickstart-legacy-jar +# +# This image uses the `run-java.sh` script to run the application. +# This scripts computes the command line to execute your Java application, and +# includes memory/GC tuning. +# You can configure the behavior using the following environment properties: +# - JAVA_OPTS: JVM options passed to the `java` command (example: "-verbose:class") +# - JAVA_OPTS_APPEND: User specified Java options to be appended to generated options +# in JAVA_OPTS (example: "-Dsome.property=foo") +# - JAVA_MAX_MEM_RATIO: Is used when no `-Xmx` option is given in JAVA_OPTS. This is +# used to calculate a default maximal heap memory based on a containers restriction. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xmx` is set to a ratio +# of the container available memory as set here. The default is `50` which means 50% +# of the available memory is used as an upper boundary. You can skip this mechanism by +# setting this value to `0` in which case no `-Xmx` option is added. +# - JAVA_INITIAL_MEM_RATIO: Is used when no `-Xms` option is given in JAVA_OPTS. This +# is used to calculate a default initial heap memory based on the maximum heap memory. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xms` is set to a ratio +# of the `-Xmx` memory as set here. The default is `25` which means 25% of the `-Xmx` +# is used as the initial heap size. You can skip this mechanism by setting this value +# to `0` in which case no `-Xms` option is added (example: "25") +# - JAVA_MAX_INITIAL_MEM: Is used when no `-Xms` option is given in JAVA_OPTS. +# This is used to calculate the maximum value of the initial heap memory. If used in +# a container without any memory constraints for the container then this option has +# no effect. If there is a memory constraint then `-Xms` is limited to the value set +# here. The default is 4096MB which means the calculated value of `-Xms` never will +# be greater than 4096MB. The value of this variable is expressed in MB (example: "4096") +# - JAVA_DIAGNOSTICS: Set this to get some diagnostics information to standard output +# when things are happening. This option, if set to true, will set +# `-XX:+UnlockDiagnosticVMOptions`. Disabled by default (example: "true"). +# - JAVA_DEBUG: If set remote debugging will be switched on. Disabled by default (example: +# true"). +# - JAVA_DEBUG_PORT: Port used for remote debugging. Defaults to 5005 (example: "8787"). +# - CONTAINER_CORE_LIMIT: A calculated core limit as described in +# https://www.kernel.org/doc/Documentation/scheduler/sched-bwc.txt. (example: "2") +# - CONTAINER_MAX_MEMORY: Memory limit given to the container (example: "1024"). +# - GC_MIN_HEAP_FREE_RATIO: Minimum percentage of heap free after GC to avoid expansion. +# (example: "20") +# - GC_MAX_HEAP_FREE_RATIO: Maximum percentage of heap free after GC to avoid shrinking. +# (example: "40") +# - GC_TIME_RATIO: Specifies the ratio of the time spent outside the garbage collection. +# (example: "4") +# - GC_ADAPTIVE_SIZE_POLICY_WEIGHT: The weighting given to the current GC time versus +# previous GC times. (example: "90") +# - GC_METASPACE_SIZE: The initial metaspace size. (example: "20") +# - GC_MAX_METASPACE_SIZE: The maximum metaspace size. (example: "100") +# - GC_CONTAINER_OPTIONS: Specify Java GC to use. The value of this variable should +# contain the necessary JRE command-line options to specify the required GC, which +# will override the default of `-XX:+UseParallelGC` (example: -XX:+UseG1GC). +# - HTTPS_PROXY: The location of the https proxy. (example: "myuser@127.0.0.1:8080") +# - HTTP_PROXY: The location of the http proxy. (example: "myuser@127.0.0.1:8080") +# - NO_PROXY: A comma separated lists of hosts, IP addresses or domains that can be +# accessed directly. (example: "foo.example.com,bar.example.com") # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/openjdk-11:1.14 + +ENV LANGUAGE='en_US:en' -ARG JAVA_PACKAGE=java-11-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.8 -ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' -# Install java and the run-java script -# Also set up permissions for user `1001` -RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ - && microdnf update \ - && microdnf clean all \ - && mkdir /deployments \ - && chown 1001 /deployments \ - && chmod "g+rwX" /deployments \ - && chown 1001:root /deployments \ - && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ - && chown 1001 /deployments/run-java.sh \ - && chmod 540 /deployments/run-java.sh \ - && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security -# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. -ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" COPY target/lib/* /deployments/lib/ -COPY target/*-runner.jar /deployments/app.jar +COPY target/*-runner.jar /deployments/quarkus-run.jar EXPOSE 8080 -USER 1001 - -ENTRYPOINT [ "/deployments/run-java.sh" ] +USER 185 +ENV AB_JOLOKIA_OFF="" +ENV JAVA_OPTS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +ENV JAVA_APP_JAR="/deployments/quarkus-run.jar" diff --git a/grpc-tls-quickstart/src/main/docker/Dockerfile.native b/grpc-tls-quickstart/src/main/docker/Dockerfile.native index 5a0a111e53..0306887674 100644 --- a/grpc-tls-quickstart/src/main/docker/Dockerfile.native +++ b/grpc-tls-quickstart/src/main/docker/Dockerfile.native @@ -1,5 +1,5 @@ #### -# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode. # # Before building the container image run: # @@ -7,14 +7,14 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native -t quarkus/grpc-tls . +# docker build -f src/main/docker/Dockerfile.native -t quarkus/grpc-tls-quickstart . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/grpc-tls +# docker run -i --rm -p 8080:8080 quarkus/grpc-tls-quickstart # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.6 WORKDIR /work/ RUN chown 1001 /work \ && chmod "g+rwX" /work \ diff --git a/grpc-tls-quickstart/src/main/docker/Dockerfile.native-micro b/grpc-tls-quickstart/src/main/docker/Dockerfile.native-micro index 43c0db05a7..1b3dafd644 100644 --- a/grpc-tls-quickstart/src/main/docker/Dockerfile.native-micro +++ b/grpc-tls-quickstart/src/main/docker/Dockerfile.native-micro @@ -1,5 +1,8 @@ #### -# This Dockerfile is used in order to build a distroless container that runs the Quarkus application in native (no JVM) mode +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode. +# It uses a micro base image, tuned for Quarkus native executables. +# It reduces the size of the resulting container image. +# Check https://quarkus.io/guides/quarkus-runtime-base-image for further information about this image. # # Before building the container image run: # @@ -7,15 +10,19 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native-micro -t quarkus/grpc-tls . +# docker build -f src/main/docker/Dockerfile.native-micro -t quarkus/grpc-tls-quickstart . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/grpc-tls +# docker run -i --rm -p 8080:8080 quarkus/grpc-tls-quickstart # ### -FROM quay.io/quarkus/quarkus-micro-image:1.0 -COPY target/*-runner /application +FROM quay.io/quarkus/quarkus-micro-image:2.0 +WORKDIR /work/ +RUN chown 1001 /work \ + && chmod "g+rwX" /work \ + && chown 1001:root /work +COPY --chown=1001:root target/*-runner /work/application EXPOSE 8080 USER 1001 diff --git a/hibernate-orm-multi-tenancy-quickstart/pom.xml b/hibernate-orm-multi-tenancy-quickstart/pom.xml index aac4eb6d06..4a1cf2f3b2 100644 --- a/hibernate-orm-multi-tenancy-quickstart/pom.xml +++ b/hibernate-orm-multi-tenancy-quickstart/pom.xml @@ -10,7 +10,7 @@ quarkus-bom io.quarkus - 999-SNAPSHOT + 2.14.0.Final 3.0.0-M7 3.8.0 0.28.0 diff --git a/hibernate-orm-multi-tenancy-quickstart/src/main/docker/Dockerfile.jvm b/hibernate-orm-multi-tenancy-quickstart/src/main/docker/Dockerfile.jvm index 6292f226f6..26ed9e7f1a 100644 --- a/hibernate-orm-multi-tenancy-quickstart/src/main/docker/Dockerfile.jvm +++ b/hibernate-orm-multi-tenancy-quickstart/src/main/docker/Dockerfile.jvm @@ -7,48 +7,88 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/hibernate-orm-multi-tenancy-jvm . +# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/hibernate-orm-multi-tenancy-quickstart-jvm . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/hibernate-orm-multi-tenancy-jvm +# docker run -i --rm -p 8080:8080 quarkus/hibernate-orm-multi-tenancy-quickstart-jvm # # If you want to include the debug port into your docker image -# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5005 # # Then run the container using : # -# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/hibernate-orm-multi-tenancy-jvm +# docker run -i --rm -p 8080:8080 quarkus/hibernate-orm-multi-tenancy-quickstart-jvm +# +# This image uses the `run-java.sh` script to run the application. +# This scripts computes the command line to execute your Java application, and +# includes memory/GC tuning. +# You can configure the behavior using the following environment properties: +# - JAVA_OPTS: JVM options passed to the `java` command (example: "-verbose:class") +# - JAVA_OPTS_APPEND: User specified Java options to be appended to generated options +# in JAVA_OPTS (example: "-Dsome.property=foo") +# - JAVA_MAX_MEM_RATIO: Is used when no `-Xmx` option is given in JAVA_OPTS. This is +# used to calculate a default maximal heap memory based on a containers restriction. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xmx` is set to a ratio +# of the container available memory as set here. The default is `50` which means 50% +# of the available memory is used as an upper boundary. You can skip this mechanism by +# setting this value to `0` in which case no `-Xmx` option is added. +# - JAVA_INITIAL_MEM_RATIO: Is used when no `-Xms` option is given in JAVA_OPTS. This +# is used to calculate a default initial heap memory based on the maximum heap memory. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xms` is set to a ratio +# of the `-Xmx` memory as set here. The default is `25` which means 25% of the `-Xmx` +# is used as the initial heap size. You can skip this mechanism by setting this value +# to `0` in which case no `-Xms` option is added (example: "25") +# - JAVA_MAX_INITIAL_MEM: Is used when no `-Xms` option is given in JAVA_OPTS. +# This is used to calculate the maximum value of the initial heap memory. If used in +# a container without any memory constraints for the container then this option has +# no effect. If there is a memory constraint then `-Xms` is limited to the value set +# here. The default is 4096MB which means the calculated value of `-Xms` never will +# be greater than 4096MB. The value of this variable is expressed in MB (example: "4096") +# - JAVA_DIAGNOSTICS: Set this to get some diagnostics information to standard output +# when things are happening. This option, if set to true, will set +# `-XX:+UnlockDiagnosticVMOptions`. Disabled by default (example: "true"). +# - JAVA_DEBUG: If set remote debugging will be switched on. Disabled by default (example: +# true"). +# - JAVA_DEBUG_PORT: Port used for remote debugging. Defaults to 5005 (example: "8787"). +# - CONTAINER_CORE_LIMIT: A calculated core limit as described in +# https://www.kernel.org/doc/Documentation/scheduler/sched-bwc.txt. (example: "2") +# - CONTAINER_MAX_MEMORY: Memory limit given to the container (example: "1024"). +# - GC_MIN_HEAP_FREE_RATIO: Minimum percentage of heap free after GC to avoid expansion. +# (example: "20") +# - GC_MAX_HEAP_FREE_RATIO: Maximum percentage of heap free after GC to avoid shrinking. +# (example: "40") +# - GC_TIME_RATIO: Specifies the ratio of the time spent outside the garbage collection. +# (example: "4") +# - GC_ADAPTIVE_SIZE_POLICY_WEIGHT: The weighting given to the current GC time versus +# previous GC times. (example: "90") +# - GC_METASPACE_SIZE: The initial metaspace size. (example: "20") +# - GC_MAX_METASPACE_SIZE: The maximum metaspace size. (example: "100") +# - GC_CONTAINER_OPTIONS: Specify Java GC to use. The value of this variable should +# contain the necessary JRE command-line options to specify the required GC, which +# will override the default of `-XX:+UseParallelGC` (example: -XX:+UseG1GC). +# - HTTPS_PROXY: The location of the https proxy. (example: "myuser@127.0.0.1:8080") +# - HTTP_PROXY: The location of the http proxy. (example: "myuser@127.0.0.1:8080") +# - NO_PROXY: A comma separated lists of hosts, IP addresses or domains that can be +# accessed directly. (example: "foo.example.com,bar.example.com") # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/openjdk-11:1.14 + +ENV LANGUAGE='en_US:en' -ARG JAVA_PACKAGE=java-11-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.8 -ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' -# Install java and the run-java script -# Also set up permissions for user `1001` -RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ - && microdnf update \ - && microdnf clean all \ - && mkdir /deployments \ - && chown 1001 /deployments \ - && chmod "g+rwX" /deployments \ - && chown 1001:root /deployments \ - && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ - && chown 1001 /deployments/run-java.sh \ - && chmod 540 /deployments/run-java.sh \ - && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security -# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. -ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" # We make four distinct layers so if there are application changes the library layers can be re-used -COPY --chown=1001 target/quarkus-app/lib/ /deployments/lib/ -COPY --chown=1001 target/quarkus-app/*.jar /deployments/ -COPY --chown=1001 target/quarkus-app/app/ /deployments/app/ -COPY --chown=1001 target/quarkus-app/quarkus/ /deployments/quarkus/ +COPY --chown=185 target/quarkus-app/lib/ /deployments/lib/ +COPY --chown=185 target/quarkus-app/*.jar /deployments/ +COPY --chown=185 target/quarkus-app/app/ /deployments/app/ +COPY --chown=185 target/quarkus-app/quarkus/ /deployments/quarkus/ EXPOSE 8080 -USER 1001 +USER 185 +ENV AB_JOLOKIA_OFF="" +ENV JAVA_OPTS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +ENV JAVA_APP_JAR="/deployments/quarkus-run.jar" -ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/hibernate-orm-multi-tenancy-quickstart/src/main/docker/Dockerfile.legacy-jar b/hibernate-orm-multi-tenancy-quickstart/src/main/docker/Dockerfile.legacy-jar index eec026919d..8ea967699e 100644 --- a/hibernate-orm-multi-tenancy-quickstart/src/main/docker/Dockerfile.legacy-jar +++ b/hibernate-orm-multi-tenancy-quickstart/src/main/docker/Dockerfile.legacy-jar @@ -7,45 +7,84 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/hibernate-orm-multi-tenancy-legacy-jar . +# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/hibernate-orm-multi-tenancy-quickstart-legacy-jar . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/hibernate-orm-multi-tenancy-legacy-jar +# docker run -i --rm -p 8080:8080 quarkus/hibernate-orm-multi-tenancy-quickstart-legacy-jar # # If you want to include the debug port into your docker image -# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5005 # # Then run the container using : # -# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/hibernate-orm-multi-tenancy-legacy-jar +# docker run -i --rm -p 8080:8080 quarkus/hibernate-orm-multi-tenancy-quickstart-legacy-jar +# +# This image uses the `run-java.sh` script to run the application. +# This scripts computes the command line to execute your Java application, and +# includes memory/GC tuning. +# You can configure the behavior using the following environment properties: +# - JAVA_OPTS: JVM options passed to the `java` command (example: "-verbose:class") +# - JAVA_OPTS_APPEND: User specified Java options to be appended to generated options +# in JAVA_OPTS (example: "-Dsome.property=foo") +# - JAVA_MAX_MEM_RATIO: Is used when no `-Xmx` option is given in JAVA_OPTS. This is +# used to calculate a default maximal heap memory based on a containers restriction. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xmx` is set to a ratio +# of the container available memory as set here. The default is `50` which means 50% +# of the available memory is used as an upper boundary. You can skip this mechanism by +# setting this value to `0` in which case no `-Xmx` option is added. +# - JAVA_INITIAL_MEM_RATIO: Is used when no `-Xms` option is given in JAVA_OPTS. This +# is used to calculate a default initial heap memory based on the maximum heap memory. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xms` is set to a ratio +# of the `-Xmx` memory as set here. The default is `25` which means 25% of the `-Xmx` +# is used as the initial heap size. You can skip this mechanism by setting this value +# to `0` in which case no `-Xms` option is added (example: "25") +# - JAVA_MAX_INITIAL_MEM: Is used when no `-Xms` option is given in JAVA_OPTS. +# This is used to calculate the maximum value of the initial heap memory. If used in +# a container without any memory constraints for the container then this option has +# no effect. If there is a memory constraint then `-Xms` is limited to the value set +# here. The default is 4096MB which means the calculated value of `-Xms` never will +# be greater than 4096MB. The value of this variable is expressed in MB (example: "4096") +# - JAVA_DIAGNOSTICS: Set this to get some diagnostics information to standard output +# when things are happening. This option, if set to true, will set +# `-XX:+UnlockDiagnosticVMOptions`. Disabled by default (example: "true"). +# - JAVA_DEBUG: If set remote debugging will be switched on. Disabled by default (example: +# true"). +# - JAVA_DEBUG_PORT: Port used for remote debugging. Defaults to 5005 (example: "8787"). +# - CONTAINER_CORE_LIMIT: A calculated core limit as described in +# https://www.kernel.org/doc/Documentation/scheduler/sched-bwc.txt. (example: "2") +# - CONTAINER_MAX_MEMORY: Memory limit given to the container (example: "1024"). +# - GC_MIN_HEAP_FREE_RATIO: Minimum percentage of heap free after GC to avoid expansion. +# (example: "20") +# - GC_MAX_HEAP_FREE_RATIO: Maximum percentage of heap free after GC to avoid shrinking. +# (example: "40") +# - GC_TIME_RATIO: Specifies the ratio of the time spent outside the garbage collection. +# (example: "4") +# - GC_ADAPTIVE_SIZE_POLICY_WEIGHT: The weighting given to the current GC time versus +# previous GC times. (example: "90") +# - GC_METASPACE_SIZE: The initial metaspace size. (example: "20") +# - GC_MAX_METASPACE_SIZE: The maximum metaspace size. (example: "100") +# - GC_CONTAINER_OPTIONS: Specify Java GC to use. The value of this variable should +# contain the necessary JRE command-line options to specify the required GC, which +# will override the default of `-XX:+UseParallelGC` (example: -XX:+UseG1GC). +# - HTTPS_PROXY: The location of the https proxy. (example: "myuser@127.0.0.1:8080") +# - HTTP_PROXY: The location of the http proxy. (example: "myuser@127.0.0.1:8080") +# - NO_PROXY: A comma separated lists of hosts, IP addresses or domains that can be +# accessed directly. (example: "foo.example.com,bar.example.com") # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/openjdk-11:1.14 + +ENV LANGUAGE='en_US:en' -ARG JAVA_PACKAGE=java-11-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.8 -ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' -# Install java and the run-java script -# Also set up permissions for user `1001` -RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ - && microdnf update \ - && microdnf clean all \ - && mkdir /deployments \ - && chown 1001 /deployments \ - && chmod "g+rwX" /deployments \ - && chown 1001:root /deployments \ - && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ - && chown 1001 /deployments/run-java.sh \ - && chmod 540 /deployments/run-java.sh \ - && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security -# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. -ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" COPY target/lib/* /deployments/lib/ -COPY target/*-runner.jar /deployments/app.jar +COPY target/*-runner.jar /deployments/quarkus-run.jar EXPOSE 8080 -USER 1001 - -ENTRYPOINT [ "/deployments/run-java.sh" ] +USER 185 +ENV AB_JOLOKIA_OFF="" +ENV JAVA_OPTS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +ENV JAVA_APP_JAR="/deployments/quarkus-run.jar" diff --git a/hibernate-orm-multi-tenancy-quickstart/src/main/docker/Dockerfile.native b/hibernate-orm-multi-tenancy-quickstart/src/main/docker/Dockerfile.native index 5cc0b160d2..b34dc5750b 100644 --- a/hibernate-orm-multi-tenancy-quickstart/src/main/docker/Dockerfile.native +++ b/hibernate-orm-multi-tenancy-quickstart/src/main/docker/Dockerfile.native @@ -1,5 +1,5 @@ #### -# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode. # # Before building the container image run: # @@ -7,14 +7,14 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native -t quarkus/hibernate-orm-multi-tenancy . +# docker build -f src/main/docker/Dockerfile.native -t quarkus/hibernate-orm-multi-tenancy-quickstart . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/hibernate-orm-multi-tenancy +# docker run -i --rm -p 8080:8080 quarkus/hibernate-orm-multi-tenancy-quickstart # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.6 WORKDIR /work/ RUN chown 1001 /work \ && chmod "g+rwX" /work \ diff --git a/hibernate-orm-multi-tenancy-quickstart/src/main/docker/Dockerfile.native-micro b/hibernate-orm-multi-tenancy-quickstart/src/main/docker/Dockerfile.native-micro index 6c1142a623..c294755046 100644 --- a/hibernate-orm-multi-tenancy-quickstart/src/main/docker/Dockerfile.native-micro +++ b/hibernate-orm-multi-tenancy-quickstart/src/main/docker/Dockerfile.native-micro @@ -1,5 +1,8 @@ #### -# This Dockerfile is used in order to build a distroless container that runs the Quarkus application in native (no JVM) mode +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode. +# It uses a micro base image, tuned for Quarkus native executables. +# It reduces the size of the resulting container image. +# Check https://quarkus.io/guides/quarkus-runtime-base-image for further information about this image. # # Before building the container image run: # @@ -7,15 +10,19 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native-micro -t quarkus/hibernate-orm-multi-tenancy . +# docker build -f src/main/docker/Dockerfile.native-micro -t quarkus/hibernate-orm-multi-tenancy-quickstart . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/hibernate-orm-multi-tenancy +# docker run -i --rm -p 8080:8080 quarkus/hibernate-orm-multi-tenancy-quickstart # ### -FROM quay.io/quarkus/quarkus-micro-image:1.0 -COPY target/*-runner /application +FROM quay.io/quarkus/quarkus-micro-image:2.0 +WORKDIR /work/ +RUN chown 1001 /work \ + && chmod "g+rwX" /work \ + && chown 1001:root /work +COPY --chown=1001:root target/*-runner /work/application EXPOSE 8080 USER 1001 diff --git a/hibernate-orm-panache-kotlin-quickstart/pom.xml b/hibernate-orm-panache-kotlin-quickstart/pom.xml index 7b1eaaa635..b213737b1b 100644 --- a/hibernate-orm-panache-kotlin-quickstart/pom.xml +++ b/hibernate-orm-panache-kotlin-quickstart/pom.xml @@ -10,7 +10,7 @@ quarkus-bom io.quarkus - 999-SNAPSHOT + 2.14.0.Final 3.0.0-M7 3.8.1 1.7.20 diff --git a/hibernate-orm-panache-kotlin-quickstart/src/main/docker/Dockerfile.jvm b/hibernate-orm-panache-kotlin-quickstart/src/main/docker/Dockerfile.jvm index a2ac289d70..6a48dc07d6 100644 --- a/hibernate-orm-panache-kotlin-quickstart/src/main/docker/Dockerfile.jvm +++ b/hibernate-orm-panache-kotlin-quickstart/src/main/docker/Dockerfile.jvm @@ -7,48 +7,88 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/hibernate-orm-panache-kotlin-jvm . +# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/hibernate-orm-panache-kotlin-quickstart-jvm . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/hibernate-orm-panache-kotlin-jvm +# docker run -i --rm -p 8080:8080 quarkus/hibernate-orm-panache-kotlin-quickstart-jvm # # If you want to include the debug port into your docker image -# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5005 # # Then run the container using : # -# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/hibernate-orm-panache-kotlin-jvm +# docker run -i --rm -p 8080:8080 quarkus/hibernate-orm-panache-kotlin-quickstart-jvm +# +# This image uses the `run-java.sh` script to run the application. +# This scripts computes the command line to execute your Java application, and +# includes memory/GC tuning. +# You can configure the behavior using the following environment properties: +# - JAVA_OPTS: JVM options passed to the `java` command (example: "-verbose:class") +# - JAVA_OPTS_APPEND: User specified Java options to be appended to generated options +# in JAVA_OPTS (example: "-Dsome.property=foo") +# - JAVA_MAX_MEM_RATIO: Is used when no `-Xmx` option is given in JAVA_OPTS. This is +# used to calculate a default maximal heap memory based on a containers restriction. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xmx` is set to a ratio +# of the container available memory as set here. The default is `50` which means 50% +# of the available memory is used as an upper boundary. You can skip this mechanism by +# setting this value to `0` in which case no `-Xmx` option is added. +# - JAVA_INITIAL_MEM_RATIO: Is used when no `-Xms` option is given in JAVA_OPTS. This +# is used to calculate a default initial heap memory based on the maximum heap memory. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xms` is set to a ratio +# of the `-Xmx` memory as set here. The default is `25` which means 25% of the `-Xmx` +# is used as the initial heap size. You can skip this mechanism by setting this value +# to `0` in which case no `-Xms` option is added (example: "25") +# - JAVA_MAX_INITIAL_MEM: Is used when no `-Xms` option is given in JAVA_OPTS. +# This is used to calculate the maximum value of the initial heap memory. If used in +# a container without any memory constraints for the container then this option has +# no effect. If there is a memory constraint then `-Xms` is limited to the value set +# here. The default is 4096MB which means the calculated value of `-Xms` never will +# be greater than 4096MB. The value of this variable is expressed in MB (example: "4096") +# - JAVA_DIAGNOSTICS: Set this to get some diagnostics information to standard output +# when things are happening. This option, if set to true, will set +# `-XX:+UnlockDiagnosticVMOptions`. Disabled by default (example: "true"). +# - JAVA_DEBUG: If set remote debugging will be switched on. Disabled by default (example: +# true"). +# - JAVA_DEBUG_PORT: Port used for remote debugging. Defaults to 5005 (example: "8787"). +# - CONTAINER_CORE_LIMIT: A calculated core limit as described in +# https://www.kernel.org/doc/Documentation/scheduler/sched-bwc.txt. (example: "2") +# - CONTAINER_MAX_MEMORY: Memory limit given to the container (example: "1024"). +# - GC_MIN_HEAP_FREE_RATIO: Minimum percentage of heap free after GC to avoid expansion. +# (example: "20") +# - GC_MAX_HEAP_FREE_RATIO: Maximum percentage of heap free after GC to avoid shrinking. +# (example: "40") +# - GC_TIME_RATIO: Specifies the ratio of the time spent outside the garbage collection. +# (example: "4") +# - GC_ADAPTIVE_SIZE_POLICY_WEIGHT: The weighting given to the current GC time versus +# previous GC times. (example: "90") +# - GC_METASPACE_SIZE: The initial metaspace size. (example: "20") +# - GC_MAX_METASPACE_SIZE: The maximum metaspace size. (example: "100") +# - GC_CONTAINER_OPTIONS: Specify Java GC to use. The value of this variable should +# contain the necessary JRE command-line options to specify the required GC, which +# will override the default of `-XX:+UseParallelGC` (example: -XX:+UseG1GC). +# - HTTPS_PROXY: The location of the https proxy. (example: "myuser@127.0.0.1:8080") +# - HTTP_PROXY: The location of the http proxy. (example: "myuser@127.0.0.1:8080") +# - NO_PROXY: A comma separated lists of hosts, IP addresses or domains that can be +# accessed directly. (example: "foo.example.com,bar.example.com") # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/openjdk-11:1.14 + +ENV LANGUAGE='en_US:en' -ARG JAVA_PACKAGE=java-11-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.8 -ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' -# Install java and the run-java script -# Also set up permissions for user `1001` -RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ - && microdnf update \ - && microdnf clean all \ - && mkdir /deployments \ - && chown 1001 /deployments \ - && chmod "g+rwX" /deployments \ - && chown 1001:root /deployments \ - && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ - && chown 1001 /deployments/run-java.sh \ - && chmod 540 /deployments/run-java.sh \ - && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security -# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. -ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" # We make four distinct layers so if there are application changes the library layers can be re-used -COPY --chown=1001 target/quarkus-app/lib/ /deployments/lib/ -COPY --chown=1001 target/quarkus-app/*.jar /deployments/ -COPY --chown=1001 target/quarkus-app/app/ /deployments/app/ -COPY --chown=1001 target/quarkus-app/quarkus/ /deployments/quarkus/ +COPY --chown=185 target/quarkus-app/lib/ /deployments/lib/ +COPY --chown=185 target/quarkus-app/*.jar /deployments/ +COPY --chown=185 target/quarkus-app/app/ /deployments/app/ +COPY --chown=185 target/quarkus-app/quarkus/ /deployments/quarkus/ EXPOSE 8080 -USER 1001 +USER 185 +ENV AB_JOLOKIA_OFF="" +ENV JAVA_OPTS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +ENV JAVA_APP_JAR="/deployments/quarkus-run.jar" -ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/hibernate-orm-panache-kotlin-quickstart/src/main/docker/Dockerfile.legacy-jar b/hibernate-orm-panache-kotlin-quickstart/src/main/docker/Dockerfile.legacy-jar index cd6bfea33c..5c73d3f6a4 100644 --- a/hibernate-orm-panache-kotlin-quickstart/src/main/docker/Dockerfile.legacy-jar +++ b/hibernate-orm-panache-kotlin-quickstart/src/main/docker/Dockerfile.legacy-jar @@ -7,45 +7,84 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/hibernate-orm-panache-kotlin-legacy-jar . +# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/hibernate-orm-panache-kotlin-quickstart-legacy-jar . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/hibernate-orm-panache-kotlin-legacy-jar +# docker run -i --rm -p 8080:8080 quarkus/hibernate-orm-panache-kotlin-quickstart-legacy-jar # # If you want to include the debug port into your docker image -# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5005 # # Then run the container using : # -# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/hibernate-orm-panache-kotlin-legacy-jar +# docker run -i --rm -p 8080:8080 quarkus/hibernate-orm-panache-kotlin-quickstart-legacy-jar +# +# This image uses the `run-java.sh` script to run the application. +# This scripts computes the command line to execute your Java application, and +# includes memory/GC tuning. +# You can configure the behavior using the following environment properties: +# - JAVA_OPTS: JVM options passed to the `java` command (example: "-verbose:class") +# - JAVA_OPTS_APPEND: User specified Java options to be appended to generated options +# in JAVA_OPTS (example: "-Dsome.property=foo") +# - JAVA_MAX_MEM_RATIO: Is used when no `-Xmx` option is given in JAVA_OPTS. This is +# used to calculate a default maximal heap memory based on a containers restriction. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xmx` is set to a ratio +# of the container available memory as set here. The default is `50` which means 50% +# of the available memory is used as an upper boundary. You can skip this mechanism by +# setting this value to `0` in which case no `-Xmx` option is added. +# - JAVA_INITIAL_MEM_RATIO: Is used when no `-Xms` option is given in JAVA_OPTS. This +# is used to calculate a default initial heap memory based on the maximum heap memory. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xms` is set to a ratio +# of the `-Xmx` memory as set here. The default is `25` which means 25% of the `-Xmx` +# is used as the initial heap size. You can skip this mechanism by setting this value +# to `0` in which case no `-Xms` option is added (example: "25") +# - JAVA_MAX_INITIAL_MEM: Is used when no `-Xms` option is given in JAVA_OPTS. +# This is used to calculate the maximum value of the initial heap memory. If used in +# a container without any memory constraints for the container then this option has +# no effect. If there is a memory constraint then `-Xms` is limited to the value set +# here. The default is 4096MB which means the calculated value of `-Xms` never will +# be greater than 4096MB. The value of this variable is expressed in MB (example: "4096") +# - JAVA_DIAGNOSTICS: Set this to get some diagnostics information to standard output +# when things are happening. This option, if set to true, will set +# `-XX:+UnlockDiagnosticVMOptions`. Disabled by default (example: "true"). +# - JAVA_DEBUG: If set remote debugging will be switched on. Disabled by default (example: +# true"). +# - JAVA_DEBUG_PORT: Port used for remote debugging. Defaults to 5005 (example: "8787"). +# - CONTAINER_CORE_LIMIT: A calculated core limit as described in +# https://www.kernel.org/doc/Documentation/scheduler/sched-bwc.txt. (example: "2") +# - CONTAINER_MAX_MEMORY: Memory limit given to the container (example: "1024"). +# - GC_MIN_HEAP_FREE_RATIO: Minimum percentage of heap free after GC to avoid expansion. +# (example: "20") +# - GC_MAX_HEAP_FREE_RATIO: Maximum percentage of heap free after GC to avoid shrinking. +# (example: "40") +# - GC_TIME_RATIO: Specifies the ratio of the time spent outside the garbage collection. +# (example: "4") +# - GC_ADAPTIVE_SIZE_POLICY_WEIGHT: The weighting given to the current GC time versus +# previous GC times. (example: "90") +# - GC_METASPACE_SIZE: The initial metaspace size. (example: "20") +# - GC_MAX_METASPACE_SIZE: The maximum metaspace size. (example: "100") +# - GC_CONTAINER_OPTIONS: Specify Java GC to use. The value of this variable should +# contain the necessary JRE command-line options to specify the required GC, which +# will override the default of `-XX:+UseParallelGC` (example: -XX:+UseG1GC). +# - HTTPS_PROXY: The location of the https proxy. (example: "myuser@127.0.0.1:8080") +# - HTTP_PROXY: The location of the http proxy. (example: "myuser@127.0.0.1:8080") +# - NO_PROXY: A comma separated lists of hosts, IP addresses or domains that can be +# accessed directly. (example: "foo.example.com,bar.example.com") # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/openjdk-11:1.14 + +ENV LANGUAGE='en_US:en' -ARG JAVA_PACKAGE=java-11-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.8 -ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' -# Install java and the run-java script -# Also set up permissions for user `1001` -RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ - && microdnf update \ - && microdnf clean all \ - && mkdir /deployments \ - && chown 1001 /deployments \ - && chmod "g+rwX" /deployments \ - && chown 1001:root /deployments \ - && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ - && chown 1001 /deployments/run-java.sh \ - && chmod 540 /deployments/run-java.sh \ - && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security -# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. -ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" COPY target/lib/* /deployments/lib/ -COPY target/*-runner.jar /deployments/app.jar +COPY target/*-runner.jar /deployments/quarkus-run.jar EXPOSE 8080 -USER 1001 - -ENTRYPOINT [ "/deployments/run-java.sh" ] +USER 185 +ENV AB_JOLOKIA_OFF="" +ENV JAVA_OPTS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +ENV JAVA_APP_JAR="/deployments/quarkus-run.jar" diff --git a/hibernate-orm-panache-kotlin-quickstart/src/main/docker/Dockerfile.native b/hibernate-orm-panache-kotlin-quickstart/src/main/docker/Dockerfile.native index f28f99a949..5444fd110d 100644 --- a/hibernate-orm-panache-kotlin-quickstart/src/main/docker/Dockerfile.native +++ b/hibernate-orm-panache-kotlin-quickstart/src/main/docker/Dockerfile.native @@ -1,5 +1,5 @@ #### -# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode. # # Before building the container image run: # @@ -7,14 +7,14 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native -t quarkus/hibernate-orm-panache-kotlin . +# docker build -f src/main/docker/Dockerfile.native -t quarkus/hibernate-orm-panache-kotlin-quickstart . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/hibernate-orm-panache-kotlin +# docker run -i --rm -p 8080:8080 quarkus/hibernate-orm-panache-kotlin-quickstart # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.6 WORKDIR /work/ RUN chown 1001 /work \ && chmod "g+rwX" /work \ diff --git a/hibernate-orm-panache-quickstart/pom.xml b/hibernate-orm-panache-quickstart/pom.xml index 86343bac4a..58b91dbdb7 100644 --- a/hibernate-orm-panache-quickstart/pom.xml +++ b/hibernate-orm-panache-quickstart/pom.xml @@ -10,7 +10,7 @@ quarkus-bom io.quarkus - 999-SNAPSHOT + 2.14.0.Final 3.0.0-M7 3.8.0 UTF-8 diff --git a/hibernate-orm-panache-quickstart/src/main/docker/Dockerfile.jvm b/hibernate-orm-panache-quickstart/src/main/docker/Dockerfile.jvm index 988c408abf..1767bd2077 100644 --- a/hibernate-orm-panache-quickstart/src/main/docker/Dockerfile.jvm +++ b/hibernate-orm-panache-quickstart/src/main/docker/Dockerfile.jvm @@ -7,48 +7,88 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/hibernate-orm-panache-jvm . +# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/hibernate-orm-panache-quickstart-jvm . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/hibernate-orm-panache-jvm +# docker run -i --rm -p 8080:8080 quarkus/hibernate-orm-panache-quickstart-jvm # # If you want to include the debug port into your docker image -# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5005 # # Then run the container using : # -# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/hibernate-orm-panache-jvm +# docker run -i --rm -p 8080:8080 quarkus/hibernate-orm-panache-quickstart-jvm +# +# This image uses the `run-java.sh` script to run the application. +# This scripts computes the command line to execute your Java application, and +# includes memory/GC tuning. +# You can configure the behavior using the following environment properties: +# - JAVA_OPTS: JVM options passed to the `java` command (example: "-verbose:class") +# - JAVA_OPTS_APPEND: User specified Java options to be appended to generated options +# in JAVA_OPTS (example: "-Dsome.property=foo") +# - JAVA_MAX_MEM_RATIO: Is used when no `-Xmx` option is given in JAVA_OPTS. This is +# used to calculate a default maximal heap memory based on a containers restriction. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xmx` is set to a ratio +# of the container available memory as set here. The default is `50` which means 50% +# of the available memory is used as an upper boundary. You can skip this mechanism by +# setting this value to `0` in which case no `-Xmx` option is added. +# - JAVA_INITIAL_MEM_RATIO: Is used when no `-Xms` option is given in JAVA_OPTS. This +# is used to calculate a default initial heap memory based on the maximum heap memory. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xms` is set to a ratio +# of the `-Xmx` memory as set here. The default is `25` which means 25% of the `-Xmx` +# is used as the initial heap size. You can skip this mechanism by setting this value +# to `0` in which case no `-Xms` option is added (example: "25") +# - JAVA_MAX_INITIAL_MEM: Is used when no `-Xms` option is given in JAVA_OPTS. +# This is used to calculate the maximum value of the initial heap memory. If used in +# a container without any memory constraints for the container then this option has +# no effect. If there is a memory constraint then `-Xms` is limited to the value set +# here. The default is 4096MB which means the calculated value of `-Xms` never will +# be greater than 4096MB. The value of this variable is expressed in MB (example: "4096") +# - JAVA_DIAGNOSTICS: Set this to get some diagnostics information to standard output +# when things are happening. This option, if set to true, will set +# `-XX:+UnlockDiagnosticVMOptions`. Disabled by default (example: "true"). +# - JAVA_DEBUG: If set remote debugging will be switched on. Disabled by default (example: +# true"). +# - JAVA_DEBUG_PORT: Port used for remote debugging. Defaults to 5005 (example: "8787"). +# - CONTAINER_CORE_LIMIT: A calculated core limit as described in +# https://www.kernel.org/doc/Documentation/scheduler/sched-bwc.txt. (example: "2") +# - CONTAINER_MAX_MEMORY: Memory limit given to the container (example: "1024"). +# - GC_MIN_HEAP_FREE_RATIO: Minimum percentage of heap free after GC to avoid expansion. +# (example: "20") +# - GC_MAX_HEAP_FREE_RATIO: Maximum percentage of heap free after GC to avoid shrinking. +# (example: "40") +# - GC_TIME_RATIO: Specifies the ratio of the time spent outside the garbage collection. +# (example: "4") +# - GC_ADAPTIVE_SIZE_POLICY_WEIGHT: The weighting given to the current GC time versus +# previous GC times. (example: "90") +# - GC_METASPACE_SIZE: The initial metaspace size. (example: "20") +# - GC_MAX_METASPACE_SIZE: The maximum metaspace size. (example: "100") +# - GC_CONTAINER_OPTIONS: Specify Java GC to use. The value of this variable should +# contain the necessary JRE command-line options to specify the required GC, which +# will override the default of `-XX:+UseParallelGC` (example: -XX:+UseG1GC). +# - HTTPS_PROXY: The location of the https proxy. (example: "myuser@127.0.0.1:8080") +# - HTTP_PROXY: The location of the http proxy. (example: "myuser@127.0.0.1:8080") +# - NO_PROXY: A comma separated lists of hosts, IP addresses or domains that can be +# accessed directly. (example: "foo.example.com,bar.example.com") # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/openjdk-11:1.14 + +ENV LANGUAGE='en_US:en' -ARG JAVA_PACKAGE=java-11-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.8 -ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' -# Install java and the run-java script -# Also set up permissions for user `1001` -RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ - && microdnf update \ - && microdnf clean all \ - && mkdir /deployments \ - && chown 1001 /deployments \ - && chmod "g+rwX" /deployments \ - && chown 1001:root /deployments \ - && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ - && chown 1001 /deployments/run-java.sh \ - && chmod 540 /deployments/run-java.sh \ - && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security -# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. -ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" # We make four distinct layers so if there are application changes the library layers can be re-used -COPY --chown=1001 target/quarkus-app/lib/ /deployments/lib/ -COPY --chown=1001 target/quarkus-app/*.jar /deployments/ -COPY --chown=1001 target/quarkus-app/app/ /deployments/app/ -COPY --chown=1001 target/quarkus-app/quarkus/ /deployments/quarkus/ +COPY --chown=185 target/quarkus-app/lib/ /deployments/lib/ +COPY --chown=185 target/quarkus-app/*.jar /deployments/ +COPY --chown=185 target/quarkus-app/app/ /deployments/app/ +COPY --chown=185 target/quarkus-app/quarkus/ /deployments/quarkus/ EXPOSE 8080 -USER 1001 +USER 185 +ENV AB_JOLOKIA_OFF="" +ENV JAVA_OPTS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +ENV JAVA_APP_JAR="/deployments/quarkus-run.jar" -ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/hibernate-orm-panache-quickstart/src/main/docker/Dockerfile.legacy-jar b/hibernate-orm-panache-quickstart/src/main/docker/Dockerfile.legacy-jar index ec4a01b0f9..8d98cb1d44 100644 --- a/hibernate-orm-panache-quickstart/src/main/docker/Dockerfile.legacy-jar +++ b/hibernate-orm-panache-quickstart/src/main/docker/Dockerfile.legacy-jar @@ -7,45 +7,84 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/hibernate-orm-panache-legacy-jar . +# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/hibernate-orm-panache-quickstart-legacy-jar . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/hibernate-orm-panache-legacy-jar +# docker run -i --rm -p 8080:8080 quarkus/hibernate-orm-panache-quickstart-legacy-jar # # If you want to include the debug port into your docker image -# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5005 # # Then run the container using : # -# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/hibernate-orm-panache-legacy-jar +# docker run -i --rm -p 8080:8080 quarkus/hibernate-orm-panache-quickstart-legacy-jar +# +# This image uses the `run-java.sh` script to run the application. +# This scripts computes the command line to execute your Java application, and +# includes memory/GC tuning. +# You can configure the behavior using the following environment properties: +# - JAVA_OPTS: JVM options passed to the `java` command (example: "-verbose:class") +# - JAVA_OPTS_APPEND: User specified Java options to be appended to generated options +# in JAVA_OPTS (example: "-Dsome.property=foo") +# - JAVA_MAX_MEM_RATIO: Is used when no `-Xmx` option is given in JAVA_OPTS. This is +# used to calculate a default maximal heap memory based on a containers restriction. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xmx` is set to a ratio +# of the container available memory as set here. The default is `50` which means 50% +# of the available memory is used as an upper boundary. You can skip this mechanism by +# setting this value to `0` in which case no `-Xmx` option is added. +# - JAVA_INITIAL_MEM_RATIO: Is used when no `-Xms` option is given in JAVA_OPTS. This +# is used to calculate a default initial heap memory based on the maximum heap memory. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xms` is set to a ratio +# of the `-Xmx` memory as set here. The default is `25` which means 25% of the `-Xmx` +# is used as the initial heap size. You can skip this mechanism by setting this value +# to `0` in which case no `-Xms` option is added (example: "25") +# - JAVA_MAX_INITIAL_MEM: Is used when no `-Xms` option is given in JAVA_OPTS. +# This is used to calculate the maximum value of the initial heap memory. If used in +# a container without any memory constraints for the container then this option has +# no effect. If there is a memory constraint then `-Xms` is limited to the value set +# here. The default is 4096MB which means the calculated value of `-Xms` never will +# be greater than 4096MB. The value of this variable is expressed in MB (example: "4096") +# - JAVA_DIAGNOSTICS: Set this to get some diagnostics information to standard output +# when things are happening. This option, if set to true, will set +# `-XX:+UnlockDiagnosticVMOptions`. Disabled by default (example: "true"). +# - JAVA_DEBUG: If set remote debugging will be switched on. Disabled by default (example: +# true"). +# - JAVA_DEBUG_PORT: Port used for remote debugging. Defaults to 5005 (example: "8787"). +# - CONTAINER_CORE_LIMIT: A calculated core limit as described in +# https://www.kernel.org/doc/Documentation/scheduler/sched-bwc.txt. (example: "2") +# - CONTAINER_MAX_MEMORY: Memory limit given to the container (example: "1024"). +# - GC_MIN_HEAP_FREE_RATIO: Minimum percentage of heap free after GC to avoid expansion. +# (example: "20") +# - GC_MAX_HEAP_FREE_RATIO: Maximum percentage of heap free after GC to avoid shrinking. +# (example: "40") +# - GC_TIME_RATIO: Specifies the ratio of the time spent outside the garbage collection. +# (example: "4") +# - GC_ADAPTIVE_SIZE_POLICY_WEIGHT: The weighting given to the current GC time versus +# previous GC times. (example: "90") +# - GC_METASPACE_SIZE: The initial metaspace size. (example: "20") +# - GC_MAX_METASPACE_SIZE: The maximum metaspace size. (example: "100") +# - GC_CONTAINER_OPTIONS: Specify Java GC to use. The value of this variable should +# contain the necessary JRE command-line options to specify the required GC, which +# will override the default of `-XX:+UseParallelGC` (example: -XX:+UseG1GC). +# - HTTPS_PROXY: The location of the https proxy. (example: "myuser@127.0.0.1:8080") +# - HTTP_PROXY: The location of the http proxy. (example: "myuser@127.0.0.1:8080") +# - NO_PROXY: A comma separated lists of hosts, IP addresses or domains that can be +# accessed directly. (example: "foo.example.com,bar.example.com") # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/openjdk-11:1.14 + +ENV LANGUAGE='en_US:en' -ARG JAVA_PACKAGE=java-11-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.8 -ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' -# Install java and the run-java script -# Also set up permissions for user `1001` -RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ - && microdnf update \ - && microdnf clean all \ - && mkdir /deployments \ - && chown 1001 /deployments \ - && chmod "g+rwX" /deployments \ - && chown 1001:root /deployments \ - && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ - && chown 1001 /deployments/run-java.sh \ - && chmod 540 /deployments/run-java.sh \ - && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security -# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. -ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" COPY target/lib/* /deployments/lib/ -COPY target/*-runner.jar /deployments/app.jar +COPY target/*-runner.jar /deployments/quarkus-run.jar EXPOSE 8080 -USER 1001 - -ENTRYPOINT [ "/deployments/run-java.sh" ] +USER 185 +ENV AB_JOLOKIA_OFF="" +ENV JAVA_OPTS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +ENV JAVA_APP_JAR="/deployments/quarkus-run.jar" diff --git a/hibernate-orm-panache-quickstart/src/main/docker/Dockerfile.native b/hibernate-orm-panache-quickstart/src/main/docker/Dockerfile.native index ac1e2f2de4..72d7de10a8 100644 --- a/hibernate-orm-panache-quickstart/src/main/docker/Dockerfile.native +++ b/hibernate-orm-panache-quickstart/src/main/docker/Dockerfile.native @@ -1,5 +1,5 @@ #### -# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode. # # Before building the container image run: # @@ -7,14 +7,14 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native -t quarkus/hibernate-orm-panache . +# docker build -f src/main/docker/Dockerfile.native -t quarkus/hibernate-orm-panache-quickstart . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/hibernate-orm-panache +# docker run -i --rm -p 8080:8080 quarkus/hibernate-orm-panache-quickstart # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.6 WORKDIR /work/ RUN chown 1001 /work \ && chmod "g+rwX" /work \ diff --git a/hibernate-orm-panache-quickstart/src/main/docker/Dockerfile.native-micro b/hibernate-orm-panache-quickstart/src/main/docker/Dockerfile.native-micro index e1592c2c39..09e48429fc 100644 --- a/hibernate-orm-panache-quickstart/src/main/docker/Dockerfile.native-micro +++ b/hibernate-orm-panache-quickstart/src/main/docker/Dockerfile.native-micro @@ -1,5 +1,8 @@ #### -# This Dockerfile is used in order to build a distroless container that runs the Quarkus application in native (no JVM) mode +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode. +# It uses a micro base image, tuned for Quarkus native executables. +# It reduces the size of the resulting container image. +# Check https://quarkus.io/guides/quarkus-runtime-base-image for further information about this image. # # Before building the container image run: # @@ -7,15 +10,19 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native-micro -t quarkus/hibernate-orm-panache . +# docker build -f src/main/docker/Dockerfile.native-micro -t quarkus/hibernate-orm-panache-quickstart . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/hibernate-orm-panache +# docker run -i --rm -p 8080:8080 quarkus/hibernate-orm-panache-quickstart # ### -FROM quay.io/quarkus/quarkus-micro-image:1.0 -COPY target/*-runner /application +FROM quay.io/quarkus/quarkus-micro-image:2.0 +WORKDIR /work/ +RUN chown 1001 /work \ + && chmod "g+rwX" /work \ + && chown 1001:root /work +COPY --chown=1001:root target/*-runner /work/application EXPOSE 8080 USER 1001 diff --git a/hibernate-orm-quickstart/pom.xml b/hibernate-orm-quickstart/pom.xml index ef76b9eb66..2f7f9fcb02 100644 --- a/hibernate-orm-quickstart/pom.xml +++ b/hibernate-orm-quickstart/pom.xml @@ -10,7 +10,7 @@ quarkus-bom io.quarkus - 999-SNAPSHOT + 2.14.0.Final 3.0.0-M7 3.8.0 UTF-8 diff --git a/hibernate-orm-quickstart/src/main/docker/Dockerfile.jvm b/hibernate-orm-quickstart/src/main/docker/Dockerfile.jvm index e4394aacac..caa01d5f1e 100644 --- a/hibernate-orm-quickstart/src/main/docker/Dockerfile.jvm +++ b/hibernate-orm-quickstart/src/main/docker/Dockerfile.jvm @@ -7,48 +7,88 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/hibernate-orm-jvm . +# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/hibernate-orm-quickstart-jvm . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/hibernate-orm-jvm +# docker run -i --rm -p 8080:8080 quarkus/hibernate-orm-quickstart-jvm # # If you want to include the debug port into your docker image -# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5005 # # Then run the container using : # -# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/hibernate-orm-jvm +# docker run -i --rm -p 8080:8080 quarkus/hibernate-orm-quickstart-jvm +# +# This image uses the `run-java.sh` script to run the application. +# This scripts computes the command line to execute your Java application, and +# includes memory/GC tuning. +# You can configure the behavior using the following environment properties: +# - JAVA_OPTS: JVM options passed to the `java` command (example: "-verbose:class") +# - JAVA_OPTS_APPEND: User specified Java options to be appended to generated options +# in JAVA_OPTS (example: "-Dsome.property=foo") +# - JAVA_MAX_MEM_RATIO: Is used when no `-Xmx` option is given in JAVA_OPTS. This is +# used to calculate a default maximal heap memory based on a containers restriction. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xmx` is set to a ratio +# of the container available memory as set here. The default is `50` which means 50% +# of the available memory is used as an upper boundary. You can skip this mechanism by +# setting this value to `0` in which case no `-Xmx` option is added. +# - JAVA_INITIAL_MEM_RATIO: Is used when no `-Xms` option is given in JAVA_OPTS. This +# is used to calculate a default initial heap memory based on the maximum heap memory. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xms` is set to a ratio +# of the `-Xmx` memory as set here. The default is `25` which means 25% of the `-Xmx` +# is used as the initial heap size. You can skip this mechanism by setting this value +# to `0` in which case no `-Xms` option is added (example: "25") +# - JAVA_MAX_INITIAL_MEM: Is used when no `-Xms` option is given in JAVA_OPTS. +# This is used to calculate the maximum value of the initial heap memory. If used in +# a container without any memory constraints for the container then this option has +# no effect. If there is a memory constraint then `-Xms` is limited to the value set +# here. The default is 4096MB which means the calculated value of `-Xms` never will +# be greater than 4096MB. The value of this variable is expressed in MB (example: "4096") +# - JAVA_DIAGNOSTICS: Set this to get some diagnostics information to standard output +# when things are happening. This option, if set to true, will set +# `-XX:+UnlockDiagnosticVMOptions`. Disabled by default (example: "true"). +# - JAVA_DEBUG: If set remote debugging will be switched on. Disabled by default (example: +# true"). +# - JAVA_DEBUG_PORT: Port used for remote debugging. Defaults to 5005 (example: "8787"). +# - CONTAINER_CORE_LIMIT: A calculated core limit as described in +# https://www.kernel.org/doc/Documentation/scheduler/sched-bwc.txt. (example: "2") +# - CONTAINER_MAX_MEMORY: Memory limit given to the container (example: "1024"). +# - GC_MIN_HEAP_FREE_RATIO: Minimum percentage of heap free after GC to avoid expansion. +# (example: "20") +# - GC_MAX_HEAP_FREE_RATIO: Maximum percentage of heap free after GC to avoid shrinking. +# (example: "40") +# - GC_TIME_RATIO: Specifies the ratio of the time spent outside the garbage collection. +# (example: "4") +# - GC_ADAPTIVE_SIZE_POLICY_WEIGHT: The weighting given to the current GC time versus +# previous GC times. (example: "90") +# - GC_METASPACE_SIZE: The initial metaspace size. (example: "20") +# - GC_MAX_METASPACE_SIZE: The maximum metaspace size. (example: "100") +# - GC_CONTAINER_OPTIONS: Specify Java GC to use. The value of this variable should +# contain the necessary JRE command-line options to specify the required GC, which +# will override the default of `-XX:+UseParallelGC` (example: -XX:+UseG1GC). +# - HTTPS_PROXY: The location of the https proxy. (example: "myuser@127.0.0.1:8080") +# - HTTP_PROXY: The location of the http proxy. (example: "myuser@127.0.0.1:8080") +# - NO_PROXY: A comma separated lists of hosts, IP addresses or domains that can be +# accessed directly. (example: "foo.example.com,bar.example.com") # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/openjdk-11:1.14 + +ENV LANGUAGE='en_US:en' -ARG JAVA_PACKAGE=java-11-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.8 -ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' -# Install java and the run-java script -# Also set up permissions for user `1001` -RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ - && microdnf update \ - && microdnf clean all \ - && mkdir /deployments \ - && chown 1001 /deployments \ - && chmod "g+rwX" /deployments \ - && chown 1001:root /deployments \ - && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ - && chown 1001 /deployments/run-java.sh \ - && chmod 540 /deployments/run-java.sh \ - && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security -# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. -ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" # We make four distinct layers so if there are application changes the library layers can be re-used -COPY --chown=1001 target/quarkus-app/lib/ /deployments/lib/ -COPY --chown=1001 target/quarkus-app/*.jar /deployments/ -COPY --chown=1001 target/quarkus-app/app/ /deployments/app/ -COPY --chown=1001 target/quarkus-app/quarkus/ /deployments/quarkus/ +COPY --chown=185 target/quarkus-app/lib/ /deployments/lib/ +COPY --chown=185 target/quarkus-app/*.jar /deployments/ +COPY --chown=185 target/quarkus-app/app/ /deployments/app/ +COPY --chown=185 target/quarkus-app/quarkus/ /deployments/quarkus/ EXPOSE 8080 -USER 1001 +USER 185 +ENV AB_JOLOKIA_OFF="" +ENV JAVA_OPTS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +ENV JAVA_APP_JAR="/deployments/quarkus-run.jar" -ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/hibernate-orm-quickstart/src/main/docker/Dockerfile.legacy-jar b/hibernate-orm-quickstart/src/main/docker/Dockerfile.legacy-jar index bc297bc25f..1e452ad771 100644 --- a/hibernate-orm-quickstart/src/main/docker/Dockerfile.legacy-jar +++ b/hibernate-orm-quickstart/src/main/docker/Dockerfile.legacy-jar @@ -7,45 +7,84 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/hibernate-orm-legacy-jar . +# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/hibernate-orm-quickstart-legacy-jar . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/hibernate-orm-legacy-jar +# docker run -i --rm -p 8080:8080 quarkus/hibernate-orm-quickstart-legacy-jar # # If you want to include the debug port into your docker image -# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5005 # # Then run the container using : # -# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/hibernate-orm-legacy-jar +# docker run -i --rm -p 8080:8080 quarkus/hibernate-orm-quickstart-legacy-jar +# +# This image uses the `run-java.sh` script to run the application. +# This scripts computes the command line to execute your Java application, and +# includes memory/GC tuning. +# You can configure the behavior using the following environment properties: +# - JAVA_OPTS: JVM options passed to the `java` command (example: "-verbose:class") +# - JAVA_OPTS_APPEND: User specified Java options to be appended to generated options +# in JAVA_OPTS (example: "-Dsome.property=foo") +# - JAVA_MAX_MEM_RATIO: Is used when no `-Xmx` option is given in JAVA_OPTS. This is +# used to calculate a default maximal heap memory based on a containers restriction. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xmx` is set to a ratio +# of the container available memory as set here. The default is `50` which means 50% +# of the available memory is used as an upper boundary. You can skip this mechanism by +# setting this value to `0` in which case no `-Xmx` option is added. +# - JAVA_INITIAL_MEM_RATIO: Is used when no `-Xms` option is given in JAVA_OPTS. This +# is used to calculate a default initial heap memory based on the maximum heap memory. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xms` is set to a ratio +# of the `-Xmx` memory as set here. The default is `25` which means 25% of the `-Xmx` +# is used as the initial heap size. You can skip this mechanism by setting this value +# to `0` in which case no `-Xms` option is added (example: "25") +# - JAVA_MAX_INITIAL_MEM: Is used when no `-Xms` option is given in JAVA_OPTS. +# This is used to calculate the maximum value of the initial heap memory. If used in +# a container without any memory constraints for the container then this option has +# no effect. If there is a memory constraint then `-Xms` is limited to the value set +# here. The default is 4096MB which means the calculated value of `-Xms` never will +# be greater than 4096MB. The value of this variable is expressed in MB (example: "4096") +# - JAVA_DIAGNOSTICS: Set this to get some diagnostics information to standard output +# when things are happening. This option, if set to true, will set +# `-XX:+UnlockDiagnosticVMOptions`. Disabled by default (example: "true"). +# - JAVA_DEBUG: If set remote debugging will be switched on. Disabled by default (example: +# true"). +# - JAVA_DEBUG_PORT: Port used for remote debugging. Defaults to 5005 (example: "8787"). +# - CONTAINER_CORE_LIMIT: A calculated core limit as described in +# https://www.kernel.org/doc/Documentation/scheduler/sched-bwc.txt. (example: "2") +# - CONTAINER_MAX_MEMORY: Memory limit given to the container (example: "1024"). +# - GC_MIN_HEAP_FREE_RATIO: Minimum percentage of heap free after GC to avoid expansion. +# (example: "20") +# - GC_MAX_HEAP_FREE_RATIO: Maximum percentage of heap free after GC to avoid shrinking. +# (example: "40") +# - GC_TIME_RATIO: Specifies the ratio of the time spent outside the garbage collection. +# (example: "4") +# - GC_ADAPTIVE_SIZE_POLICY_WEIGHT: The weighting given to the current GC time versus +# previous GC times. (example: "90") +# - GC_METASPACE_SIZE: The initial metaspace size. (example: "20") +# - GC_MAX_METASPACE_SIZE: The maximum metaspace size. (example: "100") +# - GC_CONTAINER_OPTIONS: Specify Java GC to use. The value of this variable should +# contain the necessary JRE command-line options to specify the required GC, which +# will override the default of `-XX:+UseParallelGC` (example: -XX:+UseG1GC). +# - HTTPS_PROXY: The location of the https proxy. (example: "myuser@127.0.0.1:8080") +# - HTTP_PROXY: The location of the http proxy. (example: "myuser@127.0.0.1:8080") +# - NO_PROXY: A comma separated lists of hosts, IP addresses or domains that can be +# accessed directly. (example: "foo.example.com,bar.example.com") # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/openjdk-11:1.14 + +ENV LANGUAGE='en_US:en' -ARG JAVA_PACKAGE=java-11-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.8 -ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' -# Install java and the run-java script -# Also set up permissions for user `1001` -RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ - && microdnf update \ - && microdnf clean all \ - && mkdir /deployments \ - && chown 1001 /deployments \ - && chmod "g+rwX" /deployments \ - && chown 1001:root /deployments \ - && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ - && chown 1001 /deployments/run-java.sh \ - && chmod 540 /deployments/run-java.sh \ - && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security -# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. -ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" COPY target/lib/* /deployments/lib/ -COPY target/*-runner.jar /deployments/app.jar +COPY target/*-runner.jar /deployments/quarkus-run.jar EXPOSE 8080 -USER 1001 - -ENTRYPOINT [ "/deployments/run-java.sh" ] +USER 185 +ENV AB_JOLOKIA_OFF="" +ENV JAVA_OPTS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +ENV JAVA_APP_JAR="/deployments/quarkus-run.jar" diff --git a/hibernate-orm-quickstart/src/main/docker/Dockerfile.native b/hibernate-orm-quickstart/src/main/docker/Dockerfile.native index a28caa9e28..b137c52dae 100644 --- a/hibernate-orm-quickstart/src/main/docker/Dockerfile.native +++ b/hibernate-orm-quickstart/src/main/docker/Dockerfile.native @@ -1,5 +1,5 @@ #### -# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode. # # Before building the container image run: # @@ -7,14 +7,14 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native -t quarkus/hibernate-orm . +# docker build -f src/main/docker/Dockerfile.native -t quarkus/hibernate-orm-quickstart . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/hibernate-orm +# docker run -i --rm -p 8080:8080 quarkus/hibernate-orm-quickstart # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.6 WORKDIR /work/ RUN chown 1001 /work \ && chmod "g+rwX" /work \ diff --git a/hibernate-orm-quickstart/src/main/docker/Dockerfile.native-micro b/hibernate-orm-quickstart/src/main/docker/Dockerfile.native-micro index b81dc8e1c7..64e460963c 100644 --- a/hibernate-orm-quickstart/src/main/docker/Dockerfile.native-micro +++ b/hibernate-orm-quickstart/src/main/docker/Dockerfile.native-micro @@ -1,5 +1,8 @@ #### -# This Dockerfile is used in order to build a distroless container that runs the Quarkus application in native (no JVM) mode +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode. +# It uses a micro base image, tuned for Quarkus native executables. +# It reduces the size of the resulting container image. +# Check https://quarkus.io/guides/quarkus-runtime-base-image for further information about this image. # # Before building the container image run: # @@ -7,15 +10,19 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native-micro -t quarkus/hibernate-orm . +# docker build -f src/main/docker/Dockerfile.native-micro -t quarkus/hibernate-orm-quickstart . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/hibernate-orm +# docker run -i --rm -p 8080:8080 quarkus/hibernate-orm-quickstart # ### -FROM quay.io/quarkus/quarkus-micro-image:1.0 -COPY target/*-runner /application +FROM quay.io/quarkus/quarkus-micro-image:2.0 +WORKDIR /work/ +RUN chown 1001 /work \ + && chmod "g+rwX" /work \ + && chown 1001:root /work +COPY --chown=1001:root target/*-runner /work/application EXPOSE 8080 USER 1001 diff --git a/hibernate-reactive-panache-quickstart/pom.xml b/hibernate-reactive-panache-quickstart/pom.xml index 521935fa6a..dd62c87481 100644 --- a/hibernate-reactive-panache-quickstart/pom.xml +++ b/hibernate-reactive-panache-quickstart/pom.xml @@ -10,7 +10,7 @@ quarkus-bom io.quarkus - 999-SNAPSHOT + 2.14.0.Final 3.0.0-M7 3.8.0 UTF-8 diff --git a/hibernate-reactive-panache-quickstart/src/main/docker/Dockerfile.jvm b/hibernate-reactive-panache-quickstart/src/main/docker/Dockerfile.jvm index 25b6e2722d..71823b82d2 100644 --- a/hibernate-reactive-panache-quickstart/src/main/docker/Dockerfile.jvm +++ b/hibernate-reactive-panache-quickstart/src/main/docker/Dockerfile.jvm @@ -7,48 +7,88 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/hibernate-reactive-panache-jvm . +# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/hibernate-reactive-panache-quickstart-jvm . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/hibernate-reactive-panache-jvm +# docker run -i --rm -p 8080:8080 quarkus/hibernate-reactive-panache-quickstart-jvm # # If you want to include the debug port into your docker image -# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5005 # # Then run the container using : # -# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/hibernate-reactive-panache-jvm +# docker run -i --rm -p 8080:8080 quarkus/hibernate-reactive-panache-quickstart-jvm +# +# This image uses the `run-java.sh` script to run the application. +# This scripts computes the command line to execute your Java application, and +# includes memory/GC tuning. +# You can configure the behavior using the following environment properties: +# - JAVA_OPTS: JVM options passed to the `java` command (example: "-verbose:class") +# - JAVA_OPTS_APPEND: User specified Java options to be appended to generated options +# in JAVA_OPTS (example: "-Dsome.property=foo") +# - JAVA_MAX_MEM_RATIO: Is used when no `-Xmx` option is given in JAVA_OPTS. This is +# used to calculate a default maximal heap memory based on a containers restriction. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xmx` is set to a ratio +# of the container available memory as set here. The default is `50` which means 50% +# of the available memory is used as an upper boundary. You can skip this mechanism by +# setting this value to `0` in which case no `-Xmx` option is added. +# - JAVA_INITIAL_MEM_RATIO: Is used when no `-Xms` option is given in JAVA_OPTS. This +# is used to calculate a default initial heap memory based on the maximum heap memory. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xms` is set to a ratio +# of the `-Xmx` memory as set here. The default is `25` which means 25% of the `-Xmx` +# is used as the initial heap size. You can skip this mechanism by setting this value +# to `0` in which case no `-Xms` option is added (example: "25") +# - JAVA_MAX_INITIAL_MEM: Is used when no `-Xms` option is given in JAVA_OPTS. +# This is used to calculate the maximum value of the initial heap memory. If used in +# a container without any memory constraints for the container then this option has +# no effect. If there is a memory constraint then `-Xms` is limited to the value set +# here. The default is 4096MB which means the calculated value of `-Xms` never will +# be greater than 4096MB. The value of this variable is expressed in MB (example: "4096") +# - JAVA_DIAGNOSTICS: Set this to get some diagnostics information to standard output +# when things are happening. This option, if set to true, will set +# `-XX:+UnlockDiagnosticVMOptions`. Disabled by default (example: "true"). +# - JAVA_DEBUG: If set remote debugging will be switched on. Disabled by default (example: +# true"). +# - JAVA_DEBUG_PORT: Port used for remote debugging. Defaults to 5005 (example: "8787"). +# - CONTAINER_CORE_LIMIT: A calculated core limit as described in +# https://www.kernel.org/doc/Documentation/scheduler/sched-bwc.txt. (example: "2") +# - CONTAINER_MAX_MEMORY: Memory limit given to the container (example: "1024"). +# - GC_MIN_HEAP_FREE_RATIO: Minimum percentage of heap free after GC to avoid expansion. +# (example: "20") +# - GC_MAX_HEAP_FREE_RATIO: Maximum percentage of heap free after GC to avoid shrinking. +# (example: "40") +# - GC_TIME_RATIO: Specifies the ratio of the time spent outside the garbage collection. +# (example: "4") +# - GC_ADAPTIVE_SIZE_POLICY_WEIGHT: The weighting given to the current GC time versus +# previous GC times. (example: "90") +# - GC_METASPACE_SIZE: The initial metaspace size. (example: "20") +# - GC_MAX_METASPACE_SIZE: The maximum metaspace size. (example: "100") +# - GC_CONTAINER_OPTIONS: Specify Java GC to use. The value of this variable should +# contain the necessary JRE command-line options to specify the required GC, which +# will override the default of `-XX:+UseParallelGC` (example: -XX:+UseG1GC). +# - HTTPS_PROXY: The location of the https proxy. (example: "myuser@127.0.0.1:8080") +# - HTTP_PROXY: The location of the http proxy. (example: "myuser@127.0.0.1:8080") +# - NO_PROXY: A comma separated lists of hosts, IP addresses or domains that can be +# accessed directly. (example: "foo.example.com,bar.example.com") # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/openjdk-11:1.14 + +ENV LANGUAGE='en_US:en' -ARG JAVA_PACKAGE=java-11-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.8 -ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' -# Install java and the run-java script -# Also set up permissions for user `1001` -RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ - && microdnf update \ - && microdnf clean all \ - && mkdir /deployments \ - && chown 1001 /deployments \ - && chmod "g+rwX" /deployments \ - && chown 1001:root /deployments \ - && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ - && chown 1001 /deployments/run-java.sh \ - && chmod 540 /deployments/run-java.sh \ - && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security -# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. -ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" # We make four distinct layers so if there are application changes the library layers can be re-used -COPY --chown=1001 target/quarkus-app/lib/ /deployments/lib/ -COPY --chown=1001 target/quarkus-app/*.jar /deployments/ -COPY --chown=1001 target/quarkus-app/app/ /deployments/app/ -COPY --chown=1001 target/quarkus-app/quarkus/ /deployments/quarkus/ +COPY --chown=185 target/quarkus-app/lib/ /deployments/lib/ +COPY --chown=185 target/quarkus-app/*.jar /deployments/ +COPY --chown=185 target/quarkus-app/app/ /deployments/app/ +COPY --chown=185 target/quarkus-app/quarkus/ /deployments/quarkus/ EXPOSE 8080 -USER 1001 +USER 185 +ENV AB_JOLOKIA_OFF="" +ENV JAVA_OPTS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +ENV JAVA_APP_JAR="/deployments/quarkus-run.jar" -ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/hibernate-reactive-panache-quickstart/src/main/docker/Dockerfile.legacy-jar b/hibernate-reactive-panache-quickstart/src/main/docker/Dockerfile.legacy-jar index 2484e24e38..4232e9a33b 100644 --- a/hibernate-reactive-panache-quickstart/src/main/docker/Dockerfile.legacy-jar +++ b/hibernate-reactive-panache-quickstart/src/main/docker/Dockerfile.legacy-jar @@ -7,45 +7,84 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/hibernate-reactive-panache-legacy-jar . +# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/hibernate-reactive-panache-quickstart-legacy-jar . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/hibernate-reactive-panache-legacy-jar +# docker run -i --rm -p 8080:8080 quarkus/hibernate-reactive-panache-quickstart-legacy-jar # # If you want to include the debug port into your docker image -# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5005 # # Then run the container using : # -# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/hibernate-reactive-panache-legacy-jar +# docker run -i --rm -p 8080:8080 quarkus/hibernate-reactive-panache-quickstart-legacy-jar +# +# This image uses the `run-java.sh` script to run the application. +# This scripts computes the command line to execute your Java application, and +# includes memory/GC tuning. +# You can configure the behavior using the following environment properties: +# - JAVA_OPTS: JVM options passed to the `java` command (example: "-verbose:class") +# - JAVA_OPTS_APPEND: User specified Java options to be appended to generated options +# in JAVA_OPTS (example: "-Dsome.property=foo") +# - JAVA_MAX_MEM_RATIO: Is used when no `-Xmx` option is given in JAVA_OPTS. This is +# used to calculate a default maximal heap memory based on a containers restriction. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xmx` is set to a ratio +# of the container available memory as set here. The default is `50` which means 50% +# of the available memory is used as an upper boundary. You can skip this mechanism by +# setting this value to `0` in which case no `-Xmx` option is added. +# - JAVA_INITIAL_MEM_RATIO: Is used when no `-Xms` option is given in JAVA_OPTS. This +# is used to calculate a default initial heap memory based on the maximum heap memory. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xms` is set to a ratio +# of the `-Xmx` memory as set here. The default is `25` which means 25% of the `-Xmx` +# is used as the initial heap size. You can skip this mechanism by setting this value +# to `0` in which case no `-Xms` option is added (example: "25") +# - JAVA_MAX_INITIAL_MEM: Is used when no `-Xms` option is given in JAVA_OPTS. +# This is used to calculate the maximum value of the initial heap memory. If used in +# a container without any memory constraints for the container then this option has +# no effect. If there is a memory constraint then `-Xms` is limited to the value set +# here. The default is 4096MB which means the calculated value of `-Xms` never will +# be greater than 4096MB. The value of this variable is expressed in MB (example: "4096") +# - JAVA_DIAGNOSTICS: Set this to get some diagnostics information to standard output +# when things are happening. This option, if set to true, will set +# `-XX:+UnlockDiagnosticVMOptions`. Disabled by default (example: "true"). +# - JAVA_DEBUG: If set remote debugging will be switched on. Disabled by default (example: +# true"). +# - JAVA_DEBUG_PORT: Port used for remote debugging. Defaults to 5005 (example: "8787"). +# - CONTAINER_CORE_LIMIT: A calculated core limit as described in +# https://www.kernel.org/doc/Documentation/scheduler/sched-bwc.txt. (example: "2") +# - CONTAINER_MAX_MEMORY: Memory limit given to the container (example: "1024"). +# - GC_MIN_HEAP_FREE_RATIO: Minimum percentage of heap free after GC to avoid expansion. +# (example: "20") +# - GC_MAX_HEAP_FREE_RATIO: Maximum percentage of heap free after GC to avoid shrinking. +# (example: "40") +# - GC_TIME_RATIO: Specifies the ratio of the time spent outside the garbage collection. +# (example: "4") +# - GC_ADAPTIVE_SIZE_POLICY_WEIGHT: The weighting given to the current GC time versus +# previous GC times. (example: "90") +# - GC_METASPACE_SIZE: The initial metaspace size. (example: "20") +# - GC_MAX_METASPACE_SIZE: The maximum metaspace size. (example: "100") +# - GC_CONTAINER_OPTIONS: Specify Java GC to use. The value of this variable should +# contain the necessary JRE command-line options to specify the required GC, which +# will override the default of `-XX:+UseParallelGC` (example: -XX:+UseG1GC). +# - HTTPS_PROXY: The location of the https proxy. (example: "myuser@127.0.0.1:8080") +# - HTTP_PROXY: The location of the http proxy. (example: "myuser@127.0.0.1:8080") +# - NO_PROXY: A comma separated lists of hosts, IP addresses or domains that can be +# accessed directly. (example: "foo.example.com,bar.example.com") # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/openjdk-11:1.14 + +ENV LANGUAGE='en_US:en' -ARG JAVA_PACKAGE=java-11-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.8 -ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' -# Install java and the run-java script -# Also set up permissions for user `1001` -RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ - && microdnf update \ - && microdnf clean all \ - && mkdir /deployments \ - && chown 1001 /deployments \ - && chmod "g+rwX" /deployments \ - && chown 1001:root /deployments \ - && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ - && chown 1001 /deployments/run-java.sh \ - && chmod 540 /deployments/run-java.sh \ - && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security -# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. -ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" COPY target/lib/* /deployments/lib/ -COPY target/*-runner.jar /deployments/app.jar +COPY target/*-runner.jar /deployments/quarkus-run.jar EXPOSE 8080 -USER 1001 - -ENTRYPOINT [ "/deployments/run-java.sh" ] +USER 185 +ENV AB_JOLOKIA_OFF="" +ENV JAVA_OPTS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +ENV JAVA_APP_JAR="/deployments/quarkus-run.jar" diff --git a/hibernate-reactive-panache-quickstart/src/main/docker/Dockerfile.native b/hibernate-reactive-panache-quickstart/src/main/docker/Dockerfile.native index 91ce22fd02..16abbec4bb 100644 --- a/hibernate-reactive-panache-quickstart/src/main/docker/Dockerfile.native +++ b/hibernate-reactive-panache-quickstart/src/main/docker/Dockerfile.native @@ -1,5 +1,5 @@ #### -# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode. # # Before building the container image run: # @@ -7,14 +7,14 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native -t quarkus/hibernate-reactive-panache . +# docker build -f src/main/docker/Dockerfile.native -t quarkus/hibernate-reactive-panache-quickstart . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/hibernate-reactive-panache +# docker run -i --rm -p 8080:8080 quarkus/hibernate-reactive-panache-quickstart # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.6 WORKDIR /work/ RUN chown 1001 /work \ && chmod "g+rwX" /work \ diff --git a/hibernate-reactive-panache-quickstart/src/main/docker/Dockerfile.native-micro b/hibernate-reactive-panache-quickstart/src/main/docker/Dockerfile.native-micro index 0a3a87622d..46fc6558f7 100644 --- a/hibernate-reactive-panache-quickstart/src/main/docker/Dockerfile.native-micro +++ b/hibernate-reactive-panache-quickstart/src/main/docker/Dockerfile.native-micro @@ -1,5 +1,8 @@ #### -# This Dockerfile is used in order to build a distroless container that runs the Quarkus application in native (no JVM) mode +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode. +# It uses a micro base image, tuned for Quarkus native executables. +# It reduces the size of the resulting container image. +# Check https://quarkus.io/guides/quarkus-runtime-base-image for further information about this image. # # Before building the container image run: # @@ -7,15 +10,19 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native-micro -t quarkus/hibernate-reactive-panache . +# docker build -f src/main/docker/Dockerfile.native-micro -t quarkus/hibernate-reactive-panache-quickstart . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/hibernate-reactive-panache +# docker run -i --rm -p 8080:8080 quarkus/hibernate-reactive-panache-quickstart # ### -FROM quay.io/quarkus/quarkus-micro-image:1.0 -COPY target/*-runner /application +FROM quay.io/quarkus/quarkus-micro-image:2.0 +WORKDIR /work/ +RUN chown 1001 /work \ + && chmod "g+rwX" /work \ + && chown 1001:root /work +COPY --chown=1001:root target/*-runner /work/application EXPOSE 8080 USER 1001 diff --git a/hibernate-reactive-quickstart/pom.xml b/hibernate-reactive-quickstart/pom.xml index e7b165cd24..6ffc24322d 100644 --- a/hibernate-reactive-quickstart/pom.xml +++ b/hibernate-reactive-quickstart/pom.xml @@ -10,7 +10,7 @@ quarkus-bom io.quarkus - 999-SNAPSHOT + 2.14.0.Final 3.0.0-M7 3.8.0 UTF-8 diff --git a/hibernate-reactive-quickstart/src/main/docker/Dockerfile.jvm b/hibernate-reactive-quickstart/src/main/docker/Dockerfile.jvm index ed8dc1dcad..5d0ae1493d 100644 --- a/hibernate-reactive-quickstart/src/main/docker/Dockerfile.jvm +++ b/hibernate-reactive-quickstart/src/main/docker/Dockerfile.jvm @@ -7,48 +7,88 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/hibernate-reactive-jvm . +# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/hibernate-reactive-quickstart-jvm . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/hibernate-reactive-jvm +# docker run -i --rm -p 8080:8080 quarkus/hibernate-reactive-quickstart-jvm # # If you want to include the debug port into your docker image -# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5005 # # Then run the container using : # -# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/hibernate-reactive-jvm +# docker run -i --rm -p 8080:8080 quarkus/hibernate-reactive-quickstart-jvm +# +# This image uses the `run-java.sh` script to run the application. +# This scripts computes the command line to execute your Java application, and +# includes memory/GC tuning. +# You can configure the behavior using the following environment properties: +# - JAVA_OPTS: JVM options passed to the `java` command (example: "-verbose:class") +# - JAVA_OPTS_APPEND: User specified Java options to be appended to generated options +# in JAVA_OPTS (example: "-Dsome.property=foo") +# - JAVA_MAX_MEM_RATIO: Is used when no `-Xmx` option is given in JAVA_OPTS. This is +# used to calculate a default maximal heap memory based on a containers restriction. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xmx` is set to a ratio +# of the container available memory as set here. The default is `50` which means 50% +# of the available memory is used as an upper boundary. You can skip this mechanism by +# setting this value to `0` in which case no `-Xmx` option is added. +# - JAVA_INITIAL_MEM_RATIO: Is used when no `-Xms` option is given in JAVA_OPTS. This +# is used to calculate a default initial heap memory based on the maximum heap memory. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xms` is set to a ratio +# of the `-Xmx` memory as set here. The default is `25` which means 25% of the `-Xmx` +# is used as the initial heap size. You can skip this mechanism by setting this value +# to `0` in which case no `-Xms` option is added (example: "25") +# - JAVA_MAX_INITIAL_MEM: Is used when no `-Xms` option is given in JAVA_OPTS. +# This is used to calculate the maximum value of the initial heap memory. If used in +# a container without any memory constraints for the container then this option has +# no effect. If there is a memory constraint then `-Xms` is limited to the value set +# here. The default is 4096MB which means the calculated value of `-Xms` never will +# be greater than 4096MB. The value of this variable is expressed in MB (example: "4096") +# - JAVA_DIAGNOSTICS: Set this to get some diagnostics information to standard output +# when things are happening. This option, if set to true, will set +# `-XX:+UnlockDiagnosticVMOptions`. Disabled by default (example: "true"). +# - JAVA_DEBUG: If set remote debugging will be switched on. Disabled by default (example: +# true"). +# - JAVA_DEBUG_PORT: Port used for remote debugging. Defaults to 5005 (example: "8787"). +# - CONTAINER_CORE_LIMIT: A calculated core limit as described in +# https://www.kernel.org/doc/Documentation/scheduler/sched-bwc.txt. (example: "2") +# - CONTAINER_MAX_MEMORY: Memory limit given to the container (example: "1024"). +# - GC_MIN_HEAP_FREE_RATIO: Minimum percentage of heap free after GC to avoid expansion. +# (example: "20") +# - GC_MAX_HEAP_FREE_RATIO: Maximum percentage of heap free after GC to avoid shrinking. +# (example: "40") +# - GC_TIME_RATIO: Specifies the ratio of the time spent outside the garbage collection. +# (example: "4") +# - GC_ADAPTIVE_SIZE_POLICY_WEIGHT: The weighting given to the current GC time versus +# previous GC times. (example: "90") +# - GC_METASPACE_SIZE: The initial metaspace size. (example: "20") +# - GC_MAX_METASPACE_SIZE: The maximum metaspace size. (example: "100") +# - GC_CONTAINER_OPTIONS: Specify Java GC to use. The value of this variable should +# contain the necessary JRE command-line options to specify the required GC, which +# will override the default of `-XX:+UseParallelGC` (example: -XX:+UseG1GC). +# - HTTPS_PROXY: The location of the https proxy. (example: "myuser@127.0.0.1:8080") +# - HTTP_PROXY: The location of the http proxy. (example: "myuser@127.0.0.1:8080") +# - NO_PROXY: A comma separated lists of hosts, IP addresses or domains that can be +# accessed directly. (example: "foo.example.com,bar.example.com") # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/openjdk-11:1.14 + +ENV LANGUAGE='en_US:en' -ARG JAVA_PACKAGE=java-11-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.8 -ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' -# Install java and the run-java script -# Also set up permissions for user `1001` -RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ - && microdnf update \ - && microdnf clean all \ - && mkdir /deployments \ - && chown 1001 /deployments \ - && chmod "g+rwX" /deployments \ - && chown 1001:root /deployments \ - && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ - && chown 1001 /deployments/run-java.sh \ - && chmod 540 /deployments/run-java.sh \ - && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security -# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. -ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" # We make four distinct layers so if there are application changes the library layers can be re-used -COPY --chown=1001 target/quarkus-app/lib/ /deployments/lib/ -COPY --chown=1001 target/quarkus-app/*.jar /deployments/ -COPY --chown=1001 target/quarkus-app/app/ /deployments/app/ -COPY --chown=1001 target/quarkus-app/quarkus/ /deployments/quarkus/ +COPY --chown=185 target/quarkus-app/lib/ /deployments/lib/ +COPY --chown=185 target/quarkus-app/*.jar /deployments/ +COPY --chown=185 target/quarkus-app/app/ /deployments/app/ +COPY --chown=185 target/quarkus-app/quarkus/ /deployments/quarkus/ EXPOSE 8080 -USER 1001 +USER 185 +ENV AB_JOLOKIA_OFF="" +ENV JAVA_OPTS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +ENV JAVA_APP_JAR="/deployments/quarkus-run.jar" -ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/hibernate-reactive-quickstart/src/main/docker/Dockerfile.legacy-jar b/hibernate-reactive-quickstart/src/main/docker/Dockerfile.legacy-jar index f63e35bc19..995e38bc6b 100644 --- a/hibernate-reactive-quickstart/src/main/docker/Dockerfile.legacy-jar +++ b/hibernate-reactive-quickstart/src/main/docker/Dockerfile.legacy-jar @@ -7,45 +7,84 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/hibernate-reactive-legacy-jar . +# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/hibernate-reactive-quickstart-legacy-jar . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/hibernate-reactive-legacy-jar +# docker run -i --rm -p 8080:8080 quarkus/hibernate-reactive-quickstart-legacy-jar # # If you want to include the debug port into your docker image -# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5005 # # Then run the container using : # -# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/hibernate-reactive-legacy-jar +# docker run -i --rm -p 8080:8080 quarkus/hibernate-reactive-quickstart-legacy-jar +# +# This image uses the `run-java.sh` script to run the application. +# This scripts computes the command line to execute your Java application, and +# includes memory/GC tuning. +# You can configure the behavior using the following environment properties: +# - JAVA_OPTS: JVM options passed to the `java` command (example: "-verbose:class") +# - JAVA_OPTS_APPEND: User specified Java options to be appended to generated options +# in JAVA_OPTS (example: "-Dsome.property=foo") +# - JAVA_MAX_MEM_RATIO: Is used when no `-Xmx` option is given in JAVA_OPTS. This is +# used to calculate a default maximal heap memory based on a containers restriction. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xmx` is set to a ratio +# of the container available memory as set here. The default is `50` which means 50% +# of the available memory is used as an upper boundary. You can skip this mechanism by +# setting this value to `0` in which case no `-Xmx` option is added. +# - JAVA_INITIAL_MEM_RATIO: Is used when no `-Xms` option is given in JAVA_OPTS. This +# is used to calculate a default initial heap memory based on the maximum heap memory. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xms` is set to a ratio +# of the `-Xmx` memory as set here. The default is `25` which means 25% of the `-Xmx` +# is used as the initial heap size. You can skip this mechanism by setting this value +# to `0` in which case no `-Xms` option is added (example: "25") +# - JAVA_MAX_INITIAL_MEM: Is used when no `-Xms` option is given in JAVA_OPTS. +# This is used to calculate the maximum value of the initial heap memory. If used in +# a container without any memory constraints for the container then this option has +# no effect. If there is a memory constraint then `-Xms` is limited to the value set +# here. The default is 4096MB which means the calculated value of `-Xms` never will +# be greater than 4096MB. The value of this variable is expressed in MB (example: "4096") +# - JAVA_DIAGNOSTICS: Set this to get some diagnostics information to standard output +# when things are happening. This option, if set to true, will set +# `-XX:+UnlockDiagnosticVMOptions`. Disabled by default (example: "true"). +# - JAVA_DEBUG: If set remote debugging will be switched on. Disabled by default (example: +# true"). +# - JAVA_DEBUG_PORT: Port used for remote debugging. Defaults to 5005 (example: "8787"). +# - CONTAINER_CORE_LIMIT: A calculated core limit as described in +# https://www.kernel.org/doc/Documentation/scheduler/sched-bwc.txt. (example: "2") +# - CONTAINER_MAX_MEMORY: Memory limit given to the container (example: "1024"). +# - GC_MIN_HEAP_FREE_RATIO: Minimum percentage of heap free after GC to avoid expansion. +# (example: "20") +# - GC_MAX_HEAP_FREE_RATIO: Maximum percentage of heap free after GC to avoid shrinking. +# (example: "40") +# - GC_TIME_RATIO: Specifies the ratio of the time spent outside the garbage collection. +# (example: "4") +# - GC_ADAPTIVE_SIZE_POLICY_WEIGHT: The weighting given to the current GC time versus +# previous GC times. (example: "90") +# - GC_METASPACE_SIZE: The initial metaspace size. (example: "20") +# - GC_MAX_METASPACE_SIZE: The maximum metaspace size. (example: "100") +# - GC_CONTAINER_OPTIONS: Specify Java GC to use. The value of this variable should +# contain the necessary JRE command-line options to specify the required GC, which +# will override the default of `-XX:+UseParallelGC` (example: -XX:+UseG1GC). +# - HTTPS_PROXY: The location of the https proxy. (example: "myuser@127.0.0.1:8080") +# - HTTP_PROXY: The location of the http proxy. (example: "myuser@127.0.0.1:8080") +# - NO_PROXY: A comma separated lists of hosts, IP addresses or domains that can be +# accessed directly. (example: "foo.example.com,bar.example.com") # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/openjdk-11:1.14 + +ENV LANGUAGE='en_US:en' -ARG JAVA_PACKAGE=java-11-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.8 -ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' -# Install java and the run-java script -# Also set up permissions for user `1001` -RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ - && microdnf update \ - && microdnf clean all \ - && mkdir /deployments \ - && chown 1001 /deployments \ - && chmod "g+rwX" /deployments \ - && chown 1001:root /deployments \ - && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ - && chown 1001 /deployments/run-java.sh \ - && chmod 540 /deployments/run-java.sh \ - && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security -# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. -ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" COPY target/lib/* /deployments/lib/ -COPY target/*-runner.jar /deployments/app.jar +COPY target/*-runner.jar /deployments/quarkus-run.jar EXPOSE 8080 -USER 1001 - -ENTRYPOINT [ "/deployments/run-java.sh" ] +USER 185 +ENV AB_JOLOKIA_OFF="" +ENV JAVA_OPTS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +ENV JAVA_APP_JAR="/deployments/quarkus-run.jar" diff --git a/hibernate-reactive-quickstart/src/main/docker/Dockerfile.native b/hibernate-reactive-quickstart/src/main/docker/Dockerfile.native index 2b5069c603..1b0965f650 100644 --- a/hibernate-reactive-quickstart/src/main/docker/Dockerfile.native +++ b/hibernate-reactive-quickstart/src/main/docker/Dockerfile.native @@ -1,5 +1,5 @@ #### -# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode. # # Before building the container image run: # @@ -7,14 +7,14 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native -t quarkus/hibernate-reactive . +# docker build -f src/main/docker/Dockerfile.native -t quarkus/hibernate-reactive-quickstart . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/hibernate-reactive +# docker run -i --rm -p 8080:8080 quarkus/hibernate-reactive-quickstart # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.6 WORKDIR /work/ RUN chown 1001 /work \ && chmod "g+rwX" /work \ diff --git a/hibernate-reactive-quickstart/src/main/docker/Dockerfile.native-micro b/hibernate-reactive-quickstart/src/main/docker/Dockerfile.native-micro index c201c22a5f..714c396484 100644 --- a/hibernate-reactive-quickstart/src/main/docker/Dockerfile.native-micro +++ b/hibernate-reactive-quickstart/src/main/docker/Dockerfile.native-micro @@ -1,5 +1,8 @@ #### -# This Dockerfile is used in order to build a distroless container that runs the Quarkus application in native (no JVM) mode +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode. +# It uses a micro base image, tuned for Quarkus native executables. +# It reduces the size of the resulting container image. +# Check https://quarkus.io/guides/quarkus-runtime-base-image for further information about this image. # # Before building the container image run: # @@ -7,15 +10,19 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native-micro -t quarkus/hibernate-reactive . +# docker build -f src/main/docker/Dockerfile.native-micro -t quarkus/hibernate-reactive-quickstart . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/hibernate-reactive +# docker run -i --rm -p 8080:8080 quarkus/hibernate-reactive-quickstart # ### -FROM quay.io/quarkus/quarkus-micro-image:1.0 -COPY target/*-runner /application +FROM quay.io/quarkus/quarkus-micro-image:2.0 +WORKDIR /work/ +RUN chown 1001 /work \ + && chmod "g+rwX" /work \ + && chown 1001:root /work +COPY --chown=1001:root target/*-runner /work/application EXPOSE 8080 USER 1001 diff --git a/hibernate-reactive-routes-quickstart/pom.xml b/hibernate-reactive-routes-quickstart/pom.xml index 15bab0db0c..ea1ad96435 100644 --- a/hibernate-reactive-routes-quickstart/pom.xml +++ b/hibernate-reactive-routes-quickstart/pom.xml @@ -10,7 +10,7 @@ quarkus-bom io.quarkus - 999-SNAPSHOT + 2.14.0.Final 3.0.0-M7 3.8.0 UTF-8 diff --git a/hibernate-reactive-routes-quickstart/src/main/docker/Dockerfile.jvm b/hibernate-reactive-routes-quickstart/src/main/docker/Dockerfile.jvm index 98b7e8aac1..55f3088fb1 100644 --- a/hibernate-reactive-routes-quickstart/src/main/docker/Dockerfile.jvm +++ b/hibernate-reactive-routes-quickstart/src/main/docker/Dockerfile.jvm @@ -7,48 +7,88 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/hibernate-reactive-routes-jvm . +# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/hibernate-reactive-routes-quickstart-jvm . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/hibernate-reactive-routes-jvm +# docker run -i --rm -p 8080:8080 quarkus/hibernate-reactive-routes-quickstart-jvm # # If you want to include the debug port into your docker image -# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5005 # # Then run the container using : # -# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/hibernate-reactive-routes-jvm +# docker run -i --rm -p 8080:8080 quarkus/hibernate-reactive-routes-quickstart-jvm +# +# This image uses the `run-java.sh` script to run the application. +# This scripts computes the command line to execute your Java application, and +# includes memory/GC tuning. +# You can configure the behavior using the following environment properties: +# - JAVA_OPTS: JVM options passed to the `java` command (example: "-verbose:class") +# - JAVA_OPTS_APPEND: User specified Java options to be appended to generated options +# in JAVA_OPTS (example: "-Dsome.property=foo") +# - JAVA_MAX_MEM_RATIO: Is used when no `-Xmx` option is given in JAVA_OPTS. This is +# used to calculate a default maximal heap memory based on a containers restriction. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xmx` is set to a ratio +# of the container available memory as set here. The default is `50` which means 50% +# of the available memory is used as an upper boundary. You can skip this mechanism by +# setting this value to `0` in which case no `-Xmx` option is added. +# - JAVA_INITIAL_MEM_RATIO: Is used when no `-Xms` option is given in JAVA_OPTS. This +# is used to calculate a default initial heap memory based on the maximum heap memory. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xms` is set to a ratio +# of the `-Xmx` memory as set here. The default is `25` which means 25% of the `-Xmx` +# is used as the initial heap size. You can skip this mechanism by setting this value +# to `0` in which case no `-Xms` option is added (example: "25") +# - JAVA_MAX_INITIAL_MEM: Is used when no `-Xms` option is given in JAVA_OPTS. +# This is used to calculate the maximum value of the initial heap memory. If used in +# a container without any memory constraints for the container then this option has +# no effect. If there is a memory constraint then `-Xms` is limited to the value set +# here. The default is 4096MB which means the calculated value of `-Xms` never will +# be greater than 4096MB. The value of this variable is expressed in MB (example: "4096") +# - JAVA_DIAGNOSTICS: Set this to get some diagnostics information to standard output +# when things are happening. This option, if set to true, will set +# `-XX:+UnlockDiagnosticVMOptions`. Disabled by default (example: "true"). +# - JAVA_DEBUG: If set remote debugging will be switched on. Disabled by default (example: +# true"). +# - JAVA_DEBUG_PORT: Port used for remote debugging. Defaults to 5005 (example: "8787"). +# - CONTAINER_CORE_LIMIT: A calculated core limit as described in +# https://www.kernel.org/doc/Documentation/scheduler/sched-bwc.txt. (example: "2") +# - CONTAINER_MAX_MEMORY: Memory limit given to the container (example: "1024"). +# - GC_MIN_HEAP_FREE_RATIO: Minimum percentage of heap free after GC to avoid expansion. +# (example: "20") +# - GC_MAX_HEAP_FREE_RATIO: Maximum percentage of heap free after GC to avoid shrinking. +# (example: "40") +# - GC_TIME_RATIO: Specifies the ratio of the time spent outside the garbage collection. +# (example: "4") +# - GC_ADAPTIVE_SIZE_POLICY_WEIGHT: The weighting given to the current GC time versus +# previous GC times. (example: "90") +# - GC_METASPACE_SIZE: The initial metaspace size. (example: "20") +# - GC_MAX_METASPACE_SIZE: The maximum metaspace size. (example: "100") +# - GC_CONTAINER_OPTIONS: Specify Java GC to use. The value of this variable should +# contain the necessary JRE command-line options to specify the required GC, which +# will override the default of `-XX:+UseParallelGC` (example: -XX:+UseG1GC). +# - HTTPS_PROXY: The location of the https proxy. (example: "myuser@127.0.0.1:8080") +# - HTTP_PROXY: The location of the http proxy. (example: "myuser@127.0.0.1:8080") +# - NO_PROXY: A comma separated lists of hosts, IP addresses or domains that can be +# accessed directly. (example: "foo.example.com,bar.example.com") # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/openjdk-11:1.14 + +ENV LANGUAGE='en_US:en' -ARG JAVA_PACKAGE=java-11-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.8 -ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' -# Install java and the run-java script -# Also set up permissions for user `1001` -RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ - && microdnf update \ - && microdnf clean all \ - && mkdir /deployments \ - && chown 1001 /deployments \ - && chmod "g+rwX" /deployments \ - && chown 1001:root /deployments \ - && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ - && chown 1001 /deployments/run-java.sh \ - && chmod 540 /deployments/run-java.sh \ - && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security -# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. -ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" # We make four distinct layers so if there are application changes the library layers can be re-used -COPY --chown=1001 target/quarkus-app/lib/ /deployments/lib/ -COPY --chown=1001 target/quarkus-app/*.jar /deployments/ -COPY --chown=1001 target/quarkus-app/app/ /deployments/app/ -COPY --chown=1001 target/quarkus-app/quarkus/ /deployments/quarkus/ +COPY --chown=185 target/quarkus-app/lib/ /deployments/lib/ +COPY --chown=185 target/quarkus-app/*.jar /deployments/ +COPY --chown=185 target/quarkus-app/app/ /deployments/app/ +COPY --chown=185 target/quarkus-app/quarkus/ /deployments/quarkus/ EXPOSE 8080 -USER 1001 +USER 185 +ENV AB_JOLOKIA_OFF="" +ENV JAVA_OPTS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +ENV JAVA_APP_JAR="/deployments/quarkus-run.jar" -ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/hibernate-reactive-routes-quickstart/src/main/docker/Dockerfile.legacy-jar b/hibernate-reactive-routes-quickstart/src/main/docker/Dockerfile.legacy-jar index fb1d0e44bb..6910ceeb6c 100644 --- a/hibernate-reactive-routes-quickstart/src/main/docker/Dockerfile.legacy-jar +++ b/hibernate-reactive-routes-quickstart/src/main/docker/Dockerfile.legacy-jar @@ -7,45 +7,84 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/hibernate-reactive-routes-legacy-jar . +# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/hibernate-reactive-routes-quickstart-legacy-jar . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/hibernate-reactive-routes-legacy-jar +# docker run -i --rm -p 8080:8080 quarkus/hibernate-reactive-routes-quickstart-legacy-jar # # If you want to include the debug port into your docker image -# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5005 # # Then run the container using : # -# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/hibernate-reactive-routes-legacy-jar +# docker run -i --rm -p 8080:8080 quarkus/hibernate-reactive-routes-quickstart-legacy-jar +# +# This image uses the `run-java.sh` script to run the application. +# This scripts computes the command line to execute your Java application, and +# includes memory/GC tuning. +# You can configure the behavior using the following environment properties: +# - JAVA_OPTS: JVM options passed to the `java` command (example: "-verbose:class") +# - JAVA_OPTS_APPEND: User specified Java options to be appended to generated options +# in JAVA_OPTS (example: "-Dsome.property=foo") +# - JAVA_MAX_MEM_RATIO: Is used when no `-Xmx` option is given in JAVA_OPTS. This is +# used to calculate a default maximal heap memory based on a containers restriction. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xmx` is set to a ratio +# of the container available memory as set here. The default is `50` which means 50% +# of the available memory is used as an upper boundary. You can skip this mechanism by +# setting this value to `0` in which case no `-Xmx` option is added. +# - JAVA_INITIAL_MEM_RATIO: Is used when no `-Xms` option is given in JAVA_OPTS. This +# is used to calculate a default initial heap memory based on the maximum heap memory. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xms` is set to a ratio +# of the `-Xmx` memory as set here. The default is `25` which means 25% of the `-Xmx` +# is used as the initial heap size. You can skip this mechanism by setting this value +# to `0` in which case no `-Xms` option is added (example: "25") +# - JAVA_MAX_INITIAL_MEM: Is used when no `-Xms` option is given in JAVA_OPTS. +# This is used to calculate the maximum value of the initial heap memory. If used in +# a container without any memory constraints for the container then this option has +# no effect. If there is a memory constraint then `-Xms` is limited to the value set +# here. The default is 4096MB which means the calculated value of `-Xms` never will +# be greater than 4096MB. The value of this variable is expressed in MB (example: "4096") +# - JAVA_DIAGNOSTICS: Set this to get some diagnostics information to standard output +# when things are happening. This option, if set to true, will set +# `-XX:+UnlockDiagnosticVMOptions`. Disabled by default (example: "true"). +# - JAVA_DEBUG: If set remote debugging will be switched on. Disabled by default (example: +# true"). +# - JAVA_DEBUG_PORT: Port used for remote debugging. Defaults to 5005 (example: "8787"). +# - CONTAINER_CORE_LIMIT: A calculated core limit as described in +# https://www.kernel.org/doc/Documentation/scheduler/sched-bwc.txt. (example: "2") +# - CONTAINER_MAX_MEMORY: Memory limit given to the container (example: "1024"). +# - GC_MIN_HEAP_FREE_RATIO: Minimum percentage of heap free after GC to avoid expansion. +# (example: "20") +# - GC_MAX_HEAP_FREE_RATIO: Maximum percentage of heap free after GC to avoid shrinking. +# (example: "40") +# - GC_TIME_RATIO: Specifies the ratio of the time spent outside the garbage collection. +# (example: "4") +# - GC_ADAPTIVE_SIZE_POLICY_WEIGHT: The weighting given to the current GC time versus +# previous GC times. (example: "90") +# - GC_METASPACE_SIZE: The initial metaspace size. (example: "20") +# - GC_MAX_METASPACE_SIZE: The maximum metaspace size. (example: "100") +# - GC_CONTAINER_OPTIONS: Specify Java GC to use. The value of this variable should +# contain the necessary JRE command-line options to specify the required GC, which +# will override the default of `-XX:+UseParallelGC` (example: -XX:+UseG1GC). +# - HTTPS_PROXY: The location of the https proxy. (example: "myuser@127.0.0.1:8080") +# - HTTP_PROXY: The location of the http proxy. (example: "myuser@127.0.0.1:8080") +# - NO_PROXY: A comma separated lists of hosts, IP addresses or domains that can be +# accessed directly. (example: "foo.example.com,bar.example.com") # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/openjdk-11:1.14 + +ENV LANGUAGE='en_US:en' -ARG JAVA_PACKAGE=java-11-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.8 -ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' -# Install java and the run-java script -# Also set up permissions for user `1001` -RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ - && microdnf update \ - && microdnf clean all \ - && mkdir /deployments \ - && chown 1001 /deployments \ - && chmod "g+rwX" /deployments \ - && chown 1001:root /deployments \ - && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ - && chown 1001 /deployments/run-java.sh \ - && chmod 540 /deployments/run-java.sh \ - && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security -# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. -ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" COPY target/lib/* /deployments/lib/ -COPY target/*-runner.jar /deployments/app.jar +COPY target/*-runner.jar /deployments/quarkus-run.jar EXPOSE 8080 -USER 1001 - -ENTRYPOINT [ "/deployments/run-java.sh" ] +USER 185 +ENV AB_JOLOKIA_OFF="" +ENV JAVA_OPTS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +ENV JAVA_APP_JAR="/deployments/quarkus-run.jar" diff --git a/hibernate-reactive-routes-quickstart/src/main/docker/Dockerfile.native b/hibernate-reactive-routes-quickstart/src/main/docker/Dockerfile.native index 32164a66ad..7fb915942b 100644 --- a/hibernate-reactive-routes-quickstart/src/main/docker/Dockerfile.native +++ b/hibernate-reactive-routes-quickstart/src/main/docker/Dockerfile.native @@ -1,5 +1,5 @@ #### -# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode. # # Before building the container image run: # @@ -7,14 +7,14 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native -t quarkus/hibernate-reactive-routes . +# docker build -f src/main/docker/Dockerfile.native -t quarkus/hibernate-reactive-routes-quickstart . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/hibernate-reactive-routes +# docker run -i --rm -p 8080:8080 quarkus/hibernate-reactive-routes-quickstart # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.6 WORKDIR /work/ RUN chown 1001 /work \ && chmod "g+rwX" /work \ diff --git a/hibernate-reactive-routes-quickstart/src/main/docker/Dockerfile.native-micro b/hibernate-reactive-routes-quickstart/src/main/docker/Dockerfile.native-micro index f6662c9b26..56944570cc 100644 --- a/hibernate-reactive-routes-quickstart/src/main/docker/Dockerfile.native-micro +++ b/hibernate-reactive-routes-quickstart/src/main/docker/Dockerfile.native-micro @@ -1,5 +1,8 @@ #### -# This Dockerfile is used in order to build a distroless container that runs the Quarkus application in native (no JVM) mode +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode. +# It uses a micro base image, tuned for Quarkus native executables. +# It reduces the size of the resulting container image. +# Check https://quarkus.io/guides/quarkus-runtime-base-image for further information about this image. # # Before building the container image run: # @@ -7,15 +10,19 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native-micro -t quarkus/hibernate-reactive-routes . +# docker build -f src/main/docker/Dockerfile.native-micro -t quarkus/hibernate-reactive-routes-quickstart . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/hibernate-reactive-routes +# docker run -i --rm -p 8080:8080 quarkus/hibernate-reactive-routes-quickstart # ### -FROM quay.io/quarkus/quarkus-micro-image:1.0 -COPY target/*-runner /application +FROM quay.io/quarkus/quarkus-micro-image:2.0 +WORKDIR /work/ +RUN chown 1001 /work \ + && chmod "g+rwX" /work \ + && chown 1001:root /work +COPY --chown=1001:root target/*-runner /work/application EXPOSE 8080 USER 1001 diff --git a/hibernate-reactive-stateless-quickstart/pom.xml b/hibernate-reactive-stateless-quickstart/pom.xml index c6b7fb919c..8a83117ec8 100644 --- a/hibernate-reactive-stateless-quickstart/pom.xml +++ b/hibernate-reactive-stateless-quickstart/pom.xml @@ -10,7 +10,7 @@ quarkus-bom io.quarkus - 999-SNAPSHOT + 2.14.0.Final 3.0.0-M7 3.8.0 UTF-8 diff --git a/hibernate-reactive-stateless-quickstart/src/main/docker/Dockerfile.jvm b/hibernate-reactive-stateless-quickstart/src/main/docker/Dockerfile.jvm index ed8dc1dcad..1586e5033f 100644 --- a/hibernate-reactive-stateless-quickstart/src/main/docker/Dockerfile.jvm +++ b/hibernate-reactive-stateless-quickstart/src/main/docker/Dockerfile.jvm @@ -7,48 +7,88 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/hibernate-reactive-jvm . +# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/hibernate-reactive-stateless-quickstart-jvm . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/hibernate-reactive-jvm +# docker run -i --rm -p 8080:8080 quarkus/hibernate-reactive-stateless-quickstart-jvm # # If you want to include the debug port into your docker image -# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5005 # # Then run the container using : # -# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/hibernate-reactive-jvm +# docker run -i --rm -p 8080:8080 quarkus/hibernate-reactive-stateless-quickstart-jvm +# +# This image uses the `run-java.sh` script to run the application. +# This scripts computes the command line to execute your Java application, and +# includes memory/GC tuning. +# You can configure the behavior using the following environment properties: +# - JAVA_OPTS: JVM options passed to the `java` command (example: "-verbose:class") +# - JAVA_OPTS_APPEND: User specified Java options to be appended to generated options +# in JAVA_OPTS (example: "-Dsome.property=foo") +# - JAVA_MAX_MEM_RATIO: Is used when no `-Xmx` option is given in JAVA_OPTS. This is +# used to calculate a default maximal heap memory based on a containers restriction. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xmx` is set to a ratio +# of the container available memory as set here. The default is `50` which means 50% +# of the available memory is used as an upper boundary. You can skip this mechanism by +# setting this value to `0` in which case no `-Xmx` option is added. +# - JAVA_INITIAL_MEM_RATIO: Is used when no `-Xms` option is given in JAVA_OPTS. This +# is used to calculate a default initial heap memory based on the maximum heap memory. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xms` is set to a ratio +# of the `-Xmx` memory as set here. The default is `25` which means 25% of the `-Xmx` +# is used as the initial heap size. You can skip this mechanism by setting this value +# to `0` in which case no `-Xms` option is added (example: "25") +# - JAVA_MAX_INITIAL_MEM: Is used when no `-Xms` option is given in JAVA_OPTS. +# This is used to calculate the maximum value of the initial heap memory. If used in +# a container without any memory constraints for the container then this option has +# no effect. If there is a memory constraint then `-Xms` is limited to the value set +# here. The default is 4096MB which means the calculated value of `-Xms` never will +# be greater than 4096MB. The value of this variable is expressed in MB (example: "4096") +# - JAVA_DIAGNOSTICS: Set this to get some diagnostics information to standard output +# when things are happening. This option, if set to true, will set +# `-XX:+UnlockDiagnosticVMOptions`. Disabled by default (example: "true"). +# - JAVA_DEBUG: If set remote debugging will be switched on. Disabled by default (example: +# true"). +# - JAVA_DEBUG_PORT: Port used for remote debugging. Defaults to 5005 (example: "8787"). +# - CONTAINER_CORE_LIMIT: A calculated core limit as described in +# https://www.kernel.org/doc/Documentation/scheduler/sched-bwc.txt. (example: "2") +# - CONTAINER_MAX_MEMORY: Memory limit given to the container (example: "1024"). +# - GC_MIN_HEAP_FREE_RATIO: Minimum percentage of heap free after GC to avoid expansion. +# (example: "20") +# - GC_MAX_HEAP_FREE_RATIO: Maximum percentage of heap free after GC to avoid shrinking. +# (example: "40") +# - GC_TIME_RATIO: Specifies the ratio of the time spent outside the garbage collection. +# (example: "4") +# - GC_ADAPTIVE_SIZE_POLICY_WEIGHT: The weighting given to the current GC time versus +# previous GC times. (example: "90") +# - GC_METASPACE_SIZE: The initial metaspace size. (example: "20") +# - GC_MAX_METASPACE_SIZE: The maximum metaspace size. (example: "100") +# - GC_CONTAINER_OPTIONS: Specify Java GC to use. The value of this variable should +# contain the necessary JRE command-line options to specify the required GC, which +# will override the default of `-XX:+UseParallelGC` (example: -XX:+UseG1GC). +# - HTTPS_PROXY: The location of the https proxy. (example: "myuser@127.0.0.1:8080") +# - HTTP_PROXY: The location of the http proxy. (example: "myuser@127.0.0.1:8080") +# - NO_PROXY: A comma separated lists of hosts, IP addresses or domains that can be +# accessed directly. (example: "foo.example.com,bar.example.com") # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/openjdk-11:1.14 + +ENV LANGUAGE='en_US:en' -ARG JAVA_PACKAGE=java-11-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.8 -ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' -# Install java and the run-java script -# Also set up permissions for user `1001` -RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ - && microdnf update \ - && microdnf clean all \ - && mkdir /deployments \ - && chown 1001 /deployments \ - && chmod "g+rwX" /deployments \ - && chown 1001:root /deployments \ - && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ - && chown 1001 /deployments/run-java.sh \ - && chmod 540 /deployments/run-java.sh \ - && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security -# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. -ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" # We make four distinct layers so if there are application changes the library layers can be re-used -COPY --chown=1001 target/quarkus-app/lib/ /deployments/lib/ -COPY --chown=1001 target/quarkus-app/*.jar /deployments/ -COPY --chown=1001 target/quarkus-app/app/ /deployments/app/ -COPY --chown=1001 target/quarkus-app/quarkus/ /deployments/quarkus/ +COPY --chown=185 target/quarkus-app/lib/ /deployments/lib/ +COPY --chown=185 target/quarkus-app/*.jar /deployments/ +COPY --chown=185 target/quarkus-app/app/ /deployments/app/ +COPY --chown=185 target/quarkus-app/quarkus/ /deployments/quarkus/ EXPOSE 8080 -USER 1001 +USER 185 +ENV AB_JOLOKIA_OFF="" +ENV JAVA_OPTS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +ENV JAVA_APP_JAR="/deployments/quarkus-run.jar" -ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/hibernate-reactive-stateless-quickstart/src/main/docker/Dockerfile.legacy-jar b/hibernate-reactive-stateless-quickstart/src/main/docker/Dockerfile.legacy-jar index f63e35bc19..6f27828099 100644 --- a/hibernate-reactive-stateless-quickstart/src/main/docker/Dockerfile.legacy-jar +++ b/hibernate-reactive-stateless-quickstart/src/main/docker/Dockerfile.legacy-jar @@ -7,45 +7,84 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/hibernate-reactive-legacy-jar . +# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/hibernate-reactive-stateless-quickstart-legacy-jar . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/hibernate-reactive-legacy-jar +# docker run -i --rm -p 8080:8080 quarkus/hibernate-reactive-stateless-quickstart-legacy-jar # # If you want to include the debug port into your docker image -# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5005 # # Then run the container using : # -# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/hibernate-reactive-legacy-jar +# docker run -i --rm -p 8080:8080 quarkus/hibernate-reactive-stateless-quickstart-legacy-jar +# +# This image uses the `run-java.sh` script to run the application. +# This scripts computes the command line to execute your Java application, and +# includes memory/GC tuning. +# You can configure the behavior using the following environment properties: +# - JAVA_OPTS: JVM options passed to the `java` command (example: "-verbose:class") +# - JAVA_OPTS_APPEND: User specified Java options to be appended to generated options +# in JAVA_OPTS (example: "-Dsome.property=foo") +# - JAVA_MAX_MEM_RATIO: Is used when no `-Xmx` option is given in JAVA_OPTS. This is +# used to calculate a default maximal heap memory based on a containers restriction. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xmx` is set to a ratio +# of the container available memory as set here. The default is `50` which means 50% +# of the available memory is used as an upper boundary. You can skip this mechanism by +# setting this value to `0` in which case no `-Xmx` option is added. +# - JAVA_INITIAL_MEM_RATIO: Is used when no `-Xms` option is given in JAVA_OPTS. This +# is used to calculate a default initial heap memory based on the maximum heap memory. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xms` is set to a ratio +# of the `-Xmx` memory as set here. The default is `25` which means 25% of the `-Xmx` +# is used as the initial heap size. You can skip this mechanism by setting this value +# to `0` in which case no `-Xms` option is added (example: "25") +# - JAVA_MAX_INITIAL_MEM: Is used when no `-Xms` option is given in JAVA_OPTS. +# This is used to calculate the maximum value of the initial heap memory. If used in +# a container without any memory constraints for the container then this option has +# no effect. If there is a memory constraint then `-Xms` is limited to the value set +# here. The default is 4096MB which means the calculated value of `-Xms` never will +# be greater than 4096MB. The value of this variable is expressed in MB (example: "4096") +# - JAVA_DIAGNOSTICS: Set this to get some diagnostics information to standard output +# when things are happening. This option, if set to true, will set +# `-XX:+UnlockDiagnosticVMOptions`. Disabled by default (example: "true"). +# - JAVA_DEBUG: If set remote debugging will be switched on. Disabled by default (example: +# true"). +# - JAVA_DEBUG_PORT: Port used for remote debugging. Defaults to 5005 (example: "8787"). +# - CONTAINER_CORE_LIMIT: A calculated core limit as described in +# https://www.kernel.org/doc/Documentation/scheduler/sched-bwc.txt. (example: "2") +# - CONTAINER_MAX_MEMORY: Memory limit given to the container (example: "1024"). +# - GC_MIN_HEAP_FREE_RATIO: Minimum percentage of heap free after GC to avoid expansion. +# (example: "20") +# - GC_MAX_HEAP_FREE_RATIO: Maximum percentage of heap free after GC to avoid shrinking. +# (example: "40") +# - GC_TIME_RATIO: Specifies the ratio of the time spent outside the garbage collection. +# (example: "4") +# - GC_ADAPTIVE_SIZE_POLICY_WEIGHT: The weighting given to the current GC time versus +# previous GC times. (example: "90") +# - GC_METASPACE_SIZE: The initial metaspace size. (example: "20") +# - GC_MAX_METASPACE_SIZE: The maximum metaspace size. (example: "100") +# - GC_CONTAINER_OPTIONS: Specify Java GC to use. The value of this variable should +# contain the necessary JRE command-line options to specify the required GC, which +# will override the default of `-XX:+UseParallelGC` (example: -XX:+UseG1GC). +# - HTTPS_PROXY: The location of the https proxy. (example: "myuser@127.0.0.1:8080") +# - HTTP_PROXY: The location of the http proxy. (example: "myuser@127.0.0.1:8080") +# - NO_PROXY: A comma separated lists of hosts, IP addresses or domains that can be +# accessed directly. (example: "foo.example.com,bar.example.com") # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/openjdk-11:1.14 + +ENV LANGUAGE='en_US:en' -ARG JAVA_PACKAGE=java-11-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.8 -ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' -# Install java and the run-java script -# Also set up permissions for user `1001` -RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ - && microdnf update \ - && microdnf clean all \ - && mkdir /deployments \ - && chown 1001 /deployments \ - && chmod "g+rwX" /deployments \ - && chown 1001:root /deployments \ - && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ - && chown 1001 /deployments/run-java.sh \ - && chmod 540 /deployments/run-java.sh \ - && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security -# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. -ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" COPY target/lib/* /deployments/lib/ -COPY target/*-runner.jar /deployments/app.jar +COPY target/*-runner.jar /deployments/quarkus-run.jar EXPOSE 8080 -USER 1001 - -ENTRYPOINT [ "/deployments/run-java.sh" ] +USER 185 +ENV AB_JOLOKIA_OFF="" +ENV JAVA_OPTS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +ENV JAVA_APP_JAR="/deployments/quarkus-run.jar" diff --git a/hibernate-reactive-stateless-quickstart/src/main/docker/Dockerfile.native b/hibernate-reactive-stateless-quickstart/src/main/docker/Dockerfile.native index 2b5069c603..0672a25e77 100644 --- a/hibernate-reactive-stateless-quickstart/src/main/docker/Dockerfile.native +++ b/hibernate-reactive-stateless-quickstart/src/main/docker/Dockerfile.native @@ -1,5 +1,5 @@ #### -# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode. # # Before building the container image run: # @@ -7,14 +7,14 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native -t quarkus/hibernate-reactive . +# docker build -f src/main/docker/Dockerfile.native -t quarkus/hibernate-reactive-stateless-quickstart . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/hibernate-reactive +# docker run -i --rm -p 8080:8080 quarkus/hibernate-reactive-stateless-quickstart # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.6 WORKDIR /work/ RUN chown 1001 /work \ && chmod "g+rwX" /work \ diff --git a/hibernate-search-orm-elasticsearch-quickstart/pom.xml b/hibernate-search-orm-elasticsearch-quickstart/pom.xml index ec58d0230d..e928a0e730 100644 --- a/hibernate-search-orm-elasticsearch-quickstart/pom.xml +++ b/hibernate-search-orm-elasticsearch-quickstart/pom.xml @@ -9,7 +9,7 @@ quarkus-bom io.quarkus - 999-SNAPSHOT + 2.14.0.Final 3.8.1 3.0.0-M7 diff --git a/hibernate-search-orm-elasticsearch-quickstart/src/main/docker/Dockerfile.jvm b/hibernate-search-orm-elasticsearch-quickstart/src/main/docker/Dockerfile.jvm index 7c5731603a..d19b776941 100644 --- a/hibernate-search-orm-elasticsearch-quickstart/src/main/docker/Dockerfile.jvm +++ b/hibernate-search-orm-elasticsearch-quickstart/src/main/docker/Dockerfile.jvm @@ -7,48 +7,88 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/hibernate-search-orm-elasticsearch-jvm . +# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/hibernate-search-orm-elasticsearch-quickstart-jvm . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/hibernate-search-orm-elasticsearch-jvm +# docker run -i --rm -p 8080:8080 quarkus/hibernate-search-orm-elasticsearch-quickstart-jvm # # If you want to include the debug port into your docker image -# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5005 # # Then run the container using : # -# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/hibernate-search-orm-elasticsearch-jvm +# docker run -i --rm -p 8080:8080 quarkus/hibernate-search-orm-elasticsearch-quickstart-jvm +# +# This image uses the `run-java.sh` script to run the application. +# This scripts computes the command line to execute your Java application, and +# includes memory/GC tuning. +# You can configure the behavior using the following environment properties: +# - JAVA_OPTS: JVM options passed to the `java` command (example: "-verbose:class") +# - JAVA_OPTS_APPEND: User specified Java options to be appended to generated options +# in JAVA_OPTS (example: "-Dsome.property=foo") +# - JAVA_MAX_MEM_RATIO: Is used when no `-Xmx` option is given in JAVA_OPTS. This is +# used to calculate a default maximal heap memory based on a containers restriction. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xmx` is set to a ratio +# of the container available memory as set here. The default is `50` which means 50% +# of the available memory is used as an upper boundary. You can skip this mechanism by +# setting this value to `0` in which case no `-Xmx` option is added. +# - JAVA_INITIAL_MEM_RATIO: Is used when no `-Xms` option is given in JAVA_OPTS. This +# is used to calculate a default initial heap memory based on the maximum heap memory. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xms` is set to a ratio +# of the `-Xmx` memory as set here. The default is `25` which means 25% of the `-Xmx` +# is used as the initial heap size. You can skip this mechanism by setting this value +# to `0` in which case no `-Xms` option is added (example: "25") +# - JAVA_MAX_INITIAL_MEM: Is used when no `-Xms` option is given in JAVA_OPTS. +# This is used to calculate the maximum value of the initial heap memory. If used in +# a container without any memory constraints for the container then this option has +# no effect. If there is a memory constraint then `-Xms` is limited to the value set +# here. The default is 4096MB which means the calculated value of `-Xms` never will +# be greater than 4096MB. The value of this variable is expressed in MB (example: "4096") +# - JAVA_DIAGNOSTICS: Set this to get some diagnostics information to standard output +# when things are happening. This option, if set to true, will set +# `-XX:+UnlockDiagnosticVMOptions`. Disabled by default (example: "true"). +# - JAVA_DEBUG: If set remote debugging will be switched on. Disabled by default (example: +# true"). +# - JAVA_DEBUG_PORT: Port used for remote debugging. Defaults to 5005 (example: "8787"). +# - CONTAINER_CORE_LIMIT: A calculated core limit as described in +# https://www.kernel.org/doc/Documentation/scheduler/sched-bwc.txt. (example: "2") +# - CONTAINER_MAX_MEMORY: Memory limit given to the container (example: "1024"). +# - GC_MIN_HEAP_FREE_RATIO: Minimum percentage of heap free after GC to avoid expansion. +# (example: "20") +# - GC_MAX_HEAP_FREE_RATIO: Maximum percentage of heap free after GC to avoid shrinking. +# (example: "40") +# - GC_TIME_RATIO: Specifies the ratio of the time spent outside the garbage collection. +# (example: "4") +# - GC_ADAPTIVE_SIZE_POLICY_WEIGHT: The weighting given to the current GC time versus +# previous GC times. (example: "90") +# - GC_METASPACE_SIZE: The initial metaspace size. (example: "20") +# - GC_MAX_METASPACE_SIZE: The maximum metaspace size. (example: "100") +# - GC_CONTAINER_OPTIONS: Specify Java GC to use. The value of this variable should +# contain the necessary JRE command-line options to specify the required GC, which +# will override the default of `-XX:+UseParallelGC` (example: -XX:+UseG1GC). +# - HTTPS_PROXY: The location of the https proxy. (example: "myuser@127.0.0.1:8080") +# - HTTP_PROXY: The location of the http proxy. (example: "myuser@127.0.0.1:8080") +# - NO_PROXY: A comma separated lists of hosts, IP addresses or domains that can be +# accessed directly. (example: "foo.example.com,bar.example.com") # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/openjdk-11:1.14 + +ENV LANGUAGE='en_US:en' -ARG JAVA_PACKAGE=java-11-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.8 -ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' -# Install java and the run-java script -# Also set up permissions for user `1001` -RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ - && microdnf update \ - && microdnf clean all \ - && mkdir /deployments \ - && chown 1001 /deployments \ - && chmod "g+rwX" /deployments \ - && chown 1001:root /deployments \ - && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ - && chown 1001 /deployments/run-java.sh \ - && chmod 540 /deployments/run-java.sh \ - && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security -# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. -ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" # We make four distinct layers so if there are application changes the library layers can be re-used -COPY --chown=1001 target/quarkus-app/lib/ /deployments/lib/ -COPY --chown=1001 target/quarkus-app/*.jar /deployments/ -COPY --chown=1001 target/quarkus-app/app/ /deployments/app/ -COPY --chown=1001 target/quarkus-app/quarkus/ /deployments/quarkus/ +COPY --chown=185 target/quarkus-app/lib/ /deployments/lib/ +COPY --chown=185 target/quarkus-app/*.jar /deployments/ +COPY --chown=185 target/quarkus-app/app/ /deployments/app/ +COPY --chown=185 target/quarkus-app/quarkus/ /deployments/quarkus/ EXPOSE 8080 -USER 1001 +USER 185 +ENV AB_JOLOKIA_OFF="" +ENV JAVA_OPTS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +ENV JAVA_APP_JAR="/deployments/quarkus-run.jar" -ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/hibernate-search-orm-elasticsearch-quickstart/src/main/docker/Dockerfile.legacy-jar b/hibernate-search-orm-elasticsearch-quickstart/src/main/docker/Dockerfile.legacy-jar index 68f990b1d1..29e9c4e8f6 100644 --- a/hibernate-search-orm-elasticsearch-quickstart/src/main/docker/Dockerfile.legacy-jar +++ b/hibernate-search-orm-elasticsearch-quickstart/src/main/docker/Dockerfile.legacy-jar @@ -7,45 +7,84 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/hibernate-search-orm-elasticsearch-legacy-jar . +# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/hibernate-search-orm-elasticsearch-quickstart-legacy-jar . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/hibernate-search-orm-elasticsearch-legacy-jar +# docker run -i --rm -p 8080:8080 quarkus/hibernate-search-orm-elasticsearch-quickstart-legacy-jar # # If you want to include the debug port into your docker image -# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5005 # # Then run the container using : # -# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/hibernate-search-orm-elasticsearch-legacy-jar +# docker run -i --rm -p 8080:8080 quarkus/hibernate-search-orm-elasticsearch-quickstart-legacy-jar +# +# This image uses the `run-java.sh` script to run the application. +# This scripts computes the command line to execute your Java application, and +# includes memory/GC tuning. +# You can configure the behavior using the following environment properties: +# - JAVA_OPTS: JVM options passed to the `java` command (example: "-verbose:class") +# - JAVA_OPTS_APPEND: User specified Java options to be appended to generated options +# in JAVA_OPTS (example: "-Dsome.property=foo") +# - JAVA_MAX_MEM_RATIO: Is used when no `-Xmx` option is given in JAVA_OPTS. This is +# used to calculate a default maximal heap memory based on a containers restriction. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xmx` is set to a ratio +# of the container available memory as set here. The default is `50` which means 50% +# of the available memory is used as an upper boundary. You can skip this mechanism by +# setting this value to `0` in which case no `-Xmx` option is added. +# - JAVA_INITIAL_MEM_RATIO: Is used when no `-Xms` option is given in JAVA_OPTS. This +# is used to calculate a default initial heap memory based on the maximum heap memory. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xms` is set to a ratio +# of the `-Xmx` memory as set here. The default is `25` which means 25% of the `-Xmx` +# is used as the initial heap size. You can skip this mechanism by setting this value +# to `0` in which case no `-Xms` option is added (example: "25") +# - JAVA_MAX_INITIAL_MEM: Is used when no `-Xms` option is given in JAVA_OPTS. +# This is used to calculate the maximum value of the initial heap memory. If used in +# a container without any memory constraints for the container then this option has +# no effect. If there is a memory constraint then `-Xms` is limited to the value set +# here. The default is 4096MB which means the calculated value of `-Xms` never will +# be greater than 4096MB. The value of this variable is expressed in MB (example: "4096") +# - JAVA_DIAGNOSTICS: Set this to get some diagnostics information to standard output +# when things are happening. This option, if set to true, will set +# `-XX:+UnlockDiagnosticVMOptions`. Disabled by default (example: "true"). +# - JAVA_DEBUG: If set remote debugging will be switched on. Disabled by default (example: +# true"). +# - JAVA_DEBUG_PORT: Port used for remote debugging. Defaults to 5005 (example: "8787"). +# - CONTAINER_CORE_LIMIT: A calculated core limit as described in +# https://www.kernel.org/doc/Documentation/scheduler/sched-bwc.txt. (example: "2") +# - CONTAINER_MAX_MEMORY: Memory limit given to the container (example: "1024"). +# - GC_MIN_HEAP_FREE_RATIO: Minimum percentage of heap free after GC to avoid expansion. +# (example: "20") +# - GC_MAX_HEAP_FREE_RATIO: Maximum percentage of heap free after GC to avoid shrinking. +# (example: "40") +# - GC_TIME_RATIO: Specifies the ratio of the time spent outside the garbage collection. +# (example: "4") +# - GC_ADAPTIVE_SIZE_POLICY_WEIGHT: The weighting given to the current GC time versus +# previous GC times. (example: "90") +# - GC_METASPACE_SIZE: The initial metaspace size. (example: "20") +# - GC_MAX_METASPACE_SIZE: The maximum metaspace size. (example: "100") +# - GC_CONTAINER_OPTIONS: Specify Java GC to use. The value of this variable should +# contain the necessary JRE command-line options to specify the required GC, which +# will override the default of `-XX:+UseParallelGC` (example: -XX:+UseG1GC). +# - HTTPS_PROXY: The location of the https proxy. (example: "myuser@127.0.0.1:8080") +# - HTTP_PROXY: The location of the http proxy. (example: "myuser@127.0.0.1:8080") +# - NO_PROXY: A comma separated lists of hosts, IP addresses or domains that can be +# accessed directly. (example: "foo.example.com,bar.example.com") # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/openjdk-11:1.14 + +ENV LANGUAGE='en_US:en' -ARG JAVA_PACKAGE=java-11-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.8 -ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' -# Install java and the run-java script -# Also set up permissions for user `1001` -RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ - && microdnf update \ - && microdnf clean all \ - && mkdir /deployments \ - && chown 1001 /deployments \ - && chmod "g+rwX" /deployments \ - && chown 1001:root /deployments \ - && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ - && chown 1001 /deployments/run-java.sh \ - && chmod 540 /deployments/run-java.sh \ - && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security -# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. -ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" COPY target/lib/* /deployments/lib/ -COPY target/*-runner.jar /deployments/app.jar +COPY target/*-runner.jar /deployments/quarkus-run.jar EXPOSE 8080 -USER 1001 - -ENTRYPOINT [ "/deployments/run-java.sh" ] +USER 185 +ENV AB_JOLOKIA_OFF="" +ENV JAVA_OPTS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +ENV JAVA_APP_JAR="/deployments/quarkus-run.jar" diff --git a/hibernate-search-orm-elasticsearch-quickstart/src/main/docker/Dockerfile.native b/hibernate-search-orm-elasticsearch-quickstart/src/main/docker/Dockerfile.native index aea76857bc..dcdcbf2c22 100644 --- a/hibernate-search-orm-elasticsearch-quickstart/src/main/docker/Dockerfile.native +++ b/hibernate-search-orm-elasticsearch-quickstart/src/main/docker/Dockerfile.native @@ -1,5 +1,5 @@ #### -# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode. # # Before building the container image run: # @@ -7,14 +7,14 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native -t quarkus/hibernate-search-orm-elasticsearch . +# docker build -f src/main/docker/Dockerfile.native -t quarkus/hibernate-search-orm-elasticsearch-quickstart . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/hibernate-search-orm-elasticsearch +# docker run -i --rm -p 8080:8080 quarkus/hibernate-search-orm-elasticsearch-quickstart # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.6 WORKDIR /work/ RUN chown 1001 /work \ && chmod "g+rwX" /work \ diff --git a/hibernate-search-orm-elasticsearch-quickstart/src/main/docker/Dockerfile.native-micro b/hibernate-search-orm-elasticsearch-quickstart/src/main/docker/Dockerfile.native-micro index f2c3dd1792..59369cd96d 100644 --- a/hibernate-search-orm-elasticsearch-quickstart/src/main/docker/Dockerfile.native-micro +++ b/hibernate-search-orm-elasticsearch-quickstart/src/main/docker/Dockerfile.native-micro @@ -1,5 +1,8 @@ #### -# This Dockerfile is used in order to build a distroless container that runs the Quarkus application in native (no JVM) mode +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode. +# It uses a micro base image, tuned for Quarkus native executables. +# It reduces the size of the resulting container image. +# Check https://quarkus.io/guides/quarkus-runtime-base-image for further information about this image. # # Before building the container image run: # @@ -7,15 +10,19 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native-micro -t quarkus/hibernate-search-orm-elasticsearch . +# docker build -f src/main/docker/Dockerfile.native-micro -t quarkus/hibernate-search-orm-elasticsearch-quickstart . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/hibernate-search-orm-elasticsearch +# docker run -i --rm -p 8080:8080 quarkus/hibernate-search-orm-elasticsearch-quickstart # ### -FROM quay.io/quarkus/quarkus-micro-image:1.0 -COPY target/*-runner /application +FROM quay.io/quarkus/quarkus-micro-image:2.0 +WORKDIR /work/ +RUN chown 1001 /work \ + && chmod "g+rwX" /work \ + && chown 1001:root /work +COPY --chown=1001:root target/*-runner /work/application EXPOSE 8080 USER 1001 diff --git a/infinispan-client-quickstart/pom.xml b/infinispan-client-quickstart/pom.xml index 15c44d47d1..8d97f4ea58 100644 --- a/infinispan-client-quickstart/pom.xml +++ b/infinispan-client-quickstart/pom.xml @@ -11,7 +11,7 @@ quarkus-bom io.quarkus - 999-SNAPSHOT + 2.14.0.Final 3.0.0-M7 UTF-8 11 diff --git a/infinispan-client-quickstart/src/main/docker/Dockerfile.jvm b/infinispan-client-quickstart/src/main/docker/Dockerfile.jvm index 98a99f40b7..d2c00655ae 100644 --- a/infinispan-client-quickstart/src/main/docker/Dockerfile.jvm +++ b/infinispan-client-quickstart/src/main/docker/Dockerfile.jvm @@ -7,48 +7,88 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/infinispan-client-jvm . +# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/infinispan-client-quickstart-jvm . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/infinispan-client-jvm +# docker run -i --rm -p 8080:8080 quarkus/infinispan-client-quickstart-jvm # # If you want to include the debug port into your docker image -# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5005 # # Then run the container using : # -# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/infinispan-client-jvm +# docker run -i --rm -p 8080:8080 quarkus/infinispan-client-quickstart-jvm +# +# This image uses the `run-java.sh` script to run the application. +# This scripts computes the command line to execute your Java application, and +# includes memory/GC tuning. +# You can configure the behavior using the following environment properties: +# - JAVA_OPTS: JVM options passed to the `java` command (example: "-verbose:class") +# - JAVA_OPTS_APPEND: User specified Java options to be appended to generated options +# in JAVA_OPTS (example: "-Dsome.property=foo") +# - JAVA_MAX_MEM_RATIO: Is used when no `-Xmx` option is given in JAVA_OPTS. This is +# used to calculate a default maximal heap memory based on a containers restriction. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xmx` is set to a ratio +# of the container available memory as set here. The default is `50` which means 50% +# of the available memory is used as an upper boundary. You can skip this mechanism by +# setting this value to `0` in which case no `-Xmx` option is added. +# - JAVA_INITIAL_MEM_RATIO: Is used when no `-Xms` option is given in JAVA_OPTS. This +# is used to calculate a default initial heap memory based on the maximum heap memory. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xms` is set to a ratio +# of the `-Xmx` memory as set here. The default is `25` which means 25% of the `-Xmx` +# is used as the initial heap size. You can skip this mechanism by setting this value +# to `0` in which case no `-Xms` option is added (example: "25") +# - JAVA_MAX_INITIAL_MEM: Is used when no `-Xms` option is given in JAVA_OPTS. +# This is used to calculate the maximum value of the initial heap memory. If used in +# a container without any memory constraints for the container then this option has +# no effect. If there is a memory constraint then `-Xms` is limited to the value set +# here. The default is 4096MB which means the calculated value of `-Xms` never will +# be greater than 4096MB. The value of this variable is expressed in MB (example: "4096") +# - JAVA_DIAGNOSTICS: Set this to get some diagnostics information to standard output +# when things are happening. This option, if set to true, will set +# `-XX:+UnlockDiagnosticVMOptions`. Disabled by default (example: "true"). +# - JAVA_DEBUG: If set remote debugging will be switched on. Disabled by default (example: +# true"). +# - JAVA_DEBUG_PORT: Port used for remote debugging. Defaults to 5005 (example: "8787"). +# - CONTAINER_CORE_LIMIT: A calculated core limit as described in +# https://www.kernel.org/doc/Documentation/scheduler/sched-bwc.txt. (example: "2") +# - CONTAINER_MAX_MEMORY: Memory limit given to the container (example: "1024"). +# - GC_MIN_HEAP_FREE_RATIO: Minimum percentage of heap free after GC to avoid expansion. +# (example: "20") +# - GC_MAX_HEAP_FREE_RATIO: Maximum percentage of heap free after GC to avoid shrinking. +# (example: "40") +# - GC_TIME_RATIO: Specifies the ratio of the time spent outside the garbage collection. +# (example: "4") +# - GC_ADAPTIVE_SIZE_POLICY_WEIGHT: The weighting given to the current GC time versus +# previous GC times. (example: "90") +# - GC_METASPACE_SIZE: The initial metaspace size. (example: "20") +# - GC_MAX_METASPACE_SIZE: The maximum metaspace size. (example: "100") +# - GC_CONTAINER_OPTIONS: Specify Java GC to use. The value of this variable should +# contain the necessary JRE command-line options to specify the required GC, which +# will override the default of `-XX:+UseParallelGC` (example: -XX:+UseG1GC). +# - HTTPS_PROXY: The location of the https proxy. (example: "myuser@127.0.0.1:8080") +# - HTTP_PROXY: The location of the http proxy. (example: "myuser@127.0.0.1:8080") +# - NO_PROXY: A comma separated lists of hosts, IP addresses or domains that can be +# accessed directly. (example: "foo.example.com,bar.example.com") # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/openjdk-11:1.14 + +ENV LANGUAGE='en_US:en' -ARG JAVA_PACKAGE=java-11-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.8 -ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' -# Install java and the run-java script -# Also set up permissions for user `1001` -RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ - && microdnf update \ - && microdnf clean all \ - && mkdir /deployments \ - && chown 1001 /deployments \ - && chmod "g+rwX" /deployments \ - && chown 1001:root /deployments \ - && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ - && chown 1001 /deployments/run-java.sh \ - && chmod 540 /deployments/run-java.sh \ - && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security -# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. -ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" # We make four distinct layers so if there are application changes the library layers can be re-used -COPY --chown=1001 target/quarkus-app/lib/ /deployments/lib/ -COPY --chown=1001 target/quarkus-app/*.jar /deployments/ -COPY --chown=1001 target/quarkus-app/app/ /deployments/app/ -COPY --chown=1001 target/quarkus-app/quarkus/ /deployments/quarkus/ +COPY --chown=185 target/quarkus-app/lib/ /deployments/lib/ +COPY --chown=185 target/quarkus-app/*.jar /deployments/ +COPY --chown=185 target/quarkus-app/app/ /deployments/app/ +COPY --chown=185 target/quarkus-app/quarkus/ /deployments/quarkus/ EXPOSE 8080 -USER 1001 +USER 185 +ENV AB_JOLOKIA_OFF="" +ENV JAVA_OPTS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +ENV JAVA_APP_JAR="/deployments/quarkus-run.jar" -ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/infinispan-client-quickstart/src/main/docker/Dockerfile.legacy-jar b/infinispan-client-quickstart/src/main/docker/Dockerfile.legacy-jar index b5a7da613e..46ef3ef3ad 100644 --- a/infinispan-client-quickstart/src/main/docker/Dockerfile.legacy-jar +++ b/infinispan-client-quickstart/src/main/docker/Dockerfile.legacy-jar @@ -7,45 +7,84 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/infinispan-client-legacy-jar . +# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/infinispan-client-quickstart-legacy-jar . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/infinispan-client-legacy-jar +# docker run -i --rm -p 8080:8080 quarkus/infinispan-client-quickstart-legacy-jar # # If you want to include the debug port into your docker image -# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5005 # # Then run the container using : # -# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/infinispan-client-legacy-jar +# docker run -i --rm -p 8080:8080 quarkus/infinispan-client-quickstart-legacy-jar +# +# This image uses the `run-java.sh` script to run the application. +# This scripts computes the command line to execute your Java application, and +# includes memory/GC tuning. +# You can configure the behavior using the following environment properties: +# - JAVA_OPTS: JVM options passed to the `java` command (example: "-verbose:class") +# - JAVA_OPTS_APPEND: User specified Java options to be appended to generated options +# in JAVA_OPTS (example: "-Dsome.property=foo") +# - JAVA_MAX_MEM_RATIO: Is used when no `-Xmx` option is given in JAVA_OPTS. This is +# used to calculate a default maximal heap memory based on a containers restriction. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xmx` is set to a ratio +# of the container available memory as set here. The default is `50` which means 50% +# of the available memory is used as an upper boundary. You can skip this mechanism by +# setting this value to `0` in which case no `-Xmx` option is added. +# - JAVA_INITIAL_MEM_RATIO: Is used when no `-Xms` option is given in JAVA_OPTS. This +# is used to calculate a default initial heap memory based on the maximum heap memory. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xms` is set to a ratio +# of the `-Xmx` memory as set here. The default is `25` which means 25% of the `-Xmx` +# is used as the initial heap size. You can skip this mechanism by setting this value +# to `0` in which case no `-Xms` option is added (example: "25") +# - JAVA_MAX_INITIAL_MEM: Is used when no `-Xms` option is given in JAVA_OPTS. +# This is used to calculate the maximum value of the initial heap memory. If used in +# a container without any memory constraints for the container then this option has +# no effect. If there is a memory constraint then `-Xms` is limited to the value set +# here. The default is 4096MB which means the calculated value of `-Xms` never will +# be greater than 4096MB. The value of this variable is expressed in MB (example: "4096") +# - JAVA_DIAGNOSTICS: Set this to get some diagnostics information to standard output +# when things are happening. This option, if set to true, will set +# `-XX:+UnlockDiagnosticVMOptions`. Disabled by default (example: "true"). +# - JAVA_DEBUG: If set remote debugging will be switched on. Disabled by default (example: +# true"). +# - JAVA_DEBUG_PORT: Port used for remote debugging. Defaults to 5005 (example: "8787"). +# - CONTAINER_CORE_LIMIT: A calculated core limit as described in +# https://www.kernel.org/doc/Documentation/scheduler/sched-bwc.txt. (example: "2") +# - CONTAINER_MAX_MEMORY: Memory limit given to the container (example: "1024"). +# - GC_MIN_HEAP_FREE_RATIO: Minimum percentage of heap free after GC to avoid expansion. +# (example: "20") +# - GC_MAX_HEAP_FREE_RATIO: Maximum percentage of heap free after GC to avoid shrinking. +# (example: "40") +# - GC_TIME_RATIO: Specifies the ratio of the time spent outside the garbage collection. +# (example: "4") +# - GC_ADAPTIVE_SIZE_POLICY_WEIGHT: The weighting given to the current GC time versus +# previous GC times. (example: "90") +# - GC_METASPACE_SIZE: The initial metaspace size. (example: "20") +# - GC_MAX_METASPACE_SIZE: The maximum metaspace size. (example: "100") +# - GC_CONTAINER_OPTIONS: Specify Java GC to use. The value of this variable should +# contain the necessary JRE command-line options to specify the required GC, which +# will override the default of `-XX:+UseParallelGC` (example: -XX:+UseG1GC). +# - HTTPS_PROXY: The location of the https proxy. (example: "myuser@127.0.0.1:8080") +# - HTTP_PROXY: The location of the http proxy. (example: "myuser@127.0.0.1:8080") +# - NO_PROXY: A comma separated lists of hosts, IP addresses or domains that can be +# accessed directly. (example: "foo.example.com,bar.example.com") # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/openjdk-11:1.14 + +ENV LANGUAGE='en_US:en' -ARG JAVA_PACKAGE=java-11-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.8 -ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' -# Install java and the run-java script -# Also set up permissions for user `1001` -RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ - && microdnf update \ - && microdnf clean all \ - && mkdir /deployments \ - && chown 1001 /deployments \ - && chmod "g+rwX" /deployments \ - && chown 1001:root /deployments \ - && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ - && chown 1001 /deployments/run-java.sh \ - && chmod 540 /deployments/run-java.sh \ - && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security -# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. -ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" COPY target/lib/* /deployments/lib/ -COPY target/*-runner.jar /deployments/app.jar +COPY target/*-runner.jar /deployments/quarkus-run.jar EXPOSE 8080 -USER 1001 - -ENTRYPOINT [ "/deployments/run-java.sh" ] +USER 185 +ENV AB_JOLOKIA_OFF="" +ENV JAVA_OPTS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +ENV JAVA_APP_JAR="/deployments/quarkus-run.jar" diff --git a/infinispan-client-quickstart/src/main/docker/Dockerfile.native b/infinispan-client-quickstart/src/main/docker/Dockerfile.native index 2f201274f2..e0752c75d9 100644 --- a/infinispan-client-quickstart/src/main/docker/Dockerfile.native +++ b/infinispan-client-quickstart/src/main/docker/Dockerfile.native @@ -1,5 +1,5 @@ #### -# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode. # # Before building the container image run: # @@ -7,14 +7,14 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native -t quarkus/infinispan-client . +# docker build -f src/main/docker/Dockerfile.native -t quarkus/infinispan-client-quickstart . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/infinispan-client +# docker run -i --rm -p 8080:8080 quarkus/infinispan-client-quickstart # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.6 WORKDIR /work/ RUN chown 1001 /work \ && chmod "g+rwX" /work \ diff --git a/infinispan-client-quickstart/src/main/docker/Dockerfile.native-micro b/infinispan-client-quickstart/src/main/docker/Dockerfile.native-micro index 04e0ec92a0..bc0c484add 100644 --- a/infinispan-client-quickstart/src/main/docker/Dockerfile.native-micro +++ b/infinispan-client-quickstart/src/main/docker/Dockerfile.native-micro @@ -1,5 +1,8 @@ #### -# This Dockerfile is used in order to build a distroless container that runs the Quarkus application in native (no JVM) mode +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode. +# It uses a micro base image, tuned for Quarkus native executables. +# It reduces the size of the resulting container image. +# Check https://quarkus.io/guides/quarkus-runtime-base-image for further information about this image. # # Before building the container image run: # @@ -7,15 +10,19 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native-micro -t quarkus/infinispan-client . +# docker build -f src/main/docker/Dockerfile.native-micro -t quarkus/infinispan-client-quickstart . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/infinispan-client +# docker run -i --rm -p 8080:8080 quarkus/infinispan-client-quickstart # ### -FROM quay.io/quarkus/quarkus-micro-image:1.0 -COPY target/*-runner /application +FROM quay.io/quarkus/quarkus-micro-image:2.0 +WORKDIR /work/ +RUN chown 1001 /work \ + && chmod "g+rwX" /work \ + && chown 1001:root /work +COPY --chown=1001:root target/*-runner /work/application EXPOSE 8080 USER 1001 diff --git a/jms-quickstart/pom.xml b/jms-quickstart/pom.xml index 561b43726e..6b83e31be6 100644 --- a/jms-quickstart/pom.xml +++ b/jms-quickstart/pom.xml @@ -12,7 +12,7 @@ 3.0.0-M7 quarkus-bom io.quarkus - 999-SNAPSHOT + 2.14.0.Final UTF-8 UTF-8 diff --git a/jms-quickstart/src/main/docker/Dockerfile.jvm b/jms-quickstart/src/main/docker/Dockerfile.jvm index e43d4f10b2..8b57690368 100644 --- a/jms-quickstart/src/main/docker/Dockerfile.jvm +++ b/jms-quickstart/src/main/docker/Dockerfile.jvm @@ -7,48 +7,88 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/jms-jvm . +# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/jms-quickstart-jvm . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/jms-jvm +# docker run -i --rm -p 8080:8080 quarkus/jms-quickstart-jvm # # If you want to include the debug port into your docker image -# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5005 # # Then run the container using : # -# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/jms-jvm +# docker run -i --rm -p 8080:8080 quarkus/jms-quickstart-jvm +# +# This image uses the `run-java.sh` script to run the application. +# This scripts computes the command line to execute your Java application, and +# includes memory/GC tuning. +# You can configure the behavior using the following environment properties: +# - JAVA_OPTS: JVM options passed to the `java` command (example: "-verbose:class") +# - JAVA_OPTS_APPEND: User specified Java options to be appended to generated options +# in JAVA_OPTS (example: "-Dsome.property=foo") +# - JAVA_MAX_MEM_RATIO: Is used when no `-Xmx` option is given in JAVA_OPTS. This is +# used to calculate a default maximal heap memory based on a containers restriction. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xmx` is set to a ratio +# of the container available memory as set here. The default is `50` which means 50% +# of the available memory is used as an upper boundary. You can skip this mechanism by +# setting this value to `0` in which case no `-Xmx` option is added. +# - JAVA_INITIAL_MEM_RATIO: Is used when no `-Xms` option is given in JAVA_OPTS. This +# is used to calculate a default initial heap memory based on the maximum heap memory. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xms` is set to a ratio +# of the `-Xmx` memory as set here. The default is `25` which means 25% of the `-Xmx` +# is used as the initial heap size. You can skip this mechanism by setting this value +# to `0` in which case no `-Xms` option is added (example: "25") +# - JAVA_MAX_INITIAL_MEM: Is used when no `-Xms` option is given in JAVA_OPTS. +# This is used to calculate the maximum value of the initial heap memory. If used in +# a container without any memory constraints for the container then this option has +# no effect. If there is a memory constraint then `-Xms` is limited to the value set +# here. The default is 4096MB which means the calculated value of `-Xms` never will +# be greater than 4096MB. The value of this variable is expressed in MB (example: "4096") +# - JAVA_DIAGNOSTICS: Set this to get some diagnostics information to standard output +# when things are happening. This option, if set to true, will set +# `-XX:+UnlockDiagnosticVMOptions`. Disabled by default (example: "true"). +# - JAVA_DEBUG: If set remote debugging will be switched on. Disabled by default (example: +# true"). +# - JAVA_DEBUG_PORT: Port used for remote debugging. Defaults to 5005 (example: "8787"). +# - CONTAINER_CORE_LIMIT: A calculated core limit as described in +# https://www.kernel.org/doc/Documentation/scheduler/sched-bwc.txt. (example: "2") +# - CONTAINER_MAX_MEMORY: Memory limit given to the container (example: "1024"). +# - GC_MIN_HEAP_FREE_RATIO: Minimum percentage of heap free after GC to avoid expansion. +# (example: "20") +# - GC_MAX_HEAP_FREE_RATIO: Maximum percentage of heap free after GC to avoid shrinking. +# (example: "40") +# - GC_TIME_RATIO: Specifies the ratio of the time spent outside the garbage collection. +# (example: "4") +# - GC_ADAPTIVE_SIZE_POLICY_WEIGHT: The weighting given to the current GC time versus +# previous GC times. (example: "90") +# - GC_METASPACE_SIZE: The initial metaspace size. (example: "20") +# - GC_MAX_METASPACE_SIZE: The maximum metaspace size. (example: "100") +# - GC_CONTAINER_OPTIONS: Specify Java GC to use. The value of this variable should +# contain the necessary JRE command-line options to specify the required GC, which +# will override the default of `-XX:+UseParallelGC` (example: -XX:+UseG1GC). +# - HTTPS_PROXY: The location of the https proxy. (example: "myuser@127.0.0.1:8080") +# - HTTP_PROXY: The location of the http proxy. (example: "myuser@127.0.0.1:8080") +# - NO_PROXY: A comma separated lists of hosts, IP addresses or domains that can be +# accessed directly. (example: "foo.example.com,bar.example.com") # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/openjdk-11:1.14 + +ENV LANGUAGE='en_US:en' -ARG JAVA_PACKAGE=java-11-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.8 -ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' -# Install java and the run-java script -# Also set up permissions for user `1001` -RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ - && microdnf update \ - && microdnf clean all \ - && mkdir /deployments \ - && chown 1001 /deployments \ - && chmod "g+rwX" /deployments \ - && chown 1001:root /deployments \ - && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ - && chown 1001 /deployments/run-java.sh \ - && chmod 540 /deployments/run-java.sh \ - && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security -# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. -ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" # We make four distinct layers so if there are application changes the library layers can be re-used -COPY --chown=1001 target/quarkus-app/lib/ /deployments/lib/ -COPY --chown=1001 target/quarkus-app/*.jar /deployments/ -COPY --chown=1001 target/quarkus-app/app/ /deployments/app/ -COPY --chown=1001 target/quarkus-app/quarkus/ /deployments/quarkus/ +COPY --chown=185 target/quarkus-app/lib/ /deployments/lib/ +COPY --chown=185 target/quarkus-app/*.jar /deployments/ +COPY --chown=185 target/quarkus-app/app/ /deployments/app/ +COPY --chown=185 target/quarkus-app/quarkus/ /deployments/quarkus/ EXPOSE 8080 -USER 1001 +USER 185 +ENV AB_JOLOKIA_OFF="" +ENV JAVA_OPTS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +ENV JAVA_APP_JAR="/deployments/quarkus-run.jar" -ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/jms-quickstart/src/main/docker/Dockerfile.legacy-jar b/jms-quickstart/src/main/docker/Dockerfile.legacy-jar index 8a882ef211..42279522d9 100644 --- a/jms-quickstart/src/main/docker/Dockerfile.legacy-jar +++ b/jms-quickstart/src/main/docker/Dockerfile.legacy-jar @@ -7,45 +7,84 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/jms-legacy-jar . +# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/jms-quickstart-legacy-jar . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/jms-legacy-jar +# docker run -i --rm -p 8080:8080 quarkus/jms-quickstart-legacy-jar # # If you want to include the debug port into your docker image -# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5005 # # Then run the container using : # -# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/jms-legacy-jar +# docker run -i --rm -p 8080:8080 quarkus/jms-quickstart-legacy-jar +# +# This image uses the `run-java.sh` script to run the application. +# This scripts computes the command line to execute your Java application, and +# includes memory/GC tuning. +# You can configure the behavior using the following environment properties: +# - JAVA_OPTS: JVM options passed to the `java` command (example: "-verbose:class") +# - JAVA_OPTS_APPEND: User specified Java options to be appended to generated options +# in JAVA_OPTS (example: "-Dsome.property=foo") +# - JAVA_MAX_MEM_RATIO: Is used when no `-Xmx` option is given in JAVA_OPTS. This is +# used to calculate a default maximal heap memory based on a containers restriction. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xmx` is set to a ratio +# of the container available memory as set here. The default is `50` which means 50% +# of the available memory is used as an upper boundary. You can skip this mechanism by +# setting this value to `0` in which case no `-Xmx` option is added. +# - JAVA_INITIAL_MEM_RATIO: Is used when no `-Xms` option is given in JAVA_OPTS. This +# is used to calculate a default initial heap memory based on the maximum heap memory. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xms` is set to a ratio +# of the `-Xmx` memory as set here. The default is `25` which means 25% of the `-Xmx` +# is used as the initial heap size. You can skip this mechanism by setting this value +# to `0` in which case no `-Xms` option is added (example: "25") +# - JAVA_MAX_INITIAL_MEM: Is used when no `-Xms` option is given in JAVA_OPTS. +# This is used to calculate the maximum value of the initial heap memory. If used in +# a container without any memory constraints for the container then this option has +# no effect. If there is a memory constraint then `-Xms` is limited to the value set +# here. The default is 4096MB which means the calculated value of `-Xms` never will +# be greater than 4096MB. The value of this variable is expressed in MB (example: "4096") +# - JAVA_DIAGNOSTICS: Set this to get some diagnostics information to standard output +# when things are happening. This option, if set to true, will set +# `-XX:+UnlockDiagnosticVMOptions`. Disabled by default (example: "true"). +# - JAVA_DEBUG: If set remote debugging will be switched on. Disabled by default (example: +# true"). +# - JAVA_DEBUG_PORT: Port used for remote debugging. Defaults to 5005 (example: "8787"). +# - CONTAINER_CORE_LIMIT: A calculated core limit as described in +# https://www.kernel.org/doc/Documentation/scheduler/sched-bwc.txt. (example: "2") +# - CONTAINER_MAX_MEMORY: Memory limit given to the container (example: "1024"). +# - GC_MIN_HEAP_FREE_RATIO: Minimum percentage of heap free after GC to avoid expansion. +# (example: "20") +# - GC_MAX_HEAP_FREE_RATIO: Maximum percentage of heap free after GC to avoid shrinking. +# (example: "40") +# - GC_TIME_RATIO: Specifies the ratio of the time spent outside the garbage collection. +# (example: "4") +# - GC_ADAPTIVE_SIZE_POLICY_WEIGHT: The weighting given to the current GC time versus +# previous GC times. (example: "90") +# - GC_METASPACE_SIZE: The initial metaspace size. (example: "20") +# - GC_MAX_METASPACE_SIZE: The maximum metaspace size. (example: "100") +# - GC_CONTAINER_OPTIONS: Specify Java GC to use. The value of this variable should +# contain the necessary JRE command-line options to specify the required GC, which +# will override the default of `-XX:+UseParallelGC` (example: -XX:+UseG1GC). +# - HTTPS_PROXY: The location of the https proxy. (example: "myuser@127.0.0.1:8080") +# - HTTP_PROXY: The location of the http proxy. (example: "myuser@127.0.0.1:8080") +# - NO_PROXY: A comma separated lists of hosts, IP addresses or domains that can be +# accessed directly. (example: "foo.example.com,bar.example.com") # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/openjdk-11:1.14 + +ENV LANGUAGE='en_US:en' -ARG JAVA_PACKAGE=java-11-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.8 -ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' -# Install java and the run-java script -# Also set up permissions for user `1001` -RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ - && microdnf update \ - && microdnf clean all \ - && mkdir /deployments \ - && chown 1001 /deployments \ - && chmod "g+rwX" /deployments \ - && chown 1001:root /deployments \ - && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ - && chown 1001 /deployments/run-java.sh \ - && chmod 540 /deployments/run-java.sh \ - && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security -# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. -ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" COPY target/lib/* /deployments/lib/ -COPY target/*-runner.jar /deployments/app.jar +COPY target/*-runner.jar /deployments/quarkus-run.jar EXPOSE 8080 -USER 1001 - -ENTRYPOINT [ "/deployments/run-java.sh" ] +USER 185 +ENV AB_JOLOKIA_OFF="" +ENV JAVA_OPTS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +ENV JAVA_APP_JAR="/deployments/quarkus-run.jar" diff --git a/jms-quickstart/src/main/docker/Dockerfile.native b/jms-quickstart/src/main/docker/Dockerfile.native index 882bf6bfd1..2dd515ea09 100644 --- a/jms-quickstart/src/main/docker/Dockerfile.native +++ b/jms-quickstart/src/main/docker/Dockerfile.native @@ -1,5 +1,5 @@ #### -# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode. # # Before building the container image run: # @@ -7,14 +7,14 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native -t quarkus/jms . +# docker build -f src/main/docker/Dockerfile.native -t quarkus/jms-quickstart . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/jms +# docker run -i --rm -p 8080:8080 quarkus/jms-quickstart # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.6 WORKDIR /work/ RUN chown 1001 /work \ && chmod "g+rwX" /work \ diff --git a/jms-quickstart/src/main/docker/Dockerfile.native-micro b/jms-quickstart/src/main/docker/Dockerfile.native-micro index 54bdbc437d..1aefbfe0a9 100644 --- a/jms-quickstart/src/main/docker/Dockerfile.native-micro +++ b/jms-quickstart/src/main/docker/Dockerfile.native-micro @@ -1,5 +1,8 @@ #### -# This Dockerfile is used in order to build a distroless container that runs the Quarkus application in native (no JVM) mode +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode. +# It uses a micro base image, tuned for Quarkus native executables. +# It reduces the size of the resulting container image. +# Check https://quarkus.io/guides/quarkus-runtime-base-image for further information about this image. # # Before building the container image run: # @@ -7,15 +10,19 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native-micro -t quarkus/jms . +# docker build -f src/main/docker/Dockerfile.native-micro -t quarkus/jms-quickstart . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/jms +# docker run -i --rm -p 8080:8080 quarkus/jms-quickstart # ### -FROM quay.io/quarkus/quarkus-micro-image:1.0 -COPY target/*-runner /application +FROM quay.io/quarkus/quarkus-micro-image:2.0 +WORKDIR /work/ +RUN chown 1001 /work \ + && chmod "g+rwX" /work \ + && chown 1001:root /work +COPY --chown=1001:root target/*-runner /work/application EXPOSE 8080 USER 1001 diff --git a/jta-quickstart/pom.xml b/jta-quickstart/pom.xml index ed946973c0..ba00b549df 100644 --- a/jta-quickstart/pom.xml +++ b/jta-quickstart/pom.xml @@ -9,7 +9,7 @@ quarkus-bom io.quarkus - 999-SNAPSHOT + 2.14.0.Final 3.8.1 3.0.0-M7 UTF-8 diff --git a/jta-quickstart/src/main/resources/META-INF/resources/index.html b/jta-quickstart/src/main/resources/META-INF/resources/index.html index 0186c59b93..fb0dd17cf4 100644 --- a/jta-quickstart/src/main/resources/META-INF/resources/index.html +++ b/jta-quickstart/src/main/resources/META-INF/resources/index.html @@ -133,7 +133,7 @@

    Application

  • GroupId: org.acme
  • ArtifactId: jta
  • Version: 1.0-SNAPSHOT
  • -
  • Quarkus Version: 999-SNAPSHOT
  • +
  • Quarkus Version: 2.14.0.Final
  • diff --git a/kafka-avro-schema-quickstart/pom.xml b/kafka-avro-schema-quickstart/pom.xml index e2e55d029a..0fecebf788 100644 --- a/kafka-avro-schema-quickstart/pom.xml +++ b/kafka-avro-schema-quickstart/pom.xml @@ -15,7 +15,7 @@ UTF-8 quarkus-bom io.quarkus - 999-SNAPSHOT + 2.14.0.Final 3.0.0-M7 diff --git a/kafka-bare-quickstart/pom.xml b/kafka-bare-quickstart/pom.xml index 8147aae656..5671c7cd47 100644 --- a/kafka-bare-quickstart/pom.xml +++ b/kafka-bare-quickstart/pom.xml @@ -9,7 +9,7 @@ 3.0.0-M7 quarkus-bom io.quarkus - 999-SNAPSHOT + 2.14.0.Final 11 UTF-8 11 diff --git a/kafka-panache-quickstart/pom.xml b/kafka-panache-quickstart/pom.xml index f2a986f4a3..d3f868328b 100644 --- a/kafka-panache-quickstart/pom.xml +++ b/kafka-panache-quickstart/pom.xml @@ -9,7 +9,7 @@ 3.0.0-M7 quarkus-bom io.quarkus - 999-SNAPSHOT + 2.14.0.Final 11 UTF-8 11 diff --git a/kafka-panache-quickstart/src/main/docker/Dockerfile.jvm b/kafka-panache-quickstart/src/main/docker/Dockerfile.jvm index 4028797966..13087a5e61 100644 --- a/kafka-panache-quickstart/src/main/docker/Dockerfile.jvm +++ b/kafka-panache-quickstart/src/main/docker/Dockerfile.jvm @@ -7,48 +7,88 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/kafka-panache-jvm . +# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/kafka-panache-quickstart-jvm . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/kafka-panache-jvm +# docker run -i --rm -p 8080:8080 quarkus/kafka-panache-quickstart-jvm # # If you want to include the debug port into your docker image -# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5005 # # Then run the container using : # -# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/kafka-panache-jvm +# docker run -i --rm -p 8080:8080 quarkus/kafka-panache-quickstart-jvm +# +# This image uses the `run-java.sh` script to run the application. +# This scripts computes the command line to execute your Java application, and +# includes memory/GC tuning. +# You can configure the behavior using the following environment properties: +# - JAVA_OPTS: JVM options passed to the `java` command (example: "-verbose:class") +# - JAVA_OPTS_APPEND: User specified Java options to be appended to generated options +# in JAVA_OPTS (example: "-Dsome.property=foo") +# - JAVA_MAX_MEM_RATIO: Is used when no `-Xmx` option is given in JAVA_OPTS. This is +# used to calculate a default maximal heap memory based on a containers restriction. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xmx` is set to a ratio +# of the container available memory as set here. The default is `50` which means 50% +# of the available memory is used as an upper boundary. You can skip this mechanism by +# setting this value to `0` in which case no `-Xmx` option is added. +# - JAVA_INITIAL_MEM_RATIO: Is used when no `-Xms` option is given in JAVA_OPTS. This +# is used to calculate a default initial heap memory based on the maximum heap memory. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xms` is set to a ratio +# of the `-Xmx` memory as set here. The default is `25` which means 25% of the `-Xmx` +# is used as the initial heap size. You can skip this mechanism by setting this value +# to `0` in which case no `-Xms` option is added (example: "25") +# - JAVA_MAX_INITIAL_MEM: Is used when no `-Xms` option is given in JAVA_OPTS. +# This is used to calculate the maximum value of the initial heap memory. If used in +# a container without any memory constraints for the container then this option has +# no effect. If there is a memory constraint then `-Xms` is limited to the value set +# here. The default is 4096MB which means the calculated value of `-Xms` never will +# be greater than 4096MB. The value of this variable is expressed in MB (example: "4096") +# - JAVA_DIAGNOSTICS: Set this to get some diagnostics information to standard output +# when things are happening. This option, if set to true, will set +# `-XX:+UnlockDiagnosticVMOptions`. Disabled by default (example: "true"). +# - JAVA_DEBUG: If set remote debugging will be switched on. Disabled by default (example: +# true"). +# - JAVA_DEBUG_PORT: Port used for remote debugging. Defaults to 5005 (example: "8787"). +# - CONTAINER_CORE_LIMIT: A calculated core limit as described in +# https://www.kernel.org/doc/Documentation/scheduler/sched-bwc.txt. (example: "2") +# - CONTAINER_MAX_MEMORY: Memory limit given to the container (example: "1024"). +# - GC_MIN_HEAP_FREE_RATIO: Minimum percentage of heap free after GC to avoid expansion. +# (example: "20") +# - GC_MAX_HEAP_FREE_RATIO: Maximum percentage of heap free after GC to avoid shrinking. +# (example: "40") +# - GC_TIME_RATIO: Specifies the ratio of the time spent outside the garbage collection. +# (example: "4") +# - GC_ADAPTIVE_SIZE_POLICY_WEIGHT: The weighting given to the current GC time versus +# previous GC times. (example: "90") +# - GC_METASPACE_SIZE: The initial metaspace size. (example: "20") +# - GC_MAX_METASPACE_SIZE: The maximum metaspace size. (example: "100") +# - GC_CONTAINER_OPTIONS: Specify Java GC to use. The value of this variable should +# contain the necessary JRE command-line options to specify the required GC, which +# will override the default of `-XX:+UseParallelGC` (example: -XX:+UseG1GC). +# - HTTPS_PROXY: The location of the https proxy. (example: "myuser@127.0.0.1:8080") +# - HTTP_PROXY: The location of the http proxy. (example: "myuser@127.0.0.1:8080") +# - NO_PROXY: A comma separated lists of hosts, IP addresses or domains that can be +# accessed directly. (example: "foo.example.com,bar.example.com") # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/openjdk-11:1.14 + +ENV LANGUAGE='en_US:en' -ARG JAVA_PACKAGE=java-11-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.8 -ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' -# Install java and the run-java script -# Also set up permissions for user `1001` -RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ - && microdnf update \ - && microdnf clean all \ - && mkdir /deployments \ - && chown 1001 /deployments \ - && chmod "g+rwX" /deployments \ - && chown 1001:root /deployments \ - && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ - && chown 1001 /deployments/run-java.sh \ - && chmod 540 /deployments/run-java.sh \ - && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security -# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. -ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" # We make four distinct layers so if there are application changes the library layers can be re-used -COPY --chown=1001 target/quarkus-app/lib/ /deployments/lib/ -COPY --chown=1001 target/quarkus-app/*.jar /deployments/ -COPY --chown=1001 target/quarkus-app/app/ /deployments/app/ -COPY --chown=1001 target/quarkus-app/quarkus/ /deployments/quarkus/ +COPY --chown=185 target/quarkus-app/lib/ /deployments/lib/ +COPY --chown=185 target/quarkus-app/*.jar /deployments/ +COPY --chown=185 target/quarkus-app/app/ /deployments/app/ +COPY --chown=185 target/quarkus-app/quarkus/ /deployments/quarkus/ EXPOSE 8080 -USER 1001 +USER 185 +ENV AB_JOLOKIA_OFF="" +ENV JAVA_OPTS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +ENV JAVA_APP_JAR="/deployments/quarkus-run.jar" -ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/kafka-panache-quickstart/src/main/docker/Dockerfile.legacy-jar b/kafka-panache-quickstart/src/main/docker/Dockerfile.legacy-jar index 54437c0753..4e4a803cff 100644 --- a/kafka-panache-quickstart/src/main/docker/Dockerfile.legacy-jar +++ b/kafka-panache-quickstart/src/main/docker/Dockerfile.legacy-jar @@ -7,45 +7,84 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/kafka-panache-legacy-jar . +# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/kafka-panache-quickstart-legacy-jar . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/kafka-panache-legacy-jar +# docker run -i --rm -p 8080:8080 quarkus/kafka-panache-quickstart-legacy-jar # # If you want to include the debug port into your docker image -# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5005 # # Then run the container using : # -# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/kafka-panache-legacy-jar +# docker run -i --rm -p 8080:8080 quarkus/kafka-panache-quickstart-legacy-jar +# +# This image uses the `run-java.sh` script to run the application. +# This scripts computes the command line to execute your Java application, and +# includes memory/GC tuning. +# You can configure the behavior using the following environment properties: +# - JAVA_OPTS: JVM options passed to the `java` command (example: "-verbose:class") +# - JAVA_OPTS_APPEND: User specified Java options to be appended to generated options +# in JAVA_OPTS (example: "-Dsome.property=foo") +# - JAVA_MAX_MEM_RATIO: Is used when no `-Xmx` option is given in JAVA_OPTS. This is +# used to calculate a default maximal heap memory based on a containers restriction. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xmx` is set to a ratio +# of the container available memory as set here. The default is `50` which means 50% +# of the available memory is used as an upper boundary. You can skip this mechanism by +# setting this value to `0` in which case no `-Xmx` option is added. +# - JAVA_INITIAL_MEM_RATIO: Is used when no `-Xms` option is given in JAVA_OPTS. This +# is used to calculate a default initial heap memory based on the maximum heap memory. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xms` is set to a ratio +# of the `-Xmx` memory as set here. The default is `25` which means 25% of the `-Xmx` +# is used as the initial heap size. You can skip this mechanism by setting this value +# to `0` in which case no `-Xms` option is added (example: "25") +# - JAVA_MAX_INITIAL_MEM: Is used when no `-Xms` option is given in JAVA_OPTS. +# This is used to calculate the maximum value of the initial heap memory. If used in +# a container without any memory constraints for the container then this option has +# no effect. If there is a memory constraint then `-Xms` is limited to the value set +# here. The default is 4096MB which means the calculated value of `-Xms` never will +# be greater than 4096MB. The value of this variable is expressed in MB (example: "4096") +# - JAVA_DIAGNOSTICS: Set this to get some diagnostics information to standard output +# when things are happening. This option, if set to true, will set +# `-XX:+UnlockDiagnosticVMOptions`. Disabled by default (example: "true"). +# - JAVA_DEBUG: If set remote debugging will be switched on. Disabled by default (example: +# true"). +# - JAVA_DEBUG_PORT: Port used for remote debugging. Defaults to 5005 (example: "8787"). +# - CONTAINER_CORE_LIMIT: A calculated core limit as described in +# https://www.kernel.org/doc/Documentation/scheduler/sched-bwc.txt. (example: "2") +# - CONTAINER_MAX_MEMORY: Memory limit given to the container (example: "1024"). +# - GC_MIN_HEAP_FREE_RATIO: Minimum percentage of heap free after GC to avoid expansion. +# (example: "20") +# - GC_MAX_HEAP_FREE_RATIO: Maximum percentage of heap free after GC to avoid shrinking. +# (example: "40") +# - GC_TIME_RATIO: Specifies the ratio of the time spent outside the garbage collection. +# (example: "4") +# - GC_ADAPTIVE_SIZE_POLICY_WEIGHT: The weighting given to the current GC time versus +# previous GC times. (example: "90") +# - GC_METASPACE_SIZE: The initial metaspace size. (example: "20") +# - GC_MAX_METASPACE_SIZE: The maximum metaspace size. (example: "100") +# - GC_CONTAINER_OPTIONS: Specify Java GC to use. The value of this variable should +# contain the necessary JRE command-line options to specify the required GC, which +# will override the default of `-XX:+UseParallelGC` (example: -XX:+UseG1GC). +# - HTTPS_PROXY: The location of the https proxy. (example: "myuser@127.0.0.1:8080") +# - HTTP_PROXY: The location of the http proxy. (example: "myuser@127.0.0.1:8080") +# - NO_PROXY: A comma separated lists of hosts, IP addresses or domains that can be +# accessed directly. (example: "foo.example.com,bar.example.com") # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/openjdk-11:1.14 + +ENV LANGUAGE='en_US:en' -ARG JAVA_PACKAGE=java-11-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.8 -ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' -# Install java and the run-java script -# Also set up permissions for user `1001` -RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ - && microdnf update \ - && microdnf clean all \ - && mkdir /deployments \ - && chown 1001 /deployments \ - && chmod "g+rwX" /deployments \ - && chown 1001:root /deployments \ - && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ - && chown 1001 /deployments/run-java.sh \ - && chmod 540 /deployments/run-java.sh \ - && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security -# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. -ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" COPY target/lib/* /deployments/lib/ -COPY target/*-runner.jar /deployments/app.jar +COPY target/*-runner.jar /deployments/quarkus-run.jar EXPOSE 8080 -USER 1001 - -ENTRYPOINT [ "/deployments/run-java.sh" ] +USER 185 +ENV AB_JOLOKIA_OFF="" +ENV JAVA_OPTS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +ENV JAVA_APP_JAR="/deployments/quarkus-run.jar" diff --git a/kafka-panache-quickstart/src/main/docker/Dockerfile.native b/kafka-panache-quickstart/src/main/docker/Dockerfile.native index f36aed749f..1fcafc80e8 100644 --- a/kafka-panache-quickstart/src/main/docker/Dockerfile.native +++ b/kafka-panache-quickstart/src/main/docker/Dockerfile.native @@ -1,5 +1,5 @@ #### -# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode. # # Before building the container image run: # @@ -7,14 +7,14 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native -t quarkus/kafka-panache . +# docker build -f src/main/docker/Dockerfile.native -t quarkus/kafka-panache-quickstart . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/kafka-panache +# docker run -i --rm -p 8080:8080 quarkus/kafka-panache-quickstart # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.6 WORKDIR /work/ RUN chown 1001 /work \ && chmod "g+rwX" /work \ diff --git a/kafka-panache-quickstart/src/main/docker/Dockerfile.native-micro b/kafka-panache-quickstart/src/main/docker/Dockerfile.native-micro index 4ab6b0557c..c6ab056121 100644 --- a/kafka-panache-quickstart/src/main/docker/Dockerfile.native-micro +++ b/kafka-panache-quickstart/src/main/docker/Dockerfile.native-micro @@ -1,5 +1,8 @@ #### -# This Dockerfile is used in order to build a distroless container that runs the Quarkus application in native (no JVM) mode +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode. +# It uses a micro base image, tuned for Quarkus native executables. +# It reduces the size of the resulting container image. +# Check https://quarkus.io/guides/quarkus-runtime-base-image for further information about this image. # # Before building the container image run: # @@ -7,15 +10,19 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native-micro -t quarkus/kafka-panache . +# docker build -f src/main/docker/Dockerfile.native-micro -t quarkus/kafka-panache-quickstart . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/kafka-panache +# docker run -i --rm -p 8080:8080 quarkus/kafka-panache-quickstart # ### -FROM quay.io/quarkus/quarkus-micro-image:1.0 -COPY target/*-runner /application +FROM quay.io/quarkus/quarkus-micro-image:2.0 +WORKDIR /work/ +RUN chown 1001 /work \ + && chmod "g+rwX" /work \ + && chown 1001:root /work +COPY --chown=1001:root target/*-runner /work/application EXPOSE 8080 USER 1001 diff --git a/kafka-panache-quickstart/src/main/resources/META-INF/resources/index.html b/kafka-panache-quickstart/src/main/resources/META-INF/resources/index.html index 816c87023f..87046c8ec6 100644 --- a/kafka-panache-quickstart/src/main/resources/META-INF/resources/index.html +++ b/kafka-panache-quickstart/src/main/resources/META-INF/resources/index.html @@ -133,7 +133,7 @@

    Application

  • GroupId: org.acme.quarkus.sample
  • ArtifactId: kafka-quickstart
  • Version: 1.0.0-SNAPSHOT
  • -
  • Quarkus Version: 999-SNAPSHOT
  • +
  • Quarkus Version: 2.14.0.Final
  • diff --git a/kafka-panache-reactive-quickstart/pom.xml b/kafka-panache-reactive-quickstart/pom.xml index 534b9b1132..82c01d742d 100644 --- a/kafka-panache-reactive-quickstart/pom.xml +++ b/kafka-panache-reactive-quickstart/pom.xml @@ -9,7 +9,7 @@ 3.0.0-M7 quarkus-bom io.quarkus - 999-SNAPSHOT + 2.14.0.Final 11 UTF-8 11 diff --git a/kafka-panache-reactive-quickstart/src/main/docker/Dockerfile.jvm b/kafka-panache-reactive-quickstart/src/main/docker/Dockerfile.jvm index 4028797966..fb79c8103b 100644 --- a/kafka-panache-reactive-quickstart/src/main/docker/Dockerfile.jvm +++ b/kafka-panache-reactive-quickstart/src/main/docker/Dockerfile.jvm @@ -7,48 +7,88 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/kafka-panache-jvm . +# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/kafka-panache-reactive-quickstart-jvm . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/kafka-panache-jvm +# docker run -i --rm -p 8080:8080 quarkus/kafka-panache-reactive-quickstart-jvm # # If you want to include the debug port into your docker image -# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5005 # # Then run the container using : # -# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/kafka-panache-jvm +# docker run -i --rm -p 8080:8080 quarkus/kafka-panache-reactive-quickstart-jvm +# +# This image uses the `run-java.sh` script to run the application. +# This scripts computes the command line to execute your Java application, and +# includes memory/GC tuning. +# You can configure the behavior using the following environment properties: +# - JAVA_OPTS: JVM options passed to the `java` command (example: "-verbose:class") +# - JAVA_OPTS_APPEND: User specified Java options to be appended to generated options +# in JAVA_OPTS (example: "-Dsome.property=foo") +# - JAVA_MAX_MEM_RATIO: Is used when no `-Xmx` option is given in JAVA_OPTS. This is +# used to calculate a default maximal heap memory based on a containers restriction. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xmx` is set to a ratio +# of the container available memory as set here. The default is `50` which means 50% +# of the available memory is used as an upper boundary. You can skip this mechanism by +# setting this value to `0` in which case no `-Xmx` option is added. +# - JAVA_INITIAL_MEM_RATIO: Is used when no `-Xms` option is given in JAVA_OPTS. This +# is used to calculate a default initial heap memory based on the maximum heap memory. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xms` is set to a ratio +# of the `-Xmx` memory as set here. The default is `25` which means 25% of the `-Xmx` +# is used as the initial heap size. You can skip this mechanism by setting this value +# to `0` in which case no `-Xms` option is added (example: "25") +# - JAVA_MAX_INITIAL_MEM: Is used when no `-Xms` option is given in JAVA_OPTS. +# This is used to calculate the maximum value of the initial heap memory. If used in +# a container without any memory constraints for the container then this option has +# no effect. If there is a memory constraint then `-Xms` is limited to the value set +# here. The default is 4096MB which means the calculated value of `-Xms` never will +# be greater than 4096MB. The value of this variable is expressed in MB (example: "4096") +# - JAVA_DIAGNOSTICS: Set this to get some diagnostics information to standard output +# when things are happening. This option, if set to true, will set +# `-XX:+UnlockDiagnosticVMOptions`. Disabled by default (example: "true"). +# - JAVA_DEBUG: If set remote debugging will be switched on. Disabled by default (example: +# true"). +# - JAVA_DEBUG_PORT: Port used for remote debugging. Defaults to 5005 (example: "8787"). +# - CONTAINER_CORE_LIMIT: A calculated core limit as described in +# https://www.kernel.org/doc/Documentation/scheduler/sched-bwc.txt. (example: "2") +# - CONTAINER_MAX_MEMORY: Memory limit given to the container (example: "1024"). +# - GC_MIN_HEAP_FREE_RATIO: Minimum percentage of heap free after GC to avoid expansion. +# (example: "20") +# - GC_MAX_HEAP_FREE_RATIO: Maximum percentage of heap free after GC to avoid shrinking. +# (example: "40") +# - GC_TIME_RATIO: Specifies the ratio of the time spent outside the garbage collection. +# (example: "4") +# - GC_ADAPTIVE_SIZE_POLICY_WEIGHT: The weighting given to the current GC time versus +# previous GC times. (example: "90") +# - GC_METASPACE_SIZE: The initial metaspace size. (example: "20") +# - GC_MAX_METASPACE_SIZE: The maximum metaspace size. (example: "100") +# - GC_CONTAINER_OPTIONS: Specify Java GC to use. The value of this variable should +# contain the necessary JRE command-line options to specify the required GC, which +# will override the default of `-XX:+UseParallelGC` (example: -XX:+UseG1GC). +# - HTTPS_PROXY: The location of the https proxy. (example: "myuser@127.0.0.1:8080") +# - HTTP_PROXY: The location of the http proxy. (example: "myuser@127.0.0.1:8080") +# - NO_PROXY: A comma separated lists of hosts, IP addresses or domains that can be +# accessed directly. (example: "foo.example.com,bar.example.com") # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/openjdk-11:1.14 + +ENV LANGUAGE='en_US:en' -ARG JAVA_PACKAGE=java-11-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.8 -ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' -# Install java and the run-java script -# Also set up permissions for user `1001` -RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ - && microdnf update \ - && microdnf clean all \ - && mkdir /deployments \ - && chown 1001 /deployments \ - && chmod "g+rwX" /deployments \ - && chown 1001:root /deployments \ - && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ - && chown 1001 /deployments/run-java.sh \ - && chmod 540 /deployments/run-java.sh \ - && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security -# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. -ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" # We make four distinct layers so if there are application changes the library layers can be re-used -COPY --chown=1001 target/quarkus-app/lib/ /deployments/lib/ -COPY --chown=1001 target/quarkus-app/*.jar /deployments/ -COPY --chown=1001 target/quarkus-app/app/ /deployments/app/ -COPY --chown=1001 target/quarkus-app/quarkus/ /deployments/quarkus/ +COPY --chown=185 target/quarkus-app/lib/ /deployments/lib/ +COPY --chown=185 target/quarkus-app/*.jar /deployments/ +COPY --chown=185 target/quarkus-app/app/ /deployments/app/ +COPY --chown=185 target/quarkus-app/quarkus/ /deployments/quarkus/ EXPOSE 8080 -USER 1001 +USER 185 +ENV AB_JOLOKIA_OFF="" +ENV JAVA_OPTS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +ENV JAVA_APP_JAR="/deployments/quarkus-run.jar" -ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/kafka-panache-reactive-quickstart/src/main/docker/Dockerfile.legacy-jar b/kafka-panache-reactive-quickstart/src/main/docker/Dockerfile.legacy-jar index 54437c0753..93e88f9200 100644 --- a/kafka-panache-reactive-quickstart/src/main/docker/Dockerfile.legacy-jar +++ b/kafka-panache-reactive-quickstart/src/main/docker/Dockerfile.legacy-jar @@ -7,45 +7,84 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/kafka-panache-legacy-jar . +# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/kafka-panache-reactive-quickstart-legacy-jar . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/kafka-panache-legacy-jar +# docker run -i --rm -p 8080:8080 quarkus/kafka-panache-reactive-quickstart-legacy-jar # # If you want to include the debug port into your docker image -# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5005 # # Then run the container using : # -# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/kafka-panache-legacy-jar +# docker run -i --rm -p 8080:8080 quarkus/kafka-panache-reactive-quickstart-legacy-jar +# +# This image uses the `run-java.sh` script to run the application. +# This scripts computes the command line to execute your Java application, and +# includes memory/GC tuning. +# You can configure the behavior using the following environment properties: +# - JAVA_OPTS: JVM options passed to the `java` command (example: "-verbose:class") +# - JAVA_OPTS_APPEND: User specified Java options to be appended to generated options +# in JAVA_OPTS (example: "-Dsome.property=foo") +# - JAVA_MAX_MEM_RATIO: Is used when no `-Xmx` option is given in JAVA_OPTS. This is +# used to calculate a default maximal heap memory based on a containers restriction. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xmx` is set to a ratio +# of the container available memory as set here. The default is `50` which means 50% +# of the available memory is used as an upper boundary. You can skip this mechanism by +# setting this value to `0` in which case no `-Xmx` option is added. +# - JAVA_INITIAL_MEM_RATIO: Is used when no `-Xms` option is given in JAVA_OPTS. This +# is used to calculate a default initial heap memory based on the maximum heap memory. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xms` is set to a ratio +# of the `-Xmx` memory as set here. The default is `25` which means 25% of the `-Xmx` +# is used as the initial heap size. You can skip this mechanism by setting this value +# to `0` in which case no `-Xms` option is added (example: "25") +# - JAVA_MAX_INITIAL_MEM: Is used when no `-Xms` option is given in JAVA_OPTS. +# This is used to calculate the maximum value of the initial heap memory. If used in +# a container without any memory constraints for the container then this option has +# no effect. If there is a memory constraint then `-Xms` is limited to the value set +# here. The default is 4096MB which means the calculated value of `-Xms` never will +# be greater than 4096MB. The value of this variable is expressed in MB (example: "4096") +# - JAVA_DIAGNOSTICS: Set this to get some diagnostics information to standard output +# when things are happening. This option, if set to true, will set +# `-XX:+UnlockDiagnosticVMOptions`. Disabled by default (example: "true"). +# - JAVA_DEBUG: If set remote debugging will be switched on. Disabled by default (example: +# true"). +# - JAVA_DEBUG_PORT: Port used for remote debugging. Defaults to 5005 (example: "8787"). +# - CONTAINER_CORE_LIMIT: A calculated core limit as described in +# https://www.kernel.org/doc/Documentation/scheduler/sched-bwc.txt. (example: "2") +# - CONTAINER_MAX_MEMORY: Memory limit given to the container (example: "1024"). +# - GC_MIN_HEAP_FREE_RATIO: Minimum percentage of heap free after GC to avoid expansion. +# (example: "20") +# - GC_MAX_HEAP_FREE_RATIO: Maximum percentage of heap free after GC to avoid shrinking. +# (example: "40") +# - GC_TIME_RATIO: Specifies the ratio of the time spent outside the garbage collection. +# (example: "4") +# - GC_ADAPTIVE_SIZE_POLICY_WEIGHT: The weighting given to the current GC time versus +# previous GC times. (example: "90") +# - GC_METASPACE_SIZE: The initial metaspace size. (example: "20") +# - GC_MAX_METASPACE_SIZE: The maximum metaspace size. (example: "100") +# - GC_CONTAINER_OPTIONS: Specify Java GC to use. The value of this variable should +# contain the necessary JRE command-line options to specify the required GC, which +# will override the default of `-XX:+UseParallelGC` (example: -XX:+UseG1GC). +# - HTTPS_PROXY: The location of the https proxy. (example: "myuser@127.0.0.1:8080") +# - HTTP_PROXY: The location of the http proxy. (example: "myuser@127.0.0.1:8080") +# - NO_PROXY: A comma separated lists of hosts, IP addresses or domains that can be +# accessed directly. (example: "foo.example.com,bar.example.com") # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/openjdk-11:1.14 + +ENV LANGUAGE='en_US:en' -ARG JAVA_PACKAGE=java-11-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.8 -ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' -# Install java and the run-java script -# Also set up permissions for user `1001` -RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ - && microdnf update \ - && microdnf clean all \ - && mkdir /deployments \ - && chown 1001 /deployments \ - && chmod "g+rwX" /deployments \ - && chown 1001:root /deployments \ - && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ - && chown 1001 /deployments/run-java.sh \ - && chmod 540 /deployments/run-java.sh \ - && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security -# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. -ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" COPY target/lib/* /deployments/lib/ -COPY target/*-runner.jar /deployments/app.jar +COPY target/*-runner.jar /deployments/quarkus-run.jar EXPOSE 8080 -USER 1001 - -ENTRYPOINT [ "/deployments/run-java.sh" ] +USER 185 +ENV AB_JOLOKIA_OFF="" +ENV JAVA_OPTS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +ENV JAVA_APP_JAR="/deployments/quarkus-run.jar" diff --git a/kafka-panache-reactive-quickstart/src/main/docker/Dockerfile.native b/kafka-panache-reactive-quickstart/src/main/docker/Dockerfile.native index f36aed749f..ba08b6f0db 100644 --- a/kafka-panache-reactive-quickstart/src/main/docker/Dockerfile.native +++ b/kafka-panache-reactive-quickstart/src/main/docker/Dockerfile.native @@ -1,5 +1,5 @@ #### -# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode. # # Before building the container image run: # @@ -7,14 +7,14 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native -t quarkus/kafka-panache . +# docker build -f src/main/docker/Dockerfile.native -t quarkus/kafka-panache-reactive-quickstart . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/kafka-panache +# docker run -i --rm -p 8080:8080 quarkus/kafka-panache-reactive-quickstart # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.6 WORKDIR /work/ RUN chown 1001 /work \ && chmod "g+rwX" /work \ diff --git a/kafka-panache-reactive-quickstart/src/main/docker/Dockerfile.native-micro b/kafka-panache-reactive-quickstart/src/main/docker/Dockerfile.native-micro index 4ab6b0557c..16295ba8e6 100644 --- a/kafka-panache-reactive-quickstart/src/main/docker/Dockerfile.native-micro +++ b/kafka-panache-reactive-quickstart/src/main/docker/Dockerfile.native-micro @@ -1,5 +1,8 @@ #### -# This Dockerfile is used in order to build a distroless container that runs the Quarkus application in native (no JVM) mode +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode. +# It uses a micro base image, tuned for Quarkus native executables. +# It reduces the size of the resulting container image. +# Check https://quarkus.io/guides/quarkus-runtime-base-image for further information about this image. # # Before building the container image run: # @@ -7,15 +10,19 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native-micro -t quarkus/kafka-panache . +# docker build -f src/main/docker/Dockerfile.native-micro -t quarkus/kafka-panache-reactive-quickstart . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/kafka-panache +# docker run -i --rm -p 8080:8080 quarkus/kafka-panache-reactive-quickstart # ### -FROM quay.io/quarkus/quarkus-micro-image:1.0 -COPY target/*-runner /application +FROM quay.io/quarkus/quarkus-micro-image:2.0 +WORKDIR /work/ +RUN chown 1001 /work \ + && chmod "g+rwX" /work \ + && chown 1001:root /work +COPY --chown=1001:root target/*-runner /work/application EXPOSE 8080 USER 1001 diff --git a/kafka-panache-reactive-quickstart/src/main/resources/META-INF/resources/index.html b/kafka-panache-reactive-quickstart/src/main/resources/META-INF/resources/index.html index 816c87023f..87046c8ec6 100644 --- a/kafka-panache-reactive-quickstart/src/main/resources/META-INF/resources/index.html +++ b/kafka-panache-reactive-quickstart/src/main/resources/META-INF/resources/index.html @@ -133,7 +133,7 @@

    Application

  • GroupId: org.acme.quarkus.sample
  • ArtifactId: kafka-quickstart
  • Version: 1.0.0-SNAPSHOT
  • -
  • Quarkus Version: 999-SNAPSHOT
  • +
  • Quarkus Version: 2.14.0.Final
  • diff --git a/kafka-quickstart/processor/pom.xml b/kafka-quickstart/processor/pom.xml index 8cc4929953..902812444a 100644 --- a/kafka-quickstart/processor/pom.xml +++ b/kafka-quickstart/processor/pom.xml @@ -13,7 +13,7 @@ 3.0.0-M7 quarkus-bom io.quarkus - 999-SNAPSHOT + 2.14.0.Final 11 UTF-8 11 diff --git a/kafka-quickstart/producer/pom.xml b/kafka-quickstart/producer/pom.xml index ad12c15bc6..3e66b5db67 100644 --- a/kafka-quickstart/producer/pom.xml +++ b/kafka-quickstart/producer/pom.xml @@ -13,7 +13,7 @@ 3.0.0-M7 quarkus-bom io.quarkus - 999-SNAPSHOT + 2.14.0.Final 11 UTF-8 11 diff --git a/kafka-streams-quickstart/aggregator/pom.xml b/kafka-streams-quickstart/aggregator/pom.xml index e2dee6bd42..71fdae003b 100644 --- a/kafka-streams-quickstart/aggregator/pom.xml +++ b/kafka-streams-quickstart/aggregator/pom.xml @@ -15,7 +15,7 @@ 11 quarkus-bom io.quarkus - 999-SNAPSHOT + 2.14.0.Final UTF-8 UTF-8 diff --git a/kafka-streams-quickstart/producer/pom.xml b/kafka-streams-quickstart/producer/pom.xml index ed3e7c515d..c02965ab27 100644 --- a/kafka-streams-quickstart/producer/pom.xml +++ b/kafka-streams-quickstart/producer/pom.xml @@ -17,7 +17,7 @@ 11 quarkus-bom io.quarkus - 999-SNAPSHOT + 2.14.0.Final UTF-8 UTF-8 diff --git a/kafka-streams-quickstart/src/main/docker/Dockerfile.jvm b/kafka-streams-quickstart/src/main/docker/Dockerfile.jvm index 7aaecb4e3f..ca52a20ee1 100644 --- a/kafka-streams-quickstart/src/main/docker/Dockerfile.jvm +++ b/kafka-streams-quickstart/src/main/docker/Dockerfile.jvm @@ -7,48 +7,88 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/kafka-streams-jvm . +# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/kafka-streams-quickstart-jvm . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/kafka-streams-jvm +# docker run -i --rm -p 8080:8080 quarkus/kafka-streams-quickstart-jvm # # If you want to include the debug port into your docker image -# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5005 # # Then run the container using : # -# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/kafka-streams-jvm +# docker run -i --rm -p 8080:8080 quarkus/kafka-streams-quickstart-jvm +# +# This image uses the `run-java.sh` script to run the application. +# This scripts computes the command line to execute your Java application, and +# includes memory/GC tuning. +# You can configure the behavior using the following environment properties: +# - JAVA_OPTS: JVM options passed to the `java` command (example: "-verbose:class") +# - JAVA_OPTS_APPEND: User specified Java options to be appended to generated options +# in JAVA_OPTS (example: "-Dsome.property=foo") +# - JAVA_MAX_MEM_RATIO: Is used when no `-Xmx` option is given in JAVA_OPTS. This is +# used to calculate a default maximal heap memory based on a containers restriction. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xmx` is set to a ratio +# of the container available memory as set here. The default is `50` which means 50% +# of the available memory is used as an upper boundary. You can skip this mechanism by +# setting this value to `0` in which case no `-Xmx` option is added. +# - JAVA_INITIAL_MEM_RATIO: Is used when no `-Xms` option is given in JAVA_OPTS. This +# is used to calculate a default initial heap memory based on the maximum heap memory. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xms` is set to a ratio +# of the `-Xmx` memory as set here. The default is `25` which means 25% of the `-Xmx` +# is used as the initial heap size. You can skip this mechanism by setting this value +# to `0` in which case no `-Xms` option is added (example: "25") +# - JAVA_MAX_INITIAL_MEM: Is used when no `-Xms` option is given in JAVA_OPTS. +# This is used to calculate the maximum value of the initial heap memory. If used in +# a container without any memory constraints for the container then this option has +# no effect. If there is a memory constraint then `-Xms` is limited to the value set +# here. The default is 4096MB which means the calculated value of `-Xms` never will +# be greater than 4096MB. The value of this variable is expressed in MB (example: "4096") +# - JAVA_DIAGNOSTICS: Set this to get some diagnostics information to standard output +# when things are happening. This option, if set to true, will set +# `-XX:+UnlockDiagnosticVMOptions`. Disabled by default (example: "true"). +# - JAVA_DEBUG: If set remote debugging will be switched on. Disabled by default (example: +# true"). +# - JAVA_DEBUG_PORT: Port used for remote debugging. Defaults to 5005 (example: "8787"). +# - CONTAINER_CORE_LIMIT: A calculated core limit as described in +# https://www.kernel.org/doc/Documentation/scheduler/sched-bwc.txt. (example: "2") +# - CONTAINER_MAX_MEMORY: Memory limit given to the container (example: "1024"). +# - GC_MIN_HEAP_FREE_RATIO: Minimum percentage of heap free after GC to avoid expansion. +# (example: "20") +# - GC_MAX_HEAP_FREE_RATIO: Maximum percentage of heap free after GC to avoid shrinking. +# (example: "40") +# - GC_TIME_RATIO: Specifies the ratio of the time spent outside the garbage collection. +# (example: "4") +# - GC_ADAPTIVE_SIZE_POLICY_WEIGHT: The weighting given to the current GC time versus +# previous GC times. (example: "90") +# - GC_METASPACE_SIZE: The initial metaspace size. (example: "20") +# - GC_MAX_METASPACE_SIZE: The maximum metaspace size. (example: "100") +# - GC_CONTAINER_OPTIONS: Specify Java GC to use. The value of this variable should +# contain the necessary JRE command-line options to specify the required GC, which +# will override the default of `-XX:+UseParallelGC` (example: -XX:+UseG1GC). +# - HTTPS_PROXY: The location of the https proxy. (example: "myuser@127.0.0.1:8080") +# - HTTP_PROXY: The location of the http proxy. (example: "myuser@127.0.0.1:8080") +# - NO_PROXY: A comma separated lists of hosts, IP addresses or domains that can be +# accessed directly. (example: "foo.example.com,bar.example.com") # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/openjdk-11:1.14 + +ENV LANGUAGE='en_US:en' -ARG JAVA_PACKAGE=java-11-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.8 -ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' -# Install java and the run-java script -# Also set up permissions for user `1001` -RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ - && microdnf update \ - && microdnf clean all \ - && mkdir /deployments \ - && chown 1001 /deployments \ - && chmod "g+rwX" /deployments \ - && chown 1001:root /deployments \ - && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ - && chown 1001 /deployments/run-java.sh \ - && chmod 540 /deployments/run-java.sh \ - && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security -# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. -ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" # We make four distinct layers so if there are application changes the library layers can be re-used -COPY --chown=1001 target/quarkus-app/lib/ /deployments/lib/ -COPY --chown=1001 target/quarkus-app/*.jar /deployments/ -COPY --chown=1001 target/quarkus-app/app/ /deployments/app/ -COPY --chown=1001 target/quarkus-app/quarkus/ /deployments/quarkus/ +COPY --chown=185 target/quarkus-app/lib/ /deployments/lib/ +COPY --chown=185 target/quarkus-app/*.jar /deployments/ +COPY --chown=185 target/quarkus-app/app/ /deployments/app/ +COPY --chown=185 target/quarkus-app/quarkus/ /deployments/quarkus/ EXPOSE 8080 -USER 1001 +USER 185 +ENV AB_JOLOKIA_OFF="" +ENV JAVA_OPTS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +ENV JAVA_APP_JAR="/deployments/quarkus-run.jar" -ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/kafka-streams-quickstart/src/main/docker/Dockerfile.legacy-jar b/kafka-streams-quickstart/src/main/docker/Dockerfile.legacy-jar index 56c9fc24a5..bc39292081 100644 --- a/kafka-streams-quickstart/src/main/docker/Dockerfile.legacy-jar +++ b/kafka-streams-quickstart/src/main/docker/Dockerfile.legacy-jar @@ -7,45 +7,84 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/kafka-streams-legacy-jar . +# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/kafka-streams-quickstart-legacy-jar . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/kafka-streams-legacy-jar +# docker run -i --rm -p 8080:8080 quarkus/kafka-streams-quickstart-legacy-jar # # If you want to include the debug port into your docker image -# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5005 # # Then run the container using : # -# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/kafka-streams-legacy-jar +# docker run -i --rm -p 8080:8080 quarkus/kafka-streams-quickstart-legacy-jar +# +# This image uses the `run-java.sh` script to run the application. +# This scripts computes the command line to execute your Java application, and +# includes memory/GC tuning. +# You can configure the behavior using the following environment properties: +# - JAVA_OPTS: JVM options passed to the `java` command (example: "-verbose:class") +# - JAVA_OPTS_APPEND: User specified Java options to be appended to generated options +# in JAVA_OPTS (example: "-Dsome.property=foo") +# - JAVA_MAX_MEM_RATIO: Is used when no `-Xmx` option is given in JAVA_OPTS. This is +# used to calculate a default maximal heap memory based on a containers restriction. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xmx` is set to a ratio +# of the container available memory as set here. The default is `50` which means 50% +# of the available memory is used as an upper boundary. You can skip this mechanism by +# setting this value to `0` in which case no `-Xmx` option is added. +# - JAVA_INITIAL_MEM_RATIO: Is used when no `-Xms` option is given in JAVA_OPTS. This +# is used to calculate a default initial heap memory based on the maximum heap memory. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xms` is set to a ratio +# of the `-Xmx` memory as set here. The default is `25` which means 25% of the `-Xmx` +# is used as the initial heap size. You can skip this mechanism by setting this value +# to `0` in which case no `-Xms` option is added (example: "25") +# - JAVA_MAX_INITIAL_MEM: Is used when no `-Xms` option is given in JAVA_OPTS. +# This is used to calculate the maximum value of the initial heap memory. If used in +# a container without any memory constraints for the container then this option has +# no effect. If there is a memory constraint then `-Xms` is limited to the value set +# here. The default is 4096MB which means the calculated value of `-Xms` never will +# be greater than 4096MB. The value of this variable is expressed in MB (example: "4096") +# - JAVA_DIAGNOSTICS: Set this to get some diagnostics information to standard output +# when things are happening. This option, if set to true, will set +# `-XX:+UnlockDiagnosticVMOptions`. Disabled by default (example: "true"). +# - JAVA_DEBUG: If set remote debugging will be switched on. Disabled by default (example: +# true"). +# - JAVA_DEBUG_PORT: Port used for remote debugging. Defaults to 5005 (example: "8787"). +# - CONTAINER_CORE_LIMIT: A calculated core limit as described in +# https://www.kernel.org/doc/Documentation/scheduler/sched-bwc.txt. (example: "2") +# - CONTAINER_MAX_MEMORY: Memory limit given to the container (example: "1024"). +# - GC_MIN_HEAP_FREE_RATIO: Minimum percentage of heap free after GC to avoid expansion. +# (example: "20") +# - GC_MAX_HEAP_FREE_RATIO: Maximum percentage of heap free after GC to avoid shrinking. +# (example: "40") +# - GC_TIME_RATIO: Specifies the ratio of the time spent outside the garbage collection. +# (example: "4") +# - GC_ADAPTIVE_SIZE_POLICY_WEIGHT: The weighting given to the current GC time versus +# previous GC times. (example: "90") +# - GC_METASPACE_SIZE: The initial metaspace size. (example: "20") +# - GC_MAX_METASPACE_SIZE: The maximum metaspace size. (example: "100") +# - GC_CONTAINER_OPTIONS: Specify Java GC to use. The value of this variable should +# contain the necessary JRE command-line options to specify the required GC, which +# will override the default of `-XX:+UseParallelGC` (example: -XX:+UseG1GC). +# - HTTPS_PROXY: The location of the https proxy. (example: "myuser@127.0.0.1:8080") +# - HTTP_PROXY: The location of the http proxy. (example: "myuser@127.0.0.1:8080") +# - NO_PROXY: A comma separated lists of hosts, IP addresses or domains that can be +# accessed directly. (example: "foo.example.com,bar.example.com") # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/openjdk-11:1.14 + +ENV LANGUAGE='en_US:en' -ARG JAVA_PACKAGE=java-11-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.8 -ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' -# Install java and the run-java script -# Also set up permissions for user `1001` -RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ - && microdnf update \ - && microdnf clean all \ - && mkdir /deployments \ - && chown 1001 /deployments \ - && chmod "g+rwX" /deployments \ - && chown 1001:root /deployments \ - && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ - && chown 1001 /deployments/run-java.sh \ - && chmod 540 /deployments/run-java.sh \ - && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security -# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. -ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" COPY target/lib/* /deployments/lib/ -COPY target/*-runner.jar /deployments/app.jar +COPY target/*-runner.jar /deployments/quarkus-run.jar EXPOSE 8080 -USER 1001 - -ENTRYPOINT [ "/deployments/run-java.sh" ] +USER 185 +ENV AB_JOLOKIA_OFF="" +ENV JAVA_OPTS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +ENV JAVA_APP_JAR="/deployments/quarkus-run.jar" diff --git a/kafka-streams-quickstart/src/main/docker/Dockerfile.native b/kafka-streams-quickstart/src/main/docker/Dockerfile.native index 66708dc668..5433ade5d7 100644 --- a/kafka-streams-quickstart/src/main/docker/Dockerfile.native +++ b/kafka-streams-quickstart/src/main/docker/Dockerfile.native @@ -1,5 +1,5 @@ #### -# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode. # # Before building the container image run: # @@ -7,14 +7,14 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native -t quarkus/kafka-streams . +# docker build -f src/main/docker/Dockerfile.native -t quarkus/kafka-streams-quickstart . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/kafka-streams +# docker run -i --rm -p 8080:8080 quarkus/kafka-streams-quickstart # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.6 WORKDIR /work/ RUN chown 1001 /work \ && chmod "g+rwX" /work \ diff --git a/kafka-streams-quickstart/src/main/docker/Dockerfile.native-micro b/kafka-streams-quickstart/src/main/docker/Dockerfile.native-micro index a8e9ea8af7..abdd6b99ca 100644 --- a/kafka-streams-quickstart/src/main/docker/Dockerfile.native-micro +++ b/kafka-streams-quickstart/src/main/docker/Dockerfile.native-micro @@ -1,5 +1,8 @@ #### -# This Dockerfile is used in order to build a distroless container that runs the Quarkus application in native (no JVM) mode +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode. +# It uses a micro base image, tuned for Quarkus native executables. +# It reduces the size of the resulting container image. +# Check https://quarkus.io/guides/quarkus-runtime-base-image for further information about this image. # # Before building the container image run: # @@ -7,15 +10,19 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native-micro -t quarkus/kafka-streams . +# docker build -f src/main/docker/Dockerfile.native-micro -t quarkus/kafka-streams-quickstart . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/kafka-streams +# docker run -i --rm -p 8080:8080 quarkus/kafka-streams-quickstart # ### -FROM quay.io/quarkus/quarkus-micro-image:1.0 -COPY target/*-runner /application +FROM quay.io/quarkus/quarkus-micro-image:2.0 +WORKDIR /work/ +RUN chown 1001 /work \ + && chmod "g+rwX" /work \ + && chown 1001:root /work +COPY --chown=1001:root target/*-runner /work/application EXPOSE 8080 USER 1001 diff --git a/kogito-dmn-quickstart/pom.xml b/kogito-dmn-quickstart/pom.xml index 66e179b17e..1e43b3b25c 100644 --- a/kogito-dmn-quickstart/pom.xml +++ b/kogito-dmn-quickstart/pom.xml @@ -16,7 +16,7 @@ UTF-8 quarkus-bom io.quarkus - 999-SNAPSHOT + 2.14.0.Final org.kie.kogito kogito-quarkus-bom 1.24.0.Final diff --git a/kogito-dmn-quickstart/src/main/docker/Dockerfile.jvm b/kogito-dmn-quickstart/src/main/docker/Dockerfile.jvm index fe1e5ef996..1376d51614 100644 --- a/kogito-dmn-quickstart/src/main/docker/Dockerfile.jvm +++ b/kogito-dmn-quickstart/src/main/docker/Dockerfile.jvm @@ -18,38 +18,77 @@ # # Then run the container using : # -# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/kogito-dmn-quickstart-jvm +# docker run -i --rm -p 8080:8080 quarkus/kogito-dmn-quickstart-jvm +# +# This image uses the `run-java.sh` script to run the application. +# This scripts computes the command line to execute your Java application, and +# includes memory/GC tuning. +# You can configure the behavior using the following environment properties: +# - JAVA_OPTS: JVM options passed to the `java` command (example: "-verbose:class") +# - JAVA_OPTS_APPEND: User specified Java options to be appended to generated options +# in JAVA_OPTS (example: "-Dsome.property=foo") +# - JAVA_MAX_MEM_RATIO: Is used when no `-Xmx` option is given in JAVA_OPTS. This is +# used to calculate a default maximal heap memory based on a containers restriction. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xmx` is set to a ratio +# of the container available memory as set here. The default is `50` which means 50% +# of the available memory is used as an upper boundary. You can skip this mechanism by +# setting this value to `0` in which case no `-Xmx` option is added. +# - JAVA_INITIAL_MEM_RATIO: Is used when no `-Xms` option is given in JAVA_OPTS. This +# is used to calculate a default initial heap memory based on the maximum heap memory. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xms` is set to a ratio +# of the `-Xmx` memory as set here. The default is `25` which means 25% of the `-Xmx` +# is used as the initial heap size. You can skip this mechanism by setting this value +# to `0` in which case no `-Xms` option is added (example: "25") +# - JAVA_MAX_INITIAL_MEM: Is used when no `-Xms` option is given in JAVA_OPTS. +# This is used to calculate the maximum value of the initial heap memory. If used in +# a container without any memory constraints for the container then this option has +# no effect. If there is a memory constraint then `-Xms` is limited to the value set +# here. The default is 4096MB which means the calculated value of `-Xms` never will +# be greater than 4096MB. The value of this variable is expressed in MB (example: "4096") +# - JAVA_DIAGNOSTICS: Set this to get some diagnostics information to standard output +# when things are happening. This option, if set to true, will set +# `-XX:+UnlockDiagnosticVMOptions`. Disabled by default (example: "true"). +# - JAVA_DEBUG: If set remote debugging will be switched on. Disabled by default (example: +# true"). +# - JAVA_DEBUG_PORT: Port used for remote debugging. Defaults to 5005 (example: "8787"). +# - CONTAINER_CORE_LIMIT: A calculated core limit as described in +# https://www.kernel.org/doc/Documentation/scheduler/sched-bwc.txt. (example: "2") +# - CONTAINER_MAX_MEMORY: Memory limit given to the container (example: "1024"). +# - GC_MIN_HEAP_FREE_RATIO: Minimum percentage of heap free after GC to avoid expansion. +# (example: "20") +# - GC_MAX_HEAP_FREE_RATIO: Maximum percentage of heap free after GC to avoid shrinking. +# (example: "40") +# - GC_TIME_RATIO: Specifies the ratio of the time spent outside the garbage collection. +# (example: "4") +# - GC_ADAPTIVE_SIZE_POLICY_WEIGHT: The weighting given to the current GC time versus +# previous GC times. (example: "90") +# - GC_METASPACE_SIZE: The initial metaspace size. (example: "20") +# - GC_MAX_METASPACE_SIZE: The maximum metaspace size. (example: "100") +# - GC_CONTAINER_OPTIONS: Specify Java GC to use. The value of this variable should +# contain the necessary JRE command-line options to specify the required GC, which +# will override the default of `-XX:+UseParallelGC` (example: -XX:+UseG1GC). +# - HTTPS_PROXY: The location of the https proxy. (example: "myuser@127.0.0.1:8080") +# - HTTP_PROXY: The location of the http proxy. (example: "myuser@127.0.0.1:8080") +# - NO_PROXY: A comma separated lists of hosts, IP addresses or domains that can be +# accessed directly. (example: "foo.example.com,bar.example.com") # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.4 +FROM registry.access.redhat.com/ubi8/openjdk-11:1.14 + +ENV LANGUAGE='en_US:en' -ARG JAVA_PACKAGE=java-11-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.8 -ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' -# Install java and the run-java script -# Also set up permissions for user `1001` -RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ - && microdnf update \ - && microdnf clean all \ - && mkdir /deployments \ - && chown 1001 /deployments \ - && chmod "g+rwX" /deployments \ - && chown 1001:root /deployments \ - && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ - && chown 1001 /deployments/run-java.sh \ - && chmod 540 /deployments/run-java.sh \ - && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/conf/security/java.security -# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. -ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" # We make four distinct layers so if there are application changes the library layers can be re-used -COPY --chown=1001 target/quarkus-app/lib/ /deployments/lib/ -COPY --chown=1001 target/quarkus-app/*.jar /deployments/ -COPY --chown=1001 target/quarkus-app/app/ /deployments/app/ -COPY --chown=1001 target/quarkus-app/quarkus/ /deployments/quarkus/ +COPY --chown=185 target/quarkus-app/lib/ /deployments/lib/ +COPY --chown=185 target/quarkus-app/*.jar /deployments/ +COPY --chown=185 target/quarkus-app/app/ /deployments/app/ +COPY --chown=185 target/quarkus-app/quarkus/ /deployments/quarkus/ EXPOSE 8080 -USER 1001 - -ENTRYPOINT [ "/deployments/run-java.sh" ] +USER 185 +ENV AB_JOLOKIA_OFF="" +ENV JAVA_OPTS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +ENV JAVA_APP_JAR="/deployments/quarkus-run.jar" diff --git a/kogito-dmn-quickstart/src/main/docker/Dockerfile.legacy-jar b/kogito-dmn-quickstart/src/main/docker/Dockerfile.legacy-jar index 230d6f050b..cdf6476dd5 100644 --- a/kogito-dmn-quickstart/src/main/docker/Dockerfile.legacy-jar +++ b/kogito-dmn-quickstart/src/main/docker/Dockerfile.legacy-jar @@ -18,34 +18,73 @@ # # Then run the container using : # -# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/kogito-dmn-quickstart-legacy-jar +# docker run -i --rm -p 8080:8080 quarkus/kogito-dmn-quickstart-legacy-jar +# +# This image uses the `run-java.sh` script to run the application. +# This scripts computes the command line to execute your Java application, and +# includes memory/GC tuning. +# You can configure the behavior using the following environment properties: +# - JAVA_OPTS: JVM options passed to the `java` command (example: "-verbose:class") +# - JAVA_OPTS_APPEND: User specified Java options to be appended to generated options +# in JAVA_OPTS (example: "-Dsome.property=foo") +# - JAVA_MAX_MEM_RATIO: Is used when no `-Xmx` option is given in JAVA_OPTS. This is +# used to calculate a default maximal heap memory based on a containers restriction. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xmx` is set to a ratio +# of the container available memory as set here. The default is `50` which means 50% +# of the available memory is used as an upper boundary. You can skip this mechanism by +# setting this value to `0` in which case no `-Xmx` option is added. +# - JAVA_INITIAL_MEM_RATIO: Is used when no `-Xms` option is given in JAVA_OPTS. This +# is used to calculate a default initial heap memory based on the maximum heap memory. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xms` is set to a ratio +# of the `-Xmx` memory as set here. The default is `25` which means 25% of the `-Xmx` +# is used as the initial heap size. You can skip this mechanism by setting this value +# to `0` in which case no `-Xms` option is added (example: "25") +# - JAVA_MAX_INITIAL_MEM: Is used when no `-Xms` option is given in JAVA_OPTS. +# This is used to calculate the maximum value of the initial heap memory. If used in +# a container without any memory constraints for the container then this option has +# no effect. If there is a memory constraint then `-Xms` is limited to the value set +# here. The default is 4096MB which means the calculated value of `-Xms` never will +# be greater than 4096MB. The value of this variable is expressed in MB (example: "4096") +# - JAVA_DIAGNOSTICS: Set this to get some diagnostics information to standard output +# when things are happening. This option, if set to true, will set +# `-XX:+UnlockDiagnosticVMOptions`. Disabled by default (example: "true"). +# - JAVA_DEBUG: If set remote debugging will be switched on. Disabled by default (example: +# true"). +# - JAVA_DEBUG_PORT: Port used for remote debugging. Defaults to 5005 (example: "8787"). +# - CONTAINER_CORE_LIMIT: A calculated core limit as described in +# https://www.kernel.org/doc/Documentation/scheduler/sched-bwc.txt. (example: "2") +# - CONTAINER_MAX_MEMORY: Memory limit given to the container (example: "1024"). +# - GC_MIN_HEAP_FREE_RATIO: Minimum percentage of heap free after GC to avoid expansion. +# (example: "20") +# - GC_MAX_HEAP_FREE_RATIO: Maximum percentage of heap free after GC to avoid shrinking. +# (example: "40") +# - GC_TIME_RATIO: Specifies the ratio of the time spent outside the garbage collection. +# (example: "4") +# - GC_ADAPTIVE_SIZE_POLICY_WEIGHT: The weighting given to the current GC time versus +# previous GC times. (example: "90") +# - GC_METASPACE_SIZE: The initial metaspace size. (example: "20") +# - GC_MAX_METASPACE_SIZE: The maximum metaspace size. (example: "100") +# - GC_CONTAINER_OPTIONS: Specify Java GC to use. The value of this variable should +# contain the necessary JRE command-line options to specify the required GC, which +# will override the default of `-XX:+UseParallelGC` (example: -XX:+UseG1GC). +# - HTTPS_PROXY: The location of the https proxy. (example: "myuser@127.0.0.1:8080") +# - HTTP_PROXY: The location of the http proxy. (example: "myuser@127.0.0.1:8080") +# - NO_PROXY: A comma separated lists of hosts, IP addresses or domains that can be +# accessed directly. (example: "foo.example.com,bar.example.com") # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.4 +FROM registry.access.redhat.com/ubi8/openjdk-11:1.14 + +ENV LANGUAGE='en_US:en' -ARG JAVA_PACKAGE=java-11-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.8 -ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' -# Install java and the run-java script -# Also set up permissions for user `1001` -RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ - && microdnf update \ - && microdnf clean all \ - && mkdir /deployments \ - && chown 1001 /deployments \ - && chmod "g+rwX" /deployments \ - && chown 1001:root /deployments \ - && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ - && chown 1001 /deployments/run-java.sh \ - && chmod 540 /deployments/run-java.sh \ - && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/conf/security/java.security -# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. -ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" COPY target/lib/* /deployments/lib/ -COPY target/*-runner.jar /deployments/app.jar +COPY target/*-runner.jar /deployments/quarkus-run.jar EXPOSE 8080 -USER 1001 - -ENTRYPOINT [ "/deployments/run-java.sh" ] +USER 185 +ENV AB_JOLOKIA_OFF="" +ENV JAVA_OPTS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +ENV JAVA_APP_JAR="/deployments/quarkus-run.jar" diff --git a/kogito-dmn-quickstart/src/main/docker/Dockerfile.native b/kogito-dmn-quickstart/src/main/docker/Dockerfile.native index 40d4ad39d1..5955bee0f8 100644 --- a/kogito-dmn-quickstart/src/main/docker/Dockerfile.native +++ b/kogito-dmn-quickstart/src/main/docker/Dockerfile.native @@ -1,5 +1,5 @@ #### -# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode. # # Before building the container image run: # @@ -14,7 +14,7 @@ # docker run -i --rm -p 8080:8080 quarkus/kogito-dmn-quickstart # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.4 +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.6 WORKDIR /work/ RUN chown 1001 /work \ && chmod "g+rwX" /work \ diff --git a/kogito-dmn-quickstart/src/main/docker/Dockerfile.native-micro b/kogito-dmn-quickstart/src/main/docker/Dockerfile.native-micro index 784dbca020..8893eb167b 100644 --- a/kogito-dmn-quickstart/src/main/docker/Dockerfile.native-micro +++ b/kogito-dmn-quickstart/src/main/docker/Dockerfile.native-micro @@ -1,5 +1,8 @@ #### -# This Dockerfile is used in order to build a distroless container that runs the Quarkus application in native (no JVM) mode +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode. +# It uses a micro base image, tuned for Quarkus native executables. +# It reduces the size of the resulting container image. +# Check https://quarkus.io/guides/quarkus-runtime-base-image for further information about this image. # # Before building the container image run: # @@ -14,8 +17,12 @@ # docker run -i --rm -p 8080:8080 quarkus/kogito-dmn-quickstart # ### -FROM quay.io/quarkus/quarkus-micro-image:1.0 -COPY target/*-runner /application +FROM quay.io/quarkus/quarkus-micro-image:2.0 +WORKDIR /work/ +RUN chown 1001 /work \ + && chmod "g+rwX" /work \ + && chown 1001:root /work +COPY --chown=1001:root target/*-runner /work/application EXPOSE 8080 USER 1001 diff --git a/kogito-drl-quickstart/pom.xml b/kogito-drl-quickstart/pom.xml index 053ac5ae86..36695f7176 100644 --- a/kogito-drl-quickstart/pom.xml +++ b/kogito-drl-quickstart/pom.xml @@ -16,7 +16,7 @@ UTF-8 io.quarkus quarkus-bom - 999-SNAPSHOT + 2.14.0.Final org.kie.kogito kogito-quarkus-bom 1.24.0.Final diff --git a/kogito-drl-quickstart/src/main/docker/Dockerfile.jvm b/kogito-drl-quickstart/src/main/docker/Dockerfile.jvm index 423315cd3b..45b3fc828c 100644 --- a/kogito-drl-quickstart/src/main/docker/Dockerfile.jvm +++ b/kogito-drl-quickstart/src/main/docker/Dockerfile.jvm @@ -7,48 +7,88 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/kogito-jvm . +# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/kogito-drl-quickstart-jvm . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/kogito-jvm +# docker run -i --rm -p 8080:8080 quarkus/kogito-drl-quickstart-jvm # # If you want to include the debug port into your docker image -# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5005 # # Then run the container using : # -# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/kogito-jvm +# docker run -i --rm -p 8080:8080 quarkus/kogito-drl-quickstart-jvm +# +# This image uses the `run-java.sh` script to run the application. +# This scripts computes the command line to execute your Java application, and +# includes memory/GC tuning. +# You can configure the behavior using the following environment properties: +# - JAVA_OPTS: JVM options passed to the `java` command (example: "-verbose:class") +# - JAVA_OPTS_APPEND: User specified Java options to be appended to generated options +# in JAVA_OPTS (example: "-Dsome.property=foo") +# - JAVA_MAX_MEM_RATIO: Is used when no `-Xmx` option is given in JAVA_OPTS. This is +# used to calculate a default maximal heap memory based on a containers restriction. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xmx` is set to a ratio +# of the container available memory as set here. The default is `50` which means 50% +# of the available memory is used as an upper boundary. You can skip this mechanism by +# setting this value to `0` in which case no `-Xmx` option is added. +# - JAVA_INITIAL_MEM_RATIO: Is used when no `-Xms` option is given in JAVA_OPTS. This +# is used to calculate a default initial heap memory based on the maximum heap memory. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xms` is set to a ratio +# of the `-Xmx` memory as set here. The default is `25` which means 25% of the `-Xmx` +# is used as the initial heap size. You can skip this mechanism by setting this value +# to `0` in which case no `-Xms` option is added (example: "25") +# - JAVA_MAX_INITIAL_MEM: Is used when no `-Xms` option is given in JAVA_OPTS. +# This is used to calculate the maximum value of the initial heap memory. If used in +# a container without any memory constraints for the container then this option has +# no effect. If there is a memory constraint then `-Xms` is limited to the value set +# here. The default is 4096MB which means the calculated value of `-Xms` never will +# be greater than 4096MB. The value of this variable is expressed in MB (example: "4096") +# - JAVA_DIAGNOSTICS: Set this to get some diagnostics information to standard output +# when things are happening. This option, if set to true, will set +# `-XX:+UnlockDiagnosticVMOptions`. Disabled by default (example: "true"). +# - JAVA_DEBUG: If set remote debugging will be switched on. Disabled by default (example: +# true"). +# - JAVA_DEBUG_PORT: Port used for remote debugging. Defaults to 5005 (example: "8787"). +# - CONTAINER_CORE_LIMIT: A calculated core limit as described in +# https://www.kernel.org/doc/Documentation/scheduler/sched-bwc.txt. (example: "2") +# - CONTAINER_MAX_MEMORY: Memory limit given to the container (example: "1024"). +# - GC_MIN_HEAP_FREE_RATIO: Minimum percentage of heap free after GC to avoid expansion. +# (example: "20") +# - GC_MAX_HEAP_FREE_RATIO: Maximum percentage of heap free after GC to avoid shrinking. +# (example: "40") +# - GC_TIME_RATIO: Specifies the ratio of the time spent outside the garbage collection. +# (example: "4") +# - GC_ADAPTIVE_SIZE_POLICY_WEIGHT: The weighting given to the current GC time versus +# previous GC times. (example: "90") +# - GC_METASPACE_SIZE: The initial metaspace size. (example: "20") +# - GC_MAX_METASPACE_SIZE: The maximum metaspace size. (example: "100") +# - GC_CONTAINER_OPTIONS: Specify Java GC to use. The value of this variable should +# contain the necessary JRE command-line options to specify the required GC, which +# will override the default of `-XX:+UseParallelGC` (example: -XX:+UseG1GC). +# - HTTPS_PROXY: The location of the https proxy. (example: "myuser@127.0.0.1:8080") +# - HTTP_PROXY: The location of the http proxy. (example: "myuser@127.0.0.1:8080") +# - NO_PROXY: A comma separated lists of hosts, IP addresses or domains that can be +# accessed directly. (example: "foo.example.com,bar.example.com") # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/openjdk-11:1.14 + +ENV LANGUAGE='en_US:en' -ARG JAVA_PACKAGE=java-11-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.8 -ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' -# Install java and the run-java script -# Also set up permissions for user `1001` -RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ - && microdnf update \ - && microdnf clean all \ - && mkdir /deployments \ - && chown 1001 /deployments \ - && chmod "g+rwX" /deployments \ - && chown 1001:root /deployments \ - && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ - && chown 1001 /deployments/run-java.sh \ - && chmod 540 /deployments/run-java.sh \ - && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security -# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. -ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" # We make four distinct layers so if there are application changes the library layers can be re-used -COPY --chown=1001 target/quarkus-app/lib/ /deployments/lib/ -COPY --chown=1001 target/quarkus-app/*.jar /deployments/ -COPY --chown=1001 target/quarkus-app/app/ /deployments/app/ -COPY --chown=1001 target/quarkus-app/quarkus/ /deployments/quarkus/ +COPY --chown=185 target/quarkus-app/lib/ /deployments/lib/ +COPY --chown=185 target/quarkus-app/*.jar /deployments/ +COPY --chown=185 target/quarkus-app/app/ /deployments/app/ +COPY --chown=185 target/quarkus-app/quarkus/ /deployments/quarkus/ EXPOSE 8080 -USER 1001 +USER 185 +ENV AB_JOLOKIA_OFF="" +ENV JAVA_OPTS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +ENV JAVA_APP_JAR="/deployments/quarkus-run.jar" -ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/kogito-drl-quickstart/src/main/docker/Dockerfile.legacy-jar b/kogito-drl-quickstart/src/main/docker/Dockerfile.legacy-jar index 47f85f489e..82e88e0a7b 100644 --- a/kogito-drl-quickstart/src/main/docker/Dockerfile.legacy-jar +++ b/kogito-drl-quickstart/src/main/docker/Dockerfile.legacy-jar @@ -7,45 +7,84 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/kogito-legacy-jar . +# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/kogito-drl-quickstart-legacy-jar . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/kogito-legacy-jar +# docker run -i --rm -p 8080:8080 quarkus/kogito-drl-quickstart-legacy-jar # # If you want to include the debug port into your docker image -# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5005 # # Then run the container using : # -# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/kogito-legacy-jar +# docker run -i --rm -p 8080:8080 quarkus/kogito-drl-quickstart-legacy-jar +# +# This image uses the `run-java.sh` script to run the application. +# This scripts computes the command line to execute your Java application, and +# includes memory/GC tuning. +# You can configure the behavior using the following environment properties: +# - JAVA_OPTS: JVM options passed to the `java` command (example: "-verbose:class") +# - JAVA_OPTS_APPEND: User specified Java options to be appended to generated options +# in JAVA_OPTS (example: "-Dsome.property=foo") +# - JAVA_MAX_MEM_RATIO: Is used when no `-Xmx` option is given in JAVA_OPTS. This is +# used to calculate a default maximal heap memory based on a containers restriction. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xmx` is set to a ratio +# of the container available memory as set here. The default is `50` which means 50% +# of the available memory is used as an upper boundary. You can skip this mechanism by +# setting this value to `0` in which case no `-Xmx` option is added. +# - JAVA_INITIAL_MEM_RATIO: Is used when no `-Xms` option is given in JAVA_OPTS. This +# is used to calculate a default initial heap memory based on the maximum heap memory. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xms` is set to a ratio +# of the `-Xmx` memory as set here. The default is `25` which means 25% of the `-Xmx` +# is used as the initial heap size. You can skip this mechanism by setting this value +# to `0` in which case no `-Xms` option is added (example: "25") +# - JAVA_MAX_INITIAL_MEM: Is used when no `-Xms` option is given in JAVA_OPTS. +# This is used to calculate the maximum value of the initial heap memory. If used in +# a container without any memory constraints for the container then this option has +# no effect. If there is a memory constraint then `-Xms` is limited to the value set +# here. The default is 4096MB which means the calculated value of `-Xms` never will +# be greater than 4096MB. The value of this variable is expressed in MB (example: "4096") +# - JAVA_DIAGNOSTICS: Set this to get some diagnostics information to standard output +# when things are happening. This option, if set to true, will set +# `-XX:+UnlockDiagnosticVMOptions`. Disabled by default (example: "true"). +# - JAVA_DEBUG: If set remote debugging will be switched on. Disabled by default (example: +# true"). +# - JAVA_DEBUG_PORT: Port used for remote debugging. Defaults to 5005 (example: "8787"). +# - CONTAINER_CORE_LIMIT: A calculated core limit as described in +# https://www.kernel.org/doc/Documentation/scheduler/sched-bwc.txt. (example: "2") +# - CONTAINER_MAX_MEMORY: Memory limit given to the container (example: "1024"). +# - GC_MIN_HEAP_FREE_RATIO: Minimum percentage of heap free after GC to avoid expansion. +# (example: "20") +# - GC_MAX_HEAP_FREE_RATIO: Maximum percentage of heap free after GC to avoid shrinking. +# (example: "40") +# - GC_TIME_RATIO: Specifies the ratio of the time spent outside the garbage collection. +# (example: "4") +# - GC_ADAPTIVE_SIZE_POLICY_WEIGHT: The weighting given to the current GC time versus +# previous GC times. (example: "90") +# - GC_METASPACE_SIZE: The initial metaspace size. (example: "20") +# - GC_MAX_METASPACE_SIZE: The maximum metaspace size. (example: "100") +# - GC_CONTAINER_OPTIONS: Specify Java GC to use. The value of this variable should +# contain the necessary JRE command-line options to specify the required GC, which +# will override the default of `-XX:+UseParallelGC` (example: -XX:+UseG1GC). +# - HTTPS_PROXY: The location of the https proxy. (example: "myuser@127.0.0.1:8080") +# - HTTP_PROXY: The location of the http proxy. (example: "myuser@127.0.0.1:8080") +# - NO_PROXY: A comma separated lists of hosts, IP addresses or domains that can be +# accessed directly. (example: "foo.example.com,bar.example.com") # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/openjdk-11:1.14 + +ENV LANGUAGE='en_US:en' -ARG JAVA_PACKAGE=java-11-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.8 -ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' -# Install java and the run-java script -# Also set up permissions for user `1001` -RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ - && microdnf update \ - && microdnf clean all \ - && mkdir /deployments \ - && chown 1001 /deployments \ - && chmod "g+rwX" /deployments \ - && chown 1001:root /deployments \ - && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ - && chown 1001 /deployments/run-java.sh \ - && chmod 540 /deployments/run-java.sh \ - && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security -# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. -ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" COPY target/lib/* /deployments/lib/ -COPY target/*-runner.jar /deployments/app.jar +COPY target/*-runner.jar /deployments/quarkus-run.jar EXPOSE 8080 -USER 1001 - -ENTRYPOINT [ "/deployments/run-java.sh" ] +USER 185 +ENV AB_JOLOKIA_OFF="" +ENV JAVA_OPTS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +ENV JAVA_APP_JAR="/deployments/quarkus-run.jar" diff --git a/kogito-drl-quickstart/src/main/docker/Dockerfile.native b/kogito-drl-quickstart/src/main/docker/Dockerfile.native index 9a915f8e29..820de2dbb8 100644 --- a/kogito-drl-quickstart/src/main/docker/Dockerfile.native +++ b/kogito-drl-quickstart/src/main/docker/Dockerfile.native @@ -1,5 +1,5 @@ #### -# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode. # # Before building the container image run: # @@ -7,14 +7,14 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native -t quarkus/kogito . +# docker build -f src/main/docker/Dockerfile.native -t quarkus/kogito-drl-quickstart . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/kogito +# docker run -i --rm -p 8080:8080 quarkus/kogito-drl-quickstart # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.6 WORKDIR /work/ RUN chown 1001 /work \ && chmod "g+rwX" /work \ diff --git a/kogito-drl-quickstart/src/main/docker/Dockerfile.native-micro b/kogito-drl-quickstart/src/main/docker/Dockerfile.native-micro index 3a05714394..0b44e813ee 100644 --- a/kogito-drl-quickstart/src/main/docker/Dockerfile.native-micro +++ b/kogito-drl-quickstart/src/main/docker/Dockerfile.native-micro @@ -1,5 +1,8 @@ #### -# This Dockerfile is used in order to build a distroless container that runs the Quarkus application in native (no JVM) mode +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode. +# It uses a micro base image, tuned for Quarkus native executables. +# It reduces the size of the resulting container image. +# Check https://quarkus.io/guides/quarkus-runtime-base-image for further information about this image. # # Before building the container image run: # @@ -7,15 +10,19 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native-micro -t quarkus/kogito . +# docker build -f src/main/docker/Dockerfile.native-micro -t quarkus/kogito-drl-quickstart . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/kogito +# docker run -i --rm -p 8080:8080 quarkus/kogito-drl-quickstart # ### -FROM quay.io/quarkus/quarkus-micro-image:1.0 -COPY target/*-runner /application +FROM quay.io/quarkus/quarkus-micro-image:2.0 +WORKDIR /work/ +RUN chown 1001 /work \ + && chmod "g+rwX" /work \ + && chown 1001:root /work +COPY --chown=1001:root target/*-runner /work/application EXPOSE 8080 USER 1001 diff --git a/kogito-pmml-quickstart/pom.xml b/kogito-pmml-quickstart/pom.xml index 57d663b8e7..df87737d41 100644 --- a/kogito-pmml-quickstart/pom.xml +++ b/kogito-pmml-quickstart/pom.xml @@ -11,7 +11,7 @@ 11 quarkus-bom io.quarkus - 999-SNAPSHOT + 2.14.0.Final org.kie.kogito kogito-quarkus-bom 1.24.0.Final diff --git a/kogito-pmml-quickstart/src/main/docker/Dockerfile.jvm b/kogito-pmml-quickstart/src/main/docker/Dockerfile.jvm index 423315cd3b..e5efa97e1e 100644 --- a/kogito-pmml-quickstart/src/main/docker/Dockerfile.jvm +++ b/kogito-pmml-quickstart/src/main/docker/Dockerfile.jvm @@ -7,48 +7,88 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/kogito-jvm . +# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/kogito-pmml-quickstart-jvm . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/kogito-jvm +# docker run -i --rm -p 8080:8080 quarkus/kogito-pmml-quickstart-jvm # # If you want to include the debug port into your docker image -# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5005 # # Then run the container using : # -# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/kogito-jvm +# docker run -i --rm -p 8080:8080 quarkus/kogito-pmml-quickstart-jvm +# +# This image uses the `run-java.sh` script to run the application. +# This scripts computes the command line to execute your Java application, and +# includes memory/GC tuning. +# You can configure the behavior using the following environment properties: +# - JAVA_OPTS: JVM options passed to the `java` command (example: "-verbose:class") +# - JAVA_OPTS_APPEND: User specified Java options to be appended to generated options +# in JAVA_OPTS (example: "-Dsome.property=foo") +# - JAVA_MAX_MEM_RATIO: Is used when no `-Xmx` option is given in JAVA_OPTS. This is +# used to calculate a default maximal heap memory based on a containers restriction. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xmx` is set to a ratio +# of the container available memory as set here. The default is `50` which means 50% +# of the available memory is used as an upper boundary. You can skip this mechanism by +# setting this value to `0` in which case no `-Xmx` option is added. +# - JAVA_INITIAL_MEM_RATIO: Is used when no `-Xms` option is given in JAVA_OPTS. This +# is used to calculate a default initial heap memory based on the maximum heap memory. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xms` is set to a ratio +# of the `-Xmx` memory as set here. The default is `25` which means 25% of the `-Xmx` +# is used as the initial heap size. You can skip this mechanism by setting this value +# to `0` in which case no `-Xms` option is added (example: "25") +# - JAVA_MAX_INITIAL_MEM: Is used when no `-Xms` option is given in JAVA_OPTS. +# This is used to calculate the maximum value of the initial heap memory. If used in +# a container without any memory constraints for the container then this option has +# no effect. If there is a memory constraint then `-Xms` is limited to the value set +# here. The default is 4096MB which means the calculated value of `-Xms` never will +# be greater than 4096MB. The value of this variable is expressed in MB (example: "4096") +# - JAVA_DIAGNOSTICS: Set this to get some diagnostics information to standard output +# when things are happening. This option, if set to true, will set +# `-XX:+UnlockDiagnosticVMOptions`. Disabled by default (example: "true"). +# - JAVA_DEBUG: If set remote debugging will be switched on. Disabled by default (example: +# true"). +# - JAVA_DEBUG_PORT: Port used for remote debugging. Defaults to 5005 (example: "8787"). +# - CONTAINER_CORE_LIMIT: A calculated core limit as described in +# https://www.kernel.org/doc/Documentation/scheduler/sched-bwc.txt. (example: "2") +# - CONTAINER_MAX_MEMORY: Memory limit given to the container (example: "1024"). +# - GC_MIN_HEAP_FREE_RATIO: Minimum percentage of heap free after GC to avoid expansion. +# (example: "20") +# - GC_MAX_HEAP_FREE_RATIO: Maximum percentage of heap free after GC to avoid shrinking. +# (example: "40") +# - GC_TIME_RATIO: Specifies the ratio of the time spent outside the garbage collection. +# (example: "4") +# - GC_ADAPTIVE_SIZE_POLICY_WEIGHT: The weighting given to the current GC time versus +# previous GC times. (example: "90") +# - GC_METASPACE_SIZE: The initial metaspace size. (example: "20") +# - GC_MAX_METASPACE_SIZE: The maximum metaspace size. (example: "100") +# - GC_CONTAINER_OPTIONS: Specify Java GC to use. The value of this variable should +# contain the necessary JRE command-line options to specify the required GC, which +# will override the default of `-XX:+UseParallelGC` (example: -XX:+UseG1GC). +# - HTTPS_PROXY: The location of the https proxy. (example: "myuser@127.0.0.1:8080") +# - HTTP_PROXY: The location of the http proxy. (example: "myuser@127.0.0.1:8080") +# - NO_PROXY: A comma separated lists of hosts, IP addresses or domains that can be +# accessed directly. (example: "foo.example.com,bar.example.com") # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/openjdk-11:1.14 + +ENV LANGUAGE='en_US:en' -ARG JAVA_PACKAGE=java-11-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.8 -ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' -# Install java and the run-java script -# Also set up permissions for user `1001` -RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ - && microdnf update \ - && microdnf clean all \ - && mkdir /deployments \ - && chown 1001 /deployments \ - && chmod "g+rwX" /deployments \ - && chown 1001:root /deployments \ - && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ - && chown 1001 /deployments/run-java.sh \ - && chmod 540 /deployments/run-java.sh \ - && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security -# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. -ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" # We make four distinct layers so if there are application changes the library layers can be re-used -COPY --chown=1001 target/quarkus-app/lib/ /deployments/lib/ -COPY --chown=1001 target/quarkus-app/*.jar /deployments/ -COPY --chown=1001 target/quarkus-app/app/ /deployments/app/ -COPY --chown=1001 target/quarkus-app/quarkus/ /deployments/quarkus/ +COPY --chown=185 target/quarkus-app/lib/ /deployments/lib/ +COPY --chown=185 target/quarkus-app/*.jar /deployments/ +COPY --chown=185 target/quarkus-app/app/ /deployments/app/ +COPY --chown=185 target/quarkus-app/quarkus/ /deployments/quarkus/ EXPOSE 8080 -USER 1001 +USER 185 +ENV AB_JOLOKIA_OFF="" +ENV JAVA_OPTS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +ENV JAVA_APP_JAR="/deployments/quarkus-run.jar" -ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/kogito-pmml-quickstart/src/main/docker/Dockerfile.legacy-jar b/kogito-pmml-quickstart/src/main/docker/Dockerfile.legacy-jar index 47f85f489e..9b3458c47a 100644 --- a/kogito-pmml-quickstart/src/main/docker/Dockerfile.legacy-jar +++ b/kogito-pmml-quickstart/src/main/docker/Dockerfile.legacy-jar @@ -7,45 +7,84 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/kogito-legacy-jar . +# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/kogito-pmml-quickstart-legacy-jar . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/kogito-legacy-jar +# docker run -i --rm -p 8080:8080 quarkus/kogito-pmml-quickstart-legacy-jar # # If you want to include the debug port into your docker image -# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5005 # # Then run the container using : # -# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/kogito-legacy-jar +# docker run -i --rm -p 8080:8080 quarkus/kogito-pmml-quickstart-legacy-jar +# +# This image uses the `run-java.sh` script to run the application. +# This scripts computes the command line to execute your Java application, and +# includes memory/GC tuning. +# You can configure the behavior using the following environment properties: +# - JAVA_OPTS: JVM options passed to the `java` command (example: "-verbose:class") +# - JAVA_OPTS_APPEND: User specified Java options to be appended to generated options +# in JAVA_OPTS (example: "-Dsome.property=foo") +# - JAVA_MAX_MEM_RATIO: Is used when no `-Xmx` option is given in JAVA_OPTS. This is +# used to calculate a default maximal heap memory based on a containers restriction. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xmx` is set to a ratio +# of the container available memory as set here. The default is `50` which means 50% +# of the available memory is used as an upper boundary. You can skip this mechanism by +# setting this value to `0` in which case no `-Xmx` option is added. +# - JAVA_INITIAL_MEM_RATIO: Is used when no `-Xms` option is given in JAVA_OPTS. This +# is used to calculate a default initial heap memory based on the maximum heap memory. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xms` is set to a ratio +# of the `-Xmx` memory as set here. The default is `25` which means 25% of the `-Xmx` +# is used as the initial heap size. You can skip this mechanism by setting this value +# to `0` in which case no `-Xms` option is added (example: "25") +# - JAVA_MAX_INITIAL_MEM: Is used when no `-Xms` option is given in JAVA_OPTS. +# This is used to calculate the maximum value of the initial heap memory. If used in +# a container without any memory constraints for the container then this option has +# no effect. If there is a memory constraint then `-Xms` is limited to the value set +# here. The default is 4096MB which means the calculated value of `-Xms` never will +# be greater than 4096MB. The value of this variable is expressed in MB (example: "4096") +# - JAVA_DIAGNOSTICS: Set this to get some diagnostics information to standard output +# when things are happening. This option, if set to true, will set +# `-XX:+UnlockDiagnosticVMOptions`. Disabled by default (example: "true"). +# - JAVA_DEBUG: If set remote debugging will be switched on. Disabled by default (example: +# true"). +# - JAVA_DEBUG_PORT: Port used for remote debugging. Defaults to 5005 (example: "8787"). +# - CONTAINER_CORE_LIMIT: A calculated core limit as described in +# https://www.kernel.org/doc/Documentation/scheduler/sched-bwc.txt. (example: "2") +# - CONTAINER_MAX_MEMORY: Memory limit given to the container (example: "1024"). +# - GC_MIN_HEAP_FREE_RATIO: Minimum percentage of heap free after GC to avoid expansion. +# (example: "20") +# - GC_MAX_HEAP_FREE_RATIO: Maximum percentage of heap free after GC to avoid shrinking. +# (example: "40") +# - GC_TIME_RATIO: Specifies the ratio of the time spent outside the garbage collection. +# (example: "4") +# - GC_ADAPTIVE_SIZE_POLICY_WEIGHT: The weighting given to the current GC time versus +# previous GC times. (example: "90") +# - GC_METASPACE_SIZE: The initial metaspace size. (example: "20") +# - GC_MAX_METASPACE_SIZE: The maximum metaspace size. (example: "100") +# - GC_CONTAINER_OPTIONS: Specify Java GC to use. The value of this variable should +# contain the necessary JRE command-line options to specify the required GC, which +# will override the default of `-XX:+UseParallelGC` (example: -XX:+UseG1GC). +# - HTTPS_PROXY: The location of the https proxy. (example: "myuser@127.0.0.1:8080") +# - HTTP_PROXY: The location of the http proxy. (example: "myuser@127.0.0.1:8080") +# - NO_PROXY: A comma separated lists of hosts, IP addresses or domains that can be +# accessed directly. (example: "foo.example.com,bar.example.com") # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/openjdk-11:1.14 + +ENV LANGUAGE='en_US:en' -ARG JAVA_PACKAGE=java-11-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.8 -ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' -# Install java and the run-java script -# Also set up permissions for user `1001` -RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ - && microdnf update \ - && microdnf clean all \ - && mkdir /deployments \ - && chown 1001 /deployments \ - && chmod "g+rwX" /deployments \ - && chown 1001:root /deployments \ - && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ - && chown 1001 /deployments/run-java.sh \ - && chmod 540 /deployments/run-java.sh \ - && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security -# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. -ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" COPY target/lib/* /deployments/lib/ -COPY target/*-runner.jar /deployments/app.jar +COPY target/*-runner.jar /deployments/quarkus-run.jar EXPOSE 8080 -USER 1001 - -ENTRYPOINT [ "/deployments/run-java.sh" ] +USER 185 +ENV AB_JOLOKIA_OFF="" +ENV JAVA_OPTS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +ENV JAVA_APP_JAR="/deployments/quarkus-run.jar" diff --git a/kogito-pmml-quickstart/src/main/docker/Dockerfile.native b/kogito-pmml-quickstart/src/main/docker/Dockerfile.native index 9a915f8e29..ed15ea2372 100644 --- a/kogito-pmml-quickstart/src/main/docker/Dockerfile.native +++ b/kogito-pmml-quickstart/src/main/docker/Dockerfile.native @@ -1,5 +1,5 @@ #### -# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode. # # Before building the container image run: # @@ -7,14 +7,14 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native -t quarkus/kogito . +# docker build -f src/main/docker/Dockerfile.native -t quarkus/kogito-pmml-quickstart . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/kogito +# docker run -i --rm -p 8080:8080 quarkus/kogito-pmml-quickstart # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.6 WORKDIR /work/ RUN chown 1001 /work \ && chmod "g+rwX" /work \ diff --git a/kogito-pmml-quickstart/src/main/docker/Dockerfile.native-micro b/kogito-pmml-quickstart/src/main/docker/Dockerfile.native-micro index 3a05714394..532f3696e3 100644 --- a/kogito-pmml-quickstart/src/main/docker/Dockerfile.native-micro +++ b/kogito-pmml-quickstart/src/main/docker/Dockerfile.native-micro @@ -1,5 +1,8 @@ #### -# This Dockerfile is used in order to build a distroless container that runs the Quarkus application in native (no JVM) mode +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode. +# It uses a micro base image, tuned for Quarkus native executables. +# It reduces the size of the resulting container image. +# Check https://quarkus.io/guides/quarkus-runtime-base-image for further information about this image. # # Before building the container image run: # @@ -7,15 +10,19 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native-micro -t quarkus/kogito . +# docker build -f src/main/docker/Dockerfile.native-micro -t quarkus/kogito-pmml-quickstart . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/kogito +# docker run -i --rm -p 8080:8080 quarkus/kogito-pmml-quickstart # ### -FROM quay.io/quarkus/quarkus-micro-image:1.0 -COPY target/*-runner /application +FROM quay.io/quarkus/quarkus-micro-image:2.0 +WORKDIR /work/ +RUN chown 1001 /work \ + && chmod "g+rwX" /work \ + && chown 1001:root /work +COPY --chown=1001:root target/*-runner /work/application EXPOSE 8080 USER 1001 diff --git a/kogito-quickstart/pom.xml b/kogito-quickstart/pom.xml index dc56d56ecb..f38a7890b6 100644 --- a/kogito-quickstart/pom.xml +++ b/kogito-quickstart/pom.xml @@ -11,7 +11,7 @@ 11 quarkus-bom io.quarkus - 999-SNAPSHOT + 2.14.0.Final org.kie.kogito kogito-quarkus-bom 1.24.0.Final diff --git a/kogito-quickstart/src/main/docker/Dockerfile.jvm b/kogito-quickstart/src/main/docker/Dockerfile.jvm index 423315cd3b..23ded9de9f 100644 --- a/kogito-quickstart/src/main/docker/Dockerfile.jvm +++ b/kogito-quickstart/src/main/docker/Dockerfile.jvm @@ -7,48 +7,88 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/kogito-jvm . +# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/kogito-quickstart-jvm . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/kogito-jvm +# docker run -i --rm -p 8080:8080 quarkus/kogito-quickstart-jvm # # If you want to include the debug port into your docker image -# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5005 # # Then run the container using : # -# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/kogito-jvm +# docker run -i --rm -p 8080:8080 quarkus/kogito-quickstart-jvm +# +# This image uses the `run-java.sh` script to run the application. +# This scripts computes the command line to execute your Java application, and +# includes memory/GC tuning. +# You can configure the behavior using the following environment properties: +# - JAVA_OPTS: JVM options passed to the `java` command (example: "-verbose:class") +# - JAVA_OPTS_APPEND: User specified Java options to be appended to generated options +# in JAVA_OPTS (example: "-Dsome.property=foo") +# - JAVA_MAX_MEM_RATIO: Is used when no `-Xmx` option is given in JAVA_OPTS. This is +# used to calculate a default maximal heap memory based on a containers restriction. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xmx` is set to a ratio +# of the container available memory as set here. The default is `50` which means 50% +# of the available memory is used as an upper boundary. You can skip this mechanism by +# setting this value to `0` in which case no `-Xmx` option is added. +# - JAVA_INITIAL_MEM_RATIO: Is used when no `-Xms` option is given in JAVA_OPTS. This +# is used to calculate a default initial heap memory based on the maximum heap memory. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xms` is set to a ratio +# of the `-Xmx` memory as set here. The default is `25` which means 25% of the `-Xmx` +# is used as the initial heap size. You can skip this mechanism by setting this value +# to `0` in which case no `-Xms` option is added (example: "25") +# - JAVA_MAX_INITIAL_MEM: Is used when no `-Xms` option is given in JAVA_OPTS. +# This is used to calculate the maximum value of the initial heap memory. If used in +# a container without any memory constraints for the container then this option has +# no effect. If there is a memory constraint then `-Xms` is limited to the value set +# here. The default is 4096MB which means the calculated value of `-Xms` never will +# be greater than 4096MB. The value of this variable is expressed in MB (example: "4096") +# - JAVA_DIAGNOSTICS: Set this to get some diagnostics information to standard output +# when things are happening. This option, if set to true, will set +# `-XX:+UnlockDiagnosticVMOptions`. Disabled by default (example: "true"). +# - JAVA_DEBUG: If set remote debugging will be switched on. Disabled by default (example: +# true"). +# - JAVA_DEBUG_PORT: Port used for remote debugging. Defaults to 5005 (example: "8787"). +# - CONTAINER_CORE_LIMIT: A calculated core limit as described in +# https://www.kernel.org/doc/Documentation/scheduler/sched-bwc.txt. (example: "2") +# - CONTAINER_MAX_MEMORY: Memory limit given to the container (example: "1024"). +# - GC_MIN_HEAP_FREE_RATIO: Minimum percentage of heap free after GC to avoid expansion. +# (example: "20") +# - GC_MAX_HEAP_FREE_RATIO: Maximum percentage of heap free after GC to avoid shrinking. +# (example: "40") +# - GC_TIME_RATIO: Specifies the ratio of the time spent outside the garbage collection. +# (example: "4") +# - GC_ADAPTIVE_SIZE_POLICY_WEIGHT: The weighting given to the current GC time versus +# previous GC times. (example: "90") +# - GC_METASPACE_SIZE: The initial metaspace size. (example: "20") +# - GC_MAX_METASPACE_SIZE: The maximum metaspace size. (example: "100") +# - GC_CONTAINER_OPTIONS: Specify Java GC to use. The value of this variable should +# contain the necessary JRE command-line options to specify the required GC, which +# will override the default of `-XX:+UseParallelGC` (example: -XX:+UseG1GC). +# - HTTPS_PROXY: The location of the https proxy. (example: "myuser@127.0.0.1:8080") +# - HTTP_PROXY: The location of the http proxy. (example: "myuser@127.0.0.1:8080") +# - NO_PROXY: A comma separated lists of hosts, IP addresses or domains that can be +# accessed directly. (example: "foo.example.com,bar.example.com") # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/openjdk-11:1.14 + +ENV LANGUAGE='en_US:en' -ARG JAVA_PACKAGE=java-11-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.8 -ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' -# Install java and the run-java script -# Also set up permissions for user `1001` -RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ - && microdnf update \ - && microdnf clean all \ - && mkdir /deployments \ - && chown 1001 /deployments \ - && chmod "g+rwX" /deployments \ - && chown 1001:root /deployments \ - && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ - && chown 1001 /deployments/run-java.sh \ - && chmod 540 /deployments/run-java.sh \ - && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security -# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. -ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" # We make four distinct layers so if there are application changes the library layers can be re-used -COPY --chown=1001 target/quarkus-app/lib/ /deployments/lib/ -COPY --chown=1001 target/quarkus-app/*.jar /deployments/ -COPY --chown=1001 target/quarkus-app/app/ /deployments/app/ -COPY --chown=1001 target/quarkus-app/quarkus/ /deployments/quarkus/ +COPY --chown=185 target/quarkus-app/lib/ /deployments/lib/ +COPY --chown=185 target/quarkus-app/*.jar /deployments/ +COPY --chown=185 target/quarkus-app/app/ /deployments/app/ +COPY --chown=185 target/quarkus-app/quarkus/ /deployments/quarkus/ EXPOSE 8080 -USER 1001 +USER 185 +ENV AB_JOLOKIA_OFF="" +ENV JAVA_OPTS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +ENV JAVA_APP_JAR="/deployments/quarkus-run.jar" -ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/kogito-quickstart/src/main/docker/Dockerfile.legacy-jar b/kogito-quickstart/src/main/docker/Dockerfile.legacy-jar index 47f85f489e..e020bf768e 100644 --- a/kogito-quickstart/src/main/docker/Dockerfile.legacy-jar +++ b/kogito-quickstart/src/main/docker/Dockerfile.legacy-jar @@ -7,45 +7,84 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/kogito-legacy-jar . +# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/kogito-quickstart-legacy-jar . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/kogito-legacy-jar +# docker run -i --rm -p 8080:8080 quarkus/kogito-quickstart-legacy-jar # # If you want to include the debug port into your docker image -# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5005 # # Then run the container using : # -# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/kogito-legacy-jar +# docker run -i --rm -p 8080:8080 quarkus/kogito-quickstart-legacy-jar +# +# This image uses the `run-java.sh` script to run the application. +# This scripts computes the command line to execute your Java application, and +# includes memory/GC tuning. +# You can configure the behavior using the following environment properties: +# - JAVA_OPTS: JVM options passed to the `java` command (example: "-verbose:class") +# - JAVA_OPTS_APPEND: User specified Java options to be appended to generated options +# in JAVA_OPTS (example: "-Dsome.property=foo") +# - JAVA_MAX_MEM_RATIO: Is used when no `-Xmx` option is given in JAVA_OPTS. This is +# used to calculate a default maximal heap memory based on a containers restriction. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xmx` is set to a ratio +# of the container available memory as set here. The default is `50` which means 50% +# of the available memory is used as an upper boundary. You can skip this mechanism by +# setting this value to `0` in which case no `-Xmx` option is added. +# - JAVA_INITIAL_MEM_RATIO: Is used when no `-Xms` option is given in JAVA_OPTS. This +# is used to calculate a default initial heap memory based on the maximum heap memory. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xms` is set to a ratio +# of the `-Xmx` memory as set here. The default is `25` which means 25% of the `-Xmx` +# is used as the initial heap size. You can skip this mechanism by setting this value +# to `0` in which case no `-Xms` option is added (example: "25") +# - JAVA_MAX_INITIAL_MEM: Is used when no `-Xms` option is given in JAVA_OPTS. +# This is used to calculate the maximum value of the initial heap memory. If used in +# a container without any memory constraints for the container then this option has +# no effect. If there is a memory constraint then `-Xms` is limited to the value set +# here. The default is 4096MB which means the calculated value of `-Xms` never will +# be greater than 4096MB. The value of this variable is expressed in MB (example: "4096") +# - JAVA_DIAGNOSTICS: Set this to get some diagnostics information to standard output +# when things are happening. This option, if set to true, will set +# `-XX:+UnlockDiagnosticVMOptions`. Disabled by default (example: "true"). +# - JAVA_DEBUG: If set remote debugging will be switched on. Disabled by default (example: +# true"). +# - JAVA_DEBUG_PORT: Port used for remote debugging. Defaults to 5005 (example: "8787"). +# - CONTAINER_CORE_LIMIT: A calculated core limit as described in +# https://www.kernel.org/doc/Documentation/scheduler/sched-bwc.txt. (example: "2") +# - CONTAINER_MAX_MEMORY: Memory limit given to the container (example: "1024"). +# - GC_MIN_HEAP_FREE_RATIO: Minimum percentage of heap free after GC to avoid expansion. +# (example: "20") +# - GC_MAX_HEAP_FREE_RATIO: Maximum percentage of heap free after GC to avoid shrinking. +# (example: "40") +# - GC_TIME_RATIO: Specifies the ratio of the time spent outside the garbage collection. +# (example: "4") +# - GC_ADAPTIVE_SIZE_POLICY_WEIGHT: The weighting given to the current GC time versus +# previous GC times. (example: "90") +# - GC_METASPACE_SIZE: The initial metaspace size. (example: "20") +# - GC_MAX_METASPACE_SIZE: The maximum metaspace size. (example: "100") +# - GC_CONTAINER_OPTIONS: Specify Java GC to use. The value of this variable should +# contain the necessary JRE command-line options to specify the required GC, which +# will override the default of `-XX:+UseParallelGC` (example: -XX:+UseG1GC). +# - HTTPS_PROXY: The location of the https proxy. (example: "myuser@127.0.0.1:8080") +# - HTTP_PROXY: The location of the http proxy. (example: "myuser@127.0.0.1:8080") +# - NO_PROXY: A comma separated lists of hosts, IP addresses or domains that can be +# accessed directly. (example: "foo.example.com,bar.example.com") # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/openjdk-11:1.14 + +ENV LANGUAGE='en_US:en' -ARG JAVA_PACKAGE=java-11-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.8 -ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' -# Install java and the run-java script -# Also set up permissions for user `1001` -RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ - && microdnf update \ - && microdnf clean all \ - && mkdir /deployments \ - && chown 1001 /deployments \ - && chmod "g+rwX" /deployments \ - && chown 1001:root /deployments \ - && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ - && chown 1001 /deployments/run-java.sh \ - && chmod 540 /deployments/run-java.sh \ - && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security -# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. -ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" COPY target/lib/* /deployments/lib/ -COPY target/*-runner.jar /deployments/app.jar +COPY target/*-runner.jar /deployments/quarkus-run.jar EXPOSE 8080 -USER 1001 - -ENTRYPOINT [ "/deployments/run-java.sh" ] +USER 185 +ENV AB_JOLOKIA_OFF="" +ENV JAVA_OPTS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +ENV JAVA_APP_JAR="/deployments/quarkus-run.jar" diff --git a/kogito-quickstart/src/main/docker/Dockerfile.native b/kogito-quickstart/src/main/docker/Dockerfile.native index 9a915f8e29..f66352a93e 100644 --- a/kogito-quickstart/src/main/docker/Dockerfile.native +++ b/kogito-quickstart/src/main/docker/Dockerfile.native @@ -1,5 +1,5 @@ #### -# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode. # # Before building the container image run: # @@ -7,14 +7,14 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native -t quarkus/kogito . +# docker build -f src/main/docker/Dockerfile.native -t quarkus/kogito-quickstart . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/kogito +# docker run -i --rm -p 8080:8080 quarkus/kogito-quickstart # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.6 WORKDIR /work/ RUN chown 1001 /work \ && chmod "g+rwX" /work \ diff --git a/kogito-quickstart/src/main/docker/Dockerfile.native-micro b/kogito-quickstart/src/main/docker/Dockerfile.native-micro index 3a05714394..0faa29c4ff 100644 --- a/kogito-quickstart/src/main/docker/Dockerfile.native-micro +++ b/kogito-quickstart/src/main/docker/Dockerfile.native-micro @@ -1,5 +1,8 @@ #### -# This Dockerfile is used in order to build a distroless container that runs the Quarkus application in native (no JVM) mode +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode. +# It uses a micro base image, tuned for Quarkus native executables. +# It reduces the size of the resulting container image. +# Check https://quarkus.io/guides/quarkus-runtime-base-image for further information about this image. # # Before building the container image run: # @@ -7,15 +10,19 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native-micro -t quarkus/kogito . +# docker build -f src/main/docker/Dockerfile.native-micro -t quarkus/kogito-quickstart . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/kogito +# docker run -i --rm -p 8080:8080 quarkus/kogito-quickstart # ### -FROM quay.io/quarkus/quarkus-micro-image:1.0 -COPY target/*-runner /application +FROM quay.io/quarkus/quarkus-micro-image:2.0 +WORKDIR /work/ +RUN chown 1001 /work \ + && chmod "g+rwX" /work \ + && chown 1001:root /work +COPY --chown=1001:root target/*-runner /work/application EXPOSE 8080 USER 1001 diff --git a/lifecycle-quickstart/pom.xml b/lifecycle-quickstart/pom.xml index 1b7ba4d6a3..dafae21c85 100644 --- a/lifecycle-quickstart/pom.xml +++ b/lifecycle-quickstart/pom.xml @@ -8,7 +8,7 @@ quarkus-bom io.quarkus - 999-SNAPSHOT + 2.14.0.Final 3.0.0-M7 UTF-8 11 diff --git a/lifecycle-quickstart/src/main/docker/Dockerfile.jvm b/lifecycle-quickstart/src/main/docker/Dockerfile.jvm index ba8383acb4..b68936e2b9 100644 --- a/lifecycle-quickstart/src/main/docker/Dockerfile.jvm +++ b/lifecycle-quickstart/src/main/docker/Dockerfile.jvm @@ -7,48 +7,88 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/lifecycle-jvm . +# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/lifecycle-quickstart-jvm . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/lifecycle-jvm +# docker run -i --rm -p 8080:8080 quarkus/lifecycle-quickstart-jvm # # If you want to include the debug port into your docker image -# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5005 # # Then run the container using : # -# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/lifecycle-jvm +# docker run -i --rm -p 8080:8080 quarkus/lifecycle-quickstart-jvm +# +# This image uses the `run-java.sh` script to run the application. +# This scripts computes the command line to execute your Java application, and +# includes memory/GC tuning. +# You can configure the behavior using the following environment properties: +# - JAVA_OPTS: JVM options passed to the `java` command (example: "-verbose:class") +# - JAVA_OPTS_APPEND: User specified Java options to be appended to generated options +# in JAVA_OPTS (example: "-Dsome.property=foo") +# - JAVA_MAX_MEM_RATIO: Is used when no `-Xmx` option is given in JAVA_OPTS. This is +# used to calculate a default maximal heap memory based on a containers restriction. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xmx` is set to a ratio +# of the container available memory as set here. The default is `50` which means 50% +# of the available memory is used as an upper boundary. You can skip this mechanism by +# setting this value to `0` in which case no `-Xmx` option is added. +# - JAVA_INITIAL_MEM_RATIO: Is used when no `-Xms` option is given in JAVA_OPTS. This +# is used to calculate a default initial heap memory based on the maximum heap memory. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xms` is set to a ratio +# of the `-Xmx` memory as set here. The default is `25` which means 25% of the `-Xmx` +# is used as the initial heap size. You can skip this mechanism by setting this value +# to `0` in which case no `-Xms` option is added (example: "25") +# - JAVA_MAX_INITIAL_MEM: Is used when no `-Xms` option is given in JAVA_OPTS. +# This is used to calculate the maximum value of the initial heap memory. If used in +# a container without any memory constraints for the container then this option has +# no effect. If there is a memory constraint then `-Xms` is limited to the value set +# here. The default is 4096MB which means the calculated value of `-Xms` never will +# be greater than 4096MB. The value of this variable is expressed in MB (example: "4096") +# - JAVA_DIAGNOSTICS: Set this to get some diagnostics information to standard output +# when things are happening. This option, if set to true, will set +# `-XX:+UnlockDiagnosticVMOptions`. Disabled by default (example: "true"). +# - JAVA_DEBUG: If set remote debugging will be switched on. Disabled by default (example: +# true"). +# - JAVA_DEBUG_PORT: Port used for remote debugging. Defaults to 5005 (example: "8787"). +# - CONTAINER_CORE_LIMIT: A calculated core limit as described in +# https://www.kernel.org/doc/Documentation/scheduler/sched-bwc.txt. (example: "2") +# - CONTAINER_MAX_MEMORY: Memory limit given to the container (example: "1024"). +# - GC_MIN_HEAP_FREE_RATIO: Minimum percentage of heap free after GC to avoid expansion. +# (example: "20") +# - GC_MAX_HEAP_FREE_RATIO: Maximum percentage of heap free after GC to avoid shrinking. +# (example: "40") +# - GC_TIME_RATIO: Specifies the ratio of the time spent outside the garbage collection. +# (example: "4") +# - GC_ADAPTIVE_SIZE_POLICY_WEIGHT: The weighting given to the current GC time versus +# previous GC times. (example: "90") +# - GC_METASPACE_SIZE: The initial metaspace size. (example: "20") +# - GC_MAX_METASPACE_SIZE: The maximum metaspace size. (example: "100") +# - GC_CONTAINER_OPTIONS: Specify Java GC to use. The value of this variable should +# contain the necessary JRE command-line options to specify the required GC, which +# will override the default of `-XX:+UseParallelGC` (example: -XX:+UseG1GC). +# - HTTPS_PROXY: The location of the https proxy. (example: "myuser@127.0.0.1:8080") +# - HTTP_PROXY: The location of the http proxy. (example: "myuser@127.0.0.1:8080") +# - NO_PROXY: A comma separated lists of hosts, IP addresses or domains that can be +# accessed directly. (example: "foo.example.com,bar.example.com") # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/openjdk-11:1.14 + +ENV LANGUAGE='en_US:en' -ARG JAVA_PACKAGE=java-11-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.8 -ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' -# Install java and the run-java script -# Also set up permissions for user `1001` -RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ - && microdnf update \ - && microdnf clean all \ - && mkdir /deployments \ - && chown 1001 /deployments \ - && chmod "g+rwX" /deployments \ - && chown 1001:root /deployments \ - && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ - && chown 1001 /deployments/run-java.sh \ - && chmod 540 /deployments/run-java.sh \ - && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security -# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. -ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" # We make four distinct layers so if there are application changes the library layers can be re-used -COPY --chown=1001 target/quarkus-app/lib/ /deployments/lib/ -COPY --chown=1001 target/quarkus-app/*.jar /deployments/ -COPY --chown=1001 target/quarkus-app/app/ /deployments/app/ -COPY --chown=1001 target/quarkus-app/quarkus/ /deployments/quarkus/ +COPY --chown=185 target/quarkus-app/lib/ /deployments/lib/ +COPY --chown=185 target/quarkus-app/*.jar /deployments/ +COPY --chown=185 target/quarkus-app/app/ /deployments/app/ +COPY --chown=185 target/quarkus-app/quarkus/ /deployments/quarkus/ EXPOSE 8080 -USER 1001 +USER 185 +ENV AB_JOLOKIA_OFF="" +ENV JAVA_OPTS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +ENV JAVA_APP_JAR="/deployments/quarkus-run.jar" -ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/lifecycle-quickstart/src/main/docker/Dockerfile.legacy-jar b/lifecycle-quickstart/src/main/docker/Dockerfile.legacy-jar index 5d9a3ae899..b698aece75 100644 --- a/lifecycle-quickstart/src/main/docker/Dockerfile.legacy-jar +++ b/lifecycle-quickstart/src/main/docker/Dockerfile.legacy-jar @@ -7,45 +7,84 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/lifecycle-legacy-jar . +# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/lifecycle-quickstart-legacy-jar . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/lifecycle-legacy-jar +# docker run -i --rm -p 8080:8080 quarkus/lifecycle-quickstart-legacy-jar # # If you want to include the debug port into your docker image -# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5005 # # Then run the container using : # -# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/lifecycle-legacy-jar +# docker run -i --rm -p 8080:8080 quarkus/lifecycle-quickstart-legacy-jar +# +# This image uses the `run-java.sh` script to run the application. +# This scripts computes the command line to execute your Java application, and +# includes memory/GC tuning. +# You can configure the behavior using the following environment properties: +# - JAVA_OPTS: JVM options passed to the `java` command (example: "-verbose:class") +# - JAVA_OPTS_APPEND: User specified Java options to be appended to generated options +# in JAVA_OPTS (example: "-Dsome.property=foo") +# - JAVA_MAX_MEM_RATIO: Is used when no `-Xmx` option is given in JAVA_OPTS. This is +# used to calculate a default maximal heap memory based on a containers restriction. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xmx` is set to a ratio +# of the container available memory as set here. The default is `50` which means 50% +# of the available memory is used as an upper boundary. You can skip this mechanism by +# setting this value to `0` in which case no `-Xmx` option is added. +# - JAVA_INITIAL_MEM_RATIO: Is used when no `-Xms` option is given in JAVA_OPTS. This +# is used to calculate a default initial heap memory based on the maximum heap memory. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xms` is set to a ratio +# of the `-Xmx` memory as set here. The default is `25` which means 25% of the `-Xmx` +# is used as the initial heap size. You can skip this mechanism by setting this value +# to `0` in which case no `-Xms` option is added (example: "25") +# - JAVA_MAX_INITIAL_MEM: Is used when no `-Xms` option is given in JAVA_OPTS. +# This is used to calculate the maximum value of the initial heap memory. If used in +# a container without any memory constraints for the container then this option has +# no effect. If there is a memory constraint then `-Xms` is limited to the value set +# here. The default is 4096MB which means the calculated value of `-Xms` never will +# be greater than 4096MB. The value of this variable is expressed in MB (example: "4096") +# - JAVA_DIAGNOSTICS: Set this to get some diagnostics information to standard output +# when things are happening. This option, if set to true, will set +# `-XX:+UnlockDiagnosticVMOptions`. Disabled by default (example: "true"). +# - JAVA_DEBUG: If set remote debugging will be switched on. Disabled by default (example: +# true"). +# - JAVA_DEBUG_PORT: Port used for remote debugging. Defaults to 5005 (example: "8787"). +# - CONTAINER_CORE_LIMIT: A calculated core limit as described in +# https://www.kernel.org/doc/Documentation/scheduler/sched-bwc.txt. (example: "2") +# - CONTAINER_MAX_MEMORY: Memory limit given to the container (example: "1024"). +# - GC_MIN_HEAP_FREE_RATIO: Minimum percentage of heap free after GC to avoid expansion. +# (example: "20") +# - GC_MAX_HEAP_FREE_RATIO: Maximum percentage of heap free after GC to avoid shrinking. +# (example: "40") +# - GC_TIME_RATIO: Specifies the ratio of the time spent outside the garbage collection. +# (example: "4") +# - GC_ADAPTIVE_SIZE_POLICY_WEIGHT: The weighting given to the current GC time versus +# previous GC times. (example: "90") +# - GC_METASPACE_SIZE: The initial metaspace size. (example: "20") +# - GC_MAX_METASPACE_SIZE: The maximum metaspace size. (example: "100") +# - GC_CONTAINER_OPTIONS: Specify Java GC to use. The value of this variable should +# contain the necessary JRE command-line options to specify the required GC, which +# will override the default of `-XX:+UseParallelGC` (example: -XX:+UseG1GC). +# - HTTPS_PROXY: The location of the https proxy. (example: "myuser@127.0.0.1:8080") +# - HTTP_PROXY: The location of the http proxy. (example: "myuser@127.0.0.1:8080") +# - NO_PROXY: A comma separated lists of hosts, IP addresses or domains that can be +# accessed directly. (example: "foo.example.com,bar.example.com") # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/openjdk-11:1.14 + +ENV LANGUAGE='en_US:en' -ARG JAVA_PACKAGE=java-11-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.8 -ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' -# Install java and the run-java script -# Also set up permissions for user `1001` -RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ - && microdnf update \ - && microdnf clean all \ - && mkdir /deployments \ - && chown 1001 /deployments \ - && chmod "g+rwX" /deployments \ - && chown 1001:root /deployments \ - && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ - && chown 1001 /deployments/run-java.sh \ - && chmod 540 /deployments/run-java.sh \ - && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security -# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. -ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" COPY target/lib/* /deployments/lib/ -COPY target/*-runner.jar /deployments/app.jar +COPY target/*-runner.jar /deployments/quarkus-run.jar EXPOSE 8080 -USER 1001 - -ENTRYPOINT [ "/deployments/run-java.sh" ] +USER 185 +ENV AB_JOLOKIA_OFF="" +ENV JAVA_OPTS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +ENV JAVA_APP_JAR="/deployments/quarkus-run.jar" diff --git a/lifecycle-quickstart/src/main/docker/Dockerfile.native b/lifecycle-quickstart/src/main/docker/Dockerfile.native index e76d9a0e58..2d22479ba3 100644 --- a/lifecycle-quickstart/src/main/docker/Dockerfile.native +++ b/lifecycle-quickstart/src/main/docker/Dockerfile.native @@ -1,5 +1,5 @@ #### -# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode. # # Before building the container image run: # @@ -7,14 +7,14 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native -t quarkus/lifecycle . +# docker build -f src/main/docker/Dockerfile.native -t quarkus/lifecycle-quickstart . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/lifecycle +# docker run -i --rm -p 8080:8080 quarkus/lifecycle-quickstart # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.6 WORKDIR /work/ RUN chown 1001 /work \ && chmod "g+rwX" /work \ diff --git a/lifecycle-quickstart/src/main/docker/Dockerfile.native-micro b/lifecycle-quickstart/src/main/docker/Dockerfile.native-micro index 28e1e67022..3046788335 100644 --- a/lifecycle-quickstart/src/main/docker/Dockerfile.native-micro +++ b/lifecycle-quickstart/src/main/docker/Dockerfile.native-micro @@ -1,5 +1,8 @@ #### -# This Dockerfile is used in order to build a distroless container that runs the Quarkus application in native (no JVM) mode +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode. +# It uses a micro base image, tuned for Quarkus native executables. +# It reduces the size of the resulting container image. +# Check https://quarkus.io/guides/quarkus-runtime-base-image for further information about this image. # # Before building the container image run: # @@ -7,15 +10,19 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native-micro -t quarkus/lifecycle . +# docker build -f src/main/docker/Dockerfile.native-micro -t quarkus/lifecycle-quickstart . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/lifecycle +# docker run -i --rm -p 8080:8080 quarkus/lifecycle-quickstart # ### -FROM quay.io/quarkus/quarkus-micro-image:1.0 -COPY target/*-runner /application +FROM quay.io/quarkus/quarkus-micro-image:2.0 +WORKDIR /work/ +RUN chown 1001 /work \ + && chmod "g+rwX" /work \ + && chown 1001:root /work +COPY --chown=1001:root target/*-runner /work/application EXPOSE 8080 USER 1001 diff --git a/liquibase-mongodb-quickstart/pom.xml b/liquibase-mongodb-quickstart/pom.xml index aee0885ecf..d272c2509f 100644 --- a/liquibase-mongodb-quickstart/pom.xml +++ b/liquibase-mongodb-quickstart/pom.xml @@ -14,7 +14,7 @@ UTF-8 quarkus-bom io.quarkus - 999-SNAPSHOT + 2.14.0.Final 3.0.0-M7 diff --git a/liquibase-mongodb-quickstart/src/main/docker/Dockerfile.jvm b/liquibase-mongodb-quickstart/src/main/docker/Dockerfile.jvm index c4e03f7c97..4a920fd693 100644 --- a/liquibase-mongodb-quickstart/src/main/docker/Dockerfile.jvm +++ b/liquibase-mongodb-quickstart/src/main/docker/Dockerfile.jvm @@ -18,38 +18,77 @@ # # Then run the container using : # -# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/liquibase-mongodb-quickstart-jvm +# docker run -i --rm -p 8080:8080 quarkus/liquibase-mongodb-quickstart-jvm +# +# This image uses the `run-java.sh` script to run the application. +# This scripts computes the command line to execute your Java application, and +# includes memory/GC tuning. +# You can configure the behavior using the following environment properties: +# - JAVA_OPTS: JVM options passed to the `java` command (example: "-verbose:class") +# - JAVA_OPTS_APPEND: User specified Java options to be appended to generated options +# in JAVA_OPTS (example: "-Dsome.property=foo") +# - JAVA_MAX_MEM_RATIO: Is used when no `-Xmx` option is given in JAVA_OPTS. This is +# used to calculate a default maximal heap memory based on a containers restriction. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xmx` is set to a ratio +# of the container available memory as set here. The default is `50` which means 50% +# of the available memory is used as an upper boundary. You can skip this mechanism by +# setting this value to `0` in which case no `-Xmx` option is added. +# - JAVA_INITIAL_MEM_RATIO: Is used when no `-Xms` option is given in JAVA_OPTS. This +# is used to calculate a default initial heap memory based on the maximum heap memory. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xms` is set to a ratio +# of the `-Xmx` memory as set here. The default is `25` which means 25% of the `-Xmx` +# is used as the initial heap size. You can skip this mechanism by setting this value +# to `0` in which case no `-Xms` option is added (example: "25") +# - JAVA_MAX_INITIAL_MEM: Is used when no `-Xms` option is given in JAVA_OPTS. +# This is used to calculate the maximum value of the initial heap memory. If used in +# a container without any memory constraints for the container then this option has +# no effect. If there is a memory constraint then `-Xms` is limited to the value set +# here. The default is 4096MB which means the calculated value of `-Xms` never will +# be greater than 4096MB. The value of this variable is expressed in MB (example: "4096") +# - JAVA_DIAGNOSTICS: Set this to get some diagnostics information to standard output +# when things are happening. This option, if set to true, will set +# `-XX:+UnlockDiagnosticVMOptions`. Disabled by default (example: "true"). +# - JAVA_DEBUG: If set remote debugging will be switched on. Disabled by default (example: +# true"). +# - JAVA_DEBUG_PORT: Port used for remote debugging. Defaults to 5005 (example: "8787"). +# - CONTAINER_CORE_LIMIT: A calculated core limit as described in +# https://www.kernel.org/doc/Documentation/scheduler/sched-bwc.txt. (example: "2") +# - CONTAINER_MAX_MEMORY: Memory limit given to the container (example: "1024"). +# - GC_MIN_HEAP_FREE_RATIO: Minimum percentage of heap free after GC to avoid expansion. +# (example: "20") +# - GC_MAX_HEAP_FREE_RATIO: Maximum percentage of heap free after GC to avoid shrinking. +# (example: "40") +# - GC_TIME_RATIO: Specifies the ratio of the time spent outside the garbage collection. +# (example: "4") +# - GC_ADAPTIVE_SIZE_POLICY_WEIGHT: The weighting given to the current GC time versus +# previous GC times. (example: "90") +# - GC_METASPACE_SIZE: The initial metaspace size. (example: "20") +# - GC_MAX_METASPACE_SIZE: The maximum metaspace size. (example: "100") +# - GC_CONTAINER_OPTIONS: Specify Java GC to use. The value of this variable should +# contain the necessary JRE command-line options to specify the required GC, which +# will override the default of `-XX:+UseParallelGC` (example: -XX:+UseG1GC). +# - HTTPS_PROXY: The location of the https proxy. (example: "myuser@127.0.0.1:8080") +# - HTTP_PROXY: The location of the http proxy. (example: "myuser@127.0.0.1:8080") +# - NO_PROXY: A comma separated lists of hosts, IP addresses or domains that can be +# accessed directly. (example: "foo.example.com,bar.example.com") # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.4 +FROM registry.access.redhat.com/ubi8/openjdk-11:1.14 + +ENV LANGUAGE='en_US:en' -ARG JAVA_PACKAGE=java-11-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.8 -ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' -# Install java and the run-java script -# Also set up permissions for user `1001` -RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ - && microdnf update \ - && microdnf clean all \ - && mkdir /deployments \ - && chown 1001 /deployments \ - && chmod "g+rwX" /deployments \ - && chown 1001:root /deployments \ - && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ - && chown 1001 /deployments/run-java.sh \ - && chmod 540 /deployments/run-java.sh \ - && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/conf/security/java.security -# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. -ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" # We make four distinct layers so if there are application changes the library layers can be re-used -COPY --chown=1001 target/quarkus-app/lib/ /deployments/lib/ -COPY --chown=1001 target/quarkus-app/*.jar /deployments/ -COPY --chown=1001 target/quarkus-app/app/ /deployments/app/ -COPY --chown=1001 target/quarkus-app/quarkus/ /deployments/quarkus/ +COPY --chown=185 target/quarkus-app/lib/ /deployments/lib/ +COPY --chown=185 target/quarkus-app/*.jar /deployments/ +COPY --chown=185 target/quarkus-app/app/ /deployments/app/ +COPY --chown=185 target/quarkus-app/quarkus/ /deployments/quarkus/ EXPOSE 8080 -USER 1001 - -ENTRYPOINT [ "/deployments/run-java.sh" ] +USER 185 +ENV AB_JOLOKIA_OFF="" +ENV JAVA_OPTS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +ENV JAVA_APP_JAR="/deployments/quarkus-run.jar" diff --git a/liquibase-mongodb-quickstart/src/main/docker/Dockerfile.legacy-jar b/liquibase-mongodb-quickstart/src/main/docker/Dockerfile.legacy-jar index b24ca22e5b..2eafde80fb 100644 --- a/liquibase-mongodb-quickstart/src/main/docker/Dockerfile.legacy-jar +++ b/liquibase-mongodb-quickstart/src/main/docker/Dockerfile.legacy-jar @@ -18,34 +18,73 @@ # # Then run the container using : # -# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/liquibase-mongodb-quickstart-legacy-jar +# docker run -i --rm -p 8080:8080 quarkus/liquibase-mongodb-quickstart-legacy-jar +# +# This image uses the `run-java.sh` script to run the application. +# This scripts computes the command line to execute your Java application, and +# includes memory/GC tuning. +# You can configure the behavior using the following environment properties: +# - JAVA_OPTS: JVM options passed to the `java` command (example: "-verbose:class") +# - JAVA_OPTS_APPEND: User specified Java options to be appended to generated options +# in JAVA_OPTS (example: "-Dsome.property=foo") +# - JAVA_MAX_MEM_RATIO: Is used when no `-Xmx` option is given in JAVA_OPTS. This is +# used to calculate a default maximal heap memory based on a containers restriction. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xmx` is set to a ratio +# of the container available memory as set here. The default is `50` which means 50% +# of the available memory is used as an upper boundary. You can skip this mechanism by +# setting this value to `0` in which case no `-Xmx` option is added. +# - JAVA_INITIAL_MEM_RATIO: Is used when no `-Xms` option is given in JAVA_OPTS. This +# is used to calculate a default initial heap memory based on the maximum heap memory. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xms` is set to a ratio +# of the `-Xmx` memory as set here. The default is `25` which means 25% of the `-Xmx` +# is used as the initial heap size. You can skip this mechanism by setting this value +# to `0` in which case no `-Xms` option is added (example: "25") +# - JAVA_MAX_INITIAL_MEM: Is used when no `-Xms` option is given in JAVA_OPTS. +# This is used to calculate the maximum value of the initial heap memory. If used in +# a container without any memory constraints for the container then this option has +# no effect. If there is a memory constraint then `-Xms` is limited to the value set +# here. The default is 4096MB which means the calculated value of `-Xms` never will +# be greater than 4096MB. The value of this variable is expressed in MB (example: "4096") +# - JAVA_DIAGNOSTICS: Set this to get some diagnostics information to standard output +# when things are happening. This option, if set to true, will set +# `-XX:+UnlockDiagnosticVMOptions`. Disabled by default (example: "true"). +# - JAVA_DEBUG: If set remote debugging will be switched on. Disabled by default (example: +# true"). +# - JAVA_DEBUG_PORT: Port used for remote debugging. Defaults to 5005 (example: "8787"). +# - CONTAINER_CORE_LIMIT: A calculated core limit as described in +# https://www.kernel.org/doc/Documentation/scheduler/sched-bwc.txt. (example: "2") +# - CONTAINER_MAX_MEMORY: Memory limit given to the container (example: "1024"). +# - GC_MIN_HEAP_FREE_RATIO: Minimum percentage of heap free after GC to avoid expansion. +# (example: "20") +# - GC_MAX_HEAP_FREE_RATIO: Maximum percentage of heap free after GC to avoid shrinking. +# (example: "40") +# - GC_TIME_RATIO: Specifies the ratio of the time spent outside the garbage collection. +# (example: "4") +# - GC_ADAPTIVE_SIZE_POLICY_WEIGHT: The weighting given to the current GC time versus +# previous GC times. (example: "90") +# - GC_METASPACE_SIZE: The initial metaspace size. (example: "20") +# - GC_MAX_METASPACE_SIZE: The maximum metaspace size. (example: "100") +# - GC_CONTAINER_OPTIONS: Specify Java GC to use. The value of this variable should +# contain the necessary JRE command-line options to specify the required GC, which +# will override the default of `-XX:+UseParallelGC` (example: -XX:+UseG1GC). +# - HTTPS_PROXY: The location of the https proxy. (example: "myuser@127.0.0.1:8080") +# - HTTP_PROXY: The location of the http proxy. (example: "myuser@127.0.0.1:8080") +# - NO_PROXY: A comma separated lists of hosts, IP addresses or domains that can be +# accessed directly. (example: "foo.example.com,bar.example.com") # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.4 +FROM registry.access.redhat.com/ubi8/openjdk-11:1.14 + +ENV LANGUAGE='en_US:en' -ARG JAVA_PACKAGE=java-11-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.8 -ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' -# Install java and the run-java script -# Also set up permissions for user `1001` -RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ - && microdnf update \ - && microdnf clean all \ - && mkdir /deployments \ - && chown 1001 /deployments \ - && chmod "g+rwX" /deployments \ - && chown 1001:root /deployments \ - && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ - && chown 1001 /deployments/run-java.sh \ - && chmod 540 /deployments/run-java.sh \ - && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/conf/security/java.security -# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. -ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" COPY target/lib/* /deployments/lib/ -COPY target/*-runner.jar /deployments/app.jar +COPY target/*-runner.jar /deployments/quarkus-run.jar EXPOSE 8080 -USER 1001 - -ENTRYPOINT [ "/deployments/run-java.sh" ] +USER 185 +ENV AB_JOLOKIA_OFF="" +ENV JAVA_OPTS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +ENV JAVA_APP_JAR="/deployments/quarkus-run.jar" diff --git a/liquibase-mongodb-quickstart/src/main/docker/Dockerfile.native b/liquibase-mongodb-quickstart/src/main/docker/Dockerfile.native index bceff571ab..adaa6ff5b6 100644 --- a/liquibase-mongodb-quickstart/src/main/docker/Dockerfile.native +++ b/liquibase-mongodb-quickstart/src/main/docker/Dockerfile.native @@ -1,5 +1,5 @@ #### -# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode. # # Before building the container image run: # @@ -14,7 +14,7 @@ # docker run -i --rm -p 8080:8080 quarkus/liquibase-mongodb-quickstart # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.4 +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.6 WORKDIR /work/ RUN chown 1001 /work \ && chmod "g+rwX" /work \ diff --git a/liquibase-mongodb-quickstart/src/main/docker/Dockerfile.native-micro b/liquibase-mongodb-quickstart/src/main/docker/Dockerfile.native-micro index a4222c56fd..08c5f6772d 100644 --- a/liquibase-mongodb-quickstart/src/main/docker/Dockerfile.native-micro +++ b/liquibase-mongodb-quickstart/src/main/docker/Dockerfile.native-micro @@ -1,5 +1,8 @@ #### -# This Dockerfile is used in order to build a distroless container that runs the Quarkus application in native (no JVM) mode +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode. +# It uses a micro base image, tuned for Quarkus native executables. +# It reduces the size of the resulting container image. +# Check https://quarkus.io/guides/quarkus-runtime-base-image for further information about this image. # # Before building the container image run: # @@ -14,8 +17,12 @@ # docker run -i --rm -p 8080:8080 quarkus/liquibase-mongodb-quickstart # ### -FROM quay.io/quarkus/quarkus-micro-image:1.0 -COPY target/*-runner /application +FROM quay.io/quarkus/quarkus-micro-image:2.0 +WORKDIR /work/ +RUN chown 1001 /work \ + && chmod "g+rwX" /work \ + && chown 1001:root /work +COPY --chown=1001:root target/*-runner /work/application EXPOSE 8080 USER 1001 diff --git a/liquibase-quickstart/pom.xml b/liquibase-quickstart/pom.xml index 9ceddf7efa..a30dcd796b 100644 --- a/liquibase-quickstart/pom.xml +++ b/liquibase-quickstart/pom.xml @@ -14,7 +14,7 @@ UTF-8 quarkus-bom io.quarkus - 999-SNAPSHOT + 2.14.0.Final 3.0.0-M7 diff --git a/liquibase-quickstart/src/main/docker/Dockerfile.jvm b/liquibase-quickstart/src/main/docker/Dockerfile.jvm index 01b2ad2427..db137d7e27 100644 --- a/liquibase-quickstart/src/main/docker/Dockerfile.jvm +++ b/liquibase-quickstart/src/main/docker/Dockerfile.jvm @@ -7,48 +7,88 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/liquibase-jvm . +# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/liquibase-quickstart-jvm . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/liquibase-jvm +# docker run -i --rm -p 8080:8080 quarkus/liquibase-quickstart-jvm # # If you want to include the debug port into your docker image -# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5005 # # Then run the container using : # -# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/liquibase-jvm +# docker run -i --rm -p 8080:8080 quarkus/liquibase-quickstart-jvm +# +# This image uses the `run-java.sh` script to run the application. +# This scripts computes the command line to execute your Java application, and +# includes memory/GC tuning. +# You can configure the behavior using the following environment properties: +# - JAVA_OPTS: JVM options passed to the `java` command (example: "-verbose:class") +# - JAVA_OPTS_APPEND: User specified Java options to be appended to generated options +# in JAVA_OPTS (example: "-Dsome.property=foo") +# - JAVA_MAX_MEM_RATIO: Is used when no `-Xmx` option is given in JAVA_OPTS. This is +# used to calculate a default maximal heap memory based on a containers restriction. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xmx` is set to a ratio +# of the container available memory as set here. The default is `50` which means 50% +# of the available memory is used as an upper boundary. You can skip this mechanism by +# setting this value to `0` in which case no `-Xmx` option is added. +# - JAVA_INITIAL_MEM_RATIO: Is used when no `-Xms` option is given in JAVA_OPTS. This +# is used to calculate a default initial heap memory based on the maximum heap memory. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xms` is set to a ratio +# of the `-Xmx` memory as set here. The default is `25` which means 25% of the `-Xmx` +# is used as the initial heap size. You can skip this mechanism by setting this value +# to `0` in which case no `-Xms` option is added (example: "25") +# - JAVA_MAX_INITIAL_MEM: Is used when no `-Xms` option is given in JAVA_OPTS. +# This is used to calculate the maximum value of the initial heap memory. If used in +# a container without any memory constraints for the container then this option has +# no effect. If there is a memory constraint then `-Xms` is limited to the value set +# here. The default is 4096MB which means the calculated value of `-Xms` never will +# be greater than 4096MB. The value of this variable is expressed in MB (example: "4096") +# - JAVA_DIAGNOSTICS: Set this to get some diagnostics information to standard output +# when things are happening. This option, if set to true, will set +# `-XX:+UnlockDiagnosticVMOptions`. Disabled by default (example: "true"). +# - JAVA_DEBUG: If set remote debugging will be switched on. Disabled by default (example: +# true"). +# - JAVA_DEBUG_PORT: Port used for remote debugging. Defaults to 5005 (example: "8787"). +# - CONTAINER_CORE_LIMIT: A calculated core limit as described in +# https://www.kernel.org/doc/Documentation/scheduler/sched-bwc.txt. (example: "2") +# - CONTAINER_MAX_MEMORY: Memory limit given to the container (example: "1024"). +# - GC_MIN_HEAP_FREE_RATIO: Minimum percentage of heap free after GC to avoid expansion. +# (example: "20") +# - GC_MAX_HEAP_FREE_RATIO: Maximum percentage of heap free after GC to avoid shrinking. +# (example: "40") +# - GC_TIME_RATIO: Specifies the ratio of the time spent outside the garbage collection. +# (example: "4") +# - GC_ADAPTIVE_SIZE_POLICY_WEIGHT: The weighting given to the current GC time versus +# previous GC times. (example: "90") +# - GC_METASPACE_SIZE: The initial metaspace size. (example: "20") +# - GC_MAX_METASPACE_SIZE: The maximum metaspace size. (example: "100") +# - GC_CONTAINER_OPTIONS: Specify Java GC to use. The value of this variable should +# contain the necessary JRE command-line options to specify the required GC, which +# will override the default of `-XX:+UseParallelGC` (example: -XX:+UseG1GC). +# - HTTPS_PROXY: The location of the https proxy. (example: "myuser@127.0.0.1:8080") +# - HTTP_PROXY: The location of the http proxy. (example: "myuser@127.0.0.1:8080") +# - NO_PROXY: A comma separated lists of hosts, IP addresses or domains that can be +# accessed directly. (example: "foo.example.com,bar.example.com") # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/openjdk-11:1.14 + +ENV LANGUAGE='en_US:en' -ARG JAVA_PACKAGE=java-11-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.8 -ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' -# Install java and the run-java script -# Also set up permissions for user `1001` -RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ - && microdnf update \ - && microdnf clean all \ - && mkdir /deployments \ - && chown 1001 /deployments \ - && chmod "g+rwX" /deployments \ - && chown 1001:root /deployments \ - && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ - && chown 1001 /deployments/run-java.sh \ - && chmod 540 /deployments/run-java.sh \ - && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security -# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. -ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" # We make four distinct layers so if there are application changes the library layers can be re-used -COPY --chown=1001 target/quarkus-app/lib/ /deployments/lib/ -COPY --chown=1001 target/quarkus-app/*.jar /deployments/ -COPY --chown=1001 target/quarkus-app/app/ /deployments/app/ -COPY --chown=1001 target/quarkus-app/quarkus/ /deployments/quarkus/ +COPY --chown=185 target/quarkus-app/lib/ /deployments/lib/ +COPY --chown=185 target/quarkus-app/*.jar /deployments/ +COPY --chown=185 target/quarkus-app/app/ /deployments/app/ +COPY --chown=185 target/quarkus-app/quarkus/ /deployments/quarkus/ EXPOSE 8080 -USER 1001 +USER 185 +ENV AB_JOLOKIA_OFF="" +ENV JAVA_OPTS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +ENV JAVA_APP_JAR="/deployments/quarkus-run.jar" -ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/liquibase-quickstart/src/main/docker/Dockerfile.legacy-jar b/liquibase-quickstart/src/main/docker/Dockerfile.legacy-jar index e00bca7ab7..57a03d5ded 100644 --- a/liquibase-quickstart/src/main/docker/Dockerfile.legacy-jar +++ b/liquibase-quickstart/src/main/docker/Dockerfile.legacy-jar @@ -7,45 +7,84 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/liquibase-legacy-jar . +# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/liquibase-quickstart-legacy-jar . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/liquibase-legacy-jar +# docker run -i --rm -p 8080:8080 quarkus/liquibase-quickstart-legacy-jar # # If you want to include the debug port into your docker image -# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5005 # # Then run the container using : # -# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/liquibase-legacy-jar +# docker run -i --rm -p 8080:8080 quarkus/liquibase-quickstart-legacy-jar +# +# This image uses the `run-java.sh` script to run the application. +# This scripts computes the command line to execute your Java application, and +# includes memory/GC tuning. +# You can configure the behavior using the following environment properties: +# - JAVA_OPTS: JVM options passed to the `java` command (example: "-verbose:class") +# - JAVA_OPTS_APPEND: User specified Java options to be appended to generated options +# in JAVA_OPTS (example: "-Dsome.property=foo") +# - JAVA_MAX_MEM_RATIO: Is used when no `-Xmx` option is given in JAVA_OPTS. This is +# used to calculate a default maximal heap memory based on a containers restriction. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xmx` is set to a ratio +# of the container available memory as set here. The default is `50` which means 50% +# of the available memory is used as an upper boundary. You can skip this mechanism by +# setting this value to `0` in which case no `-Xmx` option is added. +# - JAVA_INITIAL_MEM_RATIO: Is used when no `-Xms` option is given in JAVA_OPTS. This +# is used to calculate a default initial heap memory based on the maximum heap memory. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xms` is set to a ratio +# of the `-Xmx` memory as set here. The default is `25` which means 25% of the `-Xmx` +# is used as the initial heap size. You can skip this mechanism by setting this value +# to `0` in which case no `-Xms` option is added (example: "25") +# - JAVA_MAX_INITIAL_MEM: Is used when no `-Xms` option is given in JAVA_OPTS. +# This is used to calculate the maximum value of the initial heap memory. If used in +# a container without any memory constraints for the container then this option has +# no effect. If there is a memory constraint then `-Xms` is limited to the value set +# here. The default is 4096MB which means the calculated value of `-Xms` never will +# be greater than 4096MB. The value of this variable is expressed in MB (example: "4096") +# - JAVA_DIAGNOSTICS: Set this to get some diagnostics information to standard output +# when things are happening. This option, if set to true, will set +# `-XX:+UnlockDiagnosticVMOptions`. Disabled by default (example: "true"). +# - JAVA_DEBUG: If set remote debugging will be switched on. Disabled by default (example: +# true"). +# - JAVA_DEBUG_PORT: Port used for remote debugging. Defaults to 5005 (example: "8787"). +# - CONTAINER_CORE_LIMIT: A calculated core limit as described in +# https://www.kernel.org/doc/Documentation/scheduler/sched-bwc.txt. (example: "2") +# - CONTAINER_MAX_MEMORY: Memory limit given to the container (example: "1024"). +# - GC_MIN_HEAP_FREE_RATIO: Minimum percentage of heap free after GC to avoid expansion. +# (example: "20") +# - GC_MAX_HEAP_FREE_RATIO: Maximum percentage of heap free after GC to avoid shrinking. +# (example: "40") +# - GC_TIME_RATIO: Specifies the ratio of the time spent outside the garbage collection. +# (example: "4") +# - GC_ADAPTIVE_SIZE_POLICY_WEIGHT: The weighting given to the current GC time versus +# previous GC times. (example: "90") +# - GC_METASPACE_SIZE: The initial metaspace size. (example: "20") +# - GC_MAX_METASPACE_SIZE: The maximum metaspace size. (example: "100") +# - GC_CONTAINER_OPTIONS: Specify Java GC to use. The value of this variable should +# contain the necessary JRE command-line options to specify the required GC, which +# will override the default of `-XX:+UseParallelGC` (example: -XX:+UseG1GC). +# - HTTPS_PROXY: The location of the https proxy. (example: "myuser@127.0.0.1:8080") +# - HTTP_PROXY: The location of the http proxy. (example: "myuser@127.0.0.1:8080") +# - NO_PROXY: A comma separated lists of hosts, IP addresses or domains that can be +# accessed directly. (example: "foo.example.com,bar.example.com") # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/openjdk-11:1.14 + +ENV LANGUAGE='en_US:en' -ARG JAVA_PACKAGE=java-11-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.8 -ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' -# Install java and the run-java script -# Also set up permissions for user `1001` -RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ - && microdnf update \ - && microdnf clean all \ - && mkdir /deployments \ - && chown 1001 /deployments \ - && chmod "g+rwX" /deployments \ - && chown 1001:root /deployments \ - && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ - && chown 1001 /deployments/run-java.sh \ - && chmod 540 /deployments/run-java.sh \ - && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security -# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. -ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" COPY target/lib/* /deployments/lib/ -COPY target/*-runner.jar /deployments/app.jar +COPY target/*-runner.jar /deployments/quarkus-run.jar EXPOSE 8080 -USER 1001 - -ENTRYPOINT [ "/deployments/run-java.sh" ] +USER 185 +ENV AB_JOLOKIA_OFF="" +ENV JAVA_OPTS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +ENV JAVA_APP_JAR="/deployments/quarkus-run.jar" diff --git a/liquibase-quickstart/src/main/docker/Dockerfile.native b/liquibase-quickstart/src/main/docker/Dockerfile.native index 6c2772a71e..fbac0888db 100644 --- a/liquibase-quickstart/src/main/docker/Dockerfile.native +++ b/liquibase-quickstart/src/main/docker/Dockerfile.native @@ -1,5 +1,5 @@ #### -# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode. # # Before building the container image run: # @@ -7,14 +7,14 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native -t quarkus/liquibase . +# docker build -f src/main/docker/Dockerfile.native -t quarkus/liquibase-quickstart . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/liquibase +# docker run -i --rm -p 8080:8080 quarkus/liquibase-quickstart # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.6 WORKDIR /work/ RUN chown 1001 /work \ && chmod "g+rwX" /work \ diff --git a/liquibase-quickstart/src/main/docker/Dockerfile.native-micro b/liquibase-quickstart/src/main/docker/Dockerfile.native-micro index 284ff0bd7b..77a529e1f7 100644 --- a/liquibase-quickstart/src/main/docker/Dockerfile.native-micro +++ b/liquibase-quickstart/src/main/docker/Dockerfile.native-micro @@ -1,5 +1,8 @@ #### -# This Dockerfile is used in order to build a distroless container that runs the Quarkus application in native (no JVM) mode +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode. +# It uses a micro base image, tuned for Quarkus native executables. +# It reduces the size of the resulting container image. +# Check https://quarkus.io/guides/quarkus-runtime-base-image for further information about this image. # # Before building the container image run: # @@ -7,15 +10,19 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native-micro -t quarkus/liquibase . +# docker build -f src/main/docker/Dockerfile.native-micro -t quarkus/liquibase-quickstart . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/liquibase +# docker run -i --rm -p 8080:8080 quarkus/liquibase-quickstart # ### -FROM quay.io/quarkus/quarkus-micro-image:1.0 -COPY target/*-runner /application +FROM quay.io/quarkus/quarkus-micro-image:2.0 +WORKDIR /work/ +RUN chown 1001 /work \ + && chmod "g+rwX" /work \ + && chown 1001:root /work +COPY --chown=1001:root target/*-runner /work/application EXPOSE 8080 USER 1001 diff --git a/mailer-quickstart/pom.xml b/mailer-quickstart/pom.xml index 313de7334b..e305d04d06 100644 --- a/mailer-quickstart/pom.xml +++ b/mailer-quickstart/pom.xml @@ -9,7 +9,7 @@ quarkus-bom io.quarkus - 999-SNAPSHOT + 2.14.0.Final 3.8.1 3.0.0-M7 UTF-8 diff --git a/mailer-quickstart/src/main/docker/Dockerfile.jvm b/mailer-quickstart/src/main/docker/Dockerfile.jvm index 25e4543e18..4bc9542eff 100644 --- a/mailer-quickstart/src/main/docker/Dockerfile.jvm +++ b/mailer-quickstart/src/main/docker/Dockerfile.jvm @@ -7,48 +7,88 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/mailer-jvm . +# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/mailer-quickstart-jvm . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/mailer-jvm +# docker run -i --rm -p 8080:8080 quarkus/mailer-quickstart-jvm # # If you want to include the debug port into your docker image -# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5005 # # Then run the container using : # -# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/mailer-jvm +# docker run -i --rm -p 8080:8080 quarkus/mailer-quickstart-jvm +# +# This image uses the `run-java.sh` script to run the application. +# This scripts computes the command line to execute your Java application, and +# includes memory/GC tuning. +# You can configure the behavior using the following environment properties: +# - JAVA_OPTS: JVM options passed to the `java` command (example: "-verbose:class") +# - JAVA_OPTS_APPEND: User specified Java options to be appended to generated options +# in JAVA_OPTS (example: "-Dsome.property=foo") +# - JAVA_MAX_MEM_RATIO: Is used when no `-Xmx` option is given in JAVA_OPTS. This is +# used to calculate a default maximal heap memory based on a containers restriction. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xmx` is set to a ratio +# of the container available memory as set here. The default is `50` which means 50% +# of the available memory is used as an upper boundary. You can skip this mechanism by +# setting this value to `0` in which case no `-Xmx` option is added. +# - JAVA_INITIAL_MEM_RATIO: Is used when no `-Xms` option is given in JAVA_OPTS. This +# is used to calculate a default initial heap memory based on the maximum heap memory. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xms` is set to a ratio +# of the `-Xmx` memory as set here. The default is `25` which means 25% of the `-Xmx` +# is used as the initial heap size. You can skip this mechanism by setting this value +# to `0` in which case no `-Xms` option is added (example: "25") +# - JAVA_MAX_INITIAL_MEM: Is used when no `-Xms` option is given in JAVA_OPTS. +# This is used to calculate the maximum value of the initial heap memory. If used in +# a container without any memory constraints for the container then this option has +# no effect. If there is a memory constraint then `-Xms` is limited to the value set +# here. The default is 4096MB which means the calculated value of `-Xms` never will +# be greater than 4096MB. The value of this variable is expressed in MB (example: "4096") +# - JAVA_DIAGNOSTICS: Set this to get some diagnostics information to standard output +# when things are happening. This option, if set to true, will set +# `-XX:+UnlockDiagnosticVMOptions`. Disabled by default (example: "true"). +# - JAVA_DEBUG: If set remote debugging will be switched on. Disabled by default (example: +# true"). +# - JAVA_DEBUG_PORT: Port used for remote debugging. Defaults to 5005 (example: "8787"). +# - CONTAINER_CORE_LIMIT: A calculated core limit as described in +# https://www.kernel.org/doc/Documentation/scheduler/sched-bwc.txt. (example: "2") +# - CONTAINER_MAX_MEMORY: Memory limit given to the container (example: "1024"). +# - GC_MIN_HEAP_FREE_RATIO: Minimum percentage of heap free after GC to avoid expansion. +# (example: "20") +# - GC_MAX_HEAP_FREE_RATIO: Maximum percentage of heap free after GC to avoid shrinking. +# (example: "40") +# - GC_TIME_RATIO: Specifies the ratio of the time spent outside the garbage collection. +# (example: "4") +# - GC_ADAPTIVE_SIZE_POLICY_WEIGHT: The weighting given to the current GC time versus +# previous GC times. (example: "90") +# - GC_METASPACE_SIZE: The initial metaspace size. (example: "20") +# - GC_MAX_METASPACE_SIZE: The maximum metaspace size. (example: "100") +# - GC_CONTAINER_OPTIONS: Specify Java GC to use. The value of this variable should +# contain the necessary JRE command-line options to specify the required GC, which +# will override the default of `-XX:+UseParallelGC` (example: -XX:+UseG1GC). +# - HTTPS_PROXY: The location of the https proxy. (example: "myuser@127.0.0.1:8080") +# - HTTP_PROXY: The location of the http proxy. (example: "myuser@127.0.0.1:8080") +# - NO_PROXY: A comma separated lists of hosts, IP addresses or domains that can be +# accessed directly. (example: "foo.example.com,bar.example.com") # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/openjdk-11:1.14 + +ENV LANGUAGE='en_US:en' -ARG JAVA_PACKAGE=java-11-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.8 -ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' -# Install java and the run-java script -# Also set up permissions for user `1001` -RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ - && microdnf update \ - && microdnf clean all \ - && mkdir /deployments \ - && chown 1001 /deployments \ - && chmod "g+rwX" /deployments \ - && chown 1001:root /deployments \ - && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ - && chown 1001 /deployments/run-java.sh \ - && chmod 540 /deployments/run-java.sh \ - && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security -# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. -ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" # We make four distinct layers so if there are application changes the library layers can be re-used -COPY --chown=1001 target/quarkus-app/lib/ /deployments/lib/ -COPY --chown=1001 target/quarkus-app/*.jar /deployments/ -COPY --chown=1001 target/quarkus-app/app/ /deployments/app/ -COPY --chown=1001 target/quarkus-app/quarkus/ /deployments/quarkus/ +COPY --chown=185 target/quarkus-app/lib/ /deployments/lib/ +COPY --chown=185 target/quarkus-app/*.jar /deployments/ +COPY --chown=185 target/quarkus-app/app/ /deployments/app/ +COPY --chown=185 target/quarkus-app/quarkus/ /deployments/quarkus/ EXPOSE 8080 -USER 1001 +USER 185 +ENV AB_JOLOKIA_OFF="" +ENV JAVA_OPTS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +ENV JAVA_APP_JAR="/deployments/quarkus-run.jar" -ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/mailer-quickstart/src/main/docker/Dockerfile.legacy-jar b/mailer-quickstart/src/main/docker/Dockerfile.legacy-jar index 6a5e0d1278..cb6e5eece4 100644 --- a/mailer-quickstart/src/main/docker/Dockerfile.legacy-jar +++ b/mailer-quickstart/src/main/docker/Dockerfile.legacy-jar @@ -7,45 +7,84 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/mailer-legacy-jar . +# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/mailer-quickstart-legacy-jar . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/mailer-legacy-jar +# docker run -i --rm -p 8080:8080 quarkus/mailer-quickstart-legacy-jar # # If you want to include the debug port into your docker image -# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5005 # # Then run the container using : # -# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/mailer-legacy-jar +# docker run -i --rm -p 8080:8080 quarkus/mailer-quickstart-legacy-jar +# +# This image uses the `run-java.sh` script to run the application. +# This scripts computes the command line to execute your Java application, and +# includes memory/GC tuning. +# You can configure the behavior using the following environment properties: +# - JAVA_OPTS: JVM options passed to the `java` command (example: "-verbose:class") +# - JAVA_OPTS_APPEND: User specified Java options to be appended to generated options +# in JAVA_OPTS (example: "-Dsome.property=foo") +# - JAVA_MAX_MEM_RATIO: Is used when no `-Xmx` option is given in JAVA_OPTS. This is +# used to calculate a default maximal heap memory based on a containers restriction. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xmx` is set to a ratio +# of the container available memory as set here. The default is `50` which means 50% +# of the available memory is used as an upper boundary. You can skip this mechanism by +# setting this value to `0` in which case no `-Xmx` option is added. +# - JAVA_INITIAL_MEM_RATIO: Is used when no `-Xms` option is given in JAVA_OPTS. This +# is used to calculate a default initial heap memory based on the maximum heap memory. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xms` is set to a ratio +# of the `-Xmx` memory as set here. The default is `25` which means 25% of the `-Xmx` +# is used as the initial heap size. You can skip this mechanism by setting this value +# to `0` in which case no `-Xms` option is added (example: "25") +# - JAVA_MAX_INITIAL_MEM: Is used when no `-Xms` option is given in JAVA_OPTS. +# This is used to calculate the maximum value of the initial heap memory. If used in +# a container without any memory constraints for the container then this option has +# no effect. If there is a memory constraint then `-Xms` is limited to the value set +# here. The default is 4096MB which means the calculated value of `-Xms` never will +# be greater than 4096MB. The value of this variable is expressed in MB (example: "4096") +# - JAVA_DIAGNOSTICS: Set this to get some diagnostics information to standard output +# when things are happening. This option, if set to true, will set +# `-XX:+UnlockDiagnosticVMOptions`. Disabled by default (example: "true"). +# - JAVA_DEBUG: If set remote debugging will be switched on. Disabled by default (example: +# true"). +# - JAVA_DEBUG_PORT: Port used for remote debugging. Defaults to 5005 (example: "8787"). +# - CONTAINER_CORE_LIMIT: A calculated core limit as described in +# https://www.kernel.org/doc/Documentation/scheduler/sched-bwc.txt. (example: "2") +# - CONTAINER_MAX_MEMORY: Memory limit given to the container (example: "1024"). +# - GC_MIN_HEAP_FREE_RATIO: Minimum percentage of heap free after GC to avoid expansion. +# (example: "20") +# - GC_MAX_HEAP_FREE_RATIO: Maximum percentage of heap free after GC to avoid shrinking. +# (example: "40") +# - GC_TIME_RATIO: Specifies the ratio of the time spent outside the garbage collection. +# (example: "4") +# - GC_ADAPTIVE_SIZE_POLICY_WEIGHT: The weighting given to the current GC time versus +# previous GC times. (example: "90") +# - GC_METASPACE_SIZE: The initial metaspace size. (example: "20") +# - GC_MAX_METASPACE_SIZE: The maximum metaspace size. (example: "100") +# - GC_CONTAINER_OPTIONS: Specify Java GC to use. The value of this variable should +# contain the necessary JRE command-line options to specify the required GC, which +# will override the default of `-XX:+UseParallelGC` (example: -XX:+UseG1GC). +# - HTTPS_PROXY: The location of the https proxy. (example: "myuser@127.0.0.1:8080") +# - HTTP_PROXY: The location of the http proxy. (example: "myuser@127.0.0.1:8080") +# - NO_PROXY: A comma separated lists of hosts, IP addresses or domains that can be +# accessed directly. (example: "foo.example.com,bar.example.com") # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/openjdk-11:1.14 + +ENV LANGUAGE='en_US:en' -ARG JAVA_PACKAGE=java-11-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.8 -ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' -# Install java and the run-java script -# Also set up permissions for user `1001` -RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ - && microdnf update \ - && microdnf clean all \ - && mkdir /deployments \ - && chown 1001 /deployments \ - && chmod "g+rwX" /deployments \ - && chown 1001:root /deployments \ - && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ - && chown 1001 /deployments/run-java.sh \ - && chmod 540 /deployments/run-java.sh \ - && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security -# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. -ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" COPY target/lib/* /deployments/lib/ -COPY target/*-runner.jar /deployments/app.jar +COPY target/*-runner.jar /deployments/quarkus-run.jar EXPOSE 8080 -USER 1001 - -ENTRYPOINT [ "/deployments/run-java.sh" ] +USER 185 +ENV AB_JOLOKIA_OFF="" +ENV JAVA_OPTS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +ENV JAVA_APP_JAR="/deployments/quarkus-run.jar" diff --git a/mailer-quickstart/src/main/docker/Dockerfile.native b/mailer-quickstart/src/main/docker/Dockerfile.native index 0bdb3e302d..dfe4c3412b 100644 --- a/mailer-quickstart/src/main/docker/Dockerfile.native +++ b/mailer-quickstart/src/main/docker/Dockerfile.native @@ -1,5 +1,5 @@ #### -# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode. # # Before building the container image run: # @@ -7,14 +7,14 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native -t quarkus/mailer . +# docker build -f src/main/docker/Dockerfile.native -t quarkus/mailer-quickstart . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/mailer +# docker run -i --rm -p 8080:8080 quarkus/mailer-quickstart # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.6 WORKDIR /work/ RUN chown 1001 /work \ && chmod "g+rwX" /work \ diff --git a/mailer-quickstart/src/main/docker/Dockerfile.native-micro b/mailer-quickstart/src/main/docker/Dockerfile.native-micro index 7e1c2edec9..fc23073087 100644 --- a/mailer-quickstart/src/main/docker/Dockerfile.native-micro +++ b/mailer-quickstart/src/main/docker/Dockerfile.native-micro @@ -1,5 +1,8 @@ #### -# This Dockerfile is used in order to build a distroless container that runs the Quarkus application in native (no JVM) mode +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode. +# It uses a micro base image, tuned for Quarkus native executables. +# It reduces the size of the resulting container image. +# Check https://quarkus.io/guides/quarkus-runtime-base-image for further information about this image. # # Before building the container image run: # @@ -7,15 +10,19 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native-micro -t quarkus/mailer . +# docker build -f src/main/docker/Dockerfile.native-micro -t quarkus/mailer-quickstart . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/mailer +# docker run -i --rm -p 8080:8080 quarkus/mailer-quickstart # ### -FROM quay.io/quarkus/quarkus-micro-image:1.0 -COPY target/*-runner /application +FROM quay.io/quarkus/quarkus-micro-image:2.0 +WORKDIR /work/ +RUN chown 1001 /work \ + && chmod "g+rwX" /work \ + && chown 1001:root /work +COPY --chown=1001:root target/*-runner /work/application EXPOSE 8080 USER 1001 diff --git a/micrometer-quickstart/pom.xml b/micrometer-quickstart/pom.xml index 370315ab42..084fd37ac0 100644 --- a/micrometer-quickstart/pom.xml +++ b/micrometer-quickstart/pom.xml @@ -11,7 +11,7 @@ quarkus-bom io.quarkus - 999-SNAPSHOT + 2.14.0.Final 3.8.1 3.0.0-M7 11 diff --git a/micrometer-quickstart/src/main/docker/Dockerfile.jvm b/micrometer-quickstart/src/main/docker/Dockerfile.jvm index 1bbbd66fe6..d9869ec59d 100644 --- a/micrometer-quickstart/src/main/docker/Dockerfile.jvm +++ b/micrometer-quickstart/src/main/docker/Dockerfile.jvm @@ -7,48 +7,88 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/micrometer-jvm . +# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/micrometer-quickstart-jvm . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/micrometer-jvm +# docker run -i --rm -p 8080:8080 quarkus/micrometer-quickstart-jvm # # If you want to include the debug port into your docker image -# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5005 # # Then run the container using : # -# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/micrometer-jvm +# docker run -i --rm -p 8080:8080 quarkus/micrometer-quickstart-jvm +# +# This image uses the `run-java.sh` script to run the application. +# This scripts computes the command line to execute your Java application, and +# includes memory/GC tuning. +# You can configure the behavior using the following environment properties: +# - JAVA_OPTS: JVM options passed to the `java` command (example: "-verbose:class") +# - JAVA_OPTS_APPEND: User specified Java options to be appended to generated options +# in JAVA_OPTS (example: "-Dsome.property=foo") +# - JAVA_MAX_MEM_RATIO: Is used when no `-Xmx` option is given in JAVA_OPTS. This is +# used to calculate a default maximal heap memory based on a containers restriction. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xmx` is set to a ratio +# of the container available memory as set here. The default is `50` which means 50% +# of the available memory is used as an upper boundary. You can skip this mechanism by +# setting this value to `0` in which case no `-Xmx` option is added. +# - JAVA_INITIAL_MEM_RATIO: Is used when no `-Xms` option is given in JAVA_OPTS. This +# is used to calculate a default initial heap memory based on the maximum heap memory. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xms` is set to a ratio +# of the `-Xmx` memory as set here. The default is `25` which means 25% of the `-Xmx` +# is used as the initial heap size. You can skip this mechanism by setting this value +# to `0` in which case no `-Xms` option is added (example: "25") +# - JAVA_MAX_INITIAL_MEM: Is used when no `-Xms` option is given in JAVA_OPTS. +# This is used to calculate the maximum value of the initial heap memory. If used in +# a container without any memory constraints for the container then this option has +# no effect. If there is a memory constraint then `-Xms` is limited to the value set +# here. The default is 4096MB which means the calculated value of `-Xms` never will +# be greater than 4096MB. The value of this variable is expressed in MB (example: "4096") +# - JAVA_DIAGNOSTICS: Set this to get some diagnostics information to standard output +# when things are happening. This option, if set to true, will set +# `-XX:+UnlockDiagnosticVMOptions`. Disabled by default (example: "true"). +# - JAVA_DEBUG: If set remote debugging will be switched on. Disabled by default (example: +# true"). +# - JAVA_DEBUG_PORT: Port used for remote debugging. Defaults to 5005 (example: "8787"). +# - CONTAINER_CORE_LIMIT: A calculated core limit as described in +# https://www.kernel.org/doc/Documentation/scheduler/sched-bwc.txt. (example: "2") +# - CONTAINER_MAX_MEMORY: Memory limit given to the container (example: "1024"). +# - GC_MIN_HEAP_FREE_RATIO: Minimum percentage of heap free after GC to avoid expansion. +# (example: "20") +# - GC_MAX_HEAP_FREE_RATIO: Maximum percentage of heap free after GC to avoid shrinking. +# (example: "40") +# - GC_TIME_RATIO: Specifies the ratio of the time spent outside the garbage collection. +# (example: "4") +# - GC_ADAPTIVE_SIZE_POLICY_WEIGHT: The weighting given to the current GC time versus +# previous GC times. (example: "90") +# - GC_METASPACE_SIZE: The initial metaspace size. (example: "20") +# - GC_MAX_METASPACE_SIZE: The maximum metaspace size. (example: "100") +# - GC_CONTAINER_OPTIONS: Specify Java GC to use. The value of this variable should +# contain the necessary JRE command-line options to specify the required GC, which +# will override the default of `-XX:+UseParallelGC` (example: -XX:+UseG1GC). +# - HTTPS_PROXY: The location of the https proxy. (example: "myuser@127.0.0.1:8080") +# - HTTP_PROXY: The location of the http proxy. (example: "myuser@127.0.0.1:8080") +# - NO_PROXY: A comma separated lists of hosts, IP addresses or domains that can be +# accessed directly. (example: "foo.example.com,bar.example.com") # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/openjdk-11:1.14 + +ENV LANGUAGE='en_US:en' -ARG JAVA_PACKAGE=java-11-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.8 -ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' -# Install java and the run-java script -# Also set up permissions for user `1001` -RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ - && microdnf update \ - && microdnf clean all \ - && mkdir /deployments \ - && chown 1001 /deployments \ - && chmod "g+rwX" /deployments \ - && chown 1001:root /deployments \ - && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ - && chown 1001 /deployments/run-java.sh \ - && chmod 540 /deployments/run-java.sh \ - && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security -# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. -ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" # We make four distinct layers so if there are application changes the library layers can be re-used -COPY --chown=1001 target/quarkus-app/lib/ /deployments/lib/ -COPY --chown=1001 target/quarkus-app/*.jar /deployments/ -COPY --chown=1001 target/quarkus-app/app/ /deployments/app/ -COPY --chown=1001 target/quarkus-app/quarkus/ /deployments/quarkus/ +COPY --chown=185 target/quarkus-app/lib/ /deployments/lib/ +COPY --chown=185 target/quarkus-app/*.jar /deployments/ +COPY --chown=185 target/quarkus-app/app/ /deployments/app/ +COPY --chown=185 target/quarkus-app/quarkus/ /deployments/quarkus/ EXPOSE 8080 -USER 1001 +USER 185 +ENV AB_JOLOKIA_OFF="" +ENV JAVA_OPTS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +ENV JAVA_APP_JAR="/deployments/quarkus-run.jar" -ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/micrometer-quickstart/src/main/docker/Dockerfile.legacy-jar b/micrometer-quickstart/src/main/docker/Dockerfile.legacy-jar index 5cff44c835..8404235e1c 100644 --- a/micrometer-quickstart/src/main/docker/Dockerfile.legacy-jar +++ b/micrometer-quickstart/src/main/docker/Dockerfile.legacy-jar @@ -7,45 +7,84 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/micrometer-legacy-jar . +# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/micrometer-quickstart-legacy-jar . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/micrometer-legacy-jar +# docker run -i --rm -p 8080:8080 quarkus/micrometer-quickstart-legacy-jar # # If you want to include the debug port into your docker image -# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5005 # # Then run the container using : # -# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/micrometer-legacy-jar +# docker run -i --rm -p 8080:8080 quarkus/micrometer-quickstart-legacy-jar +# +# This image uses the `run-java.sh` script to run the application. +# This scripts computes the command line to execute your Java application, and +# includes memory/GC tuning. +# You can configure the behavior using the following environment properties: +# - JAVA_OPTS: JVM options passed to the `java` command (example: "-verbose:class") +# - JAVA_OPTS_APPEND: User specified Java options to be appended to generated options +# in JAVA_OPTS (example: "-Dsome.property=foo") +# - JAVA_MAX_MEM_RATIO: Is used when no `-Xmx` option is given in JAVA_OPTS. This is +# used to calculate a default maximal heap memory based on a containers restriction. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xmx` is set to a ratio +# of the container available memory as set here. The default is `50` which means 50% +# of the available memory is used as an upper boundary. You can skip this mechanism by +# setting this value to `0` in which case no `-Xmx` option is added. +# - JAVA_INITIAL_MEM_RATIO: Is used when no `-Xms` option is given in JAVA_OPTS. This +# is used to calculate a default initial heap memory based on the maximum heap memory. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xms` is set to a ratio +# of the `-Xmx` memory as set here. The default is `25` which means 25% of the `-Xmx` +# is used as the initial heap size. You can skip this mechanism by setting this value +# to `0` in which case no `-Xms` option is added (example: "25") +# - JAVA_MAX_INITIAL_MEM: Is used when no `-Xms` option is given in JAVA_OPTS. +# This is used to calculate the maximum value of the initial heap memory. If used in +# a container without any memory constraints for the container then this option has +# no effect. If there is a memory constraint then `-Xms` is limited to the value set +# here. The default is 4096MB which means the calculated value of `-Xms` never will +# be greater than 4096MB. The value of this variable is expressed in MB (example: "4096") +# - JAVA_DIAGNOSTICS: Set this to get some diagnostics information to standard output +# when things are happening. This option, if set to true, will set +# `-XX:+UnlockDiagnosticVMOptions`. Disabled by default (example: "true"). +# - JAVA_DEBUG: If set remote debugging will be switched on. Disabled by default (example: +# true"). +# - JAVA_DEBUG_PORT: Port used for remote debugging. Defaults to 5005 (example: "8787"). +# - CONTAINER_CORE_LIMIT: A calculated core limit as described in +# https://www.kernel.org/doc/Documentation/scheduler/sched-bwc.txt. (example: "2") +# - CONTAINER_MAX_MEMORY: Memory limit given to the container (example: "1024"). +# - GC_MIN_HEAP_FREE_RATIO: Minimum percentage of heap free after GC to avoid expansion. +# (example: "20") +# - GC_MAX_HEAP_FREE_RATIO: Maximum percentage of heap free after GC to avoid shrinking. +# (example: "40") +# - GC_TIME_RATIO: Specifies the ratio of the time spent outside the garbage collection. +# (example: "4") +# - GC_ADAPTIVE_SIZE_POLICY_WEIGHT: The weighting given to the current GC time versus +# previous GC times. (example: "90") +# - GC_METASPACE_SIZE: The initial metaspace size. (example: "20") +# - GC_MAX_METASPACE_SIZE: The maximum metaspace size. (example: "100") +# - GC_CONTAINER_OPTIONS: Specify Java GC to use. The value of this variable should +# contain the necessary JRE command-line options to specify the required GC, which +# will override the default of `-XX:+UseParallelGC` (example: -XX:+UseG1GC). +# - HTTPS_PROXY: The location of the https proxy. (example: "myuser@127.0.0.1:8080") +# - HTTP_PROXY: The location of the http proxy. (example: "myuser@127.0.0.1:8080") +# - NO_PROXY: A comma separated lists of hosts, IP addresses or domains that can be +# accessed directly. (example: "foo.example.com,bar.example.com") # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/openjdk-11:1.14 + +ENV LANGUAGE='en_US:en' -ARG JAVA_PACKAGE=java-11-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.8 -ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' -# Install java and the run-java script -# Also set up permissions for user `1001` -RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ - && microdnf update \ - && microdnf clean all \ - && mkdir /deployments \ - && chown 1001 /deployments \ - && chmod "g+rwX" /deployments \ - && chown 1001:root /deployments \ - && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ - && chown 1001 /deployments/run-java.sh \ - && chmod 540 /deployments/run-java.sh \ - && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security -# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. -ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" COPY target/lib/* /deployments/lib/ -COPY target/*-runner.jar /deployments/app.jar +COPY target/*-runner.jar /deployments/quarkus-run.jar EXPOSE 8080 -USER 1001 - -ENTRYPOINT [ "/deployments/run-java.sh" ] +USER 185 +ENV AB_JOLOKIA_OFF="" +ENV JAVA_OPTS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +ENV JAVA_APP_JAR="/deployments/quarkus-run.jar" diff --git a/micrometer-quickstart/src/main/docker/Dockerfile.native b/micrometer-quickstart/src/main/docker/Dockerfile.native index b9b5e25ef2..8341f10ead 100644 --- a/micrometer-quickstart/src/main/docker/Dockerfile.native +++ b/micrometer-quickstart/src/main/docker/Dockerfile.native @@ -1,5 +1,5 @@ #### -# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode. # # Before building the container image run: # @@ -7,14 +7,14 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native -t quarkus/micrometer . +# docker build -f src/main/docker/Dockerfile.native -t quarkus/micrometer-quickstart . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/micrometer +# docker run -i --rm -p 8080:8080 quarkus/micrometer-quickstart # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.6 WORKDIR /work/ RUN chown 1001 /work \ && chmod "g+rwX" /work \ diff --git a/micrometer-quickstart/src/main/docker/Dockerfile.native-micro b/micrometer-quickstart/src/main/docker/Dockerfile.native-micro index 62585558fb..317a9cf894 100644 --- a/micrometer-quickstart/src/main/docker/Dockerfile.native-micro +++ b/micrometer-quickstart/src/main/docker/Dockerfile.native-micro @@ -1,5 +1,8 @@ #### -# This Dockerfile is used in order to build a distroless container that runs the Quarkus application in native (no JVM) mode +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode. +# It uses a micro base image, tuned for Quarkus native executables. +# It reduces the size of the resulting container image. +# Check https://quarkus.io/guides/quarkus-runtime-base-image for further information about this image. # # Before building the container image run: # @@ -7,15 +10,19 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native-micro -t quarkus/micrometer . +# docker build -f src/main/docker/Dockerfile.native-micro -t quarkus/micrometer-quickstart . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/micrometer +# docker run -i --rm -p 8080:8080 quarkus/micrometer-quickstart # ### -FROM quay.io/quarkus/quarkus-micro-image:1.0 -COPY target/*-runner /application +FROM quay.io/quarkus/quarkus-micro-image:2.0 +WORKDIR /work/ +RUN chown 1001 /work \ + && chmod "g+rwX" /work \ + && chown 1001:root /work +COPY --chown=1001:root target/*-runner /work/application EXPOSE 8080 USER 1001 diff --git a/microprofile-fault-tolerance-quickstart/pom.xml b/microprofile-fault-tolerance-quickstart/pom.xml index a593fe9032..7d5b7af63e 100644 --- a/microprofile-fault-tolerance-quickstart/pom.xml +++ b/microprofile-fault-tolerance-quickstart/pom.xml @@ -11,7 +11,7 @@ quarkus-bom io.quarkus - 999-SNAPSHOT + 2.14.0.Final 3.8.1 3.0.0-M7 UTF-8 diff --git a/microprofile-fault-tolerance-quickstart/src/main/docker/Dockerfile.jvm b/microprofile-fault-tolerance-quickstart/src/main/docker/Dockerfile.jvm index bf9d4ef342..0090aff1de 100644 --- a/microprofile-fault-tolerance-quickstart/src/main/docker/Dockerfile.jvm +++ b/microprofile-fault-tolerance-quickstart/src/main/docker/Dockerfile.jvm @@ -7,48 +7,88 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/microprofile-fault-tolerance-jvm . +# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/microprofile-fault-tolerance-quickstart-jvm . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/microprofile-fault-tolerance-jvm +# docker run -i --rm -p 8080:8080 quarkus/microprofile-fault-tolerance-quickstart-jvm # # If you want to include the debug port into your docker image -# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5005 # # Then run the container using : # -# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/microprofile-fault-tolerance-jvm +# docker run -i --rm -p 8080:8080 quarkus/microprofile-fault-tolerance-quickstart-jvm +# +# This image uses the `run-java.sh` script to run the application. +# This scripts computes the command line to execute your Java application, and +# includes memory/GC tuning. +# You can configure the behavior using the following environment properties: +# - JAVA_OPTS: JVM options passed to the `java` command (example: "-verbose:class") +# - JAVA_OPTS_APPEND: User specified Java options to be appended to generated options +# in JAVA_OPTS (example: "-Dsome.property=foo") +# - JAVA_MAX_MEM_RATIO: Is used when no `-Xmx` option is given in JAVA_OPTS. This is +# used to calculate a default maximal heap memory based on a containers restriction. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xmx` is set to a ratio +# of the container available memory as set here. The default is `50` which means 50% +# of the available memory is used as an upper boundary. You can skip this mechanism by +# setting this value to `0` in which case no `-Xmx` option is added. +# - JAVA_INITIAL_MEM_RATIO: Is used when no `-Xms` option is given in JAVA_OPTS. This +# is used to calculate a default initial heap memory based on the maximum heap memory. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xms` is set to a ratio +# of the `-Xmx` memory as set here. The default is `25` which means 25% of the `-Xmx` +# is used as the initial heap size. You can skip this mechanism by setting this value +# to `0` in which case no `-Xms` option is added (example: "25") +# - JAVA_MAX_INITIAL_MEM: Is used when no `-Xms` option is given in JAVA_OPTS. +# This is used to calculate the maximum value of the initial heap memory. If used in +# a container without any memory constraints for the container then this option has +# no effect. If there is a memory constraint then `-Xms` is limited to the value set +# here. The default is 4096MB which means the calculated value of `-Xms` never will +# be greater than 4096MB. The value of this variable is expressed in MB (example: "4096") +# - JAVA_DIAGNOSTICS: Set this to get some diagnostics information to standard output +# when things are happening. This option, if set to true, will set +# `-XX:+UnlockDiagnosticVMOptions`. Disabled by default (example: "true"). +# - JAVA_DEBUG: If set remote debugging will be switched on. Disabled by default (example: +# true"). +# - JAVA_DEBUG_PORT: Port used for remote debugging. Defaults to 5005 (example: "8787"). +# - CONTAINER_CORE_LIMIT: A calculated core limit as described in +# https://www.kernel.org/doc/Documentation/scheduler/sched-bwc.txt. (example: "2") +# - CONTAINER_MAX_MEMORY: Memory limit given to the container (example: "1024"). +# - GC_MIN_HEAP_FREE_RATIO: Minimum percentage of heap free after GC to avoid expansion. +# (example: "20") +# - GC_MAX_HEAP_FREE_RATIO: Maximum percentage of heap free after GC to avoid shrinking. +# (example: "40") +# - GC_TIME_RATIO: Specifies the ratio of the time spent outside the garbage collection. +# (example: "4") +# - GC_ADAPTIVE_SIZE_POLICY_WEIGHT: The weighting given to the current GC time versus +# previous GC times. (example: "90") +# - GC_METASPACE_SIZE: The initial metaspace size. (example: "20") +# - GC_MAX_METASPACE_SIZE: The maximum metaspace size. (example: "100") +# - GC_CONTAINER_OPTIONS: Specify Java GC to use. The value of this variable should +# contain the necessary JRE command-line options to specify the required GC, which +# will override the default of `-XX:+UseParallelGC` (example: -XX:+UseG1GC). +# - HTTPS_PROXY: The location of the https proxy. (example: "myuser@127.0.0.1:8080") +# - HTTP_PROXY: The location of the http proxy. (example: "myuser@127.0.0.1:8080") +# - NO_PROXY: A comma separated lists of hosts, IP addresses or domains that can be +# accessed directly. (example: "foo.example.com,bar.example.com") # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/openjdk-11:1.14 + +ENV LANGUAGE='en_US:en' -ARG JAVA_PACKAGE=java-11-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.8 -ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' -# Install java and the run-java script -# Also set up permissions for user `1001` -RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ - && microdnf update \ - && microdnf clean all \ - && mkdir /deployments \ - && chown 1001 /deployments \ - && chmod "g+rwX" /deployments \ - && chown 1001:root /deployments \ - && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ - && chown 1001 /deployments/run-java.sh \ - && chmod 540 /deployments/run-java.sh \ - && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security -# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. -ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" # We make four distinct layers so if there are application changes the library layers can be re-used -COPY --chown=1001 target/quarkus-app/lib/ /deployments/lib/ -COPY --chown=1001 target/quarkus-app/*.jar /deployments/ -COPY --chown=1001 target/quarkus-app/app/ /deployments/app/ -COPY --chown=1001 target/quarkus-app/quarkus/ /deployments/quarkus/ +COPY --chown=185 target/quarkus-app/lib/ /deployments/lib/ +COPY --chown=185 target/quarkus-app/*.jar /deployments/ +COPY --chown=185 target/quarkus-app/app/ /deployments/app/ +COPY --chown=185 target/quarkus-app/quarkus/ /deployments/quarkus/ EXPOSE 8080 -USER 1001 +USER 185 +ENV AB_JOLOKIA_OFF="" +ENV JAVA_OPTS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +ENV JAVA_APP_JAR="/deployments/quarkus-run.jar" -ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/microprofile-fault-tolerance-quickstart/src/main/docker/Dockerfile.legacy-jar b/microprofile-fault-tolerance-quickstart/src/main/docker/Dockerfile.legacy-jar index ebced6e851..da8a76733a 100644 --- a/microprofile-fault-tolerance-quickstart/src/main/docker/Dockerfile.legacy-jar +++ b/microprofile-fault-tolerance-quickstart/src/main/docker/Dockerfile.legacy-jar @@ -7,45 +7,84 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/microprofile-fault-tolerance-legacy-jar . +# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/microprofile-fault-tolerance-quickstart-legacy-jar . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/microprofile-fault-tolerance-legacy-jar +# docker run -i --rm -p 8080:8080 quarkus/microprofile-fault-tolerance-quickstart-legacy-jar # # If you want to include the debug port into your docker image -# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5005 # # Then run the container using : # -# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/microprofile-fault-tolerance-legacy-jar +# docker run -i --rm -p 8080:8080 quarkus/microprofile-fault-tolerance-quickstart-legacy-jar +# +# This image uses the `run-java.sh` script to run the application. +# This scripts computes the command line to execute your Java application, and +# includes memory/GC tuning. +# You can configure the behavior using the following environment properties: +# - JAVA_OPTS: JVM options passed to the `java` command (example: "-verbose:class") +# - JAVA_OPTS_APPEND: User specified Java options to be appended to generated options +# in JAVA_OPTS (example: "-Dsome.property=foo") +# - JAVA_MAX_MEM_RATIO: Is used when no `-Xmx` option is given in JAVA_OPTS. This is +# used to calculate a default maximal heap memory based on a containers restriction. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xmx` is set to a ratio +# of the container available memory as set here. The default is `50` which means 50% +# of the available memory is used as an upper boundary. You can skip this mechanism by +# setting this value to `0` in which case no `-Xmx` option is added. +# - JAVA_INITIAL_MEM_RATIO: Is used when no `-Xms` option is given in JAVA_OPTS. This +# is used to calculate a default initial heap memory based on the maximum heap memory. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xms` is set to a ratio +# of the `-Xmx` memory as set here. The default is `25` which means 25% of the `-Xmx` +# is used as the initial heap size. You can skip this mechanism by setting this value +# to `0` in which case no `-Xms` option is added (example: "25") +# - JAVA_MAX_INITIAL_MEM: Is used when no `-Xms` option is given in JAVA_OPTS. +# This is used to calculate the maximum value of the initial heap memory. If used in +# a container without any memory constraints for the container then this option has +# no effect. If there is a memory constraint then `-Xms` is limited to the value set +# here. The default is 4096MB which means the calculated value of `-Xms` never will +# be greater than 4096MB. The value of this variable is expressed in MB (example: "4096") +# - JAVA_DIAGNOSTICS: Set this to get some diagnostics information to standard output +# when things are happening. This option, if set to true, will set +# `-XX:+UnlockDiagnosticVMOptions`. Disabled by default (example: "true"). +# - JAVA_DEBUG: If set remote debugging will be switched on. Disabled by default (example: +# true"). +# - JAVA_DEBUG_PORT: Port used for remote debugging. Defaults to 5005 (example: "8787"). +# - CONTAINER_CORE_LIMIT: A calculated core limit as described in +# https://www.kernel.org/doc/Documentation/scheduler/sched-bwc.txt. (example: "2") +# - CONTAINER_MAX_MEMORY: Memory limit given to the container (example: "1024"). +# - GC_MIN_HEAP_FREE_RATIO: Minimum percentage of heap free after GC to avoid expansion. +# (example: "20") +# - GC_MAX_HEAP_FREE_RATIO: Maximum percentage of heap free after GC to avoid shrinking. +# (example: "40") +# - GC_TIME_RATIO: Specifies the ratio of the time spent outside the garbage collection. +# (example: "4") +# - GC_ADAPTIVE_SIZE_POLICY_WEIGHT: The weighting given to the current GC time versus +# previous GC times. (example: "90") +# - GC_METASPACE_SIZE: The initial metaspace size. (example: "20") +# - GC_MAX_METASPACE_SIZE: The maximum metaspace size. (example: "100") +# - GC_CONTAINER_OPTIONS: Specify Java GC to use. The value of this variable should +# contain the necessary JRE command-line options to specify the required GC, which +# will override the default of `-XX:+UseParallelGC` (example: -XX:+UseG1GC). +# - HTTPS_PROXY: The location of the https proxy. (example: "myuser@127.0.0.1:8080") +# - HTTP_PROXY: The location of the http proxy. (example: "myuser@127.0.0.1:8080") +# - NO_PROXY: A comma separated lists of hosts, IP addresses or domains that can be +# accessed directly. (example: "foo.example.com,bar.example.com") # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/openjdk-11:1.14 + +ENV LANGUAGE='en_US:en' -ARG JAVA_PACKAGE=java-11-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.8 -ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' -# Install java and the run-java script -# Also set up permissions for user `1001` -RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ - && microdnf update \ - && microdnf clean all \ - && mkdir /deployments \ - && chown 1001 /deployments \ - && chmod "g+rwX" /deployments \ - && chown 1001:root /deployments \ - && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ - && chown 1001 /deployments/run-java.sh \ - && chmod 540 /deployments/run-java.sh \ - && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security -# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. -ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" COPY target/lib/* /deployments/lib/ -COPY target/*-runner.jar /deployments/app.jar +COPY target/*-runner.jar /deployments/quarkus-run.jar EXPOSE 8080 -USER 1001 - -ENTRYPOINT [ "/deployments/run-java.sh" ] +USER 185 +ENV AB_JOLOKIA_OFF="" +ENV JAVA_OPTS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +ENV JAVA_APP_JAR="/deployments/quarkus-run.jar" diff --git a/microprofile-fault-tolerance-quickstart/src/main/docker/Dockerfile.native b/microprofile-fault-tolerance-quickstart/src/main/docker/Dockerfile.native index 1c5eb3bd2c..333fc384ff 100644 --- a/microprofile-fault-tolerance-quickstart/src/main/docker/Dockerfile.native +++ b/microprofile-fault-tolerance-quickstart/src/main/docker/Dockerfile.native @@ -1,5 +1,5 @@ #### -# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode. # # Before building the container image run: # @@ -7,14 +7,14 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native -t quarkus/microprofile-fault-tolerance . +# docker build -f src/main/docker/Dockerfile.native -t quarkus/microprofile-fault-tolerance-quickstart . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/microprofile-fault-tolerance +# docker run -i --rm -p 8080:8080 quarkus/microprofile-fault-tolerance-quickstart # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.6 WORKDIR /work/ RUN chown 1001 /work \ && chmod "g+rwX" /work \ diff --git a/microprofile-fault-tolerance-quickstart/src/main/docker/Dockerfile.native-micro b/microprofile-fault-tolerance-quickstart/src/main/docker/Dockerfile.native-micro index cd38f87b9f..a3a979d045 100644 --- a/microprofile-fault-tolerance-quickstart/src/main/docker/Dockerfile.native-micro +++ b/microprofile-fault-tolerance-quickstart/src/main/docker/Dockerfile.native-micro @@ -1,5 +1,8 @@ #### -# This Dockerfile is used in order to build a distroless container that runs the Quarkus application in native (no JVM) mode +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode. +# It uses a micro base image, tuned for Quarkus native executables. +# It reduces the size of the resulting container image. +# Check https://quarkus.io/guides/quarkus-runtime-base-image for further information about this image. # # Before building the container image run: # @@ -7,15 +10,19 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native-micro -t quarkus/microprofile-fault-tolerance . +# docker build -f src/main/docker/Dockerfile.native-micro -t quarkus/microprofile-fault-tolerance-quickstart . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/microprofile-fault-tolerance +# docker run -i --rm -p 8080:8080 quarkus/microprofile-fault-tolerance-quickstart # ### -FROM quay.io/quarkus/quarkus-micro-image:1.0 -COPY target/*-runner /application +FROM quay.io/quarkus/quarkus-micro-image:2.0 +WORKDIR /work/ +RUN chown 1001 /work \ + && chmod "g+rwX" /work \ + && chown 1001:root /work +COPY --chown=1001:root target/*-runner /work/application EXPOSE 8080 USER 1001 diff --git a/microprofile-graphql-client-quickstart/pom.xml b/microprofile-graphql-client-quickstart/pom.xml index 74707c7b8a..bc2a61e4ff 100644 --- a/microprofile-graphql-client-quickstart/pom.xml +++ b/microprofile-graphql-client-quickstart/pom.xml @@ -13,7 +13,7 @@ 11 io.quarkus quarkus-bom - 999-SNAPSHOT + 2.14.0.Final 3.0.0-M7 diff --git a/microprofile-graphql-quickstart/pom.xml b/microprofile-graphql-quickstart/pom.xml index 5c7c6d70af..3a93a1647f 100644 --- a/microprofile-graphql-quickstart/pom.xml +++ b/microprofile-graphql-quickstart/pom.xml @@ -12,7 +12,7 @@ 11 io.quarkus quarkus-bom - 999-SNAPSHOT + 2.14.0.Final 3.0.0-M7 diff --git a/microprofile-graphql-quickstart/src/main/docker/Dockerfile.jvm b/microprofile-graphql-quickstart/src/main/docker/Dockerfile.jvm index b7a9126b60..5f684bde8a 100644 --- a/microprofile-graphql-quickstart/src/main/docker/Dockerfile.jvm +++ b/microprofile-graphql-quickstart/src/main/docker/Dockerfile.jvm @@ -7,48 +7,88 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/microprofile-graphql-jvm . +# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/microprofile-graphql-quickstart-jvm . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/microprofile-graphql-jvm +# docker run -i --rm -p 8080:8080 quarkus/microprofile-graphql-quickstart-jvm # # If you want to include the debug port into your docker image -# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5005 # # Then run the container using : # -# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/microprofile-graphql-jvm +# docker run -i --rm -p 8080:8080 quarkus/microprofile-graphql-quickstart-jvm +# +# This image uses the `run-java.sh` script to run the application. +# This scripts computes the command line to execute your Java application, and +# includes memory/GC tuning. +# You can configure the behavior using the following environment properties: +# - JAVA_OPTS: JVM options passed to the `java` command (example: "-verbose:class") +# - JAVA_OPTS_APPEND: User specified Java options to be appended to generated options +# in JAVA_OPTS (example: "-Dsome.property=foo") +# - JAVA_MAX_MEM_RATIO: Is used when no `-Xmx` option is given in JAVA_OPTS. This is +# used to calculate a default maximal heap memory based on a containers restriction. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xmx` is set to a ratio +# of the container available memory as set here. The default is `50` which means 50% +# of the available memory is used as an upper boundary. You can skip this mechanism by +# setting this value to `0` in which case no `-Xmx` option is added. +# - JAVA_INITIAL_MEM_RATIO: Is used when no `-Xms` option is given in JAVA_OPTS. This +# is used to calculate a default initial heap memory based on the maximum heap memory. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xms` is set to a ratio +# of the `-Xmx` memory as set here. The default is `25` which means 25% of the `-Xmx` +# is used as the initial heap size. You can skip this mechanism by setting this value +# to `0` in which case no `-Xms` option is added (example: "25") +# - JAVA_MAX_INITIAL_MEM: Is used when no `-Xms` option is given in JAVA_OPTS. +# This is used to calculate the maximum value of the initial heap memory. If used in +# a container without any memory constraints for the container then this option has +# no effect. If there is a memory constraint then `-Xms` is limited to the value set +# here. The default is 4096MB which means the calculated value of `-Xms` never will +# be greater than 4096MB. The value of this variable is expressed in MB (example: "4096") +# - JAVA_DIAGNOSTICS: Set this to get some diagnostics information to standard output +# when things are happening. This option, if set to true, will set +# `-XX:+UnlockDiagnosticVMOptions`. Disabled by default (example: "true"). +# - JAVA_DEBUG: If set remote debugging will be switched on. Disabled by default (example: +# true"). +# - JAVA_DEBUG_PORT: Port used for remote debugging. Defaults to 5005 (example: "8787"). +# - CONTAINER_CORE_LIMIT: A calculated core limit as described in +# https://www.kernel.org/doc/Documentation/scheduler/sched-bwc.txt. (example: "2") +# - CONTAINER_MAX_MEMORY: Memory limit given to the container (example: "1024"). +# - GC_MIN_HEAP_FREE_RATIO: Minimum percentage of heap free after GC to avoid expansion. +# (example: "20") +# - GC_MAX_HEAP_FREE_RATIO: Maximum percentage of heap free after GC to avoid shrinking. +# (example: "40") +# - GC_TIME_RATIO: Specifies the ratio of the time spent outside the garbage collection. +# (example: "4") +# - GC_ADAPTIVE_SIZE_POLICY_WEIGHT: The weighting given to the current GC time versus +# previous GC times. (example: "90") +# - GC_METASPACE_SIZE: The initial metaspace size. (example: "20") +# - GC_MAX_METASPACE_SIZE: The maximum metaspace size. (example: "100") +# - GC_CONTAINER_OPTIONS: Specify Java GC to use. The value of this variable should +# contain the necessary JRE command-line options to specify the required GC, which +# will override the default of `-XX:+UseParallelGC` (example: -XX:+UseG1GC). +# - HTTPS_PROXY: The location of the https proxy. (example: "myuser@127.0.0.1:8080") +# - HTTP_PROXY: The location of the http proxy. (example: "myuser@127.0.0.1:8080") +# - NO_PROXY: A comma separated lists of hosts, IP addresses or domains that can be +# accessed directly. (example: "foo.example.com,bar.example.com") # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/openjdk-11:1.14 + +ENV LANGUAGE='en_US:en' -ARG JAVA_PACKAGE=java-11-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.8 -ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' -# Install java and the run-java script -# Also set up permissions for user `1001` -RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ - && microdnf update \ - && microdnf clean all \ - && mkdir /deployments \ - && chown 1001 /deployments \ - && chmod "g+rwX" /deployments \ - && chown 1001:root /deployments \ - && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ - && chown 1001 /deployments/run-java.sh \ - && chmod 540 /deployments/run-java.sh \ - && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security -# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. -ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" # We make four distinct layers so if there are application changes the library layers can be re-used -COPY --chown=1001 target/quarkus-app/lib/ /deployments/lib/ -COPY --chown=1001 target/quarkus-app/*.jar /deployments/ -COPY --chown=1001 target/quarkus-app/app/ /deployments/app/ -COPY --chown=1001 target/quarkus-app/quarkus/ /deployments/quarkus/ +COPY --chown=185 target/quarkus-app/lib/ /deployments/lib/ +COPY --chown=185 target/quarkus-app/*.jar /deployments/ +COPY --chown=185 target/quarkus-app/app/ /deployments/app/ +COPY --chown=185 target/quarkus-app/quarkus/ /deployments/quarkus/ EXPOSE 8080 -USER 1001 +USER 185 +ENV AB_JOLOKIA_OFF="" +ENV JAVA_OPTS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +ENV JAVA_APP_JAR="/deployments/quarkus-run.jar" -ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/microprofile-graphql-quickstart/src/main/docker/Dockerfile.legacy-jar b/microprofile-graphql-quickstart/src/main/docker/Dockerfile.legacy-jar index f290ef16e3..7995ee2881 100644 --- a/microprofile-graphql-quickstart/src/main/docker/Dockerfile.legacy-jar +++ b/microprofile-graphql-quickstart/src/main/docker/Dockerfile.legacy-jar @@ -7,45 +7,84 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/microprofile-graphql-legacy-jar . +# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/microprofile-graphql-quickstart-legacy-jar . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/microprofile-graphql-legacy-jar +# docker run -i --rm -p 8080:8080 quarkus/microprofile-graphql-quickstart-legacy-jar # # If you want to include the debug port into your docker image -# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5005 # # Then run the container using : # -# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/microprofile-graphql-legacy-jar +# docker run -i --rm -p 8080:8080 quarkus/microprofile-graphql-quickstart-legacy-jar +# +# This image uses the `run-java.sh` script to run the application. +# This scripts computes the command line to execute your Java application, and +# includes memory/GC tuning. +# You can configure the behavior using the following environment properties: +# - JAVA_OPTS: JVM options passed to the `java` command (example: "-verbose:class") +# - JAVA_OPTS_APPEND: User specified Java options to be appended to generated options +# in JAVA_OPTS (example: "-Dsome.property=foo") +# - JAVA_MAX_MEM_RATIO: Is used when no `-Xmx` option is given in JAVA_OPTS. This is +# used to calculate a default maximal heap memory based on a containers restriction. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xmx` is set to a ratio +# of the container available memory as set here. The default is `50` which means 50% +# of the available memory is used as an upper boundary. You can skip this mechanism by +# setting this value to `0` in which case no `-Xmx` option is added. +# - JAVA_INITIAL_MEM_RATIO: Is used when no `-Xms` option is given in JAVA_OPTS. This +# is used to calculate a default initial heap memory based on the maximum heap memory. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xms` is set to a ratio +# of the `-Xmx` memory as set here. The default is `25` which means 25% of the `-Xmx` +# is used as the initial heap size. You can skip this mechanism by setting this value +# to `0` in which case no `-Xms` option is added (example: "25") +# - JAVA_MAX_INITIAL_MEM: Is used when no `-Xms` option is given in JAVA_OPTS. +# This is used to calculate the maximum value of the initial heap memory. If used in +# a container without any memory constraints for the container then this option has +# no effect. If there is a memory constraint then `-Xms` is limited to the value set +# here. The default is 4096MB which means the calculated value of `-Xms` never will +# be greater than 4096MB. The value of this variable is expressed in MB (example: "4096") +# - JAVA_DIAGNOSTICS: Set this to get some diagnostics information to standard output +# when things are happening. This option, if set to true, will set +# `-XX:+UnlockDiagnosticVMOptions`. Disabled by default (example: "true"). +# - JAVA_DEBUG: If set remote debugging will be switched on. Disabled by default (example: +# true"). +# - JAVA_DEBUG_PORT: Port used for remote debugging. Defaults to 5005 (example: "8787"). +# - CONTAINER_CORE_LIMIT: A calculated core limit as described in +# https://www.kernel.org/doc/Documentation/scheduler/sched-bwc.txt. (example: "2") +# - CONTAINER_MAX_MEMORY: Memory limit given to the container (example: "1024"). +# - GC_MIN_HEAP_FREE_RATIO: Minimum percentage of heap free after GC to avoid expansion. +# (example: "20") +# - GC_MAX_HEAP_FREE_RATIO: Maximum percentage of heap free after GC to avoid shrinking. +# (example: "40") +# - GC_TIME_RATIO: Specifies the ratio of the time spent outside the garbage collection. +# (example: "4") +# - GC_ADAPTIVE_SIZE_POLICY_WEIGHT: The weighting given to the current GC time versus +# previous GC times. (example: "90") +# - GC_METASPACE_SIZE: The initial metaspace size. (example: "20") +# - GC_MAX_METASPACE_SIZE: The maximum metaspace size. (example: "100") +# - GC_CONTAINER_OPTIONS: Specify Java GC to use. The value of this variable should +# contain the necessary JRE command-line options to specify the required GC, which +# will override the default of `-XX:+UseParallelGC` (example: -XX:+UseG1GC). +# - HTTPS_PROXY: The location of the https proxy. (example: "myuser@127.0.0.1:8080") +# - HTTP_PROXY: The location of the http proxy. (example: "myuser@127.0.0.1:8080") +# - NO_PROXY: A comma separated lists of hosts, IP addresses or domains that can be +# accessed directly. (example: "foo.example.com,bar.example.com") # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/openjdk-11:1.14 + +ENV LANGUAGE='en_US:en' -ARG JAVA_PACKAGE=java-11-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.8 -ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' -# Install java and the run-java script -# Also set up permissions for user `1001` -RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ - && microdnf update \ - && microdnf clean all \ - && mkdir /deployments \ - && chown 1001 /deployments \ - && chmod "g+rwX" /deployments \ - && chown 1001:root /deployments \ - && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ - && chown 1001 /deployments/run-java.sh \ - && chmod 540 /deployments/run-java.sh \ - && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security -# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. -ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" COPY target/lib/* /deployments/lib/ -COPY target/*-runner.jar /deployments/app.jar +COPY target/*-runner.jar /deployments/quarkus-run.jar EXPOSE 8080 -USER 1001 - -ENTRYPOINT [ "/deployments/run-java.sh" ] +USER 185 +ENV AB_JOLOKIA_OFF="" +ENV JAVA_OPTS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +ENV JAVA_APP_JAR="/deployments/quarkus-run.jar" diff --git a/microprofile-graphql-quickstart/src/main/docker/Dockerfile.native b/microprofile-graphql-quickstart/src/main/docker/Dockerfile.native index 4bc9b1d23c..e62170ca7a 100644 --- a/microprofile-graphql-quickstart/src/main/docker/Dockerfile.native +++ b/microprofile-graphql-quickstart/src/main/docker/Dockerfile.native @@ -1,5 +1,5 @@ #### -# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode. # # Before building the container image run: # @@ -7,14 +7,14 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native -t quarkus/microprofile-graphql . +# docker build -f src/main/docker/Dockerfile.native -t quarkus/microprofile-graphql-quickstart . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/microprofile-graphql +# docker run -i --rm -p 8080:8080 quarkus/microprofile-graphql-quickstart # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.6 WORKDIR /work/ RUN chown 1001 /work \ && chmod "g+rwX" /work \ diff --git a/microprofile-graphql-quickstart/src/main/docker/Dockerfile.native-micro b/microprofile-graphql-quickstart/src/main/docker/Dockerfile.native-micro index 69785b66ab..2c7920d9cf 100644 --- a/microprofile-graphql-quickstart/src/main/docker/Dockerfile.native-micro +++ b/microprofile-graphql-quickstart/src/main/docker/Dockerfile.native-micro @@ -1,5 +1,8 @@ #### -# This Dockerfile is used in order to build a distroless container that runs the Quarkus application in native (no JVM) mode +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode. +# It uses a micro base image, tuned for Quarkus native executables. +# It reduces the size of the resulting container image. +# Check https://quarkus.io/guides/quarkus-runtime-base-image for further information about this image. # # Before building the container image run: # @@ -7,15 +10,19 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native-micro -t quarkus/microprofile-graphql . +# docker build -f src/main/docker/Dockerfile.native-micro -t quarkus/microprofile-graphql-quickstart . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/microprofile-graphql +# docker run -i --rm -p 8080:8080 quarkus/microprofile-graphql-quickstart # ### -FROM quay.io/quarkus/quarkus-micro-image:1.0 -COPY target/*-runner /application +FROM quay.io/quarkus/quarkus-micro-image:2.0 +WORKDIR /work/ +RUN chown 1001 /work \ + && chmod "g+rwX" /work \ + && chown 1001:root /work +COPY --chown=1001:root target/*-runner /work/application EXPOSE 8080 USER 1001 diff --git a/microprofile-health-quickstart/pom.xml b/microprofile-health-quickstart/pom.xml index 1e915d6184..f24f05c03e 100644 --- a/microprofile-health-quickstart/pom.xml +++ b/microprofile-health-quickstart/pom.xml @@ -9,7 +9,7 @@ quarkus-bom io.quarkus - 999-SNAPSHOT + 2.14.0.Final 3.0.0-M7 11 11 diff --git a/microprofile-health-quickstart/src/main/docker/Dockerfile.jvm b/microprofile-health-quickstart/src/main/docker/Dockerfile.jvm index c4671bd315..28d318a2b6 100644 --- a/microprofile-health-quickstart/src/main/docker/Dockerfile.jvm +++ b/microprofile-health-quickstart/src/main/docker/Dockerfile.jvm @@ -7,48 +7,88 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/microprofile-health-jvm . +# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/microprofile-health-quickstart-jvm . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/microprofile-health-jvm +# docker run -i --rm -p 8080:8080 quarkus/microprofile-health-quickstart-jvm # # If you want to include the debug port into your docker image -# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5005 # # Then run the container using : # -# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/microprofile-health-jvm +# docker run -i --rm -p 8080:8080 quarkus/microprofile-health-quickstart-jvm +# +# This image uses the `run-java.sh` script to run the application. +# This scripts computes the command line to execute your Java application, and +# includes memory/GC tuning. +# You can configure the behavior using the following environment properties: +# - JAVA_OPTS: JVM options passed to the `java` command (example: "-verbose:class") +# - JAVA_OPTS_APPEND: User specified Java options to be appended to generated options +# in JAVA_OPTS (example: "-Dsome.property=foo") +# - JAVA_MAX_MEM_RATIO: Is used when no `-Xmx` option is given in JAVA_OPTS. This is +# used to calculate a default maximal heap memory based on a containers restriction. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xmx` is set to a ratio +# of the container available memory as set here. The default is `50` which means 50% +# of the available memory is used as an upper boundary. You can skip this mechanism by +# setting this value to `0` in which case no `-Xmx` option is added. +# - JAVA_INITIAL_MEM_RATIO: Is used when no `-Xms` option is given in JAVA_OPTS. This +# is used to calculate a default initial heap memory based on the maximum heap memory. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xms` is set to a ratio +# of the `-Xmx` memory as set here. The default is `25` which means 25% of the `-Xmx` +# is used as the initial heap size. You can skip this mechanism by setting this value +# to `0` in which case no `-Xms` option is added (example: "25") +# - JAVA_MAX_INITIAL_MEM: Is used when no `-Xms` option is given in JAVA_OPTS. +# This is used to calculate the maximum value of the initial heap memory. If used in +# a container without any memory constraints for the container then this option has +# no effect. If there is a memory constraint then `-Xms` is limited to the value set +# here. The default is 4096MB which means the calculated value of `-Xms` never will +# be greater than 4096MB. The value of this variable is expressed in MB (example: "4096") +# - JAVA_DIAGNOSTICS: Set this to get some diagnostics information to standard output +# when things are happening. This option, if set to true, will set +# `-XX:+UnlockDiagnosticVMOptions`. Disabled by default (example: "true"). +# - JAVA_DEBUG: If set remote debugging will be switched on. Disabled by default (example: +# true"). +# - JAVA_DEBUG_PORT: Port used for remote debugging. Defaults to 5005 (example: "8787"). +# - CONTAINER_CORE_LIMIT: A calculated core limit as described in +# https://www.kernel.org/doc/Documentation/scheduler/sched-bwc.txt. (example: "2") +# - CONTAINER_MAX_MEMORY: Memory limit given to the container (example: "1024"). +# - GC_MIN_HEAP_FREE_RATIO: Minimum percentage of heap free after GC to avoid expansion. +# (example: "20") +# - GC_MAX_HEAP_FREE_RATIO: Maximum percentage of heap free after GC to avoid shrinking. +# (example: "40") +# - GC_TIME_RATIO: Specifies the ratio of the time spent outside the garbage collection. +# (example: "4") +# - GC_ADAPTIVE_SIZE_POLICY_WEIGHT: The weighting given to the current GC time versus +# previous GC times. (example: "90") +# - GC_METASPACE_SIZE: The initial metaspace size. (example: "20") +# - GC_MAX_METASPACE_SIZE: The maximum metaspace size. (example: "100") +# - GC_CONTAINER_OPTIONS: Specify Java GC to use. The value of this variable should +# contain the necessary JRE command-line options to specify the required GC, which +# will override the default of `-XX:+UseParallelGC` (example: -XX:+UseG1GC). +# - HTTPS_PROXY: The location of the https proxy. (example: "myuser@127.0.0.1:8080") +# - HTTP_PROXY: The location of the http proxy. (example: "myuser@127.0.0.1:8080") +# - NO_PROXY: A comma separated lists of hosts, IP addresses or domains that can be +# accessed directly. (example: "foo.example.com,bar.example.com") # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/openjdk-11:1.14 + +ENV LANGUAGE='en_US:en' -ARG JAVA_PACKAGE=java-11-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.8 -ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' -# Install java and the run-java script -# Also set up permissions for user `1001` -RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ - && microdnf update \ - && microdnf clean all \ - && mkdir /deployments \ - && chown 1001 /deployments \ - && chmod "g+rwX" /deployments \ - && chown 1001:root /deployments \ - && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ - && chown 1001 /deployments/run-java.sh \ - && chmod 540 /deployments/run-java.sh \ - && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security -# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. -ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" # We make four distinct layers so if there are application changes the library layers can be re-used -COPY --chown=1001 target/quarkus-app/lib/ /deployments/lib/ -COPY --chown=1001 target/quarkus-app/*.jar /deployments/ -COPY --chown=1001 target/quarkus-app/app/ /deployments/app/ -COPY --chown=1001 target/quarkus-app/quarkus/ /deployments/quarkus/ +COPY --chown=185 target/quarkus-app/lib/ /deployments/lib/ +COPY --chown=185 target/quarkus-app/*.jar /deployments/ +COPY --chown=185 target/quarkus-app/app/ /deployments/app/ +COPY --chown=185 target/quarkus-app/quarkus/ /deployments/quarkus/ EXPOSE 8080 -USER 1001 +USER 185 +ENV AB_JOLOKIA_OFF="" +ENV JAVA_OPTS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +ENV JAVA_APP_JAR="/deployments/quarkus-run.jar" -ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/microprofile-health-quickstart/src/main/docker/Dockerfile.legacy-jar b/microprofile-health-quickstart/src/main/docker/Dockerfile.legacy-jar index 96b4647c0d..667fbb8515 100644 --- a/microprofile-health-quickstart/src/main/docker/Dockerfile.legacy-jar +++ b/microprofile-health-quickstart/src/main/docker/Dockerfile.legacy-jar @@ -7,45 +7,84 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/microprofile-health-legacy-jar . +# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/microprofile-health-quickstart-legacy-jar . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/microprofile-health-legacy-jar +# docker run -i --rm -p 8080:8080 quarkus/microprofile-health-quickstart-legacy-jar # # If you want to include the debug port into your docker image -# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5005 # # Then run the container using : # -# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/microprofile-health-legacy-jar +# docker run -i --rm -p 8080:8080 quarkus/microprofile-health-quickstart-legacy-jar +# +# This image uses the `run-java.sh` script to run the application. +# This scripts computes the command line to execute your Java application, and +# includes memory/GC tuning. +# You can configure the behavior using the following environment properties: +# - JAVA_OPTS: JVM options passed to the `java` command (example: "-verbose:class") +# - JAVA_OPTS_APPEND: User specified Java options to be appended to generated options +# in JAVA_OPTS (example: "-Dsome.property=foo") +# - JAVA_MAX_MEM_RATIO: Is used when no `-Xmx` option is given in JAVA_OPTS. This is +# used to calculate a default maximal heap memory based on a containers restriction. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xmx` is set to a ratio +# of the container available memory as set here. The default is `50` which means 50% +# of the available memory is used as an upper boundary. You can skip this mechanism by +# setting this value to `0` in which case no `-Xmx` option is added. +# - JAVA_INITIAL_MEM_RATIO: Is used when no `-Xms` option is given in JAVA_OPTS. This +# is used to calculate a default initial heap memory based on the maximum heap memory. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xms` is set to a ratio +# of the `-Xmx` memory as set here. The default is `25` which means 25% of the `-Xmx` +# is used as the initial heap size. You can skip this mechanism by setting this value +# to `0` in which case no `-Xms` option is added (example: "25") +# - JAVA_MAX_INITIAL_MEM: Is used when no `-Xms` option is given in JAVA_OPTS. +# This is used to calculate the maximum value of the initial heap memory. If used in +# a container without any memory constraints for the container then this option has +# no effect. If there is a memory constraint then `-Xms` is limited to the value set +# here. The default is 4096MB which means the calculated value of `-Xms` never will +# be greater than 4096MB. The value of this variable is expressed in MB (example: "4096") +# - JAVA_DIAGNOSTICS: Set this to get some diagnostics information to standard output +# when things are happening. This option, if set to true, will set +# `-XX:+UnlockDiagnosticVMOptions`. Disabled by default (example: "true"). +# - JAVA_DEBUG: If set remote debugging will be switched on. Disabled by default (example: +# true"). +# - JAVA_DEBUG_PORT: Port used for remote debugging. Defaults to 5005 (example: "8787"). +# - CONTAINER_CORE_LIMIT: A calculated core limit as described in +# https://www.kernel.org/doc/Documentation/scheduler/sched-bwc.txt. (example: "2") +# - CONTAINER_MAX_MEMORY: Memory limit given to the container (example: "1024"). +# - GC_MIN_HEAP_FREE_RATIO: Minimum percentage of heap free after GC to avoid expansion. +# (example: "20") +# - GC_MAX_HEAP_FREE_RATIO: Maximum percentage of heap free after GC to avoid shrinking. +# (example: "40") +# - GC_TIME_RATIO: Specifies the ratio of the time spent outside the garbage collection. +# (example: "4") +# - GC_ADAPTIVE_SIZE_POLICY_WEIGHT: The weighting given to the current GC time versus +# previous GC times. (example: "90") +# - GC_METASPACE_SIZE: The initial metaspace size. (example: "20") +# - GC_MAX_METASPACE_SIZE: The maximum metaspace size. (example: "100") +# - GC_CONTAINER_OPTIONS: Specify Java GC to use. The value of this variable should +# contain the necessary JRE command-line options to specify the required GC, which +# will override the default of `-XX:+UseParallelGC` (example: -XX:+UseG1GC). +# - HTTPS_PROXY: The location of the https proxy. (example: "myuser@127.0.0.1:8080") +# - HTTP_PROXY: The location of the http proxy. (example: "myuser@127.0.0.1:8080") +# - NO_PROXY: A comma separated lists of hosts, IP addresses or domains that can be +# accessed directly. (example: "foo.example.com,bar.example.com") # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/openjdk-11:1.14 + +ENV LANGUAGE='en_US:en' -ARG JAVA_PACKAGE=java-11-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.8 -ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' -# Install java and the run-java script -# Also set up permissions for user `1001` -RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ - && microdnf update \ - && microdnf clean all \ - && mkdir /deployments \ - && chown 1001 /deployments \ - && chmod "g+rwX" /deployments \ - && chown 1001:root /deployments \ - && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ - && chown 1001 /deployments/run-java.sh \ - && chmod 540 /deployments/run-java.sh \ - && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security -# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. -ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" COPY target/lib/* /deployments/lib/ -COPY target/*-runner.jar /deployments/app.jar +COPY target/*-runner.jar /deployments/quarkus-run.jar EXPOSE 8080 -USER 1001 - -ENTRYPOINT [ "/deployments/run-java.sh" ] +USER 185 +ENV AB_JOLOKIA_OFF="" +ENV JAVA_OPTS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +ENV JAVA_APP_JAR="/deployments/quarkus-run.jar" diff --git a/microprofile-health-quickstart/src/main/docker/Dockerfile.native b/microprofile-health-quickstart/src/main/docker/Dockerfile.native index fdd56f8066..a9554f3a55 100644 --- a/microprofile-health-quickstart/src/main/docker/Dockerfile.native +++ b/microprofile-health-quickstart/src/main/docker/Dockerfile.native @@ -1,5 +1,5 @@ #### -# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode. # # Before building the container image run: # @@ -7,14 +7,14 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native -t quarkus/microprofile-health . +# docker build -f src/main/docker/Dockerfile.native -t quarkus/microprofile-health-quickstart . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/microprofile-health +# docker run -i --rm -p 8080:8080 quarkus/microprofile-health-quickstart # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.6 WORKDIR /work/ RUN chown 1001 /work \ && chmod "g+rwX" /work \ diff --git a/microprofile-health-quickstart/src/main/docker/Dockerfile.native-micro b/microprofile-health-quickstart/src/main/docker/Dockerfile.native-micro index 3f92dcbaba..681c1d0865 100644 --- a/microprofile-health-quickstart/src/main/docker/Dockerfile.native-micro +++ b/microprofile-health-quickstart/src/main/docker/Dockerfile.native-micro @@ -1,5 +1,8 @@ #### -# This Dockerfile is used in order to build a distroless container that runs the Quarkus application in native (no JVM) mode +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode. +# It uses a micro base image, tuned for Quarkus native executables. +# It reduces the size of the resulting container image. +# Check https://quarkus.io/guides/quarkus-runtime-base-image for further information about this image. # # Before building the container image run: # @@ -7,15 +10,19 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native-micro -t quarkus/microprofile-health . +# docker build -f src/main/docker/Dockerfile.native-micro -t quarkus/microprofile-health-quickstart . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/microprofile-health +# docker run -i --rm -p 8080:8080 quarkus/microprofile-health-quickstart # ### -FROM quay.io/quarkus/quarkus-micro-image:1.0 -COPY target/*-runner /application +FROM quay.io/quarkus/quarkus-micro-image:2.0 +WORKDIR /work/ +RUN chown 1001 /work \ + && chmod "g+rwX" /work \ + && chown 1001:root /work +COPY --chown=1001:root target/*-runner /work/application EXPOSE 8080 USER 1001 diff --git a/microprofile-health-quickstart/src/main/resources/META-INF/resources/index.html b/microprofile-health-quickstart/src/main/resources/META-INF/resources/index.html index bea2fec006..7d9c0112aa 100644 --- a/microprofile-health-quickstart/src/main/resources/META-INF/resources/index.html +++ b/microprofile-health-quickstart/src/main/resources/META-INF/resources/index.html @@ -133,7 +133,7 @@

    Application

  • GroupId: org.acme
  • ArtifactId: microprofile-health
  • Version: 1.0.0-SNAPSHOT
  • -
  • Quarkus Version: 999-SNAPSHOT
  • +
  • Quarkus Version: 2.14.0.Final
  • diff --git a/microprofile-metrics-quickstart/pom.xml b/microprofile-metrics-quickstart/pom.xml index 059512f480..19205336ac 100644 --- a/microprofile-metrics-quickstart/pom.xml +++ b/microprofile-metrics-quickstart/pom.xml @@ -11,7 +11,7 @@ quarkus-bom io.quarkus - 999-SNAPSHOT + 2.14.0.Final 3.8.1 3.0.0-M7 11 diff --git a/microprofile-metrics-quickstart/src/main/docker/Dockerfile.jvm b/microprofile-metrics-quickstart/src/main/docker/Dockerfile.jvm index 57fd3c4bd0..5eea9a11e6 100644 --- a/microprofile-metrics-quickstart/src/main/docker/Dockerfile.jvm +++ b/microprofile-metrics-quickstart/src/main/docker/Dockerfile.jvm @@ -7,48 +7,88 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/microprofile-metrics-jvm . +# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/microprofile-metrics-quickstart-jvm . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/microprofile-metrics-jvm +# docker run -i --rm -p 8080:8080 quarkus/microprofile-metrics-quickstart-jvm # # If you want to include the debug port into your docker image -# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5005 # # Then run the container using : # -# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/microprofile-metrics-jvm +# docker run -i --rm -p 8080:8080 quarkus/microprofile-metrics-quickstart-jvm +# +# This image uses the `run-java.sh` script to run the application. +# This scripts computes the command line to execute your Java application, and +# includes memory/GC tuning. +# You can configure the behavior using the following environment properties: +# - JAVA_OPTS: JVM options passed to the `java` command (example: "-verbose:class") +# - JAVA_OPTS_APPEND: User specified Java options to be appended to generated options +# in JAVA_OPTS (example: "-Dsome.property=foo") +# - JAVA_MAX_MEM_RATIO: Is used when no `-Xmx` option is given in JAVA_OPTS. This is +# used to calculate a default maximal heap memory based on a containers restriction. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xmx` is set to a ratio +# of the container available memory as set here. The default is `50` which means 50% +# of the available memory is used as an upper boundary. You can skip this mechanism by +# setting this value to `0` in which case no `-Xmx` option is added. +# - JAVA_INITIAL_MEM_RATIO: Is used when no `-Xms` option is given in JAVA_OPTS. This +# is used to calculate a default initial heap memory based on the maximum heap memory. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xms` is set to a ratio +# of the `-Xmx` memory as set here. The default is `25` which means 25% of the `-Xmx` +# is used as the initial heap size. You can skip this mechanism by setting this value +# to `0` in which case no `-Xms` option is added (example: "25") +# - JAVA_MAX_INITIAL_MEM: Is used when no `-Xms` option is given in JAVA_OPTS. +# This is used to calculate the maximum value of the initial heap memory. If used in +# a container without any memory constraints for the container then this option has +# no effect. If there is a memory constraint then `-Xms` is limited to the value set +# here. The default is 4096MB which means the calculated value of `-Xms` never will +# be greater than 4096MB. The value of this variable is expressed in MB (example: "4096") +# - JAVA_DIAGNOSTICS: Set this to get some diagnostics information to standard output +# when things are happening. This option, if set to true, will set +# `-XX:+UnlockDiagnosticVMOptions`. Disabled by default (example: "true"). +# - JAVA_DEBUG: If set remote debugging will be switched on. Disabled by default (example: +# true"). +# - JAVA_DEBUG_PORT: Port used for remote debugging. Defaults to 5005 (example: "8787"). +# - CONTAINER_CORE_LIMIT: A calculated core limit as described in +# https://www.kernel.org/doc/Documentation/scheduler/sched-bwc.txt. (example: "2") +# - CONTAINER_MAX_MEMORY: Memory limit given to the container (example: "1024"). +# - GC_MIN_HEAP_FREE_RATIO: Minimum percentage of heap free after GC to avoid expansion. +# (example: "20") +# - GC_MAX_HEAP_FREE_RATIO: Maximum percentage of heap free after GC to avoid shrinking. +# (example: "40") +# - GC_TIME_RATIO: Specifies the ratio of the time spent outside the garbage collection. +# (example: "4") +# - GC_ADAPTIVE_SIZE_POLICY_WEIGHT: The weighting given to the current GC time versus +# previous GC times. (example: "90") +# - GC_METASPACE_SIZE: The initial metaspace size. (example: "20") +# - GC_MAX_METASPACE_SIZE: The maximum metaspace size. (example: "100") +# - GC_CONTAINER_OPTIONS: Specify Java GC to use. The value of this variable should +# contain the necessary JRE command-line options to specify the required GC, which +# will override the default of `-XX:+UseParallelGC` (example: -XX:+UseG1GC). +# - HTTPS_PROXY: The location of the https proxy. (example: "myuser@127.0.0.1:8080") +# - HTTP_PROXY: The location of the http proxy. (example: "myuser@127.0.0.1:8080") +# - NO_PROXY: A comma separated lists of hosts, IP addresses or domains that can be +# accessed directly. (example: "foo.example.com,bar.example.com") # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/openjdk-11:1.14 + +ENV LANGUAGE='en_US:en' -ARG JAVA_PACKAGE=java-11-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.8 -ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' -# Install java and the run-java script -# Also set up permissions for user `1001` -RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ - && microdnf update \ - && microdnf clean all \ - && mkdir /deployments \ - && chown 1001 /deployments \ - && chmod "g+rwX" /deployments \ - && chown 1001:root /deployments \ - && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ - && chown 1001 /deployments/run-java.sh \ - && chmod 540 /deployments/run-java.sh \ - && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security -# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. -ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" # We make four distinct layers so if there are application changes the library layers can be re-used -COPY --chown=1001 target/quarkus-app/lib/ /deployments/lib/ -COPY --chown=1001 target/quarkus-app/*.jar /deployments/ -COPY --chown=1001 target/quarkus-app/app/ /deployments/app/ -COPY --chown=1001 target/quarkus-app/quarkus/ /deployments/quarkus/ +COPY --chown=185 target/quarkus-app/lib/ /deployments/lib/ +COPY --chown=185 target/quarkus-app/*.jar /deployments/ +COPY --chown=185 target/quarkus-app/app/ /deployments/app/ +COPY --chown=185 target/quarkus-app/quarkus/ /deployments/quarkus/ EXPOSE 8080 -USER 1001 +USER 185 +ENV AB_JOLOKIA_OFF="" +ENV JAVA_OPTS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +ENV JAVA_APP_JAR="/deployments/quarkus-run.jar" -ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/microprofile-metrics-quickstart/src/main/docker/Dockerfile.legacy-jar b/microprofile-metrics-quickstart/src/main/docker/Dockerfile.legacy-jar index ddf09c7e45..fa533ee58f 100644 --- a/microprofile-metrics-quickstart/src/main/docker/Dockerfile.legacy-jar +++ b/microprofile-metrics-quickstart/src/main/docker/Dockerfile.legacy-jar @@ -7,45 +7,84 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/microprofile-metrics-legacy-jar . +# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/microprofile-metrics-quickstart-legacy-jar . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/microprofile-metrics-legacy-jar +# docker run -i --rm -p 8080:8080 quarkus/microprofile-metrics-quickstart-legacy-jar # # If you want to include the debug port into your docker image -# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5005 # # Then run the container using : # -# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/microprofile-metrics-legacy-jar +# docker run -i --rm -p 8080:8080 quarkus/microprofile-metrics-quickstart-legacy-jar +# +# This image uses the `run-java.sh` script to run the application. +# This scripts computes the command line to execute your Java application, and +# includes memory/GC tuning. +# You can configure the behavior using the following environment properties: +# - JAVA_OPTS: JVM options passed to the `java` command (example: "-verbose:class") +# - JAVA_OPTS_APPEND: User specified Java options to be appended to generated options +# in JAVA_OPTS (example: "-Dsome.property=foo") +# - JAVA_MAX_MEM_RATIO: Is used when no `-Xmx` option is given in JAVA_OPTS. This is +# used to calculate a default maximal heap memory based on a containers restriction. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xmx` is set to a ratio +# of the container available memory as set here. The default is `50` which means 50% +# of the available memory is used as an upper boundary. You can skip this mechanism by +# setting this value to `0` in which case no `-Xmx` option is added. +# - JAVA_INITIAL_MEM_RATIO: Is used when no `-Xms` option is given in JAVA_OPTS. This +# is used to calculate a default initial heap memory based on the maximum heap memory. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xms` is set to a ratio +# of the `-Xmx` memory as set here. The default is `25` which means 25% of the `-Xmx` +# is used as the initial heap size. You can skip this mechanism by setting this value +# to `0` in which case no `-Xms` option is added (example: "25") +# - JAVA_MAX_INITIAL_MEM: Is used when no `-Xms` option is given in JAVA_OPTS. +# This is used to calculate the maximum value of the initial heap memory. If used in +# a container without any memory constraints for the container then this option has +# no effect. If there is a memory constraint then `-Xms` is limited to the value set +# here. The default is 4096MB which means the calculated value of `-Xms` never will +# be greater than 4096MB. The value of this variable is expressed in MB (example: "4096") +# - JAVA_DIAGNOSTICS: Set this to get some diagnostics information to standard output +# when things are happening. This option, if set to true, will set +# `-XX:+UnlockDiagnosticVMOptions`. Disabled by default (example: "true"). +# - JAVA_DEBUG: If set remote debugging will be switched on. Disabled by default (example: +# true"). +# - JAVA_DEBUG_PORT: Port used for remote debugging. Defaults to 5005 (example: "8787"). +# - CONTAINER_CORE_LIMIT: A calculated core limit as described in +# https://www.kernel.org/doc/Documentation/scheduler/sched-bwc.txt. (example: "2") +# - CONTAINER_MAX_MEMORY: Memory limit given to the container (example: "1024"). +# - GC_MIN_HEAP_FREE_RATIO: Minimum percentage of heap free after GC to avoid expansion. +# (example: "20") +# - GC_MAX_HEAP_FREE_RATIO: Maximum percentage of heap free after GC to avoid shrinking. +# (example: "40") +# - GC_TIME_RATIO: Specifies the ratio of the time spent outside the garbage collection. +# (example: "4") +# - GC_ADAPTIVE_SIZE_POLICY_WEIGHT: The weighting given to the current GC time versus +# previous GC times. (example: "90") +# - GC_METASPACE_SIZE: The initial metaspace size. (example: "20") +# - GC_MAX_METASPACE_SIZE: The maximum metaspace size. (example: "100") +# - GC_CONTAINER_OPTIONS: Specify Java GC to use. The value of this variable should +# contain the necessary JRE command-line options to specify the required GC, which +# will override the default of `-XX:+UseParallelGC` (example: -XX:+UseG1GC). +# - HTTPS_PROXY: The location of the https proxy. (example: "myuser@127.0.0.1:8080") +# - HTTP_PROXY: The location of the http proxy. (example: "myuser@127.0.0.1:8080") +# - NO_PROXY: A comma separated lists of hosts, IP addresses or domains that can be +# accessed directly. (example: "foo.example.com,bar.example.com") # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/openjdk-11:1.14 + +ENV LANGUAGE='en_US:en' -ARG JAVA_PACKAGE=java-11-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.8 -ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' -# Install java and the run-java script -# Also set up permissions for user `1001` -RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ - && microdnf update \ - && microdnf clean all \ - && mkdir /deployments \ - && chown 1001 /deployments \ - && chmod "g+rwX" /deployments \ - && chown 1001:root /deployments \ - && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ - && chown 1001 /deployments/run-java.sh \ - && chmod 540 /deployments/run-java.sh \ - && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security -# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. -ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" COPY target/lib/* /deployments/lib/ -COPY target/*-runner.jar /deployments/app.jar +COPY target/*-runner.jar /deployments/quarkus-run.jar EXPOSE 8080 -USER 1001 - -ENTRYPOINT [ "/deployments/run-java.sh" ] +USER 185 +ENV AB_JOLOKIA_OFF="" +ENV JAVA_OPTS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +ENV JAVA_APP_JAR="/deployments/quarkus-run.jar" diff --git a/microprofile-metrics-quickstart/src/main/docker/Dockerfile.native b/microprofile-metrics-quickstart/src/main/docker/Dockerfile.native index 355912448b..9d472a1b06 100644 --- a/microprofile-metrics-quickstart/src/main/docker/Dockerfile.native +++ b/microprofile-metrics-quickstart/src/main/docker/Dockerfile.native @@ -1,5 +1,5 @@ #### -# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode. # # Before building the container image run: # @@ -7,14 +7,14 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native -t quarkus/microprofile-metrics . +# docker build -f src/main/docker/Dockerfile.native -t quarkus/microprofile-metrics-quickstart . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/microprofile-metrics +# docker run -i --rm -p 8080:8080 quarkus/microprofile-metrics-quickstart # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.6 WORKDIR /work/ RUN chown 1001 /work \ && chmod "g+rwX" /work \ diff --git a/microprofile-metrics-quickstart/src/main/docker/Dockerfile.native-micro b/microprofile-metrics-quickstart/src/main/docker/Dockerfile.native-micro index 3df5876300..f94e6d7f6e 100644 --- a/microprofile-metrics-quickstart/src/main/docker/Dockerfile.native-micro +++ b/microprofile-metrics-quickstart/src/main/docker/Dockerfile.native-micro @@ -1,5 +1,8 @@ #### -# This Dockerfile is used in order to build a distroless container that runs the Quarkus application in native (no JVM) mode +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode. +# It uses a micro base image, tuned for Quarkus native executables. +# It reduces the size of the resulting container image. +# Check https://quarkus.io/guides/quarkus-runtime-base-image for further information about this image. # # Before building the container image run: # @@ -7,15 +10,19 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native-micro -t quarkus/microprofile-metrics . +# docker build -f src/main/docker/Dockerfile.native-micro -t quarkus/microprofile-metrics-quickstart . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/microprofile-metrics +# docker run -i --rm -p 8080:8080 quarkus/microprofile-metrics-quickstart # ### -FROM quay.io/quarkus/quarkus-micro-image:1.0 -COPY target/*-runner /application +FROM quay.io/quarkus/quarkus-micro-image:2.0 +WORKDIR /work/ +RUN chown 1001 /work \ + && chmod "g+rwX" /work \ + && chown 1001:root /work +COPY --chown=1001:root target/*-runner /work/application EXPOSE 8080 USER 1001 diff --git a/mongodb-panache-quickstart/pom.xml b/mongodb-panache-quickstart/pom.xml index 0c669d6793..322b4a1a8e 100644 --- a/mongodb-panache-quickstart/pom.xml +++ b/mongodb-panache-quickstart/pom.xml @@ -11,7 +11,7 @@ 11 quarkus-bom io.quarkus - 999-SNAPSHOT + 2.14.0.Final UTF-8 UTF-8 3.22.0 diff --git a/mongodb-panache-quickstart/src/main/docker/Dockerfile.jvm b/mongodb-panache-quickstart/src/main/docker/Dockerfile.jvm index c1c711d293..ff71246a6f 100644 --- a/mongodb-panache-quickstart/src/main/docker/Dockerfile.jvm +++ b/mongodb-panache-quickstart/src/main/docker/Dockerfile.jvm @@ -7,48 +7,88 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/mongodb-panache-jvm . +# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/mongodb-panache-quickstart-jvm . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/mongodb-panache-jvm +# docker run -i --rm -p 8080:8080 quarkus/mongodb-panache-quickstart-jvm # # If you want to include the debug port into your docker image -# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5005 # # Then run the container using : # -# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/mongodb-panache-jvm +# docker run -i --rm -p 8080:8080 quarkus/mongodb-panache-quickstart-jvm +# +# This image uses the `run-java.sh` script to run the application. +# This scripts computes the command line to execute your Java application, and +# includes memory/GC tuning. +# You can configure the behavior using the following environment properties: +# - JAVA_OPTS: JVM options passed to the `java` command (example: "-verbose:class") +# - JAVA_OPTS_APPEND: User specified Java options to be appended to generated options +# in JAVA_OPTS (example: "-Dsome.property=foo") +# - JAVA_MAX_MEM_RATIO: Is used when no `-Xmx` option is given in JAVA_OPTS. This is +# used to calculate a default maximal heap memory based on a containers restriction. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xmx` is set to a ratio +# of the container available memory as set here. The default is `50` which means 50% +# of the available memory is used as an upper boundary. You can skip this mechanism by +# setting this value to `0` in which case no `-Xmx` option is added. +# - JAVA_INITIAL_MEM_RATIO: Is used when no `-Xms` option is given in JAVA_OPTS. This +# is used to calculate a default initial heap memory based on the maximum heap memory. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xms` is set to a ratio +# of the `-Xmx` memory as set here. The default is `25` which means 25% of the `-Xmx` +# is used as the initial heap size. You can skip this mechanism by setting this value +# to `0` in which case no `-Xms` option is added (example: "25") +# - JAVA_MAX_INITIAL_MEM: Is used when no `-Xms` option is given in JAVA_OPTS. +# This is used to calculate the maximum value of the initial heap memory. If used in +# a container without any memory constraints for the container then this option has +# no effect. If there is a memory constraint then `-Xms` is limited to the value set +# here. The default is 4096MB which means the calculated value of `-Xms` never will +# be greater than 4096MB. The value of this variable is expressed in MB (example: "4096") +# - JAVA_DIAGNOSTICS: Set this to get some diagnostics information to standard output +# when things are happening. This option, if set to true, will set +# `-XX:+UnlockDiagnosticVMOptions`. Disabled by default (example: "true"). +# - JAVA_DEBUG: If set remote debugging will be switched on. Disabled by default (example: +# true"). +# - JAVA_DEBUG_PORT: Port used for remote debugging. Defaults to 5005 (example: "8787"). +# - CONTAINER_CORE_LIMIT: A calculated core limit as described in +# https://www.kernel.org/doc/Documentation/scheduler/sched-bwc.txt. (example: "2") +# - CONTAINER_MAX_MEMORY: Memory limit given to the container (example: "1024"). +# - GC_MIN_HEAP_FREE_RATIO: Minimum percentage of heap free after GC to avoid expansion. +# (example: "20") +# - GC_MAX_HEAP_FREE_RATIO: Maximum percentage of heap free after GC to avoid shrinking. +# (example: "40") +# - GC_TIME_RATIO: Specifies the ratio of the time spent outside the garbage collection. +# (example: "4") +# - GC_ADAPTIVE_SIZE_POLICY_WEIGHT: The weighting given to the current GC time versus +# previous GC times. (example: "90") +# - GC_METASPACE_SIZE: The initial metaspace size. (example: "20") +# - GC_MAX_METASPACE_SIZE: The maximum metaspace size. (example: "100") +# - GC_CONTAINER_OPTIONS: Specify Java GC to use. The value of this variable should +# contain the necessary JRE command-line options to specify the required GC, which +# will override the default of `-XX:+UseParallelGC` (example: -XX:+UseG1GC). +# - HTTPS_PROXY: The location of the https proxy. (example: "myuser@127.0.0.1:8080") +# - HTTP_PROXY: The location of the http proxy. (example: "myuser@127.0.0.1:8080") +# - NO_PROXY: A comma separated lists of hosts, IP addresses or domains that can be +# accessed directly. (example: "foo.example.com,bar.example.com") # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/openjdk-11:1.14 + +ENV LANGUAGE='en_US:en' -ARG JAVA_PACKAGE=java-11-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.8 -ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' -# Install java and the run-java script -# Also set up permissions for user `1001` -RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ - && microdnf update \ - && microdnf clean all \ - && mkdir /deployments \ - && chown 1001 /deployments \ - && chmod "g+rwX" /deployments \ - && chown 1001:root /deployments \ - && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ - && chown 1001 /deployments/run-java.sh \ - && chmod 540 /deployments/run-java.sh \ - && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security -# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. -ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" # We make four distinct layers so if there are application changes the library layers can be re-used -COPY --chown=1001 target/quarkus-app/lib/ /deployments/lib/ -COPY --chown=1001 target/quarkus-app/*.jar /deployments/ -COPY --chown=1001 target/quarkus-app/app/ /deployments/app/ -COPY --chown=1001 target/quarkus-app/quarkus/ /deployments/quarkus/ +COPY --chown=185 target/quarkus-app/lib/ /deployments/lib/ +COPY --chown=185 target/quarkus-app/*.jar /deployments/ +COPY --chown=185 target/quarkus-app/app/ /deployments/app/ +COPY --chown=185 target/quarkus-app/quarkus/ /deployments/quarkus/ EXPOSE 8080 -USER 1001 +USER 185 +ENV AB_JOLOKIA_OFF="" +ENV JAVA_OPTS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +ENV JAVA_APP_JAR="/deployments/quarkus-run.jar" -ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/mongodb-panache-quickstart/src/main/docker/Dockerfile.legacy-jar b/mongodb-panache-quickstart/src/main/docker/Dockerfile.legacy-jar index dc91695daa..9e89a1d9e6 100644 --- a/mongodb-panache-quickstart/src/main/docker/Dockerfile.legacy-jar +++ b/mongodb-panache-quickstart/src/main/docker/Dockerfile.legacy-jar @@ -7,45 +7,84 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/mongodb-panache-legacy-jar . +# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/mongodb-panache-quickstart-legacy-jar . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/mongodb-panache-legacy-jar +# docker run -i --rm -p 8080:8080 quarkus/mongodb-panache-quickstart-legacy-jar # # If you want to include the debug port into your docker image -# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5005 # # Then run the container using : # -# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/mongodb-panache-legacy-jar +# docker run -i --rm -p 8080:8080 quarkus/mongodb-panache-quickstart-legacy-jar +# +# This image uses the `run-java.sh` script to run the application. +# This scripts computes the command line to execute your Java application, and +# includes memory/GC tuning. +# You can configure the behavior using the following environment properties: +# - JAVA_OPTS: JVM options passed to the `java` command (example: "-verbose:class") +# - JAVA_OPTS_APPEND: User specified Java options to be appended to generated options +# in JAVA_OPTS (example: "-Dsome.property=foo") +# - JAVA_MAX_MEM_RATIO: Is used when no `-Xmx` option is given in JAVA_OPTS. This is +# used to calculate a default maximal heap memory based on a containers restriction. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xmx` is set to a ratio +# of the container available memory as set here. The default is `50` which means 50% +# of the available memory is used as an upper boundary. You can skip this mechanism by +# setting this value to `0` in which case no `-Xmx` option is added. +# - JAVA_INITIAL_MEM_RATIO: Is used when no `-Xms` option is given in JAVA_OPTS. This +# is used to calculate a default initial heap memory based on the maximum heap memory. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xms` is set to a ratio +# of the `-Xmx` memory as set here. The default is `25` which means 25% of the `-Xmx` +# is used as the initial heap size. You can skip this mechanism by setting this value +# to `0` in which case no `-Xms` option is added (example: "25") +# - JAVA_MAX_INITIAL_MEM: Is used when no `-Xms` option is given in JAVA_OPTS. +# This is used to calculate the maximum value of the initial heap memory. If used in +# a container without any memory constraints for the container then this option has +# no effect. If there is a memory constraint then `-Xms` is limited to the value set +# here. The default is 4096MB which means the calculated value of `-Xms` never will +# be greater than 4096MB. The value of this variable is expressed in MB (example: "4096") +# - JAVA_DIAGNOSTICS: Set this to get some diagnostics information to standard output +# when things are happening. This option, if set to true, will set +# `-XX:+UnlockDiagnosticVMOptions`. Disabled by default (example: "true"). +# - JAVA_DEBUG: If set remote debugging will be switched on. Disabled by default (example: +# true"). +# - JAVA_DEBUG_PORT: Port used for remote debugging. Defaults to 5005 (example: "8787"). +# - CONTAINER_CORE_LIMIT: A calculated core limit as described in +# https://www.kernel.org/doc/Documentation/scheduler/sched-bwc.txt. (example: "2") +# - CONTAINER_MAX_MEMORY: Memory limit given to the container (example: "1024"). +# - GC_MIN_HEAP_FREE_RATIO: Minimum percentage of heap free after GC to avoid expansion. +# (example: "20") +# - GC_MAX_HEAP_FREE_RATIO: Maximum percentage of heap free after GC to avoid shrinking. +# (example: "40") +# - GC_TIME_RATIO: Specifies the ratio of the time spent outside the garbage collection. +# (example: "4") +# - GC_ADAPTIVE_SIZE_POLICY_WEIGHT: The weighting given to the current GC time versus +# previous GC times. (example: "90") +# - GC_METASPACE_SIZE: The initial metaspace size. (example: "20") +# - GC_MAX_METASPACE_SIZE: The maximum metaspace size. (example: "100") +# - GC_CONTAINER_OPTIONS: Specify Java GC to use. The value of this variable should +# contain the necessary JRE command-line options to specify the required GC, which +# will override the default of `-XX:+UseParallelGC` (example: -XX:+UseG1GC). +# - HTTPS_PROXY: The location of the https proxy. (example: "myuser@127.0.0.1:8080") +# - HTTP_PROXY: The location of the http proxy. (example: "myuser@127.0.0.1:8080") +# - NO_PROXY: A comma separated lists of hosts, IP addresses or domains that can be +# accessed directly. (example: "foo.example.com,bar.example.com") # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/openjdk-11:1.14 + +ENV LANGUAGE='en_US:en' -ARG JAVA_PACKAGE=java-11-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.8 -ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' -# Install java and the run-java script -# Also set up permissions for user `1001` -RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ - && microdnf update \ - && microdnf clean all \ - && mkdir /deployments \ - && chown 1001 /deployments \ - && chmod "g+rwX" /deployments \ - && chown 1001:root /deployments \ - && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ - && chown 1001 /deployments/run-java.sh \ - && chmod 540 /deployments/run-java.sh \ - && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security -# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. -ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" COPY target/lib/* /deployments/lib/ -COPY target/*-runner.jar /deployments/app.jar +COPY target/*-runner.jar /deployments/quarkus-run.jar EXPOSE 8080 -USER 1001 - -ENTRYPOINT [ "/deployments/run-java.sh" ] +USER 185 +ENV AB_JOLOKIA_OFF="" +ENV JAVA_OPTS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +ENV JAVA_APP_JAR="/deployments/quarkus-run.jar" diff --git a/mongodb-panache-quickstart/src/main/docker/Dockerfile.native b/mongodb-panache-quickstart/src/main/docker/Dockerfile.native index 4ca2e246f5..d2bf495c7f 100644 --- a/mongodb-panache-quickstart/src/main/docker/Dockerfile.native +++ b/mongodb-panache-quickstart/src/main/docker/Dockerfile.native @@ -1,5 +1,5 @@ #### -# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode. # # Before building the container image run: # @@ -7,14 +7,14 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native -t quarkus/mongodb-panache . +# docker build -f src/main/docker/Dockerfile.native -t quarkus/mongodb-panache-quickstart . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/mongodb-panache +# docker run -i --rm -p 8080:8080 quarkus/mongodb-panache-quickstart # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.6 WORKDIR /work/ RUN chown 1001 /work \ && chmod "g+rwX" /work \ diff --git a/mongodb-panache-quickstart/src/main/docker/Dockerfile.native-micro b/mongodb-panache-quickstart/src/main/docker/Dockerfile.native-micro index 6ce6dccd0e..daec635e1d 100644 --- a/mongodb-panache-quickstart/src/main/docker/Dockerfile.native-micro +++ b/mongodb-panache-quickstart/src/main/docker/Dockerfile.native-micro @@ -1,5 +1,8 @@ #### -# This Dockerfile is used in order to build a distroless container that runs the Quarkus application in native (no JVM) mode +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode. +# It uses a micro base image, tuned for Quarkus native executables. +# It reduces the size of the resulting container image. +# Check https://quarkus.io/guides/quarkus-runtime-base-image for further information about this image. # # Before building the container image run: # @@ -7,15 +10,19 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native-micro -t quarkus/mongodb-panache . +# docker build -f src/main/docker/Dockerfile.native-micro -t quarkus/mongodb-panache-quickstart . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/mongodb-panache +# docker run -i --rm -p 8080:8080 quarkus/mongodb-panache-quickstart # ### -FROM quay.io/quarkus/quarkus-micro-image:1.0 -COPY target/*-runner /application +FROM quay.io/quarkus/quarkus-micro-image:2.0 +WORKDIR /work/ +RUN chown 1001 /work \ + && chmod "g+rwX" /work \ + && chown 1001:root /work +COPY --chown=1001:root target/*-runner /work/application EXPOSE 8080 USER 1001 diff --git a/mongodb-panache-quickstart/src/main/resources/META-INF/resources/index.html b/mongodb-panache-quickstart/src/main/resources/META-INF/resources/index.html index 02f9ccffb5..862cf4c0e7 100644 --- a/mongodb-panache-quickstart/src/main/resources/META-INF/resources/index.html +++ b/mongodb-panache-quickstart/src/main/resources/META-INF/resources/index.html @@ -133,7 +133,7 @@

    Application

  • GroupId: org.acme
  • ArtifactId: mongodb-panache
  • Version: 1.0.0-SNAPSHOT
  • -
  • Quarkus Version: 999-SNAPSHOT
  • +
  • Quarkus Version: 2.14.0.Final
  • diff --git a/mongodb-quickstart/pom.xml b/mongodb-quickstart/pom.xml index 337facb4b4..27b6a511d9 100644 --- a/mongodb-quickstart/pom.xml +++ b/mongodb-quickstart/pom.xml @@ -10,7 +10,7 @@ 3.0.0-M7 quarkus-bom io.quarkus - 999-SNAPSHOT + 2.14.0.Final UTF-8 11 11 diff --git a/mongodb-quickstart/src/main/docker/Dockerfile.jvm b/mongodb-quickstart/src/main/docker/Dockerfile.jvm index 6363fb33fb..869953fa32 100644 --- a/mongodb-quickstart/src/main/docker/Dockerfile.jvm +++ b/mongodb-quickstart/src/main/docker/Dockerfile.jvm @@ -7,48 +7,88 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/mongodb-jvm . +# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/mongodb-quickstart-jvm . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/mongodb-jvm +# docker run -i --rm -p 8080:8080 quarkus/mongodb-quickstart-jvm # # If you want to include the debug port into your docker image -# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5005 # # Then run the container using : # -# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/mongodb-jvm +# docker run -i --rm -p 8080:8080 quarkus/mongodb-quickstart-jvm +# +# This image uses the `run-java.sh` script to run the application. +# This scripts computes the command line to execute your Java application, and +# includes memory/GC tuning. +# You can configure the behavior using the following environment properties: +# - JAVA_OPTS: JVM options passed to the `java` command (example: "-verbose:class") +# - JAVA_OPTS_APPEND: User specified Java options to be appended to generated options +# in JAVA_OPTS (example: "-Dsome.property=foo") +# - JAVA_MAX_MEM_RATIO: Is used when no `-Xmx` option is given in JAVA_OPTS. This is +# used to calculate a default maximal heap memory based on a containers restriction. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xmx` is set to a ratio +# of the container available memory as set here. The default is `50` which means 50% +# of the available memory is used as an upper boundary. You can skip this mechanism by +# setting this value to `0` in which case no `-Xmx` option is added. +# - JAVA_INITIAL_MEM_RATIO: Is used when no `-Xms` option is given in JAVA_OPTS. This +# is used to calculate a default initial heap memory based on the maximum heap memory. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xms` is set to a ratio +# of the `-Xmx` memory as set here. The default is `25` which means 25% of the `-Xmx` +# is used as the initial heap size. You can skip this mechanism by setting this value +# to `0` in which case no `-Xms` option is added (example: "25") +# - JAVA_MAX_INITIAL_MEM: Is used when no `-Xms` option is given in JAVA_OPTS. +# This is used to calculate the maximum value of the initial heap memory. If used in +# a container without any memory constraints for the container then this option has +# no effect. If there is a memory constraint then `-Xms` is limited to the value set +# here. The default is 4096MB which means the calculated value of `-Xms` never will +# be greater than 4096MB. The value of this variable is expressed in MB (example: "4096") +# - JAVA_DIAGNOSTICS: Set this to get some diagnostics information to standard output +# when things are happening. This option, if set to true, will set +# `-XX:+UnlockDiagnosticVMOptions`. Disabled by default (example: "true"). +# - JAVA_DEBUG: If set remote debugging will be switched on. Disabled by default (example: +# true"). +# - JAVA_DEBUG_PORT: Port used for remote debugging. Defaults to 5005 (example: "8787"). +# - CONTAINER_CORE_LIMIT: A calculated core limit as described in +# https://www.kernel.org/doc/Documentation/scheduler/sched-bwc.txt. (example: "2") +# - CONTAINER_MAX_MEMORY: Memory limit given to the container (example: "1024"). +# - GC_MIN_HEAP_FREE_RATIO: Minimum percentage of heap free after GC to avoid expansion. +# (example: "20") +# - GC_MAX_HEAP_FREE_RATIO: Maximum percentage of heap free after GC to avoid shrinking. +# (example: "40") +# - GC_TIME_RATIO: Specifies the ratio of the time spent outside the garbage collection. +# (example: "4") +# - GC_ADAPTIVE_SIZE_POLICY_WEIGHT: The weighting given to the current GC time versus +# previous GC times. (example: "90") +# - GC_METASPACE_SIZE: The initial metaspace size. (example: "20") +# - GC_MAX_METASPACE_SIZE: The maximum metaspace size. (example: "100") +# - GC_CONTAINER_OPTIONS: Specify Java GC to use. The value of this variable should +# contain the necessary JRE command-line options to specify the required GC, which +# will override the default of `-XX:+UseParallelGC` (example: -XX:+UseG1GC). +# - HTTPS_PROXY: The location of the https proxy. (example: "myuser@127.0.0.1:8080") +# - HTTP_PROXY: The location of the http proxy. (example: "myuser@127.0.0.1:8080") +# - NO_PROXY: A comma separated lists of hosts, IP addresses or domains that can be +# accessed directly. (example: "foo.example.com,bar.example.com") # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/openjdk-11:1.14 + +ENV LANGUAGE='en_US:en' -ARG JAVA_PACKAGE=java-11-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.8 -ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' -# Install java and the run-java script -# Also set up permissions for user `1001` -RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ - && microdnf update \ - && microdnf clean all \ - && mkdir /deployments \ - && chown 1001 /deployments \ - && chmod "g+rwX" /deployments \ - && chown 1001:root /deployments \ - && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ - && chown 1001 /deployments/run-java.sh \ - && chmod 540 /deployments/run-java.sh \ - && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security -# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. -ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" # We make four distinct layers so if there are application changes the library layers can be re-used -COPY --chown=1001 target/quarkus-app/lib/ /deployments/lib/ -COPY --chown=1001 target/quarkus-app/*.jar /deployments/ -COPY --chown=1001 target/quarkus-app/app/ /deployments/app/ -COPY --chown=1001 target/quarkus-app/quarkus/ /deployments/quarkus/ +COPY --chown=185 target/quarkus-app/lib/ /deployments/lib/ +COPY --chown=185 target/quarkus-app/*.jar /deployments/ +COPY --chown=185 target/quarkus-app/app/ /deployments/app/ +COPY --chown=185 target/quarkus-app/quarkus/ /deployments/quarkus/ EXPOSE 8080 -USER 1001 +USER 185 +ENV AB_JOLOKIA_OFF="" +ENV JAVA_OPTS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +ENV JAVA_APP_JAR="/deployments/quarkus-run.jar" -ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/mongodb-quickstart/src/main/docker/Dockerfile.legacy-jar b/mongodb-quickstart/src/main/docker/Dockerfile.legacy-jar index 8ab13636d0..1f62c7f6e1 100644 --- a/mongodb-quickstart/src/main/docker/Dockerfile.legacy-jar +++ b/mongodb-quickstart/src/main/docker/Dockerfile.legacy-jar @@ -7,45 +7,84 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/mongodb-legacy-jar . +# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/mongodb-quickstart-legacy-jar . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/mongodb-legacy-jar +# docker run -i --rm -p 8080:8080 quarkus/mongodb-quickstart-legacy-jar # # If you want to include the debug port into your docker image -# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5005 # # Then run the container using : # -# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/mongodb-legacy-jar +# docker run -i --rm -p 8080:8080 quarkus/mongodb-quickstart-legacy-jar +# +# This image uses the `run-java.sh` script to run the application. +# This scripts computes the command line to execute your Java application, and +# includes memory/GC tuning. +# You can configure the behavior using the following environment properties: +# - JAVA_OPTS: JVM options passed to the `java` command (example: "-verbose:class") +# - JAVA_OPTS_APPEND: User specified Java options to be appended to generated options +# in JAVA_OPTS (example: "-Dsome.property=foo") +# - JAVA_MAX_MEM_RATIO: Is used when no `-Xmx` option is given in JAVA_OPTS. This is +# used to calculate a default maximal heap memory based on a containers restriction. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xmx` is set to a ratio +# of the container available memory as set here. The default is `50` which means 50% +# of the available memory is used as an upper boundary. You can skip this mechanism by +# setting this value to `0` in which case no `-Xmx` option is added. +# - JAVA_INITIAL_MEM_RATIO: Is used when no `-Xms` option is given in JAVA_OPTS. This +# is used to calculate a default initial heap memory based on the maximum heap memory. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xms` is set to a ratio +# of the `-Xmx` memory as set here. The default is `25` which means 25% of the `-Xmx` +# is used as the initial heap size. You can skip this mechanism by setting this value +# to `0` in which case no `-Xms` option is added (example: "25") +# - JAVA_MAX_INITIAL_MEM: Is used when no `-Xms` option is given in JAVA_OPTS. +# This is used to calculate the maximum value of the initial heap memory. If used in +# a container without any memory constraints for the container then this option has +# no effect. If there is a memory constraint then `-Xms` is limited to the value set +# here. The default is 4096MB which means the calculated value of `-Xms` never will +# be greater than 4096MB. The value of this variable is expressed in MB (example: "4096") +# - JAVA_DIAGNOSTICS: Set this to get some diagnostics information to standard output +# when things are happening. This option, if set to true, will set +# `-XX:+UnlockDiagnosticVMOptions`. Disabled by default (example: "true"). +# - JAVA_DEBUG: If set remote debugging will be switched on. Disabled by default (example: +# true"). +# - JAVA_DEBUG_PORT: Port used for remote debugging. Defaults to 5005 (example: "8787"). +# - CONTAINER_CORE_LIMIT: A calculated core limit as described in +# https://www.kernel.org/doc/Documentation/scheduler/sched-bwc.txt. (example: "2") +# - CONTAINER_MAX_MEMORY: Memory limit given to the container (example: "1024"). +# - GC_MIN_HEAP_FREE_RATIO: Minimum percentage of heap free after GC to avoid expansion. +# (example: "20") +# - GC_MAX_HEAP_FREE_RATIO: Maximum percentage of heap free after GC to avoid shrinking. +# (example: "40") +# - GC_TIME_RATIO: Specifies the ratio of the time spent outside the garbage collection. +# (example: "4") +# - GC_ADAPTIVE_SIZE_POLICY_WEIGHT: The weighting given to the current GC time versus +# previous GC times. (example: "90") +# - GC_METASPACE_SIZE: The initial metaspace size. (example: "20") +# - GC_MAX_METASPACE_SIZE: The maximum metaspace size. (example: "100") +# - GC_CONTAINER_OPTIONS: Specify Java GC to use. The value of this variable should +# contain the necessary JRE command-line options to specify the required GC, which +# will override the default of `-XX:+UseParallelGC` (example: -XX:+UseG1GC). +# - HTTPS_PROXY: The location of the https proxy. (example: "myuser@127.0.0.1:8080") +# - HTTP_PROXY: The location of the http proxy. (example: "myuser@127.0.0.1:8080") +# - NO_PROXY: A comma separated lists of hosts, IP addresses or domains that can be +# accessed directly. (example: "foo.example.com,bar.example.com") # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/openjdk-11:1.14 + +ENV LANGUAGE='en_US:en' -ARG JAVA_PACKAGE=java-11-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.8 -ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' -# Install java and the run-java script -# Also set up permissions for user `1001` -RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ - && microdnf update \ - && microdnf clean all \ - && mkdir /deployments \ - && chown 1001 /deployments \ - && chmod "g+rwX" /deployments \ - && chown 1001:root /deployments \ - && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ - && chown 1001 /deployments/run-java.sh \ - && chmod 540 /deployments/run-java.sh \ - && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security -# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. -ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" COPY target/lib/* /deployments/lib/ -COPY target/*-runner.jar /deployments/app.jar +COPY target/*-runner.jar /deployments/quarkus-run.jar EXPOSE 8080 -USER 1001 - -ENTRYPOINT [ "/deployments/run-java.sh" ] +USER 185 +ENV AB_JOLOKIA_OFF="" +ENV JAVA_OPTS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +ENV JAVA_APP_JAR="/deployments/quarkus-run.jar" diff --git a/mongodb-quickstart/src/main/docker/Dockerfile.native b/mongodb-quickstart/src/main/docker/Dockerfile.native index 1a2f031f02..d52d6607f0 100644 --- a/mongodb-quickstart/src/main/docker/Dockerfile.native +++ b/mongodb-quickstart/src/main/docker/Dockerfile.native @@ -1,5 +1,5 @@ #### -# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode. # # Before building the container image run: # @@ -7,14 +7,14 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native -t quarkus/mongodb . +# docker build -f src/main/docker/Dockerfile.native -t quarkus/mongodb-quickstart . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/mongodb +# docker run -i --rm -p 8080:8080 quarkus/mongodb-quickstart # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.6 WORKDIR /work/ RUN chown 1001 /work \ && chmod "g+rwX" /work \ diff --git a/mongodb-quickstart/src/main/docker/Dockerfile.native-micro b/mongodb-quickstart/src/main/docker/Dockerfile.native-micro index 2558ca2af9..13cff87546 100644 --- a/mongodb-quickstart/src/main/docker/Dockerfile.native-micro +++ b/mongodb-quickstart/src/main/docker/Dockerfile.native-micro @@ -1,5 +1,8 @@ #### -# This Dockerfile is used in order to build a distroless container that runs the Quarkus application in native (no JVM) mode +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode. +# It uses a micro base image, tuned for Quarkus native executables. +# It reduces the size of the resulting container image. +# Check https://quarkus.io/guides/quarkus-runtime-base-image for further information about this image. # # Before building the container image run: # @@ -7,15 +10,19 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native-micro -t quarkus/mongodb . +# docker build -f src/main/docker/Dockerfile.native-micro -t quarkus/mongodb-quickstart . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/mongodb +# docker run -i --rm -p 8080:8080 quarkus/mongodb-quickstart # ### -FROM quay.io/quarkus/quarkus-micro-image:1.0 -COPY target/*-runner /application +FROM quay.io/quarkus/quarkus-micro-image:2.0 +WORKDIR /work/ +RUN chown 1001 /work \ + && chmod "g+rwX" /work \ + && chown 1001:root /work +COPY --chown=1001:root target/*-runner /work/application EXPOSE 8080 USER 1001 diff --git a/mongodb-quickstart/src/main/resources/META-INF/resources/index.html b/mongodb-quickstart/src/main/resources/META-INF/resources/index.html index a84c495de1..2ac9b4cd0c 100644 --- a/mongodb-quickstart/src/main/resources/META-INF/resources/index.html +++ b/mongodb-quickstart/src/main/resources/META-INF/resources/index.html @@ -133,7 +133,7 @@

    Application

  • GroupId: org.acme
  • ArtifactId: mongo-client
  • Version: 1.0.0-SNAPSHOT
  • -
  • Quarkus Version: 999-SNAPSHOT
  • +
  • Quarkus Version: 2.14.0.Final
  • diff --git a/mqtt-quickstart/pom.xml b/mqtt-quickstart/pom.xml index 64bc80e6f7..caae92d13d 100644 --- a/mqtt-quickstart/pom.xml +++ b/mqtt-quickstart/pom.xml @@ -8,7 +8,7 @@ quarkus-bom io.quarkus - 999-SNAPSHOT + 2.14.0.Final 3.0.0-M7 0.28.0 11 diff --git a/mqtt-quickstart/src/main/docker/Dockerfile.jvm b/mqtt-quickstart/src/main/docker/Dockerfile.jvm index d018818406..dcc7690cc1 100644 --- a/mqtt-quickstart/src/main/docker/Dockerfile.jvm +++ b/mqtt-quickstart/src/main/docker/Dockerfile.jvm @@ -7,48 +7,88 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/mqtt-jvm . +# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/mqtt-quickstart-jvm . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/mqtt-jvm +# docker run -i --rm -p 8080:8080 quarkus/mqtt-quickstart-jvm # # If you want to include the debug port into your docker image -# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5005 # # Then run the container using : # -# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/mqtt-jvm +# docker run -i --rm -p 8080:8080 quarkus/mqtt-quickstart-jvm +# +# This image uses the `run-java.sh` script to run the application. +# This scripts computes the command line to execute your Java application, and +# includes memory/GC tuning. +# You can configure the behavior using the following environment properties: +# - JAVA_OPTS: JVM options passed to the `java` command (example: "-verbose:class") +# - JAVA_OPTS_APPEND: User specified Java options to be appended to generated options +# in JAVA_OPTS (example: "-Dsome.property=foo") +# - JAVA_MAX_MEM_RATIO: Is used when no `-Xmx` option is given in JAVA_OPTS. This is +# used to calculate a default maximal heap memory based on a containers restriction. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xmx` is set to a ratio +# of the container available memory as set here. The default is `50` which means 50% +# of the available memory is used as an upper boundary. You can skip this mechanism by +# setting this value to `0` in which case no `-Xmx` option is added. +# - JAVA_INITIAL_MEM_RATIO: Is used when no `-Xms` option is given in JAVA_OPTS. This +# is used to calculate a default initial heap memory based on the maximum heap memory. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xms` is set to a ratio +# of the `-Xmx` memory as set here. The default is `25` which means 25% of the `-Xmx` +# is used as the initial heap size. You can skip this mechanism by setting this value +# to `0` in which case no `-Xms` option is added (example: "25") +# - JAVA_MAX_INITIAL_MEM: Is used when no `-Xms` option is given in JAVA_OPTS. +# This is used to calculate the maximum value of the initial heap memory. If used in +# a container without any memory constraints for the container then this option has +# no effect. If there is a memory constraint then `-Xms` is limited to the value set +# here. The default is 4096MB which means the calculated value of `-Xms` never will +# be greater than 4096MB. The value of this variable is expressed in MB (example: "4096") +# - JAVA_DIAGNOSTICS: Set this to get some diagnostics information to standard output +# when things are happening. This option, if set to true, will set +# `-XX:+UnlockDiagnosticVMOptions`. Disabled by default (example: "true"). +# - JAVA_DEBUG: If set remote debugging will be switched on. Disabled by default (example: +# true"). +# - JAVA_DEBUG_PORT: Port used for remote debugging. Defaults to 5005 (example: "8787"). +# - CONTAINER_CORE_LIMIT: A calculated core limit as described in +# https://www.kernel.org/doc/Documentation/scheduler/sched-bwc.txt. (example: "2") +# - CONTAINER_MAX_MEMORY: Memory limit given to the container (example: "1024"). +# - GC_MIN_HEAP_FREE_RATIO: Minimum percentage of heap free after GC to avoid expansion. +# (example: "20") +# - GC_MAX_HEAP_FREE_RATIO: Maximum percentage of heap free after GC to avoid shrinking. +# (example: "40") +# - GC_TIME_RATIO: Specifies the ratio of the time spent outside the garbage collection. +# (example: "4") +# - GC_ADAPTIVE_SIZE_POLICY_WEIGHT: The weighting given to the current GC time versus +# previous GC times. (example: "90") +# - GC_METASPACE_SIZE: The initial metaspace size. (example: "20") +# - GC_MAX_METASPACE_SIZE: The maximum metaspace size. (example: "100") +# - GC_CONTAINER_OPTIONS: Specify Java GC to use. The value of this variable should +# contain the necessary JRE command-line options to specify the required GC, which +# will override the default of `-XX:+UseParallelGC` (example: -XX:+UseG1GC). +# - HTTPS_PROXY: The location of the https proxy. (example: "myuser@127.0.0.1:8080") +# - HTTP_PROXY: The location of the http proxy. (example: "myuser@127.0.0.1:8080") +# - NO_PROXY: A comma separated lists of hosts, IP addresses or domains that can be +# accessed directly. (example: "foo.example.com,bar.example.com") # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/openjdk-11:1.14 + +ENV LANGUAGE='en_US:en' -ARG JAVA_PACKAGE=java-11-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.8 -ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' -# Install java and the run-java script -# Also set up permissions for user `1001` -RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ - && microdnf update \ - && microdnf clean all \ - && mkdir /deployments \ - && chown 1001 /deployments \ - && chmod "g+rwX" /deployments \ - && chown 1001:root /deployments \ - && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ - && chown 1001 /deployments/run-java.sh \ - && chmod 540 /deployments/run-java.sh \ - && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security -# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. -ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" # We make four distinct layers so if there are application changes the library layers can be re-used -COPY --chown=1001 target/quarkus-app/lib/ /deployments/lib/ -COPY --chown=1001 target/quarkus-app/*.jar /deployments/ -COPY --chown=1001 target/quarkus-app/app/ /deployments/app/ -COPY --chown=1001 target/quarkus-app/quarkus/ /deployments/quarkus/ +COPY --chown=185 target/quarkus-app/lib/ /deployments/lib/ +COPY --chown=185 target/quarkus-app/*.jar /deployments/ +COPY --chown=185 target/quarkus-app/app/ /deployments/app/ +COPY --chown=185 target/quarkus-app/quarkus/ /deployments/quarkus/ EXPOSE 8080 -USER 1001 +USER 185 +ENV AB_JOLOKIA_OFF="" +ENV JAVA_OPTS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +ENV JAVA_APP_JAR="/deployments/quarkus-run.jar" -ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/mqtt-quickstart/src/main/docker/Dockerfile.legacy-jar b/mqtt-quickstart/src/main/docker/Dockerfile.legacy-jar index 14dc101f13..d8490f72c1 100644 --- a/mqtt-quickstart/src/main/docker/Dockerfile.legacy-jar +++ b/mqtt-quickstart/src/main/docker/Dockerfile.legacy-jar @@ -7,45 +7,84 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/mqtt-legacy-jar . +# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/mqtt-quickstart-legacy-jar . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/mqtt-legacy-jar +# docker run -i --rm -p 8080:8080 quarkus/mqtt-quickstart-legacy-jar # # If you want to include the debug port into your docker image -# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5005 # # Then run the container using : # -# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/mqtt-legacy-jar +# docker run -i --rm -p 8080:8080 quarkus/mqtt-quickstart-legacy-jar +# +# This image uses the `run-java.sh` script to run the application. +# This scripts computes the command line to execute your Java application, and +# includes memory/GC tuning. +# You can configure the behavior using the following environment properties: +# - JAVA_OPTS: JVM options passed to the `java` command (example: "-verbose:class") +# - JAVA_OPTS_APPEND: User specified Java options to be appended to generated options +# in JAVA_OPTS (example: "-Dsome.property=foo") +# - JAVA_MAX_MEM_RATIO: Is used when no `-Xmx` option is given in JAVA_OPTS. This is +# used to calculate a default maximal heap memory based on a containers restriction. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xmx` is set to a ratio +# of the container available memory as set here. The default is `50` which means 50% +# of the available memory is used as an upper boundary. You can skip this mechanism by +# setting this value to `0` in which case no `-Xmx` option is added. +# - JAVA_INITIAL_MEM_RATIO: Is used when no `-Xms` option is given in JAVA_OPTS. This +# is used to calculate a default initial heap memory based on the maximum heap memory. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xms` is set to a ratio +# of the `-Xmx` memory as set here. The default is `25` which means 25% of the `-Xmx` +# is used as the initial heap size. You can skip this mechanism by setting this value +# to `0` in which case no `-Xms` option is added (example: "25") +# - JAVA_MAX_INITIAL_MEM: Is used when no `-Xms` option is given in JAVA_OPTS. +# This is used to calculate the maximum value of the initial heap memory. If used in +# a container without any memory constraints for the container then this option has +# no effect. If there is a memory constraint then `-Xms` is limited to the value set +# here. The default is 4096MB which means the calculated value of `-Xms` never will +# be greater than 4096MB. The value of this variable is expressed in MB (example: "4096") +# - JAVA_DIAGNOSTICS: Set this to get some diagnostics information to standard output +# when things are happening. This option, if set to true, will set +# `-XX:+UnlockDiagnosticVMOptions`. Disabled by default (example: "true"). +# - JAVA_DEBUG: If set remote debugging will be switched on. Disabled by default (example: +# true"). +# - JAVA_DEBUG_PORT: Port used for remote debugging. Defaults to 5005 (example: "8787"). +# - CONTAINER_CORE_LIMIT: A calculated core limit as described in +# https://www.kernel.org/doc/Documentation/scheduler/sched-bwc.txt. (example: "2") +# - CONTAINER_MAX_MEMORY: Memory limit given to the container (example: "1024"). +# - GC_MIN_HEAP_FREE_RATIO: Minimum percentage of heap free after GC to avoid expansion. +# (example: "20") +# - GC_MAX_HEAP_FREE_RATIO: Maximum percentage of heap free after GC to avoid shrinking. +# (example: "40") +# - GC_TIME_RATIO: Specifies the ratio of the time spent outside the garbage collection. +# (example: "4") +# - GC_ADAPTIVE_SIZE_POLICY_WEIGHT: The weighting given to the current GC time versus +# previous GC times. (example: "90") +# - GC_METASPACE_SIZE: The initial metaspace size. (example: "20") +# - GC_MAX_METASPACE_SIZE: The maximum metaspace size. (example: "100") +# - GC_CONTAINER_OPTIONS: Specify Java GC to use. The value of this variable should +# contain the necessary JRE command-line options to specify the required GC, which +# will override the default of `-XX:+UseParallelGC` (example: -XX:+UseG1GC). +# - HTTPS_PROXY: The location of the https proxy. (example: "myuser@127.0.0.1:8080") +# - HTTP_PROXY: The location of the http proxy. (example: "myuser@127.0.0.1:8080") +# - NO_PROXY: A comma separated lists of hosts, IP addresses or domains that can be +# accessed directly. (example: "foo.example.com,bar.example.com") # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/openjdk-11:1.14 + +ENV LANGUAGE='en_US:en' -ARG JAVA_PACKAGE=java-11-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.8 -ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' -# Install java and the run-java script -# Also set up permissions for user `1001` -RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ - && microdnf update \ - && microdnf clean all \ - && mkdir /deployments \ - && chown 1001 /deployments \ - && chmod "g+rwX" /deployments \ - && chown 1001:root /deployments \ - && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ - && chown 1001 /deployments/run-java.sh \ - && chmod 540 /deployments/run-java.sh \ - && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security -# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. -ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" COPY target/lib/* /deployments/lib/ -COPY target/*-runner.jar /deployments/app.jar +COPY target/*-runner.jar /deployments/quarkus-run.jar EXPOSE 8080 -USER 1001 - -ENTRYPOINT [ "/deployments/run-java.sh" ] +USER 185 +ENV AB_JOLOKIA_OFF="" +ENV JAVA_OPTS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +ENV JAVA_APP_JAR="/deployments/quarkus-run.jar" diff --git a/mqtt-quickstart/src/main/docker/Dockerfile.native b/mqtt-quickstart/src/main/docker/Dockerfile.native index 925b3f7734..e1f90df2ef 100644 --- a/mqtt-quickstart/src/main/docker/Dockerfile.native +++ b/mqtt-quickstart/src/main/docker/Dockerfile.native @@ -1,5 +1,5 @@ #### -# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode. # # Before building the container image run: # @@ -7,14 +7,14 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native -t quarkus/mqtt . +# docker build -f src/main/docker/Dockerfile.native -t quarkus/mqtt-quickstart . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/mqtt +# docker run -i --rm -p 8080:8080 quarkus/mqtt-quickstart # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.6 WORKDIR /work/ RUN chown 1001 /work \ && chmod "g+rwX" /work \ diff --git a/mqtt-quickstart/src/main/docker/Dockerfile.native-micro b/mqtt-quickstart/src/main/docker/Dockerfile.native-micro index 597c443340..bc4fa10c55 100644 --- a/mqtt-quickstart/src/main/docker/Dockerfile.native-micro +++ b/mqtt-quickstart/src/main/docker/Dockerfile.native-micro @@ -1,5 +1,8 @@ #### -# This Dockerfile is used in order to build a distroless container that runs the Quarkus application in native (no JVM) mode +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode. +# It uses a micro base image, tuned for Quarkus native executables. +# It reduces the size of the resulting container image. +# Check https://quarkus.io/guides/quarkus-runtime-base-image for further information about this image. # # Before building the container image run: # @@ -7,15 +10,19 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native-micro -t quarkus/mqtt . +# docker build -f src/main/docker/Dockerfile.native-micro -t quarkus/mqtt-quickstart . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/mqtt +# docker run -i --rm -p 8080:8080 quarkus/mqtt-quickstart # ### -FROM quay.io/quarkus/quarkus-micro-image:1.0 -COPY target/*-runner /application +FROM quay.io/quarkus/quarkus-micro-image:2.0 +WORKDIR /work/ +RUN chown 1001 /work \ + && chmod "g+rwX" /work \ + && chown 1001:root /work +COPY --chown=1001:root target/*-runner /work/application EXPOSE 8080 USER 1001 diff --git a/mqtt-quickstart/src/main/resources/META-INF/resources/index.html b/mqtt-quickstart/src/main/resources/META-INF/resources/index.html index 7cec97b04a..ffe2279c79 100644 --- a/mqtt-quickstart/src/main/resources/META-INF/resources/index.html +++ b/mqtt-quickstart/src/main/resources/META-INF/resources/index.html @@ -133,7 +133,7 @@

    Application

  • GroupId: org.acme.quarkus.sample
  • ArtifactId: mqtt-quickstart
  • Version: 1.0.0-SNAPSHOT
  • -
  • Quarkus Version: 999-SNAPSHOT
  • +
  • Quarkus Version: 2.14.0.Final
  • diff --git a/neo4j-quickstart/pom.xml b/neo4j-quickstart/pom.xml index fcc21480b7..5a39e7533a 100644 --- a/neo4j-quickstart/pom.xml +++ b/neo4j-quickstart/pom.xml @@ -10,7 +10,7 @@ 3.0.0-M7 quarkus-bom io.quarkus - 999-SNAPSHOT + 2.14.0.Final 11 UTF-8 11 diff --git a/neo4j-quickstart/src/main/docker/Dockerfile.jvm b/neo4j-quickstart/src/main/docker/Dockerfile.jvm index 2757957031..edf3fbbca9 100644 --- a/neo4j-quickstart/src/main/docker/Dockerfile.jvm +++ b/neo4j-quickstart/src/main/docker/Dockerfile.jvm @@ -7,48 +7,88 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/neo4j-jvm . +# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/neo4j-quickstart-jvm . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/neo4j-jvm +# docker run -i --rm -p 8080:8080 quarkus/neo4j-quickstart-jvm # # If you want to include the debug port into your docker image -# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5005 # # Then run the container using : # -# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/neo4j-jvm +# docker run -i --rm -p 8080:8080 quarkus/neo4j-quickstart-jvm +# +# This image uses the `run-java.sh` script to run the application. +# This scripts computes the command line to execute your Java application, and +# includes memory/GC tuning. +# You can configure the behavior using the following environment properties: +# - JAVA_OPTS: JVM options passed to the `java` command (example: "-verbose:class") +# - JAVA_OPTS_APPEND: User specified Java options to be appended to generated options +# in JAVA_OPTS (example: "-Dsome.property=foo") +# - JAVA_MAX_MEM_RATIO: Is used when no `-Xmx` option is given in JAVA_OPTS. This is +# used to calculate a default maximal heap memory based on a containers restriction. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xmx` is set to a ratio +# of the container available memory as set here. The default is `50` which means 50% +# of the available memory is used as an upper boundary. You can skip this mechanism by +# setting this value to `0` in which case no `-Xmx` option is added. +# - JAVA_INITIAL_MEM_RATIO: Is used when no `-Xms` option is given in JAVA_OPTS. This +# is used to calculate a default initial heap memory based on the maximum heap memory. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xms` is set to a ratio +# of the `-Xmx` memory as set here. The default is `25` which means 25% of the `-Xmx` +# is used as the initial heap size. You can skip this mechanism by setting this value +# to `0` in which case no `-Xms` option is added (example: "25") +# - JAVA_MAX_INITIAL_MEM: Is used when no `-Xms` option is given in JAVA_OPTS. +# This is used to calculate the maximum value of the initial heap memory. If used in +# a container without any memory constraints for the container then this option has +# no effect. If there is a memory constraint then `-Xms` is limited to the value set +# here. The default is 4096MB which means the calculated value of `-Xms` never will +# be greater than 4096MB. The value of this variable is expressed in MB (example: "4096") +# - JAVA_DIAGNOSTICS: Set this to get some diagnostics information to standard output +# when things are happening. This option, if set to true, will set +# `-XX:+UnlockDiagnosticVMOptions`. Disabled by default (example: "true"). +# - JAVA_DEBUG: If set remote debugging will be switched on. Disabled by default (example: +# true"). +# - JAVA_DEBUG_PORT: Port used for remote debugging. Defaults to 5005 (example: "8787"). +# - CONTAINER_CORE_LIMIT: A calculated core limit as described in +# https://www.kernel.org/doc/Documentation/scheduler/sched-bwc.txt. (example: "2") +# - CONTAINER_MAX_MEMORY: Memory limit given to the container (example: "1024"). +# - GC_MIN_HEAP_FREE_RATIO: Minimum percentage of heap free after GC to avoid expansion. +# (example: "20") +# - GC_MAX_HEAP_FREE_RATIO: Maximum percentage of heap free after GC to avoid shrinking. +# (example: "40") +# - GC_TIME_RATIO: Specifies the ratio of the time spent outside the garbage collection. +# (example: "4") +# - GC_ADAPTIVE_SIZE_POLICY_WEIGHT: The weighting given to the current GC time versus +# previous GC times. (example: "90") +# - GC_METASPACE_SIZE: The initial metaspace size. (example: "20") +# - GC_MAX_METASPACE_SIZE: The maximum metaspace size. (example: "100") +# - GC_CONTAINER_OPTIONS: Specify Java GC to use. The value of this variable should +# contain the necessary JRE command-line options to specify the required GC, which +# will override the default of `-XX:+UseParallelGC` (example: -XX:+UseG1GC). +# - HTTPS_PROXY: The location of the https proxy. (example: "myuser@127.0.0.1:8080") +# - HTTP_PROXY: The location of the http proxy. (example: "myuser@127.0.0.1:8080") +# - NO_PROXY: A comma separated lists of hosts, IP addresses or domains that can be +# accessed directly. (example: "foo.example.com,bar.example.com") # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/openjdk-11:1.14 + +ENV LANGUAGE='en_US:en' -ARG JAVA_PACKAGE=java-11-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.8 -ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' -# Install java and the run-java script -# Also set up permissions for user `1001` -RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ - && microdnf update \ - && microdnf clean all \ - && mkdir /deployments \ - && chown 1001 /deployments \ - && chmod "g+rwX" /deployments \ - && chown 1001:root /deployments \ - && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ - && chown 1001 /deployments/run-java.sh \ - && chmod 540 /deployments/run-java.sh \ - && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security -# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. -ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" # We make four distinct layers so if there are application changes the library layers can be re-used -COPY --chown=1001 target/quarkus-app/lib/ /deployments/lib/ -COPY --chown=1001 target/quarkus-app/*.jar /deployments/ -COPY --chown=1001 target/quarkus-app/app/ /deployments/app/ -COPY --chown=1001 target/quarkus-app/quarkus/ /deployments/quarkus/ +COPY --chown=185 target/quarkus-app/lib/ /deployments/lib/ +COPY --chown=185 target/quarkus-app/*.jar /deployments/ +COPY --chown=185 target/quarkus-app/app/ /deployments/app/ +COPY --chown=185 target/quarkus-app/quarkus/ /deployments/quarkus/ EXPOSE 8080 -USER 1001 +USER 185 +ENV AB_JOLOKIA_OFF="" +ENV JAVA_OPTS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +ENV JAVA_APP_JAR="/deployments/quarkus-run.jar" -ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/neo4j-quickstart/src/main/docker/Dockerfile.legacy-jar b/neo4j-quickstart/src/main/docker/Dockerfile.legacy-jar index bd38bb80eb..b8b1e3a904 100644 --- a/neo4j-quickstart/src/main/docker/Dockerfile.legacy-jar +++ b/neo4j-quickstart/src/main/docker/Dockerfile.legacy-jar @@ -7,45 +7,84 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/neo4j-legacy-jar . +# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/neo4j-quickstart-legacy-jar . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/neo4j-legacy-jar +# docker run -i --rm -p 8080:8080 quarkus/neo4j-quickstart-legacy-jar # # If you want to include the debug port into your docker image -# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5005 # # Then run the container using : # -# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/neo4j-legacy-jar +# docker run -i --rm -p 8080:8080 quarkus/neo4j-quickstart-legacy-jar +# +# This image uses the `run-java.sh` script to run the application. +# This scripts computes the command line to execute your Java application, and +# includes memory/GC tuning. +# You can configure the behavior using the following environment properties: +# - JAVA_OPTS: JVM options passed to the `java` command (example: "-verbose:class") +# - JAVA_OPTS_APPEND: User specified Java options to be appended to generated options +# in JAVA_OPTS (example: "-Dsome.property=foo") +# - JAVA_MAX_MEM_RATIO: Is used when no `-Xmx` option is given in JAVA_OPTS. This is +# used to calculate a default maximal heap memory based on a containers restriction. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xmx` is set to a ratio +# of the container available memory as set here. The default is `50` which means 50% +# of the available memory is used as an upper boundary. You can skip this mechanism by +# setting this value to `0` in which case no `-Xmx` option is added. +# - JAVA_INITIAL_MEM_RATIO: Is used when no `-Xms` option is given in JAVA_OPTS. This +# is used to calculate a default initial heap memory based on the maximum heap memory. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xms` is set to a ratio +# of the `-Xmx` memory as set here. The default is `25` which means 25% of the `-Xmx` +# is used as the initial heap size. You can skip this mechanism by setting this value +# to `0` in which case no `-Xms` option is added (example: "25") +# - JAVA_MAX_INITIAL_MEM: Is used when no `-Xms` option is given in JAVA_OPTS. +# This is used to calculate the maximum value of the initial heap memory. If used in +# a container without any memory constraints for the container then this option has +# no effect. If there is a memory constraint then `-Xms` is limited to the value set +# here. The default is 4096MB which means the calculated value of `-Xms` never will +# be greater than 4096MB. The value of this variable is expressed in MB (example: "4096") +# - JAVA_DIAGNOSTICS: Set this to get some diagnostics information to standard output +# when things are happening. This option, if set to true, will set +# `-XX:+UnlockDiagnosticVMOptions`. Disabled by default (example: "true"). +# - JAVA_DEBUG: If set remote debugging will be switched on. Disabled by default (example: +# true"). +# - JAVA_DEBUG_PORT: Port used for remote debugging. Defaults to 5005 (example: "8787"). +# - CONTAINER_CORE_LIMIT: A calculated core limit as described in +# https://www.kernel.org/doc/Documentation/scheduler/sched-bwc.txt. (example: "2") +# - CONTAINER_MAX_MEMORY: Memory limit given to the container (example: "1024"). +# - GC_MIN_HEAP_FREE_RATIO: Minimum percentage of heap free after GC to avoid expansion. +# (example: "20") +# - GC_MAX_HEAP_FREE_RATIO: Maximum percentage of heap free after GC to avoid shrinking. +# (example: "40") +# - GC_TIME_RATIO: Specifies the ratio of the time spent outside the garbage collection. +# (example: "4") +# - GC_ADAPTIVE_SIZE_POLICY_WEIGHT: The weighting given to the current GC time versus +# previous GC times. (example: "90") +# - GC_METASPACE_SIZE: The initial metaspace size. (example: "20") +# - GC_MAX_METASPACE_SIZE: The maximum metaspace size. (example: "100") +# - GC_CONTAINER_OPTIONS: Specify Java GC to use. The value of this variable should +# contain the necessary JRE command-line options to specify the required GC, which +# will override the default of `-XX:+UseParallelGC` (example: -XX:+UseG1GC). +# - HTTPS_PROXY: The location of the https proxy. (example: "myuser@127.0.0.1:8080") +# - HTTP_PROXY: The location of the http proxy. (example: "myuser@127.0.0.1:8080") +# - NO_PROXY: A comma separated lists of hosts, IP addresses or domains that can be +# accessed directly. (example: "foo.example.com,bar.example.com") # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/openjdk-11:1.14 + +ENV LANGUAGE='en_US:en' -ARG JAVA_PACKAGE=java-11-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.8 -ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' -# Install java and the run-java script -# Also set up permissions for user `1001` -RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ - && microdnf update \ - && microdnf clean all \ - && mkdir /deployments \ - && chown 1001 /deployments \ - && chmod "g+rwX" /deployments \ - && chown 1001:root /deployments \ - && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ - && chown 1001 /deployments/run-java.sh \ - && chmod 540 /deployments/run-java.sh \ - && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security -# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. -ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" COPY target/lib/* /deployments/lib/ -COPY target/*-runner.jar /deployments/app.jar +COPY target/*-runner.jar /deployments/quarkus-run.jar EXPOSE 8080 -USER 1001 - -ENTRYPOINT [ "/deployments/run-java.sh" ] +USER 185 +ENV AB_JOLOKIA_OFF="" +ENV JAVA_OPTS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +ENV JAVA_APP_JAR="/deployments/quarkus-run.jar" diff --git a/neo4j-quickstart/src/main/docker/Dockerfile.native b/neo4j-quickstart/src/main/docker/Dockerfile.native index f1beec0c83..f50c866ab1 100644 --- a/neo4j-quickstart/src/main/docker/Dockerfile.native +++ b/neo4j-quickstart/src/main/docker/Dockerfile.native @@ -1,5 +1,5 @@ #### -# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode. # # Before building the container image run: # @@ -7,14 +7,14 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native -t quarkus/neo4j . +# docker build -f src/main/docker/Dockerfile.native -t quarkus/neo4j-quickstart . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/neo4j +# docker run -i --rm -p 8080:8080 quarkus/neo4j-quickstart # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.6 WORKDIR /work/ RUN chown 1001 /work \ && chmod "g+rwX" /work \ diff --git a/neo4j-quickstart/src/main/docker/Dockerfile.native-micro b/neo4j-quickstart/src/main/docker/Dockerfile.native-micro index d9ab717f96..cc4beb0d5e 100644 --- a/neo4j-quickstart/src/main/docker/Dockerfile.native-micro +++ b/neo4j-quickstart/src/main/docker/Dockerfile.native-micro @@ -1,5 +1,8 @@ #### -# This Dockerfile is used in order to build a distroless container that runs the Quarkus application in native (no JVM) mode +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode. +# It uses a micro base image, tuned for Quarkus native executables. +# It reduces the size of the resulting container image. +# Check https://quarkus.io/guides/quarkus-runtime-base-image for further information about this image. # # Before building the container image run: # @@ -7,15 +10,19 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native-micro -t quarkus/neo4j . +# docker build -f src/main/docker/Dockerfile.native-micro -t quarkus/neo4j-quickstart . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/neo4j +# docker run -i --rm -p 8080:8080 quarkus/neo4j-quickstart # ### -FROM quay.io/quarkus/quarkus-micro-image:1.0 -COPY target/*-runner /application +FROM quay.io/quarkus/quarkus-micro-image:2.0 +WORKDIR /work/ +RUN chown 1001 /work \ + && chmod "g+rwX" /work \ + && chown 1001:root /work +COPY --chown=1001:root target/*-runner /work/application EXPOSE 8080 USER 1001 diff --git a/neo4j-quickstart/src/main/resources/META-INF/resources/index.html b/neo4j-quickstart/src/main/resources/META-INF/resources/index.html index a58074e80b..e2020591d2 100644 --- a/neo4j-quickstart/src/main/resources/META-INF/resources/index.html +++ b/neo4j-quickstart/src/main/resources/META-INF/resources/index.html @@ -133,7 +133,7 @@

    Application

  • GroupId: org.acme
  • ArtifactId: neo4j-quickstart
  • Version: 1.0.0-SNAPSHOT
  • -
  • Quarkus Version: 999-SNAPSHOT
  • +
  • Quarkus Version: 2.14.0.Final
  • diff --git a/openapi-swaggerui-quickstart/pom.xml b/openapi-swaggerui-quickstart/pom.xml index 140991b293..26c4067e70 100644 --- a/openapi-swaggerui-quickstart/pom.xml +++ b/openapi-swaggerui-quickstart/pom.xml @@ -11,7 +11,7 @@ 3.0.0-M7 quarkus-bom io.quarkus - 999-SNAPSHOT + 2.14.0.Final UTF-8 11 11 diff --git a/openapi-swaggerui-quickstart/src/main/docker/Dockerfile.jvm b/openapi-swaggerui-quickstart/src/main/docker/Dockerfile.jvm index ef7ad3d980..dbcc4bf63d 100644 --- a/openapi-swaggerui-quickstart/src/main/docker/Dockerfile.jvm +++ b/openapi-swaggerui-quickstart/src/main/docker/Dockerfile.jvm @@ -7,48 +7,88 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/openapi-swaggerui-jvm . +# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/openapi-swaggerui-quickstart-jvm . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/openapi-swaggerui-jvm +# docker run -i --rm -p 8080:8080 quarkus/openapi-swaggerui-quickstart-jvm # # If you want to include the debug port into your docker image -# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5005 # # Then run the container using : # -# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/openapi-swaggerui-jvm +# docker run -i --rm -p 8080:8080 quarkus/openapi-swaggerui-quickstart-jvm +# +# This image uses the `run-java.sh` script to run the application. +# This scripts computes the command line to execute your Java application, and +# includes memory/GC tuning. +# You can configure the behavior using the following environment properties: +# - JAVA_OPTS: JVM options passed to the `java` command (example: "-verbose:class") +# - JAVA_OPTS_APPEND: User specified Java options to be appended to generated options +# in JAVA_OPTS (example: "-Dsome.property=foo") +# - JAVA_MAX_MEM_RATIO: Is used when no `-Xmx` option is given in JAVA_OPTS. This is +# used to calculate a default maximal heap memory based on a containers restriction. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xmx` is set to a ratio +# of the container available memory as set here. The default is `50` which means 50% +# of the available memory is used as an upper boundary. You can skip this mechanism by +# setting this value to `0` in which case no `-Xmx` option is added. +# - JAVA_INITIAL_MEM_RATIO: Is used when no `-Xms` option is given in JAVA_OPTS. This +# is used to calculate a default initial heap memory based on the maximum heap memory. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xms` is set to a ratio +# of the `-Xmx` memory as set here. The default is `25` which means 25% of the `-Xmx` +# is used as the initial heap size. You can skip this mechanism by setting this value +# to `0` in which case no `-Xms` option is added (example: "25") +# - JAVA_MAX_INITIAL_MEM: Is used when no `-Xms` option is given in JAVA_OPTS. +# This is used to calculate the maximum value of the initial heap memory. If used in +# a container without any memory constraints for the container then this option has +# no effect. If there is a memory constraint then `-Xms` is limited to the value set +# here. The default is 4096MB which means the calculated value of `-Xms` never will +# be greater than 4096MB. The value of this variable is expressed in MB (example: "4096") +# - JAVA_DIAGNOSTICS: Set this to get some diagnostics information to standard output +# when things are happening. This option, if set to true, will set +# `-XX:+UnlockDiagnosticVMOptions`. Disabled by default (example: "true"). +# - JAVA_DEBUG: If set remote debugging will be switched on. Disabled by default (example: +# true"). +# - JAVA_DEBUG_PORT: Port used for remote debugging. Defaults to 5005 (example: "8787"). +# - CONTAINER_CORE_LIMIT: A calculated core limit as described in +# https://www.kernel.org/doc/Documentation/scheduler/sched-bwc.txt. (example: "2") +# - CONTAINER_MAX_MEMORY: Memory limit given to the container (example: "1024"). +# - GC_MIN_HEAP_FREE_RATIO: Minimum percentage of heap free after GC to avoid expansion. +# (example: "20") +# - GC_MAX_HEAP_FREE_RATIO: Maximum percentage of heap free after GC to avoid shrinking. +# (example: "40") +# - GC_TIME_RATIO: Specifies the ratio of the time spent outside the garbage collection. +# (example: "4") +# - GC_ADAPTIVE_SIZE_POLICY_WEIGHT: The weighting given to the current GC time versus +# previous GC times. (example: "90") +# - GC_METASPACE_SIZE: The initial metaspace size. (example: "20") +# - GC_MAX_METASPACE_SIZE: The maximum metaspace size. (example: "100") +# - GC_CONTAINER_OPTIONS: Specify Java GC to use. The value of this variable should +# contain the necessary JRE command-line options to specify the required GC, which +# will override the default of `-XX:+UseParallelGC` (example: -XX:+UseG1GC). +# - HTTPS_PROXY: The location of the https proxy. (example: "myuser@127.0.0.1:8080") +# - HTTP_PROXY: The location of the http proxy. (example: "myuser@127.0.0.1:8080") +# - NO_PROXY: A comma separated lists of hosts, IP addresses or domains that can be +# accessed directly. (example: "foo.example.com,bar.example.com") # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/openjdk-11:1.14 + +ENV LANGUAGE='en_US:en' -ARG JAVA_PACKAGE=java-11-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.8 -ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' -# Install java and the run-java script -# Also set up permissions for user `1001` -RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ - && microdnf update \ - && microdnf clean all \ - && mkdir /deployments \ - && chown 1001 /deployments \ - && chmod "g+rwX" /deployments \ - && chown 1001:root /deployments \ - && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ - && chown 1001 /deployments/run-java.sh \ - && chmod 540 /deployments/run-java.sh \ - && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security -# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. -ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" # We make four distinct layers so if there are application changes the library layers can be re-used -COPY --chown=1001 target/quarkus-app/lib/ /deployments/lib/ -COPY --chown=1001 target/quarkus-app/*.jar /deployments/ -COPY --chown=1001 target/quarkus-app/app/ /deployments/app/ -COPY --chown=1001 target/quarkus-app/quarkus/ /deployments/quarkus/ +COPY --chown=185 target/quarkus-app/lib/ /deployments/lib/ +COPY --chown=185 target/quarkus-app/*.jar /deployments/ +COPY --chown=185 target/quarkus-app/app/ /deployments/app/ +COPY --chown=185 target/quarkus-app/quarkus/ /deployments/quarkus/ EXPOSE 8080 -USER 1001 +USER 185 +ENV AB_JOLOKIA_OFF="" +ENV JAVA_OPTS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +ENV JAVA_APP_JAR="/deployments/quarkus-run.jar" -ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/openapi-swaggerui-quickstart/src/main/docker/Dockerfile.legacy-jar b/openapi-swaggerui-quickstart/src/main/docker/Dockerfile.legacy-jar index 9c07549dd2..53d0fe65b9 100644 --- a/openapi-swaggerui-quickstart/src/main/docker/Dockerfile.legacy-jar +++ b/openapi-swaggerui-quickstart/src/main/docker/Dockerfile.legacy-jar @@ -7,45 +7,84 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/openapi-swaggerui-legacy-jar . +# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/openapi-swaggerui-quickstart-legacy-jar . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/openapi-swaggerui-legacy-jar +# docker run -i --rm -p 8080:8080 quarkus/openapi-swaggerui-quickstart-legacy-jar # # If you want to include the debug port into your docker image -# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5005 # # Then run the container using : # -# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/openapi-swaggerui-legacy-jar +# docker run -i --rm -p 8080:8080 quarkus/openapi-swaggerui-quickstart-legacy-jar +# +# This image uses the `run-java.sh` script to run the application. +# This scripts computes the command line to execute your Java application, and +# includes memory/GC tuning. +# You can configure the behavior using the following environment properties: +# - JAVA_OPTS: JVM options passed to the `java` command (example: "-verbose:class") +# - JAVA_OPTS_APPEND: User specified Java options to be appended to generated options +# in JAVA_OPTS (example: "-Dsome.property=foo") +# - JAVA_MAX_MEM_RATIO: Is used when no `-Xmx` option is given in JAVA_OPTS. This is +# used to calculate a default maximal heap memory based on a containers restriction. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xmx` is set to a ratio +# of the container available memory as set here. The default is `50` which means 50% +# of the available memory is used as an upper boundary. You can skip this mechanism by +# setting this value to `0` in which case no `-Xmx` option is added. +# - JAVA_INITIAL_MEM_RATIO: Is used when no `-Xms` option is given in JAVA_OPTS. This +# is used to calculate a default initial heap memory based on the maximum heap memory. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xms` is set to a ratio +# of the `-Xmx` memory as set here. The default is `25` which means 25% of the `-Xmx` +# is used as the initial heap size. You can skip this mechanism by setting this value +# to `0` in which case no `-Xms` option is added (example: "25") +# - JAVA_MAX_INITIAL_MEM: Is used when no `-Xms` option is given in JAVA_OPTS. +# This is used to calculate the maximum value of the initial heap memory. If used in +# a container without any memory constraints for the container then this option has +# no effect. If there is a memory constraint then `-Xms` is limited to the value set +# here. The default is 4096MB which means the calculated value of `-Xms` never will +# be greater than 4096MB. The value of this variable is expressed in MB (example: "4096") +# - JAVA_DIAGNOSTICS: Set this to get some diagnostics information to standard output +# when things are happening. This option, if set to true, will set +# `-XX:+UnlockDiagnosticVMOptions`. Disabled by default (example: "true"). +# - JAVA_DEBUG: If set remote debugging will be switched on. Disabled by default (example: +# true"). +# - JAVA_DEBUG_PORT: Port used for remote debugging. Defaults to 5005 (example: "8787"). +# - CONTAINER_CORE_LIMIT: A calculated core limit as described in +# https://www.kernel.org/doc/Documentation/scheduler/sched-bwc.txt. (example: "2") +# - CONTAINER_MAX_MEMORY: Memory limit given to the container (example: "1024"). +# - GC_MIN_HEAP_FREE_RATIO: Minimum percentage of heap free after GC to avoid expansion. +# (example: "20") +# - GC_MAX_HEAP_FREE_RATIO: Maximum percentage of heap free after GC to avoid shrinking. +# (example: "40") +# - GC_TIME_RATIO: Specifies the ratio of the time spent outside the garbage collection. +# (example: "4") +# - GC_ADAPTIVE_SIZE_POLICY_WEIGHT: The weighting given to the current GC time versus +# previous GC times. (example: "90") +# - GC_METASPACE_SIZE: The initial metaspace size. (example: "20") +# - GC_MAX_METASPACE_SIZE: The maximum metaspace size. (example: "100") +# - GC_CONTAINER_OPTIONS: Specify Java GC to use. The value of this variable should +# contain the necessary JRE command-line options to specify the required GC, which +# will override the default of `-XX:+UseParallelGC` (example: -XX:+UseG1GC). +# - HTTPS_PROXY: The location of the https proxy. (example: "myuser@127.0.0.1:8080") +# - HTTP_PROXY: The location of the http proxy. (example: "myuser@127.0.0.1:8080") +# - NO_PROXY: A comma separated lists of hosts, IP addresses or domains that can be +# accessed directly. (example: "foo.example.com,bar.example.com") # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/openjdk-11:1.14 + +ENV LANGUAGE='en_US:en' -ARG JAVA_PACKAGE=java-11-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.8 -ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' -# Install java and the run-java script -# Also set up permissions for user `1001` -RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ - && microdnf update \ - && microdnf clean all \ - && mkdir /deployments \ - && chown 1001 /deployments \ - && chmod "g+rwX" /deployments \ - && chown 1001:root /deployments \ - && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ - && chown 1001 /deployments/run-java.sh \ - && chmod 540 /deployments/run-java.sh \ - && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security -# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. -ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" COPY target/lib/* /deployments/lib/ -COPY target/*-runner.jar /deployments/app.jar +COPY target/*-runner.jar /deployments/quarkus-run.jar EXPOSE 8080 -USER 1001 - -ENTRYPOINT [ "/deployments/run-java.sh" ] +USER 185 +ENV AB_JOLOKIA_OFF="" +ENV JAVA_OPTS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +ENV JAVA_APP_JAR="/deployments/quarkus-run.jar" diff --git a/openapi-swaggerui-quickstart/src/main/docker/Dockerfile.native b/openapi-swaggerui-quickstart/src/main/docker/Dockerfile.native index 7481d9c7c0..a6c08d3658 100644 --- a/openapi-swaggerui-quickstart/src/main/docker/Dockerfile.native +++ b/openapi-swaggerui-quickstart/src/main/docker/Dockerfile.native @@ -1,5 +1,5 @@ #### -# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode. # # Before building the container image run: # @@ -7,14 +7,14 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native -t quarkus/openapi-swaggerui . +# docker build -f src/main/docker/Dockerfile.native -t quarkus/openapi-swaggerui-quickstart . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/openapi-swaggerui +# docker run -i --rm -p 8080:8080 quarkus/openapi-swaggerui-quickstart # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.6 WORKDIR /work/ RUN chown 1001 /work \ && chmod "g+rwX" /work \ diff --git a/openapi-swaggerui-quickstart/src/main/docker/Dockerfile.native-micro b/openapi-swaggerui-quickstart/src/main/docker/Dockerfile.native-micro index e4fb24b148..bf63f3b52a 100644 --- a/openapi-swaggerui-quickstart/src/main/docker/Dockerfile.native-micro +++ b/openapi-swaggerui-quickstart/src/main/docker/Dockerfile.native-micro @@ -1,5 +1,8 @@ #### -# This Dockerfile is used in order to build a distroless container that runs the Quarkus application in native (no JVM) mode +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode. +# It uses a micro base image, tuned for Quarkus native executables. +# It reduces the size of the resulting container image. +# Check https://quarkus.io/guides/quarkus-runtime-base-image for further information about this image. # # Before building the container image run: # @@ -7,15 +10,19 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native-micro -t quarkus/openapi-swaggerui . +# docker build -f src/main/docker/Dockerfile.native-micro -t quarkus/openapi-swaggerui-quickstart . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/openapi-swaggerui +# docker run -i --rm -p 8080:8080 quarkus/openapi-swaggerui-quickstart # ### -FROM quay.io/quarkus/quarkus-micro-image:1.0 -COPY target/*-runner /application +FROM quay.io/quarkus/quarkus-micro-image:2.0 +WORKDIR /work/ +RUN chown 1001 /work \ + && chmod "g+rwX" /work \ + && chown 1001:root /work +COPY --chown=1001:root target/*-runner /work/application EXPOSE 8080 USER 1001 diff --git a/openapi-swaggerui-quickstart/src/main/resources/META-INF/resources/index.html b/openapi-swaggerui-quickstart/src/main/resources/META-INF/resources/index.html index 9c88fee08c..8281b1af72 100644 --- a/openapi-swaggerui-quickstart/src/main/resources/META-INF/resources/index.html +++ b/openapi-swaggerui-quickstart/src/main/resources/META-INF/resources/index.html @@ -133,7 +133,7 @@

    Application

  • GroupId: org.acme
  • ArtifactId: using-openapi-swaggerui
  • Version: 1.0.0-SNAPSHOT
  • -
  • Quarkus Version: 999-SNAPSHOT
  • +
  • Quarkus Version: 2.14.0.Final
  • diff --git a/opentelemetry-quickstart/pom.xml b/opentelemetry-quickstart/pom.xml index 34a3f04197..5060983431 100644 --- a/opentelemetry-quickstart/pom.xml +++ b/opentelemetry-quickstart/pom.xml @@ -8,7 +8,7 @@ quarkus-bom io.quarkus - 999-SNAPSHOT + 2.14.0.Final 3.0.0-M7 11 UTF-8 diff --git a/opentelemetry-quickstart/src/main/docker/Dockerfile.jvm b/opentelemetry-quickstart/src/main/docker/Dockerfile.jvm index 0823914951..22306ed10a 100644 --- a/opentelemetry-quickstart/src/main/docker/Dockerfile.jvm +++ b/opentelemetry-quickstart/src/main/docker/Dockerfile.jvm @@ -7,48 +7,88 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/opentelemetry-jvm . +# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/opentelemetry-quickstart-jvm . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/opentelemetry-jvm +# docker run -i --rm -p 8080:8080 quarkus/opentelemetry-quickstart-jvm # # If you want to include the debug port into your docker image -# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5005 # # Then run the container using : # -# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/opentelemetry-jvm +# docker run -i --rm -p 8080:8080 quarkus/opentelemetry-quickstart-jvm +# +# This image uses the `run-java.sh` script to run the application. +# This scripts computes the command line to execute your Java application, and +# includes memory/GC tuning. +# You can configure the behavior using the following environment properties: +# - JAVA_OPTS: JVM options passed to the `java` command (example: "-verbose:class") +# - JAVA_OPTS_APPEND: User specified Java options to be appended to generated options +# in JAVA_OPTS (example: "-Dsome.property=foo") +# - JAVA_MAX_MEM_RATIO: Is used when no `-Xmx` option is given in JAVA_OPTS. This is +# used to calculate a default maximal heap memory based on a containers restriction. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xmx` is set to a ratio +# of the container available memory as set here. The default is `50` which means 50% +# of the available memory is used as an upper boundary. You can skip this mechanism by +# setting this value to `0` in which case no `-Xmx` option is added. +# - JAVA_INITIAL_MEM_RATIO: Is used when no `-Xms` option is given in JAVA_OPTS. This +# is used to calculate a default initial heap memory based on the maximum heap memory. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xms` is set to a ratio +# of the `-Xmx` memory as set here. The default is `25` which means 25% of the `-Xmx` +# is used as the initial heap size. You can skip this mechanism by setting this value +# to `0` in which case no `-Xms` option is added (example: "25") +# - JAVA_MAX_INITIAL_MEM: Is used when no `-Xms` option is given in JAVA_OPTS. +# This is used to calculate the maximum value of the initial heap memory. If used in +# a container without any memory constraints for the container then this option has +# no effect. If there is a memory constraint then `-Xms` is limited to the value set +# here. The default is 4096MB which means the calculated value of `-Xms` never will +# be greater than 4096MB. The value of this variable is expressed in MB (example: "4096") +# - JAVA_DIAGNOSTICS: Set this to get some diagnostics information to standard output +# when things are happening. This option, if set to true, will set +# `-XX:+UnlockDiagnosticVMOptions`. Disabled by default (example: "true"). +# - JAVA_DEBUG: If set remote debugging will be switched on. Disabled by default (example: +# true"). +# - JAVA_DEBUG_PORT: Port used for remote debugging. Defaults to 5005 (example: "8787"). +# - CONTAINER_CORE_LIMIT: A calculated core limit as described in +# https://www.kernel.org/doc/Documentation/scheduler/sched-bwc.txt. (example: "2") +# - CONTAINER_MAX_MEMORY: Memory limit given to the container (example: "1024"). +# - GC_MIN_HEAP_FREE_RATIO: Minimum percentage of heap free after GC to avoid expansion. +# (example: "20") +# - GC_MAX_HEAP_FREE_RATIO: Maximum percentage of heap free after GC to avoid shrinking. +# (example: "40") +# - GC_TIME_RATIO: Specifies the ratio of the time spent outside the garbage collection. +# (example: "4") +# - GC_ADAPTIVE_SIZE_POLICY_WEIGHT: The weighting given to the current GC time versus +# previous GC times. (example: "90") +# - GC_METASPACE_SIZE: The initial metaspace size. (example: "20") +# - GC_MAX_METASPACE_SIZE: The maximum metaspace size. (example: "100") +# - GC_CONTAINER_OPTIONS: Specify Java GC to use. The value of this variable should +# contain the necessary JRE command-line options to specify the required GC, which +# will override the default of `-XX:+UseParallelGC` (example: -XX:+UseG1GC). +# - HTTPS_PROXY: The location of the https proxy. (example: "myuser@127.0.0.1:8080") +# - HTTP_PROXY: The location of the http proxy. (example: "myuser@127.0.0.1:8080") +# - NO_PROXY: A comma separated lists of hosts, IP addresses or domains that can be +# accessed directly. (example: "foo.example.com,bar.example.com") # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/openjdk-11:1.14 + +ENV LANGUAGE='en_US:en' -ARG JAVA_PACKAGE=java-11-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.8 -ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' -# Install java and the run-java script -# Also set up permissions for user `1001` -RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ - && microdnf update \ - && microdnf clean all \ - && mkdir /deployments \ - && chown 1001 /deployments \ - && chmod "g+rwX" /deployments \ - && chown 1001:root /deployments \ - && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ - && chown 1001 /deployments/run-java.sh \ - && chmod 540 /deployments/run-java.sh \ - && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security -# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. -ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" # We make four distinct layers so if there are application changes the library layers can be re-used -COPY --chown=1001 target/quarkus-app/lib/ /deployments/lib/ -COPY --chown=1001 target/quarkus-app/*.jar /deployments/ -COPY --chown=1001 target/quarkus-app/app/ /deployments/app/ -COPY --chown=1001 target/quarkus-app/quarkus/ /deployments/quarkus/ +COPY --chown=185 target/quarkus-app/lib/ /deployments/lib/ +COPY --chown=185 target/quarkus-app/*.jar /deployments/ +COPY --chown=185 target/quarkus-app/app/ /deployments/app/ +COPY --chown=185 target/quarkus-app/quarkus/ /deployments/quarkus/ EXPOSE 8080 -USER 1001 +USER 185 +ENV AB_JOLOKIA_OFF="" +ENV JAVA_OPTS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +ENV JAVA_APP_JAR="/deployments/quarkus-run.jar" -ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/opentelemetry-quickstart/src/main/docker/Dockerfile.legacy-jar b/opentelemetry-quickstart/src/main/docker/Dockerfile.legacy-jar index b1edbf7f54..b16272f93c 100644 --- a/opentelemetry-quickstart/src/main/docker/Dockerfile.legacy-jar +++ b/opentelemetry-quickstart/src/main/docker/Dockerfile.legacy-jar @@ -7,45 +7,84 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/opentelemetry-legacy-jar . +# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/opentelemetry-quickstart-legacy-jar . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/opentelemetry-legacy-jar +# docker run -i --rm -p 8080:8080 quarkus/opentelemetry-quickstart-legacy-jar # # If you want to include the debug port into your docker image -# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5005 # # Then run the container using : # -# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/opentelemetry-legacy-jar +# docker run -i --rm -p 8080:8080 quarkus/opentelemetry-quickstart-legacy-jar +# +# This image uses the `run-java.sh` script to run the application. +# This scripts computes the command line to execute your Java application, and +# includes memory/GC tuning. +# You can configure the behavior using the following environment properties: +# - JAVA_OPTS: JVM options passed to the `java` command (example: "-verbose:class") +# - JAVA_OPTS_APPEND: User specified Java options to be appended to generated options +# in JAVA_OPTS (example: "-Dsome.property=foo") +# - JAVA_MAX_MEM_RATIO: Is used when no `-Xmx` option is given in JAVA_OPTS. This is +# used to calculate a default maximal heap memory based on a containers restriction. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xmx` is set to a ratio +# of the container available memory as set here. The default is `50` which means 50% +# of the available memory is used as an upper boundary. You can skip this mechanism by +# setting this value to `0` in which case no `-Xmx` option is added. +# - JAVA_INITIAL_MEM_RATIO: Is used when no `-Xms` option is given in JAVA_OPTS. This +# is used to calculate a default initial heap memory based on the maximum heap memory. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xms` is set to a ratio +# of the `-Xmx` memory as set here. The default is `25` which means 25% of the `-Xmx` +# is used as the initial heap size. You can skip this mechanism by setting this value +# to `0` in which case no `-Xms` option is added (example: "25") +# - JAVA_MAX_INITIAL_MEM: Is used when no `-Xms` option is given in JAVA_OPTS. +# This is used to calculate the maximum value of the initial heap memory. If used in +# a container without any memory constraints for the container then this option has +# no effect. If there is a memory constraint then `-Xms` is limited to the value set +# here. The default is 4096MB which means the calculated value of `-Xms` never will +# be greater than 4096MB. The value of this variable is expressed in MB (example: "4096") +# - JAVA_DIAGNOSTICS: Set this to get some diagnostics information to standard output +# when things are happening. This option, if set to true, will set +# `-XX:+UnlockDiagnosticVMOptions`. Disabled by default (example: "true"). +# - JAVA_DEBUG: If set remote debugging will be switched on. Disabled by default (example: +# true"). +# - JAVA_DEBUG_PORT: Port used for remote debugging. Defaults to 5005 (example: "8787"). +# - CONTAINER_CORE_LIMIT: A calculated core limit as described in +# https://www.kernel.org/doc/Documentation/scheduler/sched-bwc.txt. (example: "2") +# - CONTAINER_MAX_MEMORY: Memory limit given to the container (example: "1024"). +# - GC_MIN_HEAP_FREE_RATIO: Minimum percentage of heap free after GC to avoid expansion. +# (example: "20") +# - GC_MAX_HEAP_FREE_RATIO: Maximum percentage of heap free after GC to avoid shrinking. +# (example: "40") +# - GC_TIME_RATIO: Specifies the ratio of the time spent outside the garbage collection. +# (example: "4") +# - GC_ADAPTIVE_SIZE_POLICY_WEIGHT: The weighting given to the current GC time versus +# previous GC times. (example: "90") +# - GC_METASPACE_SIZE: The initial metaspace size. (example: "20") +# - GC_MAX_METASPACE_SIZE: The maximum metaspace size. (example: "100") +# - GC_CONTAINER_OPTIONS: Specify Java GC to use. The value of this variable should +# contain the necessary JRE command-line options to specify the required GC, which +# will override the default of `-XX:+UseParallelGC` (example: -XX:+UseG1GC). +# - HTTPS_PROXY: The location of the https proxy. (example: "myuser@127.0.0.1:8080") +# - HTTP_PROXY: The location of the http proxy. (example: "myuser@127.0.0.1:8080") +# - NO_PROXY: A comma separated lists of hosts, IP addresses or domains that can be +# accessed directly. (example: "foo.example.com,bar.example.com") # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/openjdk-11:1.14 + +ENV LANGUAGE='en_US:en' -ARG JAVA_PACKAGE=java-11-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.8 -ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' -# Install java and the run-java script -# Also set up permissions for user `1001` -RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ - && microdnf update \ - && microdnf clean all \ - && mkdir /deployments \ - && chown 1001 /deployments \ - && chmod "g+rwX" /deployments \ - && chown 1001:root /deployments \ - && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ - && chown 1001 /deployments/run-java.sh \ - && chmod 540 /deployments/run-java.sh \ - && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security -# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. -ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" COPY target/lib/* /deployments/lib/ -COPY target/*-runner.jar /deployments/app.jar +COPY target/*-runner.jar /deployments/quarkus-run.jar EXPOSE 8080 -USER 1001 - -ENTRYPOINT [ "/deployments/run-java.sh" ] +USER 185 +ENV AB_JOLOKIA_OFF="" +ENV JAVA_OPTS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +ENV JAVA_APP_JAR="/deployments/quarkus-run.jar" diff --git a/opentelemetry-quickstart/src/main/docker/Dockerfile.native b/opentelemetry-quickstart/src/main/docker/Dockerfile.native index 05acf25319..76f4d98456 100644 --- a/opentelemetry-quickstart/src/main/docker/Dockerfile.native +++ b/opentelemetry-quickstart/src/main/docker/Dockerfile.native @@ -1,5 +1,5 @@ #### -# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode. # # Before building the container image run: # @@ -7,14 +7,14 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native -t quarkus/opentelemetry . +# docker build -f src/main/docker/Dockerfile.native -t quarkus/opentelemetry-quickstart . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/opentelemetry +# docker run -i --rm -p 8080:8080 quarkus/opentelemetry-quickstart # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.6 WORKDIR /work/ RUN chown 1001 /work \ && chmod "g+rwX" /work \ diff --git a/opentelemetry-quickstart/src/main/docker/Dockerfile.native-micro b/opentelemetry-quickstart/src/main/docker/Dockerfile.native-micro index f70ef213e4..999c16aa44 100644 --- a/opentelemetry-quickstart/src/main/docker/Dockerfile.native-micro +++ b/opentelemetry-quickstart/src/main/docker/Dockerfile.native-micro @@ -1,5 +1,8 @@ #### -# This Dockerfile is used in order to build a distroless container that runs the Quarkus application in native (no JVM) mode +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode. +# It uses a micro base image, tuned for Quarkus native executables. +# It reduces the size of the resulting container image. +# Check https://quarkus.io/guides/quarkus-runtime-base-image for further information about this image. # # Before building the container image run: # @@ -7,15 +10,19 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native-micro -t quarkus/opentelemetry . +# docker build -f src/main/docker/Dockerfile.native-micro -t quarkus/opentelemetry-quickstart . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/opentelemetry +# docker run -i --rm -p 8080:8080 quarkus/opentelemetry-quickstart # ### -FROM quay.io/quarkus/quarkus-micro-image:1.0 -COPY target/*-runner /application +FROM quay.io/quarkus/quarkus-micro-image:2.0 +WORKDIR /work/ +RUN chown 1001 /work \ + && chmod "g+rwX" /work \ + && chown 1001:root /work +COPY --chown=1001:root target/*-runner /work/application EXPOSE 8080 USER 1001 diff --git a/opentelemetry-quickstart/src/main/resources/META-INF/resources/index.html b/opentelemetry-quickstart/src/main/resources/META-INF/resources/index.html index 3839fc8911..d370b4567c 100644 --- a/opentelemetry-quickstart/src/main/resources/META-INF/resources/index.html +++ b/opentelemetry-quickstart/src/main/resources/META-INF/resources/index.html @@ -133,7 +133,7 @@

    Application

  • GroupId: org.acme
  • ArtifactId: using-opentelemetry
  • Version: 1.0.0-SNAPSHOT
  • -
  • Quarkus Version: 999-SNAPSHOT
  • +
  • Quarkus Version: 2.14.0.Final
  • diff --git a/opentracing-quickstart/pom.xml b/opentracing-quickstart/pom.xml index bf9de10bd9..c4e8b3f901 100644 --- a/opentracing-quickstart/pom.xml +++ b/opentracing-quickstart/pom.xml @@ -8,7 +8,7 @@ quarkus-bom io.quarkus - 999-SNAPSHOT + 2.14.0.Final 3.0.0-M7 11 UTF-8 diff --git a/opentracing-quickstart/src/main/docker/Dockerfile.jvm b/opentracing-quickstart/src/main/docker/Dockerfile.jvm index c717e297ef..60fed835b2 100644 --- a/opentracing-quickstart/src/main/docker/Dockerfile.jvm +++ b/opentracing-quickstart/src/main/docker/Dockerfile.jvm @@ -7,48 +7,88 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/opentracing-jvm . +# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/opentracing-quickstart-jvm . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/opentracing-jvm +# docker run -i --rm -p 8080:8080 quarkus/opentracing-quickstart-jvm # # If you want to include the debug port into your docker image -# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5005 # # Then run the container using : # -# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/opentracing-jvm +# docker run -i --rm -p 8080:8080 quarkus/opentracing-quickstart-jvm +# +# This image uses the `run-java.sh` script to run the application. +# This scripts computes the command line to execute your Java application, and +# includes memory/GC tuning. +# You can configure the behavior using the following environment properties: +# - JAVA_OPTS: JVM options passed to the `java` command (example: "-verbose:class") +# - JAVA_OPTS_APPEND: User specified Java options to be appended to generated options +# in JAVA_OPTS (example: "-Dsome.property=foo") +# - JAVA_MAX_MEM_RATIO: Is used when no `-Xmx` option is given in JAVA_OPTS. This is +# used to calculate a default maximal heap memory based on a containers restriction. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xmx` is set to a ratio +# of the container available memory as set here. The default is `50` which means 50% +# of the available memory is used as an upper boundary. You can skip this mechanism by +# setting this value to `0` in which case no `-Xmx` option is added. +# - JAVA_INITIAL_MEM_RATIO: Is used when no `-Xms` option is given in JAVA_OPTS. This +# is used to calculate a default initial heap memory based on the maximum heap memory. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xms` is set to a ratio +# of the `-Xmx` memory as set here. The default is `25` which means 25% of the `-Xmx` +# is used as the initial heap size. You can skip this mechanism by setting this value +# to `0` in which case no `-Xms` option is added (example: "25") +# - JAVA_MAX_INITIAL_MEM: Is used when no `-Xms` option is given in JAVA_OPTS. +# This is used to calculate the maximum value of the initial heap memory. If used in +# a container without any memory constraints for the container then this option has +# no effect. If there is a memory constraint then `-Xms` is limited to the value set +# here. The default is 4096MB which means the calculated value of `-Xms` never will +# be greater than 4096MB. The value of this variable is expressed in MB (example: "4096") +# - JAVA_DIAGNOSTICS: Set this to get some diagnostics information to standard output +# when things are happening. This option, if set to true, will set +# `-XX:+UnlockDiagnosticVMOptions`. Disabled by default (example: "true"). +# - JAVA_DEBUG: If set remote debugging will be switched on. Disabled by default (example: +# true"). +# - JAVA_DEBUG_PORT: Port used for remote debugging. Defaults to 5005 (example: "8787"). +# - CONTAINER_CORE_LIMIT: A calculated core limit as described in +# https://www.kernel.org/doc/Documentation/scheduler/sched-bwc.txt. (example: "2") +# - CONTAINER_MAX_MEMORY: Memory limit given to the container (example: "1024"). +# - GC_MIN_HEAP_FREE_RATIO: Minimum percentage of heap free after GC to avoid expansion. +# (example: "20") +# - GC_MAX_HEAP_FREE_RATIO: Maximum percentage of heap free after GC to avoid shrinking. +# (example: "40") +# - GC_TIME_RATIO: Specifies the ratio of the time spent outside the garbage collection. +# (example: "4") +# - GC_ADAPTIVE_SIZE_POLICY_WEIGHT: The weighting given to the current GC time versus +# previous GC times. (example: "90") +# - GC_METASPACE_SIZE: The initial metaspace size. (example: "20") +# - GC_MAX_METASPACE_SIZE: The maximum metaspace size. (example: "100") +# - GC_CONTAINER_OPTIONS: Specify Java GC to use. The value of this variable should +# contain the necessary JRE command-line options to specify the required GC, which +# will override the default of `-XX:+UseParallelGC` (example: -XX:+UseG1GC). +# - HTTPS_PROXY: The location of the https proxy. (example: "myuser@127.0.0.1:8080") +# - HTTP_PROXY: The location of the http proxy. (example: "myuser@127.0.0.1:8080") +# - NO_PROXY: A comma separated lists of hosts, IP addresses or domains that can be +# accessed directly. (example: "foo.example.com,bar.example.com") # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/openjdk-11:1.14 + +ENV LANGUAGE='en_US:en' -ARG JAVA_PACKAGE=java-11-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.8 -ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' -# Install java and the run-java script -# Also set up permissions for user `1001` -RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ - && microdnf update \ - && microdnf clean all \ - && mkdir /deployments \ - && chown 1001 /deployments \ - && chmod "g+rwX" /deployments \ - && chown 1001:root /deployments \ - && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ - && chown 1001 /deployments/run-java.sh \ - && chmod 540 /deployments/run-java.sh \ - && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security -# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. -ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" # We make four distinct layers so if there are application changes the library layers can be re-used -COPY --chown=1001 target/quarkus-app/lib/ /deployments/lib/ -COPY --chown=1001 target/quarkus-app/*.jar /deployments/ -COPY --chown=1001 target/quarkus-app/app/ /deployments/app/ -COPY --chown=1001 target/quarkus-app/quarkus/ /deployments/quarkus/ +COPY --chown=185 target/quarkus-app/lib/ /deployments/lib/ +COPY --chown=185 target/quarkus-app/*.jar /deployments/ +COPY --chown=185 target/quarkus-app/app/ /deployments/app/ +COPY --chown=185 target/quarkus-app/quarkus/ /deployments/quarkus/ EXPOSE 8080 -USER 1001 +USER 185 +ENV AB_JOLOKIA_OFF="" +ENV JAVA_OPTS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +ENV JAVA_APP_JAR="/deployments/quarkus-run.jar" -ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/opentracing-quickstart/src/main/docker/Dockerfile.legacy-jar b/opentracing-quickstart/src/main/docker/Dockerfile.legacy-jar index eab8014c12..8ebfb9d760 100644 --- a/opentracing-quickstart/src/main/docker/Dockerfile.legacy-jar +++ b/opentracing-quickstart/src/main/docker/Dockerfile.legacy-jar @@ -7,45 +7,84 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/opentracing-legacy-jar . +# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/opentracing-quickstart-legacy-jar . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/opentracing-legacy-jar +# docker run -i --rm -p 8080:8080 quarkus/opentracing-quickstart-legacy-jar # # If you want to include the debug port into your docker image -# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5005 # # Then run the container using : # -# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/opentracing-legacy-jar +# docker run -i --rm -p 8080:8080 quarkus/opentracing-quickstart-legacy-jar +# +# This image uses the `run-java.sh` script to run the application. +# This scripts computes the command line to execute your Java application, and +# includes memory/GC tuning. +# You can configure the behavior using the following environment properties: +# - JAVA_OPTS: JVM options passed to the `java` command (example: "-verbose:class") +# - JAVA_OPTS_APPEND: User specified Java options to be appended to generated options +# in JAVA_OPTS (example: "-Dsome.property=foo") +# - JAVA_MAX_MEM_RATIO: Is used when no `-Xmx` option is given in JAVA_OPTS. This is +# used to calculate a default maximal heap memory based on a containers restriction. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xmx` is set to a ratio +# of the container available memory as set here. The default is `50` which means 50% +# of the available memory is used as an upper boundary. You can skip this mechanism by +# setting this value to `0` in which case no `-Xmx` option is added. +# - JAVA_INITIAL_MEM_RATIO: Is used when no `-Xms` option is given in JAVA_OPTS. This +# is used to calculate a default initial heap memory based on the maximum heap memory. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xms` is set to a ratio +# of the `-Xmx` memory as set here. The default is `25` which means 25% of the `-Xmx` +# is used as the initial heap size. You can skip this mechanism by setting this value +# to `0` in which case no `-Xms` option is added (example: "25") +# - JAVA_MAX_INITIAL_MEM: Is used when no `-Xms` option is given in JAVA_OPTS. +# This is used to calculate the maximum value of the initial heap memory. If used in +# a container without any memory constraints for the container then this option has +# no effect. If there is a memory constraint then `-Xms` is limited to the value set +# here. The default is 4096MB which means the calculated value of `-Xms` never will +# be greater than 4096MB. The value of this variable is expressed in MB (example: "4096") +# - JAVA_DIAGNOSTICS: Set this to get some diagnostics information to standard output +# when things are happening. This option, if set to true, will set +# `-XX:+UnlockDiagnosticVMOptions`. Disabled by default (example: "true"). +# - JAVA_DEBUG: If set remote debugging will be switched on. Disabled by default (example: +# true"). +# - JAVA_DEBUG_PORT: Port used for remote debugging. Defaults to 5005 (example: "8787"). +# - CONTAINER_CORE_LIMIT: A calculated core limit as described in +# https://www.kernel.org/doc/Documentation/scheduler/sched-bwc.txt. (example: "2") +# - CONTAINER_MAX_MEMORY: Memory limit given to the container (example: "1024"). +# - GC_MIN_HEAP_FREE_RATIO: Minimum percentage of heap free after GC to avoid expansion. +# (example: "20") +# - GC_MAX_HEAP_FREE_RATIO: Maximum percentage of heap free after GC to avoid shrinking. +# (example: "40") +# - GC_TIME_RATIO: Specifies the ratio of the time spent outside the garbage collection. +# (example: "4") +# - GC_ADAPTIVE_SIZE_POLICY_WEIGHT: The weighting given to the current GC time versus +# previous GC times. (example: "90") +# - GC_METASPACE_SIZE: The initial metaspace size. (example: "20") +# - GC_MAX_METASPACE_SIZE: The maximum metaspace size. (example: "100") +# - GC_CONTAINER_OPTIONS: Specify Java GC to use. The value of this variable should +# contain the necessary JRE command-line options to specify the required GC, which +# will override the default of `-XX:+UseParallelGC` (example: -XX:+UseG1GC). +# - HTTPS_PROXY: The location of the https proxy. (example: "myuser@127.0.0.1:8080") +# - HTTP_PROXY: The location of the http proxy. (example: "myuser@127.0.0.1:8080") +# - NO_PROXY: A comma separated lists of hosts, IP addresses or domains that can be +# accessed directly. (example: "foo.example.com,bar.example.com") # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/openjdk-11:1.14 + +ENV LANGUAGE='en_US:en' -ARG JAVA_PACKAGE=java-11-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.8 -ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' -# Install java and the run-java script -# Also set up permissions for user `1001` -RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ - && microdnf update \ - && microdnf clean all \ - && mkdir /deployments \ - && chown 1001 /deployments \ - && chmod "g+rwX" /deployments \ - && chown 1001:root /deployments \ - && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ - && chown 1001 /deployments/run-java.sh \ - && chmod 540 /deployments/run-java.sh \ - && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security -# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. -ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" COPY target/lib/* /deployments/lib/ -COPY target/*-runner.jar /deployments/app.jar +COPY target/*-runner.jar /deployments/quarkus-run.jar EXPOSE 8080 -USER 1001 - -ENTRYPOINT [ "/deployments/run-java.sh" ] +USER 185 +ENV AB_JOLOKIA_OFF="" +ENV JAVA_OPTS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +ENV JAVA_APP_JAR="/deployments/quarkus-run.jar" diff --git a/opentracing-quickstart/src/main/docker/Dockerfile.native b/opentracing-quickstart/src/main/docker/Dockerfile.native index 6145b01224..4820f585fd 100644 --- a/opentracing-quickstart/src/main/docker/Dockerfile.native +++ b/opentracing-quickstart/src/main/docker/Dockerfile.native @@ -1,5 +1,5 @@ #### -# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode. # # Before building the container image run: # @@ -7,14 +7,14 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native -t quarkus/opentracing . +# docker build -f src/main/docker/Dockerfile.native -t quarkus/opentracing-quickstart . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/opentracing +# docker run -i --rm -p 8080:8080 quarkus/opentracing-quickstart # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.6 WORKDIR /work/ RUN chown 1001 /work \ && chmod "g+rwX" /work \ diff --git a/opentracing-quickstart/src/main/docker/Dockerfile.native-micro b/opentracing-quickstart/src/main/docker/Dockerfile.native-micro index 84758e7c46..8470c84c6c 100644 --- a/opentracing-quickstart/src/main/docker/Dockerfile.native-micro +++ b/opentracing-quickstart/src/main/docker/Dockerfile.native-micro @@ -1,5 +1,8 @@ #### -# This Dockerfile is used in order to build a distroless container that runs the Quarkus application in native (no JVM) mode +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode. +# It uses a micro base image, tuned for Quarkus native executables. +# It reduces the size of the resulting container image. +# Check https://quarkus.io/guides/quarkus-runtime-base-image for further information about this image. # # Before building the container image run: # @@ -7,15 +10,19 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native-micro -t quarkus/opentracing . +# docker build -f src/main/docker/Dockerfile.native-micro -t quarkus/opentracing-quickstart . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/opentracing +# docker run -i --rm -p 8080:8080 quarkus/opentracing-quickstart # ### -FROM quay.io/quarkus/quarkus-micro-image:1.0 -COPY target/*-runner /application +FROM quay.io/quarkus/quarkus-micro-image:2.0 +WORKDIR /work/ +RUN chown 1001 /work \ + && chmod "g+rwX" /work \ + && chown 1001:root /work +COPY --chown=1001:root target/*-runner /work/application EXPOSE 8080 USER 1001 diff --git a/opentracing-quickstart/src/main/resources/META-INF/resources/index.html b/opentracing-quickstart/src/main/resources/META-INF/resources/index.html index 6ca767eaf8..df6d3aa7ac 100644 --- a/opentracing-quickstart/src/main/resources/META-INF/resources/index.html +++ b/opentracing-quickstart/src/main/resources/META-INF/resources/index.html @@ -133,7 +133,7 @@

    Application

  • GroupId: org.acme
  • ArtifactId: using-opentracing
  • Version: 1.0.0-SNAPSHOT
  • -
  • Quarkus Version: 999-SNAPSHOT
  • +
  • Quarkus Version: 2.14.0.Final
  • diff --git a/optaplanner-quickstart/pom.xml b/optaplanner-quickstart/pom.xml index 689446616e..be8911c72c 100644 --- a/optaplanner-quickstart/pom.xml +++ b/optaplanner-quickstart/pom.xml @@ -9,7 +9,7 @@ quarkus-bom io.quarkus - 999-SNAPSHOT + 2.14.0.Final 8.29.0.Final 3.8.1 3.0.0-M7 diff --git a/optaplanner-quickstart/src/main/docker/Dockerfile.jvm b/optaplanner-quickstart/src/main/docker/Dockerfile.jvm index 85b19d625f..e09f645489 100644 --- a/optaplanner-quickstart/src/main/docker/Dockerfile.jvm +++ b/optaplanner-quickstart/src/main/docker/Dockerfile.jvm @@ -7,48 +7,88 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/optaplanner-jvm . +# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/optaplanner-quickstart-jvm . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/optaplanner-jvm +# docker run -i --rm -p 8080:8080 quarkus/optaplanner-quickstart-jvm # # If you want to include the debug port into your docker image -# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5005 # # Then run the container using : # -# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/optaplanner-jvm +# docker run -i --rm -p 8080:8080 quarkus/optaplanner-quickstart-jvm +# +# This image uses the `run-java.sh` script to run the application. +# This scripts computes the command line to execute your Java application, and +# includes memory/GC tuning. +# You can configure the behavior using the following environment properties: +# - JAVA_OPTS: JVM options passed to the `java` command (example: "-verbose:class") +# - JAVA_OPTS_APPEND: User specified Java options to be appended to generated options +# in JAVA_OPTS (example: "-Dsome.property=foo") +# - JAVA_MAX_MEM_RATIO: Is used when no `-Xmx` option is given in JAVA_OPTS. This is +# used to calculate a default maximal heap memory based on a containers restriction. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xmx` is set to a ratio +# of the container available memory as set here. The default is `50` which means 50% +# of the available memory is used as an upper boundary. You can skip this mechanism by +# setting this value to `0` in which case no `-Xmx` option is added. +# - JAVA_INITIAL_MEM_RATIO: Is used when no `-Xms` option is given in JAVA_OPTS. This +# is used to calculate a default initial heap memory based on the maximum heap memory. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xms` is set to a ratio +# of the `-Xmx` memory as set here. The default is `25` which means 25% of the `-Xmx` +# is used as the initial heap size. You can skip this mechanism by setting this value +# to `0` in which case no `-Xms` option is added (example: "25") +# - JAVA_MAX_INITIAL_MEM: Is used when no `-Xms` option is given in JAVA_OPTS. +# This is used to calculate the maximum value of the initial heap memory. If used in +# a container without any memory constraints for the container then this option has +# no effect. If there is a memory constraint then `-Xms` is limited to the value set +# here. The default is 4096MB which means the calculated value of `-Xms` never will +# be greater than 4096MB. The value of this variable is expressed in MB (example: "4096") +# - JAVA_DIAGNOSTICS: Set this to get some diagnostics information to standard output +# when things are happening. This option, if set to true, will set +# `-XX:+UnlockDiagnosticVMOptions`. Disabled by default (example: "true"). +# - JAVA_DEBUG: If set remote debugging will be switched on. Disabled by default (example: +# true"). +# - JAVA_DEBUG_PORT: Port used for remote debugging. Defaults to 5005 (example: "8787"). +# - CONTAINER_CORE_LIMIT: A calculated core limit as described in +# https://www.kernel.org/doc/Documentation/scheduler/sched-bwc.txt. (example: "2") +# - CONTAINER_MAX_MEMORY: Memory limit given to the container (example: "1024"). +# - GC_MIN_HEAP_FREE_RATIO: Minimum percentage of heap free after GC to avoid expansion. +# (example: "20") +# - GC_MAX_HEAP_FREE_RATIO: Maximum percentage of heap free after GC to avoid shrinking. +# (example: "40") +# - GC_TIME_RATIO: Specifies the ratio of the time spent outside the garbage collection. +# (example: "4") +# - GC_ADAPTIVE_SIZE_POLICY_WEIGHT: The weighting given to the current GC time versus +# previous GC times. (example: "90") +# - GC_METASPACE_SIZE: The initial metaspace size. (example: "20") +# - GC_MAX_METASPACE_SIZE: The maximum metaspace size. (example: "100") +# - GC_CONTAINER_OPTIONS: Specify Java GC to use. The value of this variable should +# contain the necessary JRE command-line options to specify the required GC, which +# will override the default of `-XX:+UseParallelGC` (example: -XX:+UseG1GC). +# - HTTPS_PROXY: The location of the https proxy. (example: "myuser@127.0.0.1:8080") +# - HTTP_PROXY: The location of the http proxy. (example: "myuser@127.0.0.1:8080") +# - NO_PROXY: A comma separated lists of hosts, IP addresses or domains that can be +# accessed directly. (example: "foo.example.com,bar.example.com") # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal +FROM registry.access.redhat.com/ubi8/openjdk-11:1.14 + +ENV LANGUAGE='en_US:en' -ARG JAVA_PACKAGE=java-11-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.8 -ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' -# Install java and the run-java script -# Also set up permissions for user `1001` -RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ - && microdnf update \ - && microdnf clean all \ - && mkdir /deployments \ - && chown 1001 /deployments \ - && chmod "g+rwX" /deployments \ - && chown 1001:root /deployments \ - && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ - && chown 1001 /deployments/run-java.sh \ - && chmod 540 /deployments/run-java.sh \ - && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security -# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. -ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" # We make four distinct layers so if there are application changes the library layers can be re-used -COPY --chown=1001 target/quarkus-app/lib/ /deployments/lib/ -COPY --chown=1001 target/quarkus-app/*.jar /deployments/ -COPY --chown=1001 target/quarkus-app/app/ /deployments/app/ -COPY --chown=1001 target/quarkus-app/quarkus/ /deployments/quarkus/ +COPY --chown=185 target/quarkus-app/lib/ /deployments/lib/ +COPY --chown=185 target/quarkus-app/*.jar /deployments/ +COPY --chown=185 target/quarkus-app/app/ /deployments/app/ +COPY --chown=185 target/quarkus-app/quarkus/ /deployments/quarkus/ EXPOSE 8080 -USER 1001 +USER 185 +ENV AB_JOLOKIA_OFF="" +ENV JAVA_OPTS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +ENV JAVA_APP_JAR="/deployments/quarkus-run.jar" -ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/optaplanner-quickstart/src/main/docker/Dockerfile.legacy-jar b/optaplanner-quickstart/src/main/docker/Dockerfile.legacy-jar index 669eacf3b8..003177c387 100644 --- a/optaplanner-quickstart/src/main/docker/Dockerfile.legacy-jar +++ b/optaplanner-quickstart/src/main/docker/Dockerfile.legacy-jar @@ -7,45 +7,84 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/optaplanner-legacy-jar . +# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/optaplanner-quickstart-legacy-jar . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/optaplanner-legacy-jar +# docker run -i --rm -p 8080:8080 quarkus/optaplanner-quickstart-legacy-jar # # If you want to include the debug port into your docker image -# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5005 # # Then run the container using : # -# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/optaplanner-legacy-jar +# docker run -i --rm -p 8080:8080 quarkus/optaplanner-quickstart-legacy-jar +# +# This image uses the `run-java.sh` script to run the application. +# This scripts computes the command line to execute your Java application, and +# includes memory/GC tuning. +# You can configure the behavior using the following environment properties: +# - JAVA_OPTS: JVM options passed to the `java` command (example: "-verbose:class") +# - JAVA_OPTS_APPEND: User specified Java options to be appended to generated options +# in JAVA_OPTS (example: "-Dsome.property=foo") +# - JAVA_MAX_MEM_RATIO: Is used when no `-Xmx` option is given in JAVA_OPTS. This is +# used to calculate a default maximal heap memory based on a containers restriction. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xmx` is set to a ratio +# of the container available memory as set here. The default is `50` which means 50% +# of the available memory is used as an upper boundary. You can skip this mechanism by +# setting this value to `0` in which case no `-Xmx` option is added. +# - JAVA_INITIAL_MEM_RATIO: Is used when no `-Xms` option is given in JAVA_OPTS. This +# is used to calculate a default initial heap memory based on the maximum heap memory. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xms` is set to a ratio +# of the `-Xmx` memory as set here. The default is `25` which means 25% of the `-Xmx` +# is used as the initial heap size. You can skip this mechanism by setting this value +# to `0` in which case no `-Xms` option is added (example: "25") +# - JAVA_MAX_INITIAL_MEM: Is used when no `-Xms` option is given in JAVA_OPTS. +# This is used to calculate the maximum value of the initial heap memory. If used in +# a container without any memory constraints for the container then this option has +# no effect. If there is a memory constraint then `-Xms` is limited to the value set +# here. The default is 4096MB which means the calculated value of `-Xms` never will +# be greater than 4096MB. The value of this variable is expressed in MB (example: "4096") +# - JAVA_DIAGNOSTICS: Set this to get some diagnostics information to standard output +# when things are happening. This option, if set to true, will set +# `-XX:+UnlockDiagnosticVMOptions`. Disabled by default (example: "true"). +# - JAVA_DEBUG: If set remote debugging will be switched on. Disabled by default (example: +# true"). +# - JAVA_DEBUG_PORT: Port used for remote debugging. Defaults to 5005 (example: "8787"). +# - CONTAINER_CORE_LIMIT: A calculated core limit as described in +# https://www.kernel.org/doc/Documentation/scheduler/sched-bwc.txt. (example: "2") +# - CONTAINER_MAX_MEMORY: Memory limit given to the container (example: "1024"). +# - GC_MIN_HEAP_FREE_RATIO: Minimum percentage of heap free after GC to avoid expansion. +# (example: "20") +# - GC_MAX_HEAP_FREE_RATIO: Maximum percentage of heap free after GC to avoid shrinking. +# (example: "40") +# - GC_TIME_RATIO: Specifies the ratio of the time spent outside the garbage collection. +# (example: "4") +# - GC_ADAPTIVE_SIZE_POLICY_WEIGHT: The weighting given to the current GC time versus +# previous GC times. (example: "90") +# - GC_METASPACE_SIZE: The initial metaspace size. (example: "20") +# - GC_MAX_METASPACE_SIZE: The maximum metaspace size. (example: "100") +# - GC_CONTAINER_OPTIONS: Specify Java GC to use. The value of this variable should +# contain the necessary JRE command-line options to specify the required GC, which +# will override the default of `-XX:+UseParallelGC` (example: -XX:+UseG1GC). +# - HTTPS_PROXY: The location of the https proxy. (example: "myuser@127.0.0.1:8080") +# - HTTP_PROXY: The location of the http proxy. (example: "myuser@127.0.0.1:8080") +# - NO_PROXY: A comma separated lists of hosts, IP addresses or domains that can be +# accessed directly. (example: "foo.example.com,bar.example.com") # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/openjdk-11:1.14 + +ENV LANGUAGE='en_US:en' -ARG JAVA_PACKAGE=java-11-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.8 -ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' -# Install java and the run-java script -# Also set up permissions for user `1001` -RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ - && microdnf update \ - && microdnf clean all \ - && mkdir /deployments \ - && chown 1001 /deployments \ - && chmod "g+rwX" /deployments \ - && chown 1001:root /deployments \ - && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ - && chown 1001 /deployments/run-java.sh \ - && chmod 540 /deployments/run-java.sh \ - && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security -# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. -ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" COPY target/lib/* /deployments/lib/ -COPY target/*-runner.jar /deployments/app.jar +COPY target/*-runner.jar /deployments/quarkus-run.jar EXPOSE 8080 -USER 1001 - -ENTRYPOINT [ "/deployments/run-java.sh" ] +USER 185 +ENV AB_JOLOKIA_OFF="" +ENV JAVA_OPTS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +ENV JAVA_APP_JAR="/deployments/quarkus-run.jar" diff --git a/optaplanner-quickstart/src/main/docker/Dockerfile.native b/optaplanner-quickstart/src/main/docker/Dockerfile.native index a829de6506..aa41919a46 100644 --- a/optaplanner-quickstart/src/main/docker/Dockerfile.native +++ b/optaplanner-quickstart/src/main/docker/Dockerfile.native @@ -1,5 +1,5 @@ #### -# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode. # # Before building the container image run: # @@ -7,14 +7,14 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native -t quarkus/optaplanner . +# docker build -f src/main/docker/Dockerfile.native -t quarkus/optaplanner-quickstart . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/optaplanner +# docker run -i --rm -p 8080:8080 quarkus/optaplanner-quickstart # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.6 WORKDIR /work/ RUN chown 1001 /work \ && chmod "g+rwX" /work \ diff --git a/optaplanner-quickstart/src/main/docker/Dockerfile.native-micro b/optaplanner-quickstart/src/main/docker/Dockerfile.native-micro index e61ea54468..79a0ebfa6f 100644 --- a/optaplanner-quickstart/src/main/docker/Dockerfile.native-micro +++ b/optaplanner-quickstart/src/main/docker/Dockerfile.native-micro @@ -1,5 +1,8 @@ #### -# This Dockerfile is used in order to build a distroless container that runs the Quarkus application in native (no JVM) mode +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode. +# It uses a micro base image, tuned for Quarkus native executables. +# It reduces the size of the resulting container image. +# Check https://quarkus.io/guides/quarkus-runtime-base-image for further information about this image. # # Before building the container image run: # @@ -7,15 +10,19 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native-micro -t quarkus/optaplanner . +# docker build -f src/main/docker/Dockerfile.native-micro -t quarkus/optaplanner-quickstart . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/optaplanner +# docker run -i --rm -p 8080:8080 quarkus/optaplanner-quickstart # ### -FROM quay.io/quarkus/quarkus-micro-image:1.0 -COPY target/*-runner /application +FROM quay.io/quarkus/quarkus-micro-image:2.0 +WORKDIR /work/ +RUN chown 1001 /work \ + && chmod "g+rwX" /work \ + && chown 1001:root /work +COPY --chown=1001:root target/*-runner /work/application EXPOSE 8080 USER 1001 diff --git a/quartz-quickstart/pom.xml b/quartz-quickstart/pom.xml index 029145601f..f2df23176c 100644 --- a/quartz-quickstart/pom.xml +++ b/quartz-quickstart/pom.xml @@ -9,7 +9,7 @@ quarkus-bom io.quarkus - 999-SNAPSHOT + 2.14.0.Final 3.0.0-M7 UTF-8 11 diff --git a/quartz-quickstart/src/main/docker/Dockerfile.jvm b/quartz-quickstart/src/main/docker/Dockerfile.jvm index 5b1c843db4..c69552bdaa 100644 --- a/quartz-quickstart/src/main/docker/Dockerfile.jvm +++ b/quartz-quickstart/src/main/docker/Dockerfile.jvm @@ -7,48 +7,88 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/quartz-jvm . +# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/quartz-quickstart-jvm . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/quartz-jvm +# docker run -i --rm -p 8080:8080 quarkus/quartz-quickstart-jvm # # If you want to include the debug port into your docker image -# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5005 # # Then run the container using : # -# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/quartz-jvm +# docker run -i --rm -p 8080:8080 quarkus/quartz-quickstart-jvm +# +# This image uses the `run-java.sh` script to run the application. +# This scripts computes the command line to execute your Java application, and +# includes memory/GC tuning. +# You can configure the behavior using the following environment properties: +# - JAVA_OPTS: JVM options passed to the `java` command (example: "-verbose:class") +# - JAVA_OPTS_APPEND: User specified Java options to be appended to generated options +# in JAVA_OPTS (example: "-Dsome.property=foo") +# - JAVA_MAX_MEM_RATIO: Is used when no `-Xmx` option is given in JAVA_OPTS. This is +# used to calculate a default maximal heap memory based on a containers restriction. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xmx` is set to a ratio +# of the container available memory as set here. The default is `50` which means 50% +# of the available memory is used as an upper boundary. You can skip this mechanism by +# setting this value to `0` in which case no `-Xmx` option is added. +# - JAVA_INITIAL_MEM_RATIO: Is used when no `-Xms` option is given in JAVA_OPTS. This +# is used to calculate a default initial heap memory based on the maximum heap memory. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xms` is set to a ratio +# of the `-Xmx` memory as set here. The default is `25` which means 25% of the `-Xmx` +# is used as the initial heap size. You can skip this mechanism by setting this value +# to `0` in which case no `-Xms` option is added (example: "25") +# - JAVA_MAX_INITIAL_MEM: Is used when no `-Xms` option is given in JAVA_OPTS. +# This is used to calculate the maximum value of the initial heap memory. If used in +# a container without any memory constraints for the container then this option has +# no effect. If there is a memory constraint then `-Xms` is limited to the value set +# here. The default is 4096MB which means the calculated value of `-Xms` never will +# be greater than 4096MB. The value of this variable is expressed in MB (example: "4096") +# - JAVA_DIAGNOSTICS: Set this to get some diagnostics information to standard output +# when things are happening. This option, if set to true, will set +# `-XX:+UnlockDiagnosticVMOptions`. Disabled by default (example: "true"). +# - JAVA_DEBUG: If set remote debugging will be switched on. Disabled by default (example: +# true"). +# - JAVA_DEBUG_PORT: Port used for remote debugging. Defaults to 5005 (example: "8787"). +# - CONTAINER_CORE_LIMIT: A calculated core limit as described in +# https://www.kernel.org/doc/Documentation/scheduler/sched-bwc.txt. (example: "2") +# - CONTAINER_MAX_MEMORY: Memory limit given to the container (example: "1024"). +# - GC_MIN_HEAP_FREE_RATIO: Minimum percentage of heap free after GC to avoid expansion. +# (example: "20") +# - GC_MAX_HEAP_FREE_RATIO: Maximum percentage of heap free after GC to avoid shrinking. +# (example: "40") +# - GC_TIME_RATIO: Specifies the ratio of the time spent outside the garbage collection. +# (example: "4") +# - GC_ADAPTIVE_SIZE_POLICY_WEIGHT: The weighting given to the current GC time versus +# previous GC times. (example: "90") +# - GC_METASPACE_SIZE: The initial metaspace size. (example: "20") +# - GC_MAX_METASPACE_SIZE: The maximum metaspace size. (example: "100") +# - GC_CONTAINER_OPTIONS: Specify Java GC to use. The value of this variable should +# contain the necessary JRE command-line options to specify the required GC, which +# will override the default of `-XX:+UseParallelGC` (example: -XX:+UseG1GC). +# - HTTPS_PROXY: The location of the https proxy. (example: "myuser@127.0.0.1:8080") +# - HTTP_PROXY: The location of the http proxy. (example: "myuser@127.0.0.1:8080") +# - NO_PROXY: A comma separated lists of hosts, IP addresses or domains that can be +# accessed directly. (example: "foo.example.com,bar.example.com") # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/openjdk-11:1.14 + +ENV LANGUAGE='en_US:en' -ARG JAVA_PACKAGE=java-11-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.8 -ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' -# Install java and the run-java script -# Also set up permissions for user `1001` -RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ - && microdnf update \ - && microdnf clean all \ - && mkdir /deployments \ - && chown 1001 /deployments \ - && chmod "g+rwX" /deployments \ - && chown 1001:root /deployments \ - && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ - && chown 1001 /deployments/run-java.sh \ - && chmod 540 /deployments/run-java.sh \ - && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security -# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. -ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" # We make four distinct layers so if there are application changes the library layers can be re-used -COPY --chown=1001 target/quarkus-app/lib/ /deployments/lib/ -COPY --chown=1001 target/quarkus-app/*.jar /deployments/ -COPY --chown=1001 target/quarkus-app/app/ /deployments/app/ -COPY --chown=1001 target/quarkus-app/quarkus/ /deployments/quarkus/ +COPY --chown=185 target/quarkus-app/lib/ /deployments/lib/ +COPY --chown=185 target/quarkus-app/*.jar /deployments/ +COPY --chown=185 target/quarkus-app/app/ /deployments/app/ +COPY --chown=185 target/quarkus-app/quarkus/ /deployments/quarkus/ EXPOSE 8080 -USER 1001 +USER 185 +ENV AB_JOLOKIA_OFF="" +ENV JAVA_OPTS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +ENV JAVA_APP_JAR="/deployments/quarkus-run.jar" -ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/quartz-quickstart/src/main/docker/Dockerfile.legacy-jar b/quartz-quickstart/src/main/docker/Dockerfile.legacy-jar index d822ef6a40..4d7ebc015b 100644 --- a/quartz-quickstart/src/main/docker/Dockerfile.legacy-jar +++ b/quartz-quickstart/src/main/docker/Dockerfile.legacy-jar @@ -7,45 +7,84 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/quartz-legacy-jar . +# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/quartz-quickstart-legacy-jar . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/quartz-legacy-jar +# docker run -i --rm -p 8080:8080 quarkus/quartz-quickstart-legacy-jar # # If you want to include the debug port into your docker image -# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5005 # # Then run the container using : # -# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/quartz-legacy-jar +# docker run -i --rm -p 8080:8080 quarkus/quartz-quickstart-legacy-jar +# +# This image uses the `run-java.sh` script to run the application. +# This scripts computes the command line to execute your Java application, and +# includes memory/GC tuning. +# You can configure the behavior using the following environment properties: +# - JAVA_OPTS: JVM options passed to the `java` command (example: "-verbose:class") +# - JAVA_OPTS_APPEND: User specified Java options to be appended to generated options +# in JAVA_OPTS (example: "-Dsome.property=foo") +# - JAVA_MAX_MEM_RATIO: Is used when no `-Xmx` option is given in JAVA_OPTS. This is +# used to calculate a default maximal heap memory based on a containers restriction. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xmx` is set to a ratio +# of the container available memory as set here. The default is `50` which means 50% +# of the available memory is used as an upper boundary. You can skip this mechanism by +# setting this value to `0` in which case no `-Xmx` option is added. +# - JAVA_INITIAL_MEM_RATIO: Is used when no `-Xms` option is given in JAVA_OPTS. This +# is used to calculate a default initial heap memory based on the maximum heap memory. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xms` is set to a ratio +# of the `-Xmx` memory as set here. The default is `25` which means 25% of the `-Xmx` +# is used as the initial heap size. You can skip this mechanism by setting this value +# to `0` in which case no `-Xms` option is added (example: "25") +# - JAVA_MAX_INITIAL_MEM: Is used when no `-Xms` option is given in JAVA_OPTS. +# This is used to calculate the maximum value of the initial heap memory. If used in +# a container without any memory constraints for the container then this option has +# no effect. If there is a memory constraint then `-Xms` is limited to the value set +# here. The default is 4096MB which means the calculated value of `-Xms` never will +# be greater than 4096MB. The value of this variable is expressed in MB (example: "4096") +# - JAVA_DIAGNOSTICS: Set this to get some diagnostics information to standard output +# when things are happening. This option, if set to true, will set +# `-XX:+UnlockDiagnosticVMOptions`. Disabled by default (example: "true"). +# - JAVA_DEBUG: If set remote debugging will be switched on. Disabled by default (example: +# true"). +# - JAVA_DEBUG_PORT: Port used for remote debugging. Defaults to 5005 (example: "8787"). +# - CONTAINER_CORE_LIMIT: A calculated core limit as described in +# https://www.kernel.org/doc/Documentation/scheduler/sched-bwc.txt. (example: "2") +# - CONTAINER_MAX_MEMORY: Memory limit given to the container (example: "1024"). +# - GC_MIN_HEAP_FREE_RATIO: Minimum percentage of heap free after GC to avoid expansion. +# (example: "20") +# - GC_MAX_HEAP_FREE_RATIO: Maximum percentage of heap free after GC to avoid shrinking. +# (example: "40") +# - GC_TIME_RATIO: Specifies the ratio of the time spent outside the garbage collection. +# (example: "4") +# - GC_ADAPTIVE_SIZE_POLICY_WEIGHT: The weighting given to the current GC time versus +# previous GC times. (example: "90") +# - GC_METASPACE_SIZE: The initial metaspace size. (example: "20") +# - GC_MAX_METASPACE_SIZE: The maximum metaspace size. (example: "100") +# - GC_CONTAINER_OPTIONS: Specify Java GC to use. The value of this variable should +# contain the necessary JRE command-line options to specify the required GC, which +# will override the default of `-XX:+UseParallelGC` (example: -XX:+UseG1GC). +# - HTTPS_PROXY: The location of the https proxy. (example: "myuser@127.0.0.1:8080") +# - HTTP_PROXY: The location of the http proxy. (example: "myuser@127.0.0.1:8080") +# - NO_PROXY: A comma separated lists of hosts, IP addresses or domains that can be +# accessed directly. (example: "foo.example.com,bar.example.com") # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/openjdk-11:1.14 + +ENV LANGUAGE='en_US:en' -ARG JAVA_PACKAGE=java-11-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.8 -ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' -# Install java and the run-java script -# Also set up permissions for user `1001` -RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ - && microdnf update \ - && microdnf clean all \ - && mkdir /deployments \ - && chown 1001 /deployments \ - && chmod "g+rwX" /deployments \ - && chown 1001:root /deployments \ - && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ - && chown 1001 /deployments/run-java.sh \ - && chmod 540 /deployments/run-java.sh \ - && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security -# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. -ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" COPY target/lib/* /deployments/lib/ -COPY target/*-runner.jar /deployments/app.jar +COPY target/*-runner.jar /deployments/quarkus-run.jar EXPOSE 8080 -USER 1001 - -ENTRYPOINT [ "/deployments/run-java.sh" ] +USER 185 +ENV AB_JOLOKIA_OFF="" +ENV JAVA_OPTS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +ENV JAVA_APP_JAR="/deployments/quarkus-run.jar" diff --git a/quartz-quickstart/src/main/docker/Dockerfile.native b/quartz-quickstart/src/main/docker/Dockerfile.native index 65fa2be31f..8b8f06e356 100644 --- a/quartz-quickstart/src/main/docker/Dockerfile.native +++ b/quartz-quickstart/src/main/docker/Dockerfile.native @@ -1,5 +1,5 @@ #### -# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode. # # Before building the container image run: # @@ -7,14 +7,14 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native -t quarkus/quartz . +# docker build -f src/main/docker/Dockerfile.native -t quarkus/quartz-quickstart . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/quartz +# docker run -i --rm -p 8080:8080 quarkus/quartz-quickstart # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.6 WORKDIR /work/ RUN chown 1001 /work \ && chmod "g+rwX" /work \ diff --git a/quartz-quickstart/src/main/docker/Dockerfile.native-micro b/quartz-quickstart/src/main/docker/Dockerfile.native-micro index 68f3cd6cda..6362fdd08b 100644 --- a/quartz-quickstart/src/main/docker/Dockerfile.native-micro +++ b/quartz-quickstart/src/main/docker/Dockerfile.native-micro @@ -1,5 +1,8 @@ #### -# This Dockerfile is used in order to build a distroless container that runs the Quarkus application in native (no JVM) mode +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode. +# It uses a micro base image, tuned for Quarkus native executables. +# It reduces the size of the resulting container image. +# Check https://quarkus.io/guides/quarkus-runtime-base-image for further information about this image. # # Before building the container image run: # @@ -7,15 +10,19 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native-micro -t quarkus/quartz . +# docker build -f src/main/docker/Dockerfile.native-micro -t quarkus/quartz-quickstart . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/quartz +# docker run -i --rm -p 8080:8080 quarkus/quartz-quickstart # ### -FROM quay.io/quarkus/quarkus-micro-image:1.0 -COPY target/*-runner /application +FROM quay.io/quarkus/quarkus-micro-image:2.0 +WORKDIR /work/ +RUN chown 1001 /work \ + && chmod "g+rwX" /work \ + && chown 1001:root /work +COPY --chown=1001:root target/*-runner /work/application EXPOSE 8080 USER 1001 diff --git a/qute-quickstart/pom.xml b/qute-quickstart/pom.xml index 31b9590a7c..4134ad9818 100644 --- a/qute-quickstart/pom.xml +++ b/qute-quickstart/pom.xml @@ -8,7 +8,7 @@ quarkus-bom io.quarkus - 999-SNAPSHOT + 2.14.0.Final 3.0.0-M7 3.8.0 UTF-8 diff --git a/qute-quickstart/src/main/docker/Dockerfile.jvm b/qute-quickstart/src/main/docker/Dockerfile.jvm index 255cce373c..ecc68d4e8b 100644 --- a/qute-quickstart/src/main/docker/Dockerfile.jvm +++ b/qute-quickstart/src/main/docker/Dockerfile.jvm @@ -7,48 +7,88 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/qute-jvm . +# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/qute-quickstart-jvm . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/qute-jvm +# docker run -i --rm -p 8080:8080 quarkus/qute-quickstart-jvm # # If you want to include the debug port into your docker image -# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5005 # # Then run the container using : # -# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/qute-jvm +# docker run -i --rm -p 8080:8080 quarkus/qute-quickstart-jvm +# +# This image uses the `run-java.sh` script to run the application. +# This scripts computes the command line to execute your Java application, and +# includes memory/GC tuning. +# You can configure the behavior using the following environment properties: +# - JAVA_OPTS: JVM options passed to the `java` command (example: "-verbose:class") +# - JAVA_OPTS_APPEND: User specified Java options to be appended to generated options +# in JAVA_OPTS (example: "-Dsome.property=foo") +# - JAVA_MAX_MEM_RATIO: Is used when no `-Xmx` option is given in JAVA_OPTS. This is +# used to calculate a default maximal heap memory based on a containers restriction. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xmx` is set to a ratio +# of the container available memory as set here. The default is `50` which means 50% +# of the available memory is used as an upper boundary. You can skip this mechanism by +# setting this value to `0` in which case no `-Xmx` option is added. +# - JAVA_INITIAL_MEM_RATIO: Is used when no `-Xms` option is given in JAVA_OPTS. This +# is used to calculate a default initial heap memory based on the maximum heap memory. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xms` is set to a ratio +# of the `-Xmx` memory as set here. The default is `25` which means 25% of the `-Xmx` +# is used as the initial heap size. You can skip this mechanism by setting this value +# to `0` in which case no `-Xms` option is added (example: "25") +# - JAVA_MAX_INITIAL_MEM: Is used when no `-Xms` option is given in JAVA_OPTS. +# This is used to calculate the maximum value of the initial heap memory. If used in +# a container without any memory constraints for the container then this option has +# no effect. If there is a memory constraint then `-Xms` is limited to the value set +# here. The default is 4096MB which means the calculated value of `-Xms` never will +# be greater than 4096MB. The value of this variable is expressed in MB (example: "4096") +# - JAVA_DIAGNOSTICS: Set this to get some diagnostics information to standard output +# when things are happening. This option, if set to true, will set +# `-XX:+UnlockDiagnosticVMOptions`. Disabled by default (example: "true"). +# - JAVA_DEBUG: If set remote debugging will be switched on. Disabled by default (example: +# true"). +# - JAVA_DEBUG_PORT: Port used for remote debugging. Defaults to 5005 (example: "8787"). +# - CONTAINER_CORE_LIMIT: A calculated core limit as described in +# https://www.kernel.org/doc/Documentation/scheduler/sched-bwc.txt. (example: "2") +# - CONTAINER_MAX_MEMORY: Memory limit given to the container (example: "1024"). +# - GC_MIN_HEAP_FREE_RATIO: Minimum percentage of heap free after GC to avoid expansion. +# (example: "20") +# - GC_MAX_HEAP_FREE_RATIO: Maximum percentage of heap free after GC to avoid shrinking. +# (example: "40") +# - GC_TIME_RATIO: Specifies the ratio of the time spent outside the garbage collection. +# (example: "4") +# - GC_ADAPTIVE_SIZE_POLICY_WEIGHT: The weighting given to the current GC time versus +# previous GC times. (example: "90") +# - GC_METASPACE_SIZE: The initial metaspace size. (example: "20") +# - GC_MAX_METASPACE_SIZE: The maximum metaspace size. (example: "100") +# - GC_CONTAINER_OPTIONS: Specify Java GC to use. The value of this variable should +# contain the necessary JRE command-line options to specify the required GC, which +# will override the default of `-XX:+UseParallelGC` (example: -XX:+UseG1GC). +# - HTTPS_PROXY: The location of the https proxy. (example: "myuser@127.0.0.1:8080") +# - HTTP_PROXY: The location of the http proxy. (example: "myuser@127.0.0.1:8080") +# - NO_PROXY: A comma separated lists of hosts, IP addresses or domains that can be +# accessed directly. (example: "foo.example.com,bar.example.com") # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/openjdk-11:1.14 + +ENV LANGUAGE='en_US:en' -ARG JAVA_PACKAGE=java-11-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.8 -ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' -# Install java and the run-java script -# Also set up permissions for user `1001` -RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ - && microdnf update \ - && microdnf clean all \ - && mkdir /deployments \ - && chown 1001 /deployments \ - && chmod "g+rwX" /deployments \ - && chown 1001:root /deployments \ - && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ - && chown 1001 /deployments/run-java.sh \ - && chmod 540 /deployments/run-java.sh \ - && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security -# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. -ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" # We make four distinct layers so if there are application changes the library layers can be re-used -COPY --chown=1001 target/quarkus-app/lib/ /deployments/lib/ -COPY --chown=1001 target/quarkus-app/*.jar /deployments/ -COPY --chown=1001 target/quarkus-app/app/ /deployments/app/ -COPY --chown=1001 target/quarkus-app/quarkus/ /deployments/quarkus/ +COPY --chown=185 target/quarkus-app/lib/ /deployments/lib/ +COPY --chown=185 target/quarkus-app/*.jar /deployments/ +COPY --chown=185 target/quarkus-app/app/ /deployments/app/ +COPY --chown=185 target/quarkus-app/quarkus/ /deployments/quarkus/ EXPOSE 8080 -USER 1001 +USER 185 +ENV AB_JOLOKIA_OFF="" +ENV JAVA_OPTS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +ENV JAVA_APP_JAR="/deployments/quarkus-run.jar" -ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/qute-quickstart/src/main/docker/Dockerfile.legacy-jar b/qute-quickstart/src/main/docker/Dockerfile.legacy-jar index 93a0e2ac1a..cae614095a 100644 --- a/qute-quickstart/src/main/docker/Dockerfile.legacy-jar +++ b/qute-quickstart/src/main/docker/Dockerfile.legacy-jar @@ -7,45 +7,84 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/qute-legacy-jar . +# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/qute-quickstart-legacy-jar . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/qute-legacy-jar +# docker run -i --rm -p 8080:8080 quarkus/qute-quickstart-legacy-jar # # If you want to include the debug port into your docker image -# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5005 # # Then run the container using : # -# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/qute-legacy-jar +# docker run -i --rm -p 8080:8080 quarkus/qute-quickstart-legacy-jar +# +# This image uses the `run-java.sh` script to run the application. +# This scripts computes the command line to execute your Java application, and +# includes memory/GC tuning. +# You can configure the behavior using the following environment properties: +# - JAVA_OPTS: JVM options passed to the `java` command (example: "-verbose:class") +# - JAVA_OPTS_APPEND: User specified Java options to be appended to generated options +# in JAVA_OPTS (example: "-Dsome.property=foo") +# - JAVA_MAX_MEM_RATIO: Is used when no `-Xmx` option is given in JAVA_OPTS. This is +# used to calculate a default maximal heap memory based on a containers restriction. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xmx` is set to a ratio +# of the container available memory as set here. The default is `50` which means 50% +# of the available memory is used as an upper boundary. You can skip this mechanism by +# setting this value to `0` in which case no `-Xmx` option is added. +# - JAVA_INITIAL_MEM_RATIO: Is used when no `-Xms` option is given in JAVA_OPTS. This +# is used to calculate a default initial heap memory based on the maximum heap memory. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xms` is set to a ratio +# of the `-Xmx` memory as set here. The default is `25` which means 25% of the `-Xmx` +# is used as the initial heap size. You can skip this mechanism by setting this value +# to `0` in which case no `-Xms` option is added (example: "25") +# - JAVA_MAX_INITIAL_MEM: Is used when no `-Xms` option is given in JAVA_OPTS. +# This is used to calculate the maximum value of the initial heap memory. If used in +# a container without any memory constraints for the container then this option has +# no effect. If there is a memory constraint then `-Xms` is limited to the value set +# here. The default is 4096MB which means the calculated value of `-Xms` never will +# be greater than 4096MB. The value of this variable is expressed in MB (example: "4096") +# - JAVA_DIAGNOSTICS: Set this to get some diagnostics information to standard output +# when things are happening. This option, if set to true, will set +# `-XX:+UnlockDiagnosticVMOptions`. Disabled by default (example: "true"). +# - JAVA_DEBUG: If set remote debugging will be switched on. Disabled by default (example: +# true"). +# - JAVA_DEBUG_PORT: Port used for remote debugging. Defaults to 5005 (example: "8787"). +# - CONTAINER_CORE_LIMIT: A calculated core limit as described in +# https://www.kernel.org/doc/Documentation/scheduler/sched-bwc.txt. (example: "2") +# - CONTAINER_MAX_MEMORY: Memory limit given to the container (example: "1024"). +# - GC_MIN_HEAP_FREE_RATIO: Minimum percentage of heap free after GC to avoid expansion. +# (example: "20") +# - GC_MAX_HEAP_FREE_RATIO: Maximum percentage of heap free after GC to avoid shrinking. +# (example: "40") +# - GC_TIME_RATIO: Specifies the ratio of the time spent outside the garbage collection. +# (example: "4") +# - GC_ADAPTIVE_SIZE_POLICY_WEIGHT: The weighting given to the current GC time versus +# previous GC times. (example: "90") +# - GC_METASPACE_SIZE: The initial metaspace size. (example: "20") +# - GC_MAX_METASPACE_SIZE: The maximum metaspace size. (example: "100") +# - GC_CONTAINER_OPTIONS: Specify Java GC to use. The value of this variable should +# contain the necessary JRE command-line options to specify the required GC, which +# will override the default of `-XX:+UseParallelGC` (example: -XX:+UseG1GC). +# - HTTPS_PROXY: The location of the https proxy. (example: "myuser@127.0.0.1:8080") +# - HTTP_PROXY: The location of the http proxy. (example: "myuser@127.0.0.1:8080") +# - NO_PROXY: A comma separated lists of hosts, IP addresses or domains that can be +# accessed directly. (example: "foo.example.com,bar.example.com") # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/openjdk-11:1.14 + +ENV LANGUAGE='en_US:en' -ARG JAVA_PACKAGE=java-11-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.8 -ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' -# Install java and the run-java script -# Also set up permissions for user `1001` -RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ - && microdnf update \ - && microdnf clean all \ - && mkdir /deployments \ - && chown 1001 /deployments \ - && chmod "g+rwX" /deployments \ - && chown 1001:root /deployments \ - && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ - && chown 1001 /deployments/run-java.sh \ - && chmod 540 /deployments/run-java.sh \ - && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security -# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. -ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" COPY target/lib/* /deployments/lib/ -COPY target/*-runner.jar /deployments/app.jar +COPY target/*-runner.jar /deployments/quarkus-run.jar EXPOSE 8080 -USER 1001 - -ENTRYPOINT [ "/deployments/run-java.sh" ] +USER 185 +ENV AB_JOLOKIA_OFF="" +ENV JAVA_OPTS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +ENV JAVA_APP_JAR="/deployments/quarkus-run.jar" diff --git a/qute-quickstart/src/main/docker/Dockerfile.native b/qute-quickstart/src/main/docker/Dockerfile.native index 213a031011..91854da53c 100644 --- a/qute-quickstart/src/main/docker/Dockerfile.native +++ b/qute-quickstart/src/main/docker/Dockerfile.native @@ -1,5 +1,5 @@ #### -# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode. # # Before building the container image run: # @@ -7,14 +7,14 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native -t quarkus/qute . +# docker build -f src/main/docker/Dockerfile.native -t quarkus/qute-quickstart . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/qute +# docker run -i --rm -p 8080:8080 quarkus/qute-quickstart # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.6 WORKDIR /work/ RUN chown 1001 /work \ && chmod "g+rwX" /work \ diff --git a/qute-quickstart/src/main/docker/Dockerfile.native-micro b/qute-quickstart/src/main/docker/Dockerfile.native-micro index c608bf6302..2499484f33 100644 --- a/qute-quickstart/src/main/docker/Dockerfile.native-micro +++ b/qute-quickstart/src/main/docker/Dockerfile.native-micro @@ -1,5 +1,8 @@ #### -# This Dockerfile is used in order to build a distroless container that runs the Quarkus application in native (no JVM) mode +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode. +# It uses a micro base image, tuned for Quarkus native executables. +# It reduces the size of the resulting container image. +# Check https://quarkus.io/guides/quarkus-runtime-base-image for further information about this image. # # Before building the container image run: # @@ -7,15 +10,19 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native-micro -t quarkus/qute . +# docker build -f src/main/docker/Dockerfile.native-micro -t quarkus/qute-quickstart . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/qute +# docker run -i --rm -p 8080:8080 quarkus/qute-quickstart # ### -FROM quay.io/quarkus/quarkus-micro-image:1.0 -COPY target/*-runner /application +FROM quay.io/quarkus/quarkus-micro-image:2.0 +WORKDIR /work/ +RUN chown 1001 /work \ + && chmod "g+rwX" /work \ + && chown 1001:root /work +COPY --chown=1001:root target/*-runner /work/application EXPOSE 8080 USER 1001 diff --git a/rabbitmq-quickstart/rabbitmq-quickstart-processor/pom.xml b/rabbitmq-quickstart/rabbitmq-quickstart-processor/pom.xml index e6631461a2..23dddeee20 100644 --- a/rabbitmq-quickstart/rabbitmq-quickstart-processor/pom.xml +++ b/rabbitmq-quickstart/rabbitmq-quickstart-processor/pom.xml @@ -14,7 +14,7 @@ UTF-8 quarkus-bom io.quarkus - 999-SNAPSHOT + 2.14.0.Final 3.0.0-M7 diff --git a/rabbitmq-quickstart/rabbitmq-quickstart-producer/pom.xml b/rabbitmq-quickstart/rabbitmq-quickstart-producer/pom.xml index 0998545d20..69dfbfd9cd 100644 --- a/rabbitmq-quickstart/rabbitmq-quickstart-producer/pom.xml +++ b/rabbitmq-quickstart/rabbitmq-quickstart-producer/pom.xml @@ -14,7 +14,7 @@ UTF-8 quarkus-bom io.quarkus - 999-SNAPSHOT + 2.14.0.Final 3.0.0-M7 diff --git a/reactive-messaging-http-quickstart/pom.xml b/reactive-messaging-http-quickstart/pom.xml index 0154749071..d001724593 100644 --- a/reactive-messaging-http-quickstart/pom.xml +++ b/reactive-messaging-http-quickstart/pom.xml @@ -21,7 +21,7 @@ UTF-8 quarkus-bom io.quarkus - 999-SNAPSHOT + 2.14.0.Final 3.0.0-M7 diff --git a/reactive-messaging-http-quickstart/src/main/docker/Dockerfile.jvm b/reactive-messaging-http-quickstart/src/main/docker/Dockerfile.jvm index f970d873f4..38fc3e37f6 100644 --- a/reactive-messaging-http-quickstart/src/main/docker/Dockerfile.jvm +++ b/reactive-messaging-http-quickstart/src/main/docker/Dockerfile.jvm @@ -7,48 +7,88 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/reactive-messaging-http-jvm . +# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/reactive-messaging-http-quickstart-jvm . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/reactive-messaging-http-jvm +# docker run -i --rm -p 8080:8080 quarkus/reactive-messaging-http-quickstart-jvm # # If you want to include the debug port into your docker image -# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5005 # # Then run the container using : # -# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/reactive-messaging-http-jvm +# docker run -i --rm -p 8080:8080 quarkus/reactive-messaging-http-quickstart-jvm +# +# This image uses the `run-java.sh` script to run the application. +# This scripts computes the command line to execute your Java application, and +# includes memory/GC tuning. +# You can configure the behavior using the following environment properties: +# - JAVA_OPTS: JVM options passed to the `java` command (example: "-verbose:class") +# - JAVA_OPTS_APPEND: User specified Java options to be appended to generated options +# in JAVA_OPTS (example: "-Dsome.property=foo") +# - JAVA_MAX_MEM_RATIO: Is used when no `-Xmx` option is given in JAVA_OPTS. This is +# used to calculate a default maximal heap memory based on a containers restriction. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xmx` is set to a ratio +# of the container available memory as set here. The default is `50` which means 50% +# of the available memory is used as an upper boundary. You can skip this mechanism by +# setting this value to `0` in which case no `-Xmx` option is added. +# - JAVA_INITIAL_MEM_RATIO: Is used when no `-Xms` option is given in JAVA_OPTS. This +# is used to calculate a default initial heap memory based on the maximum heap memory. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xms` is set to a ratio +# of the `-Xmx` memory as set here. The default is `25` which means 25% of the `-Xmx` +# is used as the initial heap size. You can skip this mechanism by setting this value +# to `0` in which case no `-Xms` option is added (example: "25") +# - JAVA_MAX_INITIAL_MEM: Is used when no `-Xms` option is given in JAVA_OPTS. +# This is used to calculate the maximum value of the initial heap memory. If used in +# a container without any memory constraints for the container then this option has +# no effect. If there is a memory constraint then `-Xms` is limited to the value set +# here. The default is 4096MB which means the calculated value of `-Xms` never will +# be greater than 4096MB. The value of this variable is expressed in MB (example: "4096") +# - JAVA_DIAGNOSTICS: Set this to get some diagnostics information to standard output +# when things are happening. This option, if set to true, will set +# `-XX:+UnlockDiagnosticVMOptions`. Disabled by default (example: "true"). +# - JAVA_DEBUG: If set remote debugging will be switched on. Disabled by default (example: +# true"). +# - JAVA_DEBUG_PORT: Port used for remote debugging. Defaults to 5005 (example: "8787"). +# - CONTAINER_CORE_LIMIT: A calculated core limit as described in +# https://www.kernel.org/doc/Documentation/scheduler/sched-bwc.txt. (example: "2") +# - CONTAINER_MAX_MEMORY: Memory limit given to the container (example: "1024"). +# - GC_MIN_HEAP_FREE_RATIO: Minimum percentage of heap free after GC to avoid expansion. +# (example: "20") +# - GC_MAX_HEAP_FREE_RATIO: Maximum percentage of heap free after GC to avoid shrinking. +# (example: "40") +# - GC_TIME_RATIO: Specifies the ratio of the time spent outside the garbage collection. +# (example: "4") +# - GC_ADAPTIVE_SIZE_POLICY_WEIGHT: The weighting given to the current GC time versus +# previous GC times. (example: "90") +# - GC_METASPACE_SIZE: The initial metaspace size. (example: "20") +# - GC_MAX_METASPACE_SIZE: The maximum metaspace size. (example: "100") +# - GC_CONTAINER_OPTIONS: Specify Java GC to use. The value of this variable should +# contain the necessary JRE command-line options to specify the required GC, which +# will override the default of `-XX:+UseParallelGC` (example: -XX:+UseG1GC). +# - HTTPS_PROXY: The location of the https proxy. (example: "myuser@127.0.0.1:8080") +# - HTTP_PROXY: The location of the http proxy. (example: "myuser@127.0.0.1:8080") +# - NO_PROXY: A comma separated lists of hosts, IP addresses or domains that can be +# accessed directly. (example: "foo.example.com,bar.example.com") # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/openjdk-11:1.14 + +ENV LANGUAGE='en_US:en' -ARG JAVA_PACKAGE=java-11-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.8 -ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' -# Install java and the run-java script -# Also set up permissions for user `1001` -RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ - && microdnf update \ - && microdnf clean all \ - && mkdir /deployments \ - && chown 1001 /deployments \ - && chmod "g+rwX" /deployments \ - && chown 1001:root /deployments \ - && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ - && chown 1001 /deployments/run-java.sh \ - && chmod 540 /deployments/run-java.sh \ - && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security -# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. -ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" # We make four distinct layers so if there are application changes the library layers can be re-used -COPY --chown=1001 target/quarkus-app/lib/ /deployments/lib/ -COPY --chown=1001 target/quarkus-app/*.jar /deployments/ -COPY --chown=1001 target/quarkus-app/app/ /deployments/app/ -COPY --chown=1001 target/quarkus-app/quarkus/ /deployments/quarkus/ +COPY --chown=185 target/quarkus-app/lib/ /deployments/lib/ +COPY --chown=185 target/quarkus-app/*.jar /deployments/ +COPY --chown=185 target/quarkus-app/app/ /deployments/app/ +COPY --chown=185 target/quarkus-app/quarkus/ /deployments/quarkus/ EXPOSE 8080 -USER 1001 +USER 185 +ENV AB_JOLOKIA_OFF="" +ENV JAVA_OPTS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +ENV JAVA_APP_JAR="/deployments/quarkus-run.jar" -ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/reactive-messaging-http-quickstart/src/main/docker/Dockerfile.legacy-jar b/reactive-messaging-http-quickstart/src/main/docker/Dockerfile.legacy-jar index a5240adb20..7dd93b95cc 100644 --- a/reactive-messaging-http-quickstart/src/main/docker/Dockerfile.legacy-jar +++ b/reactive-messaging-http-quickstart/src/main/docker/Dockerfile.legacy-jar @@ -7,45 +7,84 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/reactive-messaging-http-legacy-jar . +# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/reactive-messaging-http-quickstart-legacy-jar . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/reactive-messaging-http-legacy-jar +# docker run -i --rm -p 8080:8080 quarkus/reactive-messaging-http-quickstart-legacy-jar # # If you want to include the debug port into your docker image -# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5005 # # Then run the container using : # -# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/reactive-messaging-http-legacy-jar +# docker run -i --rm -p 8080:8080 quarkus/reactive-messaging-http-quickstart-legacy-jar +# +# This image uses the `run-java.sh` script to run the application. +# This scripts computes the command line to execute your Java application, and +# includes memory/GC tuning. +# You can configure the behavior using the following environment properties: +# - JAVA_OPTS: JVM options passed to the `java` command (example: "-verbose:class") +# - JAVA_OPTS_APPEND: User specified Java options to be appended to generated options +# in JAVA_OPTS (example: "-Dsome.property=foo") +# - JAVA_MAX_MEM_RATIO: Is used when no `-Xmx` option is given in JAVA_OPTS. This is +# used to calculate a default maximal heap memory based on a containers restriction. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xmx` is set to a ratio +# of the container available memory as set here. The default is `50` which means 50% +# of the available memory is used as an upper boundary. You can skip this mechanism by +# setting this value to `0` in which case no `-Xmx` option is added. +# - JAVA_INITIAL_MEM_RATIO: Is used when no `-Xms` option is given in JAVA_OPTS. This +# is used to calculate a default initial heap memory based on the maximum heap memory. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xms` is set to a ratio +# of the `-Xmx` memory as set here. The default is `25` which means 25% of the `-Xmx` +# is used as the initial heap size. You can skip this mechanism by setting this value +# to `0` in which case no `-Xms` option is added (example: "25") +# - JAVA_MAX_INITIAL_MEM: Is used when no `-Xms` option is given in JAVA_OPTS. +# This is used to calculate the maximum value of the initial heap memory. If used in +# a container without any memory constraints for the container then this option has +# no effect. If there is a memory constraint then `-Xms` is limited to the value set +# here. The default is 4096MB which means the calculated value of `-Xms` never will +# be greater than 4096MB. The value of this variable is expressed in MB (example: "4096") +# - JAVA_DIAGNOSTICS: Set this to get some diagnostics information to standard output +# when things are happening. This option, if set to true, will set +# `-XX:+UnlockDiagnosticVMOptions`. Disabled by default (example: "true"). +# - JAVA_DEBUG: If set remote debugging will be switched on. Disabled by default (example: +# true"). +# - JAVA_DEBUG_PORT: Port used for remote debugging. Defaults to 5005 (example: "8787"). +# - CONTAINER_CORE_LIMIT: A calculated core limit as described in +# https://www.kernel.org/doc/Documentation/scheduler/sched-bwc.txt. (example: "2") +# - CONTAINER_MAX_MEMORY: Memory limit given to the container (example: "1024"). +# - GC_MIN_HEAP_FREE_RATIO: Minimum percentage of heap free after GC to avoid expansion. +# (example: "20") +# - GC_MAX_HEAP_FREE_RATIO: Maximum percentage of heap free after GC to avoid shrinking. +# (example: "40") +# - GC_TIME_RATIO: Specifies the ratio of the time spent outside the garbage collection. +# (example: "4") +# - GC_ADAPTIVE_SIZE_POLICY_WEIGHT: The weighting given to the current GC time versus +# previous GC times. (example: "90") +# - GC_METASPACE_SIZE: The initial metaspace size. (example: "20") +# - GC_MAX_METASPACE_SIZE: The maximum metaspace size. (example: "100") +# - GC_CONTAINER_OPTIONS: Specify Java GC to use. The value of this variable should +# contain the necessary JRE command-line options to specify the required GC, which +# will override the default of `-XX:+UseParallelGC` (example: -XX:+UseG1GC). +# - HTTPS_PROXY: The location of the https proxy. (example: "myuser@127.0.0.1:8080") +# - HTTP_PROXY: The location of the http proxy. (example: "myuser@127.0.0.1:8080") +# - NO_PROXY: A comma separated lists of hosts, IP addresses or domains that can be +# accessed directly. (example: "foo.example.com,bar.example.com") # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/openjdk-11:1.14 + +ENV LANGUAGE='en_US:en' -ARG JAVA_PACKAGE=java-11-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.8 -ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' -# Install java and the run-java script -# Also set up permissions for user `1001` -RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ - && microdnf update \ - && microdnf clean all \ - && mkdir /deployments \ - && chown 1001 /deployments \ - && chmod "g+rwX" /deployments \ - && chown 1001:root /deployments \ - && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ - && chown 1001 /deployments/run-java.sh \ - && chmod 540 /deployments/run-java.sh \ - && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security -# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. -ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" COPY target/lib/* /deployments/lib/ -COPY target/*-runner.jar /deployments/app.jar +COPY target/*-runner.jar /deployments/quarkus-run.jar EXPOSE 8080 -USER 1001 - -ENTRYPOINT [ "/deployments/run-java.sh" ] +USER 185 +ENV AB_JOLOKIA_OFF="" +ENV JAVA_OPTS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +ENV JAVA_APP_JAR="/deployments/quarkus-run.jar" diff --git a/reactive-messaging-http-quickstart/src/main/docker/Dockerfile.native b/reactive-messaging-http-quickstart/src/main/docker/Dockerfile.native index 338cbe55f4..e265d0a150 100644 --- a/reactive-messaging-http-quickstart/src/main/docker/Dockerfile.native +++ b/reactive-messaging-http-quickstart/src/main/docker/Dockerfile.native @@ -1,5 +1,5 @@ #### -# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode. # # Before building the container image run: # @@ -7,14 +7,14 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native -t quarkus/reactive-messaging-http . +# docker build -f src/main/docker/Dockerfile.native -t quarkus/reactive-messaging-http-quickstart . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/reactive-messaging-http +# docker run -i --rm -p 8080:8080 quarkus/reactive-messaging-http-quickstart # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.6 WORKDIR /work/ RUN chown 1001 /work \ && chmod "g+rwX" /work \ diff --git a/reactive-messaging-http-quickstart/src/main/docker/Dockerfile.native-micro b/reactive-messaging-http-quickstart/src/main/docker/Dockerfile.native-micro index a3dd488a3b..3ffa1c72a5 100644 --- a/reactive-messaging-http-quickstart/src/main/docker/Dockerfile.native-micro +++ b/reactive-messaging-http-quickstart/src/main/docker/Dockerfile.native-micro @@ -1,5 +1,8 @@ #### -# This Dockerfile is used in order to build a distroless container that runs the Quarkus application in native (no JVM) mode +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode. +# It uses a micro base image, tuned for Quarkus native executables. +# It reduces the size of the resulting container image. +# Check https://quarkus.io/guides/quarkus-runtime-base-image for further information about this image. # # Before building the container image run: # @@ -7,15 +10,19 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native-micro -t quarkus/reactive-messaging-http . +# docker build -f src/main/docker/Dockerfile.native-micro -t quarkus/reactive-messaging-http-quickstart . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/reactive-messaging-http +# docker run -i --rm -p 8080:8080 quarkus/reactive-messaging-http-quickstart # ### -FROM quay.io/quarkus/quarkus-micro-image:1.0 -COPY target/*-runner /application +FROM quay.io/quarkus/quarkus-micro-image:2.0 +WORKDIR /work/ +RUN chown 1001 /work \ + && chmod "g+rwX" /work \ + && chown 1001:root /work +COPY --chown=1001:root target/*-runner /work/application EXPOSE 8080 USER 1001 diff --git a/reactive-messaging-websockets-quickstart/pom.xml b/reactive-messaging-websockets-quickstart/pom.xml index 5a105a97d9..af11e04f65 100644 --- a/reactive-messaging-websockets-quickstart/pom.xml +++ b/reactive-messaging-websockets-quickstart/pom.xml @@ -21,7 +21,7 @@ UTF-8 quarkus-bom io.quarkus - 999-SNAPSHOT + 2.14.0.Final 3.0.0-M7 diff --git a/reactive-messaging-websockets-quickstart/src/main/docker/Dockerfile.jvm b/reactive-messaging-websockets-quickstart/src/main/docker/Dockerfile.jvm index f970d873f4..f963745bea 100644 --- a/reactive-messaging-websockets-quickstart/src/main/docker/Dockerfile.jvm +++ b/reactive-messaging-websockets-quickstart/src/main/docker/Dockerfile.jvm @@ -7,48 +7,88 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/reactive-messaging-http-jvm . +# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/reactive-messaging-websockets-quickstart-jvm . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/reactive-messaging-http-jvm +# docker run -i --rm -p 8080:8080 quarkus/reactive-messaging-websockets-quickstart-jvm # # If you want to include the debug port into your docker image -# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5005 # # Then run the container using : # -# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/reactive-messaging-http-jvm +# docker run -i --rm -p 8080:8080 quarkus/reactive-messaging-websockets-quickstart-jvm +# +# This image uses the `run-java.sh` script to run the application. +# This scripts computes the command line to execute your Java application, and +# includes memory/GC tuning. +# You can configure the behavior using the following environment properties: +# - JAVA_OPTS: JVM options passed to the `java` command (example: "-verbose:class") +# - JAVA_OPTS_APPEND: User specified Java options to be appended to generated options +# in JAVA_OPTS (example: "-Dsome.property=foo") +# - JAVA_MAX_MEM_RATIO: Is used when no `-Xmx` option is given in JAVA_OPTS. This is +# used to calculate a default maximal heap memory based on a containers restriction. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xmx` is set to a ratio +# of the container available memory as set here. The default is `50` which means 50% +# of the available memory is used as an upper boundary. You can skip this mechanism by +# setting this value to `0` in which case no `-Xmx` option is added. +# - JAVA_INITIAL_MEM_RATIO: Is used when no `-Xms` option is given in JAVA_OPTS. This +# is used to calculate a default initial heap memory based on the maximum heap memory. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xms` is set to a ratio +# of the `-Xmx` memory as set here. The default is `25` which means 25% of the `-Xmx` +# is used as the initial heap size. You can skip this mechanism by setting this value +# to `0` in which case no `-Xms` option is added (example: "25") +# - JAVA_MAX_INITIAL_MEM: Is used when no `-Xms` option is given in JAVA_OPTS. +# This is used to calculate the maximum value of the initial heap memory. If used in +# a container without any memory constraints for the container then this option has +# no effect. If there is a memory constraint then `-Xms` is limited to the value set +# here. The default is 4096MB which means the calculated value of `-Xms` never will +# be greater than 4096MB. The value of this variable is expressed in MB (example: "4096") +# - JAVA_DIAGNOSTICS: Set this to get some diagnostics information to standard output +# when things are happening. This option, if set to true, will set +# `-XX:+UnlockDiagnosticVMOptions`. Disabled by default (example: "true"). +# - JAVA_DEBUG: If set remote debugging will be switched on. Disabled by default (example: +# true"). +# - JAVA_DEBUG_PORT: Port used for remote debugging. Defaults to 5005 (example: "8787"). +# - CONTAINER_CORE_LIMIT: A calculated core limit as described in +# https://www.kernel.org/doc/Documentation/scheduler/sched-bwc.txt. (example: "2") +# - CONTAINER_MAX_MEMORY: Memory limit given to the container (example: "1024"). +# - GC_MIN_HEAP_FREE_RATIO: Minimum percentage of heap free after GC to avoid expansion. +# (example: "20") +# - GC_MAX_HEAP_FREE_RATIO: Maximum percentage of heap free after GC to avoid shrinking. +# (example: "40") +# - GC_TIME_RATIO: Specifies the ratio of the time spent outside the garbage collection. +# (example: "4") +# - GC_ADAPTIVE_SIZE_POLICY_WEIGHT: The weighting given to the current GC time versus +# previous GC times. (example: "90") +# - GC_METASPACE_SIZE: The initial metaspace size. (example: "20") +# - GC_MAX_METASPACE_SIZE: The maximum metaspace size. (example: "100") +# - GC_CONTAINER_OPTIONS: Specify Java GC to use. The value of this variable should +# contain the necessary JRE command-line options to specify the required GC, which +# will override the default of `-XX:+UseParallelGC` (example: -XX:+UseG1GC). +# - HTTPS_PROXY: The location of the https proxy. (example: "myuser@127.0.0.1:8080") +# - HTTP_PROXY: The location of the http proxy. (example: "myuser@127.0.0.1:8080") +# - NO_PROXY: A comma separated lists of hosts, IP addresses or domains that can be +# accessed directly. (example: "foo.example.com,bar.example.com") # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/openjdk-11:1.14 + +ENV LANGUAGE='en_US:en' -ARG JAVA_PACKAGE=java-11-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.8 -ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' -# Install java and the run-java script -# Also set up permissions for user `1001` -RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ - && microdnf update \ - && microdnf clean all \ - && mkdir /deployments \ - && chown 1001 /deployments \ - && chmod "g+rwX" /deployments \ - && chown 1001:root /deployments \ - && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ - && chown 1001 /deployments/run-java.sh \ - && chmod 540 /deployments/run-java.sh \ - && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security -# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. -ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" # We make four distinct layers so if there are application changes the library layers can be re-used -COPY --chown=1001 target/quarkus-app/lib/ /deployments/lib/ -COPY --chown=1001 target/quarkus-app/*.jar /deployments/ -COPY --chown=1001 target/quarkus-app/app/ /deployments/app/ -COPY --chown=1001 target/quarkus-app/quarkus/ /deployments/quarkus/ +COPY --chown=185 target/quarkus-app/lib/ /deployments/lib/ +COPY --chown=185 target/quarkus-app/*.jar /deployments/ +COPY --chown=185 target/quarkus-app/app/ /deployments/app/ +COPY --chown=185 target/quarkus-app/quarkus/ /deployments/quarkus/ EXPOSE 8080 -USER 1001 +USER 185 +ENV AB_JOLOKIA_OFF="" +ENV JAVA_OPTS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +ENV JAVA_APP_JAR="/deployments/quarkus-run.jar" -ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/reactive-messaging-websockets-quickstart/src/main/docker/Dockerfile.legacy-jar b/reactive-messaging-websockets-quickstart/src/main/docker/Dockerfile.legacy-jar index a5240adb20..b339907985 100644 --- a/reactive-messaging-websockets-quickstart/src/main/docker/Dockerfile.legacy-jar +++ b/reactive-messaging-websockets-quickstart/src/main/docker/Dockerfile.legacy-jar @@ -7,45 +7,84 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/reactive-messaging-http-legacy-jar . +# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/reactive-messaging-websockets-quickstart-legacy-jar . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/reactive-messaging-http-legacy-jar +# docker run -i --rm -p 8080:8080 quarkus/reactive-messaging-websockets-quickstart-legacy-jar # # If you want to include the debug port into your docker image -# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5005 # # Then run the container using : # -# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/reactive-messaging-http-legacy-jar +# docker run -i --rm -p 8080:8080 quarkus/reactive-messaging-websockets-quickstart-legacy-jar +# +# This image uses the `run-java.sh` script to run the application. +# This scripts computes the command line to execute your Java application, and +# includes memory/GC tuning. +# You can configure the behavior using the following environment properties: +# - JAVA_OPTS: JVM options passed to the `java` command (example: "-verbose:class") +# - JAVA_OPTS_APPEND: User specified Java options to be appended to generated options +# in JAVA_OPTS (example: "-Dsome.property=foo") +# - JAVA_MAX_MEM_RATIO: Is used when no `-Xmx` option is given in JAVA_OPTS. This is +# used to calculate a default maximal heap memory based on a containers restriction. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xmx` is set to a ratio +# of the container available memory as set here. The default is `50` which means 50% +# of the available memory is used as an upper boundary. You can skip this mechanism by +# setting this value to `0` in which case no `-Xmx` option is added. +# - JAVA_INITIAL_MEM_RATIO: Is used when no `-Xms` option is given in JAVA_OPTS. This +# is used to calculate a default initial heap memory based on the maximum heap memory. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xms` is set to a ratio +# of the `-Xmx` memory as set here. The default is `25` which means 25% of the `-Xmx` +# is used as the initial heap size. You can skip this mechanism by setting this value +# to `0` in which case no `-Xms` option is added (example: "25") +# - JAVA_MAX_INITIAL_MEM: Is used when no `-Xms` option is given in JAVA_OPTS. +# This is used to calculate the maximum value of the initial heap memory. If used in +# a container without any memory constraints for the container then this option has +# no effect. If there is a memory constraint then `-Xms` is limited to the value set +# here. The default is 4096MB which means the calculated value of `-Xms` never will +# be greater than 4096MB. The value of this variable is expressed in MB (example: "4096") +# - JAVA_DIAGNOSTICS: Set this to get some diagnostics information to standard output +# when things are happening. This option, if set to true, will set +# `-XX:+UnlockDiagnosticVMOptions`. Disabled by default (example: "true"). +# - JAVA_DEBUG: If set remote debugging will be switched on. Disabled by default (example: +# true"). +# - JAVA_DEBUG_PORT: Port used for remote debugging. Defaults to 5005 (example: "8787"). +# - CONTAINER_CORE_LIMIT: A calculated core limit as described in +# https://www.kernel.org/doc/Documentation/scheduler/sched-bwc.txt. (example: "2") +# - CONTAINER_MAX_MEMORY: Memory limit given to the container (example: "1024"). +# - GC_MIN_HEAP_FREE_RATIO: Minimum percentage of heap free after GC to avoid expansion. +# (example: "20") +# - GC_MAX_HEAP_FREE_RATIO: Maximum percentage of heap free after GC to avoid shrinking. +# (example: "40") +# - GC_TIME_RATIO: Specifies the ratio of the time spent outside the garbage collection. +# (example: "4") +# - GC_ADAPTIVE_SIZE_POLICY_WEIGHT: The weighting given to the current GC time versus +# previous GC times. (example: "90") +# - GC_METASPACE_SIZE: The initial metaspace size. (example: "20") +# - GC_MAX_METASPACE_SIZE: The maximum metaspace size. (example: "100") +# - GC_CONTAINER_OPTIONS: Specify Java GC to use. The value of this variable should +# contain the necessary JRE command-line options to specify the required GC, which +# will override the default of `-XX:+UseParallelGC` (example: -XX:+UseG1GC). +# - HTTPS_PROXY: The location of the https proxy. (example: "myuser@127.0.0.1:8080") +# - HTTP_PROXY: The location of the http proxy. (example: "myuser@127.0.0.1:8080") +# - NO_PROXY: A comma separated lists of hosts, IP addresses or domains that can be +# accessed directly. (example: "foo.example.com,bar.example.com") # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/openjdk-11:1.14 + +ENV LANGUAGE='en_US:en' -ARG JAVA_PACKAGE=java-11-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.8 -ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' -# Install java and the run-java script -# Also set up permissions for user `1001` -RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ - && microdnf update \ - && microdnf clean all \ - && mkdir /deployments \ - && chown 1001 /deployments \ - && chmod "g+rwX" /deployments \ - && chown 1001:root /deployments \ - && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ - && chown 1001 /deployments/run-java.sh \ - && chmod 540 /deployments/run-java.sh \ - && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security -# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. -ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" COPY target/lib/* /deployments/lib/ -COPY target/*-runner.jar /deployments/app.jar +COPY target/*-runner.jar /deployments/quarkus-run.jar EXPOSE 8080 -USER 1001 - -ENTRYPOINT [ "/deployments/run-java.sh" ] +USER 185 +ENV AB_JOLOKIA_OFF="" +ENV JAVA_OPTS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +ENV JAVA_APP_JAR="/deployments/quarkus-run.jar" diff --git a/reactive-messaging-websockets-quickstart/src/main/docker/Dockerfile.native b/reactive-messaging-websockets-quickstart/src/main/docker/Dockerfile.native index 338cbe55f4..c74ad715af 100644 --- a/reactive-messaging-websockets-quickstart/src/main/docker/Dockerfile.native +++ b/reactive-messaging-websockets-quickstart/src/main/docker/Dockerfile.native @@ -1,5 +1,5 @@ #### -# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode. # # Before building the container image run: # @@ -7,14 +7,14 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native -t quarkus/reactive-messaging-http . +# docker build -f src/main/docker/Dockerfile.native -t quarkus/reactive-messaging-websockets-quickstart . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/reactive-messaging-http +# docker run -i --rm -p 8080:8080 quarkus/reactive-messaging-websockets-quickstart # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.6 WORKDIR /work/ RUN chown 1001 /work \ && chmod "g+rwX" /work \ diff --git a/reactive-messaging-websockets-quickstart/src/main/docker/Dockerfile.native-micro b/reactive-messaging-websockets-quickstart/src/main/docker/Dockerfile.native-micro index a3dd488a3b..fbb82d9221 100644 --- a/reactive-messaging-websockets-quickstart/src/main/docker/Dockerfile.native-micro +++ b/reactive-messaging-websockets-quickstart/src/main/docker/Dockerfile.native-micro @@ -1,5 +1,8 @@ #### -# This Dockerfile is used in order to build a distroless container that runs the Quarkus application in native (no JVM) mode +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode. +# It uses a micro base image, tuned for Quarkus native executables. +# It reduces the size of the resulting container image. +# Check https://quarkus.io/guides/quarkus-runtime-base-image for further information about this image. # # Before building the container image run: # @@ -7,15 +10,19 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native-micro -t quarkus/reactive-messaging-http . +# docker build -f src/main/docker/Dockerfile.native-micro -t quarkus/reactive-messaging-websockets-quickstart . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/reactive-messaging-http +# docker run -i --rm -p 8080:8080 quarkus/reactive-messaging-websockets-quickstart # ### -FROM quay.io/quarkus/quarkus-micro-image:1.0 -COPY target/*-runner /application +FROM quay.io/quarkus/quarkus-micro-image:2.0 +WORKDIR /work/ +RUN chown 1001 /work \ + && chmod "g+rwX" /work \ + && chown 1001:root /work +COPY --chown=1001:root target/*-runner /work/application EXPOSE 8080 USER 1001 diff --git a/reactive-routes-quickstart/pom.xml b/reactive-routes-quickstart/pom.xml index 72f98501ac..307b8a13e3 100644 --- a/reactive-routes-quickstart/pom.xml +++ b/reactive-routes-quickstart/pom.xml @@ -12,7 +12,7 @@ 3.0.0-M7 quarkus-bom io.quarkus - 999-SNAPSHOT + 2.14.0.Final 11 UTF-8 11 diff --git a/reactive-routes-quickstart/src/main/docker/Dockerfile.jvm b/reactive-routes-quickstart/src/main/docker/Dockerfile.jvm index eb6ceb3f4e..bf4e7d7a63 100644 --- a/reactive-routes-quickstart/src/main/docker/Dockerfile.jvm +++ b/reactive-routes-quickstart/src/main/docker/Dockerfile.jvm @@ -7,48 +7,88 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/reactive-routes-jvm . +# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/reactive-routes-quickstart-jvm . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/reactive-routes-jvm +# docker run -i --rm -p 8080:8080 quarkus/reactive-routes-quickstart-jvm # # If you want to include the debug port into your docker image -# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5005 # # Then run the container using : # -# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/reactive-routes-jvm +# docker run -i --rm -p 8080:8080 quarkus/reactive-routes-quickstart-jvm +# +# This image uses the `run-java.sh` script to run the application. +# This scripts computes the command line to execute your Java application, and +# includes memory/GC tuning. +# You can configure the behavior using the following environment properties: +# - JAVA_OPTS: JVM options passed to the `java` command (example: "-verbose:class") +# - JAVA_OPTS_APPEND: User specified Java options to be appended to generated options +# in JAVA_OPTS (example: "-Dsome.property=foo") +# - JAVA_MAX_MEM_RATIO: Is used when no `-Xmx` option is given in JAVA_OPTS. This is +# used to calculate a default maximal heap memory based on a containers restriction. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xmx` is set to a ratio +# of the container available memory as set here. The default is `50` which means 50% +# of the available memory is used as an upper boundary. You can skip this mechanism by +# setting this value to `0` in which case no `-Xmx` option is added. +# - JAVA_INITIAL_MEM_RATIO: Is used when no `-Xms` option is given in JAVA_OPTS. This +# is used to calculate a default initial heap memory based on the maximum heap memory. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xms` is set to a ratio +# of the `-Xmx` memory as set here. The default is `25` which means 25% of the `-Xmx` +# is used as the initial heap size. You can skip this mechanism by setting this value +# to `0` in which case no `-Xms` option is added (example: "25") +# - JAVA_MAX_INITIAL_MEM: Is used when no `-Xms` option is given in JAVA_OPTS. +# This is used to calculate the maximum value of the initial heap memory. If used in +# a container without any memory constraints for the container then this option has +# no effect. If there is a memory constraint then `-Xms` is limited to the value set +# here. The default is 4096MB which means the calculated value of `-Xms` never will +# be greater than 4096MB. The value of this variable is expressed in MB (example: "4096") +# - JAVA_DIAGNOSTICS: Set this to get some diagnostics information to standard output +# when things are happening. This option, if set to true, will set +# `-XX:+UnlockDiagnosticVMOptions`. Disabled by default (example: "true"). +# - JAVA_DEBUG: If set remote debugging will be switched on. Disabled by default (example: +# true"). +# - JAVA_DEBUG_PORT: Port used for remote debugging. Defaults to 5005 (example: "8787"). +# - CONTAINER_CORE_LIMIT: A calculated core limit as described in +# https://www.kernel.org/doc/Documentation/scheduler/sched-bwc.txt. (example: "2") +# - CONTAINER_MAX_MEMORY: Memory limit given to the container (example: "1024"). +# - GC_MIN_HEAP_FREE_RATIO: Minimum percentage of heap free after GC to avoid expansion. +# (example: "20") +# - GC_MAX_HEAP_FREE_RATIO: Maximum percentage of heap free after GC to avoid shrinking. +# (example: "40") +# - GC_TIME_RATIO: Specifies the ratio of the time spent outside the garbage collection. +# (example: "4") +# - GC_ADAPTIVE_SIZE_POLICY_WEIGHT: The weighting given to the current GC time versus +# previous GC times. (example: "90") +# - GC_METASPACE_SIZE: The initial metaspace size. (example: "20") +# - GC_MAX_METASPACE_SIZE: The maximum metaspace size. (example: "100") +# - GC_CONTAINER_OPTIONS: Specify Java GC to use. The value of this variable should +# contain the necessary JRE command-line options to specify the required GC, which +# will override the default of `-XX:+UseParallelGC` (example: -XX:+UseG1GC). +# - HTTPS_PROXY: The location of the https proxy. (example: "myuser@127.0.0.1:8080") +# - HTTP_PROXY: The location of the http proxy. (example: "myuser@127.0.0.1:8080") +# - NO_PROXY: A comma separated lists of hosts, IP addresses or domains that can be +# accessed directly. (example: "foo.example.com,bar.example.com") # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/openjdk-11:1.14 + +ENV LANGUAGE='en_US:en' -ARG JAVA_PACKAGE=java-11-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.8 -ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' -# Install java and the run-java script -# Also set up permissions for user `1001` -RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ - && microdnf update \ - && microdnf clean all \ - && mkdir /deployments \ - && chown 1001 /deployments \ - && chmod "g+rwX" /deployments \ - && chown 1001:root /deployments \ - && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ - && chown 1001 /deployments/run-java.sh \ - && chmod 540 /deployments/run-java.sh \ - && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security -# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. -ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" # We make four distinct layers so if there are application changes the library layers can be re-used -COPY --chown=1001 target/quarkus-app/lib/ /deployments/lib/ -COPY --chown=1001 target/quarkus-app/*.jar /deployments/ -COPY --chown=1001 target/quarkus-app/app/ /deployments/app/ -COPY --chown=1001 target/quarkus-app/quarkus/ /deployments/quarkus/ +COPY --chown=185 target/quarkus-app/lib/ /deployments/lib/ +COPY --chown=185 target/quarkus-app/*.jar /deployments/ +COPY --chown=185 target/quarkus-app/app/ /deployments/app/ +COPY --chown=185 target/quarkus-app/quarkus/ /deployments/quarkus/ EXPOSE 8080 -USER 1001 +USER 185 +ENV AB_JOLOKIA_OFF="" +ENV JAVA_OPTS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +ENV JAVA_APP_JAR="/deployments/quarkus-run.jar" -ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/reactive-routes-quickstart/src/main/docker/Dockerfile.legacy-jar b/reactive-routes-quickstart/src/main/docker/Dockerfile.legacy-jar index 15e8537487..2843fc6f3a 100644 --- a/reactive-routes-quickstart/src/main/docker/Dockerfile.legacy-jar +++ b/reactive-routes-quickstart/src/main/docker/Dockerfile.legacy-jar @@ -7,45 +7,84 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/reactive-routes-legacy-jar . +# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/reactive-routes-quickstart-legacy-jar . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/reactive-routes-legacy-jar +# docker run -i --rm -p 8080:8080 quarkus/reactive-routes-quickstart-legacy-jar # # If you want to include the debug port into your docker image -# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5005 # # Then run the container using : # -# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/reactive-routes-legacy-jar +# docker run -i --rm -p 8080:8080 quarkus/reactive-routes-quickstart-legacy-jar +# +# This image uses the `run-java.sh` script to run the application. +# This scripts computes the command line to execute your Java application, and +# includes memory/GC tuning. +# You can configure the behavior using the following environment properties: +# - JAVA_OPTS: JVM options passed to the `java` command (example: "-verbose:class") +# - JAVA_OPTS_APPEND: User specified Java options to be appended to generated options +# in JAVA_OPTS (example: "-Dsome.property=foo") +# - JAVA_MAX_MEM_RATIO: Is used when no `-Xmx` option is given in JAVA_OPTS. This is +# used to calculate a default maximal heap memory based on a containers restriction. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xmx` is set to a ratio +# of the container available memory as set here. The default is `50` which means 50% +# of the available memory is used as an upper boundary. You can skip this mechanism by +# setting this value to `0` in which case no `-Xmx` option is added. +# - JAVA_INITIAL_MEM_RATIO: Is used when no `-Xms` option is given in JAVA_OPTS. This +# is used to calculate a default initial heap memory based on the maximum heap memory. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xms` is set to a ratio +# of the `-Xmx` memory as set here. The default is `25` which means 25% of the `-Xmx` +# is used as the initial heap size. You can skip this mechanism by setting this value +# to `0` in which case no `-Xms` option is added (example: "25") +# - JAVA_MAX_INITIAL_MEM: Is used when no `-Xms` option is given in JAVA_OPTS. +# This is used to calculate the maximum value of the initial heap memory. If used in +# a container without any memory constraints for the container then this option has +# no effect. If there is a memory constraint then `-Xms` is limited to the value set +# here. The default is 4096MB which means the calculated value of `-Xms` never will +# be greater than 4096MB. The value of this variable is expressed in MB (example: "4096") +# - JAVA_DIAGNOSTICS: Set this to get some diagnostics information to standard output +# when things are happening. This option, if set to true, will set +# `-XX:+UnlockDiagnosticVMOptions`. Disabled by default (example: "true"). +# - JAVA_DEBUG: If set remote debugging will be switched on. Disabled by default (example: +# true"). +# - JAVA_DEBUG_PORT: Port used for remote debugging. Defaults to 5005 (example: "8787"). +# - CONTAINER_CORE_LIMIT: A calculated core limit as described in +# https://www.kernel.org/doc/Documentation/scheduler/sched-bwc.txt. (example: "2") +# - CONTAINER_MAX_MEMORY: Memory limit given to the container (example: "1024"). +# - GC_MIN_HEAP_FREE_RATIO: Minimum percentage of heap free after GC to avoid expansion. +# (example: "20") +# - GC_MAX_HEAP_FREE_RATIO: Maximum percentage of heap free after GC to avoid shrinking. +# (example: "40") +# - GC_TIME_RATIO: Specifies the ratio of the time spent outside the garbage collection. +# (example: "4") +# - GC_ADAPTIVE_SIZE_POLICY_WEIGHT: The weighting given to the current GC time versus +# previous GC times. (example: "90") +# - GC_METASPACE_SIZE: The initial metaspace size. (example: "20") +# - GC_MAX_METASPACE_SIZE: The maximum metaspace size. (example: "100") +# - GC_CONTAINER_OPTIONS: Specify Java GC to use. The value of this variable should +# contain the necessary JRE command-line options to specify the required GC, which +# will override the default of `-XX:+UseParallelGC` (example: -XX:+UseG1GC). +# - HTTPS_PROXY: The location of the https proxy. (example: "myuser@127.0.0.1:8080") +# - HTTP_PROXY: The location of the http proxy. (example: "myuser@127.0.0.1:8080") +# - NO_PROXY: A comma separated lists of hosts, IP addresses or domains that can be +# accessed directly. (example: "foo.example.com,bar.example.com") # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/openjdk-11:1.14 + +ENV LANGUAGE='en_US:en' -ARG JAVA_PACKAGE=java-11-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.8 -ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' -# Install java and the run-java script -# Also set up permissions for user `1001` -RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ - && microdnf update \ - && microdnf clean all \ - && mkdir /deployments \ - && chown 1001 /deployments \ - && chmod "g+rwX" /deployments \ - && chown 1001:root /deployments \ - && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ - && chown 1001 /deployments/run-java.sh \ - && chmod 540 /deployments/run-java.sh \ - && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security -# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. -ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" COPY target/lib/* /deployments/lib/ -COPY target/*-runner.jar /deployments/app.jar +COPY target/*-runner.jar /deployments/quarkus-run.jar EXPOSE 8080 -USER 1001 - -ENTRYPOINT [ "/deployments/run-java.sh" ] +USER 185 +ENV AB_JOLOKIA_OFF="" +ENV JAVA_OPTS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +ENV JAVA_APP_JAR="/deployments/quarkus-run.jar" diff --git a/reactive-routes-quickstart/src/main/docker/Dockerfile.native b/reactive-routes-quickstart/src/main/docker/Dockerfile.native index 98782414d1..5a85240acf 100644 --- a/reactive-routes-quickstart/src/main/docker/Dockerfile.native +++ b/reactive-routes-quickstart/src/main/docker/Dockerfile.native @@ -1,5 +1,5 @@ #### -# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode. # # Before building the container image run: # @@ -7,14 +7,14 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native -t quarkus/reactive-routes . +# docker build -f src/main/docker/Dockerfile.native -t quarkus/reactive-routes-quickstart . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/reactive-routes +# docker run -i --rm -p 8080:8080 quarkus/reactive-routes-quickstart # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.6 WORKDIR /work/ RUN chown 1001 /work \ && chmod "g+rwX" /work \ diff --git a/reactive-routes-quickstart/src/main/docker/Dockerfile.native-micro b/reactive-routes-quickstart/src/main/docker/Dockerfile.native-micro index b51cd406b2..034fb9bf7a 100644 --- a/reactive-routes-quickstart/src/main/docker/Dockerfile.native-micro +++ b/reactive-routes-quickstart/src/main/docker/Dockerfile.native-micro @@ -1,5 +1,8 @@ #### -# This Dockerfile is used in order to build a distroless container that runs the Quarkus application in native (no JVM) mode +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode. +# It uses a micro base image, tuned for Quarkus native executables. +# It reduces the size of the resulting container image. +# Check https://quarkus.io/guides/quarkus-runtime-base-image for further information about this image. # # Before building the container image run: # @@ -7,15 +10,19 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native-micro -t quarkus/reactive-routes . +# docker build -f src/main/docker/Dockerfile.native-micro -t quarkus/reactive-routes-quickstart . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/reactive-routes +# docker run -i --rm -p 8080:8080 quarkus/reactive-routes-quickstart # ### -FROM quay.io/quarkus/quarkus-micro-image:1.0 -COPY target/*-runner /application +FROM quay.io/quarkus/quarkus-micro-image:2.0 +WORKDIR /work/ +RUN chown 1001 /work \ + && chmod "g+rwX" /work \ + && chown 1001:root /work +COPY --chown=1001:root target/*-runner /work/application EXPOSE 8080 USER 1001 diff --git a/redis-quickstart/pom.xml b/redis-quickstart/pom.xml index 3301d2a673..31515b86f7 100644 --- a/redis-quickstart/pom.xml +++ b/redis-quickstart/pom.xml @@ -9,7 +9,7 @@ quarkus-bom io.quarkus - 999-SNAPSHOT + 2.14.0.Final 3.8.1 3.0.0-M7 0.28.0 diff --git a/redis-quickstart/src/main/docker/Dockerfile.jvm b/redis-quickstart/src/main/docker/Dockerfile.jvm index c7b8efaa6b..a2706ed805 100644 --- a/redis-quickstart/src/main/docker/Dockerfile.jvm +++ b/redis-quickstart/src/main/docker/Dockerfile.jvm @@ -7,48 +7,88 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/redis-jvm . +# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/redis-quickstart-jvm . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/redis-jvm +# docker run -i --rm -p 8080:8080 quarkus/redis-quickstart-jvm # # If you want to include the debug port into your docker image -# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5005 # # Then run the container using : # -# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/redis-jvm +# docker run -i --rm -p 8080:8080 quarkus/redis-quickstart-jvm +# +# This image uses the `run-java.sh` script to run the application. +# This scripts computes the command line to execute your Java application, and +# includes memory/GC tuning. +# You can configure the behavior using the following environment properties: +# - JAVA_OPTS: JVM options passed to the `java` command (example: "-verbose:class") +# - JAVA_OPTS_APPEND: User specified Java options to be appended to generated options +# in JAVA_OPTS (example: "-Dsome.property=foo") +# - JAVA_MAX_MEM_RATIO: Is used when no `-Xmx` option is given in JAVA_OPTS. This is +# used to calculate a default maximal heap memory based on a containers restriction. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xmx` is set to a ratio +# of the container available memory as set here. The default is `50` which means 50% +# of the available memory is used as an upper boundary. You can skip this mechanism by +# setting this value to `0` in which case no `-Xmx` option is added. +# - JAVA_INITIAL_MEM_RATIO: Is used when no `-Xms` option is given in JAVA_OPTS. This +# is used to calculate a default initial heap memory based on the maximum heap memory. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xms` is set to a ratio +# of the `-Xmx` memory as set here. The default is `25` which means 25% of the `-Xmx` +# is used as the initial heap size. You can skip this mechanism by setting this value +# to `0` in which case no `-Xms` option is added (example: "25") +# - JAVA_MAX_INITIAL_MEM: Is used when no `-Xms` option is given in JAVA_OPTS. +# This is used to calculate the maximum value of the initial heap memory. If used in +# a container without any memory constraints for the container then this option has +# no effect. If there is a memory constraint then `-Xms` is limited to the value set +# here. The default is 4096MB which means the calculated value of `-Xms` never will +# be greater than 4096MB. The value of this variable is expressed in MB (example: "4096") +# - JAVA_DIAGNOSTICS: Set this to get some diagnostics information to standard output +# when things are happening. This option, if set to true, will set +# `-XX:+UnlockDiagnosticVMOptions`. Disabled by default (example: "true"). +# - JAVA_DEBUG: If set remote debugging will be switched on. Disabled by default (example: +# true"). +# - JAVA_DEBUG_PORT: Port used for remote debugging. Defaults to 5005 (example: "8787"). +# - CONTAINER_CORE_LIMIT: A calculated core limit as described in +# https://www.kernel.org/doc/Documentation/scheduler/sched-bwc.txt. (example: "2") +# - CONTAINER_MAX_MEMORY: Memory limit given to the container (example: "1024"). +# - GC_MIN_HEAP_FREE_RATIO: Minimum percentage of heap free after GC to avoid expansion. +# (example: "20") +# - GC_MAX_HEAP_FREE_RATIO: Maximum percentage of heap free after GC to avoid shrinking. +# (example: "40") +# - GC_TIME_RATIO: Specifies the ratio of the time spent outside the garbage collection. +# (example: "4") +# - GC_ADAPTIVE_SIZE_POLICY_WEIGHT: The weighting given to the current GC time versus +# previous GC times. (example: "90") +# - GC_METASPACE_SIZE: The initial metaspace size. (example: "20") +# - GC_MAX_METASPACE_SIZE: The maximum metaspace size. (example: "100") +# - GC_CONTAINER_OPTIONS: Specify Java GC to use. The value of this variable should +# contain the necessary JRE command-line options to specify the required GC, which +# will override the default of `-XX:+UseParallelGC` (example: -XX:+UseG1GC). +# - HTTPS_PROXY: The location of the https proxy. (example: "myuser@127.0.0.1:8080") +# - HTTP_PROXY: The location of the http proxy. (example: "myuser@127.0.0.1:8080") +# - NO_PROXY: A comma separated lists of hosts, IP addresses or domains that can be +# accessed directly. (example: "foo.example.com,bar.example.com") # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/openjdk-11:1.14 + +ENV LANGUAGE='en_US:en' -ARG JAVA_PACKAGE=java-11-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.8 -ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' -# Install java and the run-java script -# Also set up permissions for user `1001` -RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ - && microdnf update \ - && microdnf clean all \ - && mkdir /deployments \ - && chown 1001 /deployments \ - && chmod "g+rwX" /deployments \ - && chown 1001:root /deployments \ - && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ - && chown 1001 /deployments/run-java.sh \ - && chmod 540 /deployments/run-java.sh \ - && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security -# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. -ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" # We make four distinct layers so if there are application changes the library layers can be re-used -COPY --chown=1001 target/quarkus-app/lib/ /deployments/lib/ -COPY --chown=1001 target/quarkus-app/*.jar /deployments/ -COPY --chown=1001 target/quarkus-app/app/ /deployments/app/ -COPY --chown=1001 target/quarkus-app/quarkus/ /deployments/quarkus/ +COPY --chown=185 target/quarkus-app/lib/ /deployments/lib/ +COPY --chown=185 target/quarkus-app/*.jar /deployments/ +COPY --chown=185 target/quarkus-app/app/ /deployments/app/ +COPY --chown=185 target/quarkus-app/quarkus/ /deployments/quarkus/ EXPOSE 8080 -USER 1001 +USER 185 +ENV AB_JOLOKIA_OFF="" +ENV JAVA_OPTS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +ENV JAVA_APP_JAR="/deployments/quarkus-run.jar" -ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/redis-quickstart/src/main/docker/Dockerfile.legacy-jar b/redis-quickstart/src/main/docker/Dockerfile.legacy-jar index 45e954dd81..5575a9d247 100644 --- a/redis-quickstart/src/main/docker/Dockerfile.legacy-jar +++ b/redis-quickstart/src/main/docker/Dockerfile.legacy-jar @@ -7,45 +7,84 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/redis-legacy-jar . +# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/redis-quickstart-legacy-jar . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/redis-legacy-jar +# docker run -i --rm -p 8080:8080 quarkus/redis-quickstart-legacy-jar # # If you want to include the debug port into your docker image -# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5005 # # Then run the container using : # -# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/redis-legacy-jar +# docker run -i --rm -p 8080:8080 quarkus/redis-quickstart-legacy-jar +# +# This image uses the `run-java.sh` script to run the application. +# This scripts computes the command line to execute your Java application, and +# includes memory/GC tuning. +# You can configure the behavior using the following environment properties: +# - JAVA_OPTS: JVM options passed to the `java` command (example: "-verbose:class") +# - JAVA_OPTS_APPEND: User specified Java options to be appended to generated options +# in JAVA_OPTS (example: "-Dsome.property=foo") +# - JAVA_MAX_MEM_RATIO: Is used when no `-Xmx` option is given in JAVA_OPTS. This is +# used to calculate a default maximal heap memory based on a containers restriction. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xmx` is set to a ratio +# of the container available memory as set here. The default is `50` which means 50% +# of the available memory is used as an upper boundary. You can skip this mechanism by +# setting this value to `0` in which case no `-Xmx` option is added. +# - JAVA_INITIAL_MEM_RATIO: Is used when no `-Xms` option is given in JAVA_OPTS. This +# is used to calculate a default initial heap memory based on the maximum heap memory. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xms` is set to a ratio +# of the `-Xmx` memory as set here. The default is `25` which means 25% of the `-Xmx` +# is used as the initial heap size. You can skip this mechanism by setting this value +# to `0` in which case no `-Xms` option is added (example: "25") +# - JAVA_MAX_INITIAL_MEM: Is used when no `-Xms` option is given in JAVA_OPTS. +# This is used to calculate the maximum value of the initial heap memory. If used in +# a container without any memory constraints for the container then this option has +# no effect. If there is a memory constraint then `-Xms` is limited to the value set +# here. The default is 4096MB which means the calculated value of `-Xms` never will +# be greater than 4096MB. The value of this variable is expressed in MB (example: "4096") +# - JAVA_DIAGNOSTICS: Set this to get some diagnostics information to standard output +# when things are happening. This option, if set to true, will set +# `-XX:+UnlockDiagnosticVMOptions`. Disabled by default (example: "true"). +# - JAVA_DEBUG: If set remote debugging will be switched on. Disabled by default (example: +# true"). +# - JAVA_DEBUG_PORT: Port used for remote debugging. Defaults to 5005 (example: "8787"). +# - CONTAINER_CORE_LIMIT: A calculated core limit as described in +# https://www.kernel.org/doc/Documentation/scheduler/sched-bwc.txt. (example: "2") +# - CONTAINER_MAX_MEMORY: Memory limit given to the container (example: "1024"). +# - GC_MIN_HEAP_FREE_RATIO: Minimum percentage of heap free after GC to avoid expansion. +# (example: "20") +# - GC_MAX_HEAP_FREE_RATIO: Maximum percentage of heap free after GC to avoid shrinking. +# (example: "40") +# - GC_TIME_RATIO: Specifies the ratio of the time spent outside the garbage collection. +# (example: "4") +# - GC_ADAPTIVE_SIZE_POLICY_WEIGHT: The weighting given to the current GC time versus +# previous GC times. (example: "90") +# - GC_METASPACE_SIZE: The initial metaspace size. (example: "20") +# - GC_MAX_METASPACE_SIZE: The maximum metaspace size. (example: "100") +# - GC_CONTAINER_OPTIONS: Specify Java GC to use. The value of this variable should +# contain the necessary JRE command-line options to specify the required GC, which +# will override the default of `-XX:+UseParallelGC` (example: -XX:+UseG1GC). +# - HTTPS_PROXY: The location of the https proxy. (example: "myuser@127.0.0.1:8080") +# - HTTP_PROXY: The location of the http proxy. (example: "myuser@127.0.0.1:8080") +# - NO_PROXY: A comma separated lists of hosts, IP addresses or domains that can be +# accessed directly. (example: "foo.example.com,bar.example.com") # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/openjdk-11:1.14 + +ENV LANGUAGE='en_US:en' -ARG JAVA_PACKAGE=java-11-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.8 -ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' -# Install java and the run-java script -# Also set up permissions for user `1001` -RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ - && microdnf update \ - && microdnf clean all \ - && mkdir /deployments \ - && chown 1001 /deployments \ - && chmod "g+rwX" /deployments \ - && chown 1001:root /deployments \ - && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ - && chown 1001 /deployments/run-java.sh \ - && chmod 540 /deployments/run-java.sh \ - && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security -# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. -ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" COPY target/lib/* /deployments/lib/ -COPY target/*-runner.jar /deployments/app.jar +COPY target/*-runner.jar /deployments/quarkus-run.jar EXPOSE 8080 -USER 1001 - -ENTRYPOINT [ "/deployments/run-java.sh" ] +USER 185 +ENV AB_JOLOKIA_OFF="" +ENV JAVA_OPTS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +ENV JAVA_APP_JAR="/deployments/quarkus-run.jar" diff --git a/redis-quickstart/src/main/docker/Dockerfile.native b/redis-quickstart/src/main/docker/Dockerfile.native index 861d3c2bf5..7cffefad54 100644 --- a/redis-quickstart/src/main/docker/Dockerfile.native +++ b/redis-quickstart/src/main/docker/Dockerfile.native @@ -1,5 +1,5 @@ #### -# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode. # # Before building the container image run: # @@ -7,14 +7,14 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native -t quarkus/redis . +# docker build -f src/main/docker/Dockerfile.native -t quarkus/redis-quickstart . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/redis +# docker run -i --rm -p 8080:8080 quarkus/redis-quickstart # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.6 WORKDIR /work/ RUN chown 1001 /work \ && chmod "g+rwX" /work \ diff --git a/redis-quickstart/src/main/docker/Dockerfile.native-micro b/redis-quickstart/src/main/docker/Dockerfile.native-micro index c4a07209a3..c328019629 100644 --- a/redis-quickstart/src/main/docker/Dockerfile.native-micro +++ b/redis-quickstart/src/main/docker/Dockerfile.native-micro @@ -1,5 +1,8 @@ #### -# This Dockerfile is used in order to build a distroless container that runs the Quarkus application in native (no JVM) mode +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode. +# It uses a micro base image, tuned for Quarkus native executables. +# It reduces the size of the resulting container image. +# Check https://quarkus.io/guides/quarkus-runtime-base-image for further information about this image. # # Before building the container image run: # @@ -7,15 +10,19 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native-micro -t quarkus/redis . +# docker build -f src/main/docker/Dockerfile.native-micro -t quarkus/redis-quickstart . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/redis +# docker run -i --rm -p 8080:8080 quarkus/redis-quickstart # ### -FROM quay.io/quarkus/quarkus-micro-image:1.0 -COPY target/*-runner /application +FROM quay.io/quarkus/quarkus-micro-image:2.0 +WORKDIR /work/ +RUN chown 1001 /work \ + && chmod "g+rwX" /work \ + && chown 1001:root /work +COPY --chown=1001:root target/*-runner /work/application EXPOSE 8080 USER 1001 diff --git a/rest-client-multipart-quickstart/pom.xml b/rest-client-multipart-quickstart/pom.xml index 06febc11f9..68c7714735 100644 --- a/rest-client-multipart-quickstart/pom.xml +++ b/rest-client-multipart-quickstart/pom.xml @@ -10,7 +10,7 @@ quarkus-bom io.quarkus - 999-SNAPSHOT + 2.14.0.Final 3.8.1 3.0.0-M7 UTF-8 diff --git a/rest-client-multipart-quickstart/src/main/docker/Dockerfile.jvm b/rest-client-multipart-quickstart/src/main/docker/Dockerfile.jvm index 1af46a7ea3..f15ae17097 100644 --- a/rest-client-multipart-quickstart/src/main/docker/Dockerfile.jvm +++ b/rest-client-multipart-quickstart/src/main/docker/Dockerfile.jvm @@ -7,48 +7,88 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/rest-client-multipart-jvm . +# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/rest-client-multipart-quickstart-jvm . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/rest-client-multipart-jvm +# docker run -i --rm -p 8080:8080 quarkus/rest-client-multipart-quickstart-jvm # # If you want to include the debug port into your docker image -# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5005 # # Then run the container using : # -# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/rest-client-multipart-jvm +# docker run -i --rm -p 8080:8080 quarkus/rest-client-multipart-quickstart-jvm +# +# This image uses the `run-java.sh` script to run the application. +# This scripts computes the command line to execute your Java application, and +# includes memory/GC tuning. +# You can configure the behavior using the following environment properties: +# - JAVA_OPTS: JVM options passed to the `java` command (example: "-verbose:class") +# - JAVA_OPTS_APPEND: User specified Java options to be appended to generated options +# in JAVA_OPTS (example: "-Dsome.property=foo") +# - JAVA_MAX_MEM_RATIO: Is used when no `-Xmx` option is given in JAVA_OPTS. This is +# used to calculate a default maximal heap memory based on a containers restriction. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xmx` is set to a ratio +# of the container available memory as set here. The default is `50` which means 50% +# of the available memory is used as an upper boundary. You can skip this mechanism by +# setting this value to `0` in which case no `-Xmx` option is added. +# - JAVA_INITIAL_MEM_RATIO: Is used when no `-Xms` option is given in JAVA_OPTS. This +# is used to calculate a default initial heap memory based on the maximum heap memory. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xms` is set to a ratio +# of the `-Xmx` memory as set here. The default is `25` which means 25% of the `-Xmx` +# is used as the initial heap size. You can skip this mechanism by setting this value +# to `0` in which case no `-Xms` option is added (example: "25") +# - JAVA_MAX_INITIAL_MEM: Is used when no `-Xms` option is given in JAVA_OPTS. +# This is used to calculate the maximum value of the initial heap memory. If used in +# a container without any memory constraints for the container then this option has +# no effect. If there is a memory constraint then `-Xms` is limited to the value set +# here. The default is 4096MB which means the calculated value of `-Xms` never will +# be greater than 4096MB. The value of this variable is expressed in MB (example: "4096") +# - JAVA_DIAGNOSTICS: Set this to get some diagnostics information to standard output +# when things are happening. This option, if set to true, will set +# `-XX:+UnlockDiagnosticVMOptions`. Disabled by default (example: "true"). +# - JAVA_DEBUG: If set remote debugging will be switched on. Disabled by default (example: +# true"). +# - JAVA_DEBUG_PORT: Port used for remote debugging. Defaults to 5005 (example: "8787"). +# - CONTAINER_CORE_LIMIT: A calculated core limit as described in +# https://www.kernel.org/doc/Documentation/scheduler/sched-bwc.txt. (example: "2") +# - CONTAINER_MAX_MEMORY: Memory limit given to the container (example: "1024"). +# - GC_MIN_HEAP_FREE_RATIO: Minimum percentage of heap free after GC to avoid expansion. +# (example: "20") +# - GC_MAX_HEAP_FREE_RATIO: Maximum percentage of heap free after GC to avoid shrinking. +# (example: "40") +# - GC_TIME_RATIO: Specifies the ratio of the time spent outside the garbage collection. +# (example: "4") +# - GC_ADAPTIVE_SIZE_POLICY_WEIGHT: The weighting given to the current GC time versus +# previous GC times. (example: "90") +# - GC_METASPACE_SIZE: The initial metaspace size. (example: "20") +# - GC_MAX_METASPACE_SIZE: The maximum metaspace size. (example: "100") +# - GC_CONTAINER_OPTIONS: Specify Java GC to use. The value of this variable should +# contain the necessary JRE command-line options to specify the required GC, which +# will override the default of `-XX:+UseParallelGC` (example: -XX:+UseG1GC). +# - HTTPS_PROXY: The location of the https proxy. (example: "myuser@127.0.0.1:8080") +# - HTTP_PROXY: The location of the http proxy. (example: "myuser@127.0.0.1:8080") +# - NO_PROXY: A comma separated lists of hosts, IP addresses or domains that can be +# accessed directly. (example: "foo.example.com,bar.example.com") # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/openjdk-11:1.14 + +ENV LANGUAGE='en_US:en' -ARG JAVA_PACKAGE=java-11-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.8 -ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' -# Install java and the run-java script -# Also set up permissions for user `1001` -RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ - && microdnf update \ - && microdnf clean all \ - && mkdir /deployments \ - && chown 1001 /deployments \ - && chmod "g+rwX" /deployments \ - && chown 1001:root /deployments \ - && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ - && chown 1001 /deployments/run-java.sh \ - && chmod 540 /deployments/run-java.sh \ - && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security -# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. -ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" # We make four distinct layers so if there are application changes the library layers can be re-used -COPY --chown=1001 target/quarkus-app/lib/ /deployments/lib/ -COPY --chown=1001 target/quarkus-app/*.jar /deployments/ -COPY --chown=1001 target/quarkus-app/app/ /deployments/app/ -COPY --chown=1001 target/quarkus-app/quarkus/ /deployments/quarkus/ +COPY --chown=185 target/quarkus-app/lib/ /deployments/lib/ +COPY --chown=185 target/quarkus-app/*.jar /deployments/ +COPY --chown=185 target/quarkus-app/app/ /deployments/app/ +COPY --chown=185 target/quarkus-app/quarkus/ /deployments/quarkus/ EXPOSE 8080 -USER 1001 +USER 185 +ENV AB_JOLOKIA_OFF="" +ENV JAVA_OPTS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +ENV JAVA_APP_JAR="/deployments/quarkus-run.jar" -ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/rest-client-multipart-quickstart/src/main/docker/Dockerfile.legacy-jar b/rest-client-multipart-quickstart/src/main/docker/Dockerfile.legacy-jar index 97ad6dbce1..efd0a71472 100644 --- a/rest-client-multipart-quickstart/src/main/docker/Dockerfile.legacy-jar +++ b/rest-client-multipart-quickstart/src/main/docker/Dockerfile.legacy-jar @@ -7,45 +7,84 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/rest-client-multipart-legacy-jar . +# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/rest-client-multipart-quickstart-legacy-jar . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/rest-client-multipart-legacy-jar +# docker run -i --rm -p 8080:8080 quarkus/rest-client-multipart-quickstart-legacy-jar # # If you want to include the debug port into your docker image -# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5005 # # Then run the container using : # -# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/rest-client-multipart-legacy-jar +# docker run -i --rm -p 8080:8080 quarkus/rest-client-multipart-quickstart-legacy-jar +# +# This image uses the `run-java.sh` script to run the application. +# This scripts computes the command line to execute your Java application, and +# includes memory/GC tuning. +# You can configure the behavior using the following environment properties: +# - JAVA_OPTS: JVM options passed to the `java` command (example: "-verbose:class") +# - JAVA_OPTS_APPEND: User specified Java options to be appended to generated options +# in JAVA_OPTS (example: "-Dsome.property=foo") +# - JAVA_MAX_MEM_RATIO: Is used when no `-Xmx` option is given in JAVA_OPTS. This is +# used to calculate a default maximal heap memory based on a containers restriction. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xmx` is set to a ratio +# of the container available memory as set here. The default is `50` which means 50% +# of the available memory is used as an upper boundary. You can skip this mechanism by +# setting this value to `0` in which case no `-Xmx` option is added. +# - JAVA_INITIAL_MEM_RATIO: Is used when no `-Xms` option is given in JAVA_OPTS. This +# is used to calculate a default initial heap memory based on the maximum heap memory. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xms` is set to a ratio +# of the `-Xmx` memory as set here. The default is `25` which means 25% of the `-Xmx` +# is used as the initial heap size. You can skip this mechanism by setting this value +# to `0` in which case no `-Xms` option is added (example: "25") +# - JAVA_MAX_INITIAL_MEM: Is used when no `-Xms` option is given in JAVA_OPTS. +# This is used to calculate the maximum value of the initial heap memory. If used in +# a container without any memory constraints for the container then this option has +# no effect. If there is a memory constraint then `-Xms` is limited to the value set +# here. The default is 4096MB which means the calculated value of `-Xms` never will +# be greater than 4096MB. The value of this variable is expressed in MB (example: "4096") +# - JAVA_DIAGNOSTICS: Set this to get some diagnostics information to standard output +# when things are happening. This option, if set to true, will set +# `-XX:+UnlockDiagnosticVMOptions`. Disabled by default (example: "true"). +# - JAVA_DEBUG: If set remote debugging will be switched on. Disabled by default (example: +# true"). +# - JAVA_DEBUG_PORT: Port used for remote debugging. Defaults to 5005 (example: "8787"). +# - CONTAINER_CORE_LIMIT: A calculated core limit as described in +# https://www.kernel.org/doc/Documentation/scheduler/sched-bwc.txt. (example: "2") +# - CONTAINER_MAX_MEMORY: Memory limit given to the container (example: "1024"). +# - GC_MIN_HEAP_FREE_RATIO: Minimum percentage of heap free after GC to avoid expansion. +# (example: "20") +# - GC_MAX_HEAP_FREE_RATIO: Maximum percentage of heap free after GC to avoid shrinking. +# (example: "40") +# - GC_TIME_RATIO: Specifies the ratio of the time spent outside the garbage collection. +# (example: "4") +# - GC_ADAPTIVE_SIZE_POLICY_WEIGHT: The weighting given to the current GC time versus +# previous GC times. (example: "90") +# - GC_METASPACE_SIZE: The initial metaspace size. (example: "20") +# - GC_MAX_METASPACE_SIZE: The maximum metaspace size. (example: "100") +# - GC_CONTAINER_OPTIONS: Specify Java GC to use. The value of this variable should +# contain the necessary JRE command-line options to specify the required GC, which +# will override the default of `-XX:+UseParallelGC` (example: -XX:+UseG1GC). +# - HTTPS_PROXY: The location of the https proxy. (example: "myuser@127.0.0.1:8080") +# - HTTP_PROXY: The location of the http proxy. (example: "myuser@127.0.0.1:8080") +# - NO_PROXY: A comma separated lists of hosts, IP addresses or domains that can be +# accessed directly. (example: "foo.example.com,bar.example.com") # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/openjdk-11:1.14 + +ENV LANGUAGE='en_US:en' -ARG JAVA_PACKAGE=java-11-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.8 -ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' -# Install java and the run-java script -# Also set up permissions for user `1001` -RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ - && microdnf update \ - && microdnf clean all \ - && mkdir /deployments \ - && chown 1001 /deployments \ - && chmod "g+rwX" /deployments \ - && chown 1001:root /deployments \ - && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ - && chown 1001 /deployments/run-java.sh \ - && chmod 540 /deployments/run-java.sh \ - && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security -# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. -ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" COPY target/lib/* /deployments/lib/ -COPY target/*-runner.jar /deployments/app.jar +COPY target/*-runner.jar /deployments/quarkus-run.jar EXPOSE 8080 -USER 1001 - -ENTRYPOINT [ "/deployments/run-java.sh" ] +USER 185 +ENV AB_JOLOKIA_OFF="" +ENV JAVA_OPTS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +ENV JAVA_APP_JAR="/deployments/quarkus-run.jar" diff --git a/rest-client-multipart-quickstart/src/main/docker/Dockerfile.native b/rest-client-multipart-quickstart/src/main/docker/Dockerfile.native index bb566ad152..b1fdc5b7d6 100644 --- a/rest-client-multipart-quickstart/src/main/docker/Dockerfile.native +++ b/rest-client-multipart-quickstart/src/main/docker/Dockerfile.native @@ -1,5 +1,5 @@ #### -# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode. # # Before building the container image run: # @@ -7,14 +7,14 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native -t quarkus/rest-client-multipart . +# docker build -f src/main/docker/Dockerfile.native -t quarkus/rest-client-multipart-quickstart . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/rest-client-multipart +# docker run -i --rm -p 8080:8080 quarkus/rest-client-multipart-quickstart # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.6 WORKDIR /work/ RUN chown 1001 /work \ && chmod "g+rwX" /work \ diff --git a/rest-client-multipart-quickstart/src/main/docker/Dockerfile.native-micro b/rest-client-multipart-quickstart/src/main/docker/Dockerfile.native-micro index 6ce578df1d..ae49c68da6 100644 --- a/rest-client-multipart-quickstart/src/main/docker/Dockerfile.native-micro +++ b/rest-client-multipart-quickstart/src/main/docker/Dockerfile.native-micro @@ -1,5 +1,8 @@ #### -# This Dockerfile is used in order to build a distroless container that runs the Quarkus application in native (no JVM) mode +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode. +# It uses a micro base image, tuned for Quarkus native executables. +# It reduces the size of the resulting container image. +# Check https://quarkus.io/guides/quarkus-runtime-base-image for further information about this image. # # Before building the container image run: # @@ -7,15 +10,19 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native-micro -t quarkus/rest-client-multipart . +# docker build -f src/main/docker/Dockerfile.native-micro -t quarkus/rest-client-multipart-quickstart . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/rest-client-multipart +# docker run -i --rm -p 8080:8080 quarkus/rest-client-multipart-quickstart # ### -FROM quay.io/quarkus/quarkus-micro-image:1.0 -COPY target/*-runner /application +FROM quay.io/quarkus/quarkus-micro-image:2.0 +WORKDIR /work/ +RUN chown 1001 /work \ + && chmod "g+rwX" /work \ + && chown 1001:root /work +COPY --chown=1001:root target/*-runner /work/application EXPOSE 8080 USER 1001 diff --git a/rest-client-quickstart/pom.xml b/rest-client-quickstart/pom.xml index bd518219ca..9191515a98 100644 --- a/rest-client-quickstart/pom.xml +++ b/rest-client-quickstart/pom.xml @@ -10,7 +10,7 @@ quarkus-bom io.quarkus - 999-SNAPSHOT + 2.14.0.Final 3.8.1 3.0.0-M7 2.27.2 diff --git a/rest-client-quickstart/src/main/docker/Dockerfile.jvm b/rest-client-quickstart/src/main/docker/Dockerfile.jvm index 0fc430e260..8327e39df4 100644 --- a/rest-client-quickstart/src/main/docker/Dockerfile.jvm +++ b/rest-client-quickstart/src/main/docker/Dockerfile.jvm @@ -7,48 +7,88 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/rest-client-jvm . +# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/rest-client-quickstart-jvm . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/rest-client-jvm +# docker run -i --rm -p 8080:8080 quarkus/rest-client-quickstart-jvm # # If you want to include the debug port into your docker image -# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5005 # # Then run the container using : # -# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/rest-client-jvm +# docker run -i --rm -p 8080:8080 quarkus/rest-client-quickstart-jvm +# +# This image uses the `run-java.sh` script to run the application. +# This scripts computes the command line to execute your Java application, and +# includes memory/GC tuning. +# You can configure the behavior using the following environment properties: +# - JAVA_OPTS: JVM options passed to the `java` command (example: "-verbose:class") +# - JAVA_OPTS_APPEND: User specified Java options to be appended to generated options +# in JAVA_OPTS (example: "-Dsome.property=foo") +# - JAVA_MAX_MEM_RATIO: Is used when no `-Xmx` option is given in JAVA_OPTS. This is +# used to calculate a default maximal heap memory based on a containers restriction. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xmx` is set to a ratio +# of the container available memory as set here. The default is `50` which means 50% +# of the available memory is used as an upper boundary. You can skip this mechanism by +# setting this value to `0` in which case no `-Xmx` option is added. +# - JAVA_INITIAL_MEM_RATIO: Is used when no `-Xms` option is given in JAVA_OPTS. This +# is used to calculate a default initial heap memory based on the maximum heap memory. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xms` is set to a ratio +# of the `-Xmx` memory as set here. The default is `25` which means 25% of the `-Xmx` +# is used as the initial heap size. You can skip this mechanism by setting this value +# to `0` in which case no `-Xms` option is added (example: "25") +# - JAVA_MAX_INITIAL_MEM: Is used when no `-Xms` option is given in JAVA_OPTS. +# This is used to calculate the maximum value of the initial heap memory. If used in +# a container without any memory constraints for the container then this option has +# no effect. If there is a memory constraint then `-Xms` is limited to the value set +# here. The default is 4096MB which means the calculated value of `-Xms` never will +# be greater than 4096MB. The value of this variable is expressed in MB (example: "4096") +# - JAVA_DIAGNOSTICS: Set this to get some diagnostics information to standard output +# when things are happening. This option, if set to true, will set +# `-XX:+UnlockDiagnosticVMOptions`. Disabled by default (example: "true"). +# - JAVA_DEBUG: If set remote debugging will be switched on. Disabled by default (example: +# true"). +# - JAVA_DEBUG_PORT: Port used for remote debugging. Defaults to 5005 (example: "8787"). +# - CONTAINER_CORE_LIMIT: A calculated core limit as described in +# https://www.kernel.org/doc/Documentation/scheduler/sched-bwc.txt. (example: "2") +# - CONTAINER_MAX_MEMORY: Memory limit given to the container (example: "1024"). +# - GC_MIN_HEAP_FREE_RATIO: Minimum percentage of heap free after GC to avoid expansion. +# (example: "20") +# - GC_MAX_HEAP_FREE_RATIO: Maximum percentage of heap free after GC to avoid shrinking. +# (example: "40") +# - GC_TIME_RATIO: Specifies the ratio of the time spent outside the garbage collection. +# (example: "4") +# - GC_ADAPTIVE_SIZE_POLICY_WEIGHT: The weighting given to the current GC time versus +# previous GC times. (example: "90") +# - GC_METASPACE_SIZE: The initial metaspace size. (example: "20") +# - GC_MAX_METASPACE_SIZE: The maximum metaspace size. (example: "100") +# - GC_CONTAINER_OPTIONS: Specify Java GC to use. The value of this variable should +# contain the necessary JRE command-line options to specify the required GC, which +# will override the default of `-XX:+UseParallelGC` (example: -XX:+UseG1GC). +# - HTTPS_PROXY: The location of the https proxy. (example: "myuser@127.0.0.1:8080") +# - HTTP_PROXY: The location of the http proxy. (example: "myuser@127.0.0.1:8080") +# - NO_PROXY: A comma separated lists of hosts, IP addresses or domains that can be +# accessed directly. (example: "foo.example.com,bar.example.com") # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/openjdk-11:1.14 + +ENV LANGUAGE='en_US:en' -ARG JAVA_PACKAGE=java-11-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.8 -ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' -# Install java and the run-java script -# Also set up permissions for user `1001` -RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ - && microdnf update \ - && microdnf clean all \ - && mkdir /deployments \ - && chown 1001 /deployments \ - && chmod "g+rwX" /deployments \ - && chown 1001:root /deployments \ - && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ - && chown 1001 /deployments/run-java.sh \ - && chmod 540 /deployments/run-java.sh \ - && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security -# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. -ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" # We make four distinct layers so if there are application changes the library layers can be re-used -COPY --chown=1001 target/quarkus-app/lib/ /deployments/lib/ -COPY --chown=1001 target/quarkus-app/*.jar /deployments/ -COPY --chown=1001 target/quarkus-app/app/ /deployments/app/ -COPY --chown=1001 target/quarkus-app/quarkus/ /deployments/quarkus/ +COPY --chown=185 target/quarkus-app/lib/ /deployments/lib/ +COPY --chown=185 target/quarkus-app/*.jar /deployments/ +COPY --chown=185 target/quarkus-app/app/ /deployments/app/ +COPY --chown=185 target/quarkus-app/quarkus/ /deployments/quarkus/ EXPOSE 8080 -USER 1001 +USER 185 +ENV AB_JOLOKIA_OFF="" +ENV JAVA_OPTS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +ENV JAVA_APP_JAR="/deployments/quarkus-run.jar" -ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/rest-client-quickstart/src/main/docker/Dockerfile.legacy-jar b/rest-client-quickstart/src/main/docker/Dockerfile.legacy-jar index 39b1c8861a..05cf8b10a2 100644 --- a/rest-client-quickstart/src/main/docker/Dockerfile.legacy-jar +++ b/rest-client-quickstart/src/main/docker/Dockerfile.legacy-jar @@ -7,45 +7,84 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/rest-client-legacy-jar . +# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/rest-client-quickstart-legacy-jar . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/rest-client-legacy-jar +# docker run -i --rm -p 8080:8080 quarkus/rest-client-quickstart-legacy-jar # # If you want to include the debug port into your docker image -# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5005 # # Then run the container using : # -# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/rest-client-legacy-jar +# docker run -i --rm -p 8080:8080 quarkus/rest-client-quickstart-legacy-jar +# +# This image uses the `run-java.sh` script to run the application. +# This scripts computes the command line to execute your Java application, and +# includes memory/GC tuning. +# You can configure the behavior using the following environment properties: +# - JAVA_OPTS: JVM options passed to the `java` command (example: "-verbose:class") +# - JAVA_OPTS_APPEND: User specified Java options to be appended to generated options +# in JAVA_OPTS (example: "-Dsome.property=foo") +# - JAVA_MAX_MEM_RATIO: Is used when no `-Xmx` option is given in JAVA_OPTS. This is +# used to calculate a default maximal heap memory based on a containers restriction. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xmx` is set to a ratio +# of the container available memory as set here. The default is `50` which means 50% +# of the available memory is used as an upper boundary. You can skip this mechanism by +# setting this value to `0` in which case no `-Xmx` option is added. +# - JAVA_INITIAL_MEM_RATIO: Is used when no `-Xms` option is given in JAVA_OPTS. This +# is used to calculate a default initial heap memory based on the maximum heap memory. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xms` is set to a ratio +# of the `-Xmx` memory as set here. The default is `25` which means 25% of the `-Xmx` +# is used as the initial heap size. You can skip this mechanism by setting this value +# to `0` in which case no `-Xms` option is added (example: "25") +# - JAVA_MAX_INITIAL_MEM: Is used when no `-Xms` option is given in JAVA_OPTS. +# This is used to calculate the maximum value of the initial heap memory. If used in +# a container without any memory constraints for the container then this option has +# no effect. If there is a memory constraint then `-Xms` is limited to the value set +# here. The default is 4096MB which means the calculated value of `-Xms` never will +# be greater than 4096MB. The value of this variable is expressed in MB (example: "4096") +# - JAVA_DIAGNOSTICS: Set this to get some diagnostics information to standard output +# when things are happening. This option, if set to true, will set +# `-XX:+UnlockDiagnosticVMOptions`. Disabled by default (example: "true"). +# - JAVA_DEBUG: If set remote debugging will be switched on. Disabled by default (example: +# true"). +# - JAVA_DEBUG_PORT: Port used for remote debugging. Defaults to 5005 (example: "8787"). +# - CONTAINER_CORE_LIMIT: A calculated core limit as described in +# https://www.kernel.org/doc/Documentation/scheduler/sched-bwc.txt. (example: "2") +# - CONTAINER_MAX_MEMORY: Memory limit given to the container (example: "1024"). +# - GC_MIN_HEAP_FREE_RATIO: Minimum percentage of heap free after GC to avoid expansion. +# (example: "20") +# - GC_MAX_HEAP_FREE_RATIO: Maximum percentage of heap free after GC to avoid shrinking. +# (example: "40") +# - GC_TIME_RATIO: Specifies the ratio of the time spent outside the garbage collection. +# (example: "4") +# - GC_ADAPTIVE_SIZE_POLICY_WEIGHT: The weighting given to the current GC time versus +# previous GC times. (example: "90") +# - GC_METASPACE_SIZE: The initial metaspace size. (example: "20") +# - GC_MAX_METASPACE_SIZE: The maximum metaspace size. (example: "100") +# - GC_CONTAINER_OPTIONS: Specify Java GC to use. The value of this variable should +# contain the necessary JRE command-line options to specify the required GC, which +# will override the default of `-XX:+UseParallelGC` (example: -XX:+UseG1GC). +# - HTTPS_PROXY: The location of the https proxy. (example: "myuser@127.0.0.1:8080") +# - HTTP_PROXY: The location of the http proxy. (example: "myuser@127.0.0.1:8080") +# - NO_PROXY: A comma separated lists of hosts, IP addresses or domains that can be +# accessed directly. (example: "foo.example.com,bar.example.com") # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/openjdk-11:1.14 + +ENV LANGUAGE='en_US:en' -ARG JAVA_PACKAGE=java-11-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.8 -ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' -# Install java and the run-java script -# Also set up permissions for user `1001` -RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ - && microdnf update \ - && microdnf clean all \ - && mkdir /deployments \ - && chown 1001 /deployments \ - && chmod "g+rwX" /deployments \ - && chown 1001:root /deployments \ - && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ - && chown 1001 /deployments/run-java.sh \ - && chmod 540 /deployments/run-java.sh \ - && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security -# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. -ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" COPY target/lib/* /deployments/lib/ -COPY target/*-runner.jar /deployments/app.jar +COPY target/*-runner.jar /deployments/quarkus-run.jar EXPOSE 8080 -USER 1001 - -ENTRYPOINT [ "/deployments/run-java.sh" ] +USER 185 +ENV AB_JOLOKIA_OFF="" +ENV JAVA_OPTS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +ENV JAVA_APP_JAR="/deployments/quarkus-run.jar" diff --git a/rest-client-quickstart/src/main/docker/Dockerfile.native b/rest-client-quickstart/src/main/docker/Dockerfile.native index 3472cb5dba..e23fe24465 100644 --- a/rest-client-quickstart/src/main/docker/Dockerfile.native +++ b/rest-client-quickstart/src/main/docker/Dockerfile.native @@ -1,5 +1,5 @@ #### -# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode. # # Before building the container image run: # @@ -7,14 +7,14 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native -t quarkus/rest-client . +# docker build -f src/main/docker/Dockerfile.native -t quarkus/rest-client-quickstart . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/rest-client +# docker run -i --rm -p 8080:8080 quarkus/rest-client-quickstart # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.6 WORKDIR /work/ RUN chown 1001 /work \ && chmod "g+rwX" /work \ diff --git a/rest-client-quickstart/src/main/docker/Dockerfile.native-micro b/rest-client-quickstart/src/main/docker/Dockerfile.native-micro index eea060821a..c7a239c822 100644 --- a/rest-client-quickstart/src/main/docker/Dockerfile.native-micro +++ b/rest-client-quickstart/src/main/docker/Dockerfile.native-micro @@ -1,5 +1,8 @@ #### -# This Dockerfile is used in order to build a distroless container that runs the Quarkus application in native (no JVM) mode +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode. +# It uses a micro base image, tuned for Quarkus native executables. +# It reduces the size of the resulting container image. +# Check https://quarkus.io/guides/quarkus-runtime-base-image for further information about this image. # # Before building the container image run: # @@ -7,15 +10,19 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native-micro -t quarkus/rest-client . +# docker build -f src/main/docker/Dockerfile.native-micro -t quarkus/rest-client-quickstart . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/rest-client +# docker run -i --rm -p 8080:8080 quarkus/rest-client-quickstart # ### -FROM quay.io/quarkus/quarkus-micro-image:1.0 -COPY target/*-runner /application +FROM quay.io/quarkus/quarkus-micro-image:2.0 +WORKDIR /work/ +RUN chown 1001 /work \ + && chmod "g+rwX" /work \ + && chown 1001:root /work +COPY --chown=1001:root target/*-runner /work/application EXPOSE 8080 USER 1001 diff --git a/rest-client-reactive-quickstart/pom.xml b/rest-client-reactive-quickstart/pom.xml index 4ddbf22bf2..03f4667866 100644 --- a/rest-client-reactive-quickstart/pom.xml +++ b/rest-client-reactive-quickstart/pom.xml @@ -14,7 +14,7 @@ UTF-8 quarkus-bom io.quarkus - 999-SNAPSHOT + 2.14.0.Final 3.0.0-M7 2.27.2 diff --git a/rest-json-quickstart/pom.xml b/rest-json-quickstart/pom.xml index bbb288eb37..491c8968d1 100644 --- a/rest-json-quickstart/pom.xml +++ b/rest-json-quickstart/pom.xml @@ -9,7 +9,7 @@ quarkus-bom io.quarkus - 999-SNAPSHOT + 2.14.0.Final 3.0.0-M7 UTF-8 11 diff --git a/rest-json-quickstart/src/main/docker/Dockerfile.jvm b/rest-json-quickstart/src/main/docker/Dockerfile.jvm index be9c55acc2..beac4114cc 100644 --- a/rest-json-quickstart/src/main/docker/Dockerfile.jvm +++ b/rest-json-quickstart/src/main/docker/Dockerfile.jvm @@ -7,48 +7,88 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/rest-json-jvm . +# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/rest-json-quickstart-jvm . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/rest-json-jvm +# docker run -i --rm -p 8080:8080 quarkus/rest-json-quickstart-jvm # # If you want to include the debug port into your docker image -# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5005 # # Then run the container using : # -# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/rest-json-jvm +# docker run -i --rm -p 8080:8080 quarkus/rest-json-quickstart-jvm +# +# This image uses the `run-java.sh` script to run the application. +# This scripts computes the command line to execute your Java application, and +# includes memory/GC tuning. +# You can configure the behavior using the following environment properties: +# - JAVA_OPTS: JVM options passed to the `java` command (example: "-verbose:class") +# - JAVA_OPTS_APPEND: User specified Java options to be appended to generated options +# in JAVA_OPTS (example: "-Dsome.property=foo") +# - JAVA_MAX_MEM_RATIO: Is used when no `-Xmx` option is given in JAVA_OPTS. This is +# used to calculate a default maximal heap memory based on a containers restriction. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xmx` is set to a ratio +# of the container available memory as set here. The default is `50` which means 50% +# of the available memory is used as an upper boundary. You can skip this mechanism by +# setting this value to `0` in which case no `-Xmx` option is added. +# - JAVA_INITIAL_MEM_RATIO: Is used when no `-Xms` option is given in JAVA_OPTS. This +# is used to calculate a default initial heap memory based on the maximum heap memory. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xms` is set to a ratio +# of the `-Xmx` memory as set here. The default is `25` which means 25% of the `-Xmx` +# is used as the initial heap size. You can skip this mechanism by setting this value +# to `0` in which case no `-Xms` option is added (example: "25") +# - JAVA_MAX_INITIAL_MEM: Is used when no `-Xms` option is given in JAVA_OPTS. +# This is used to calculate the maximum value of the initial heap memory. If used in +# a container without any memory constraints for the container then this option has +# no effect. If there is a memory constraint then `-Xms` is limited to the value set +# here. The default is 4096MB which means the calculated value of `-Xms` never will +# be greater than 4096MB. The value of this variable is expressed in MB (example: "4096") +# - JAVA_DIAGNOSTICS: Set this to get some diagnostics information to standard output +# when things are happening. This option, if set to true, will set +# `-XX:+UnlockDiagnosticVMOptions`. Disabled by default (example: "true"). +# - JAVA_DEBUG: If set remote debugging will be switched on. Disabled by default (example: +# true"). +# - JAVA_DEBUG_PORT: Port used for remote debugging. Defaults to 5005 (example: "8787"). +# - CONTAINER_CORE_LIMIT: A calculated core limit as described in +# https://www.kernel.org/doc/Documentation/scheduler/sched-bwc.txt. (example: "2") +# - CONTAINER_MAX_MEMORY: Memory limit given to the container (example: "1024"). +# - GC_MIN_HEAP_FREE_RATIO: Minimum percentage of heap free after GC to avoid expansion. +# (example: "20") +# - GC_MAX_HEAP_FREE_RATIO: Maximum percentage of heap free after GC to avoid shrinking. +# (example: "40") +# - GC_TIME_RATIO: Specifies the ratio of the time spent outside the garbage collection. +# (example: "4") +# - GC_ADAPTIVE_SIZE_POLICY_WEIGHT: The weighting given to the current GC time versus +# previous GC times. (example: "90") +# - GC_METASPACE_SIZE: The initial metaspace size. (example: "20") +# - GC_MAX_METASPACE_SIZE: The maximum metaspace size. (example: "100") +# - GC_CONTAINER_OPTIONS: Specify Java GC to use. The value of this variable should +# contain the necessary JRE command-line options to specify the required GC, which +# will override the default of `-XX:+UseParallelGC` (example: -XX:+UseG1GC). +# - HTTPS_PROXY: The location of the https proxy. (example: "myuser@127.0.0.1:8080") +# - HTTP_PROXY: The location of the http proxy. (example: "myuser@127.0.0.1:8080") +# - NO_PROXY: A comma separated lists of hosts, IP addresses or domains that can be +# accessed directly. (example: "foo.example.com,bar.example.com") # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/openjdk-11:1.14 + +ENV LANGUAGE='en_US:en' -ARG JAVA_PACKAGE=java-11-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.8 -ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' -# Install java and the run-java script -# Also set up permissions for user `1001` -RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ - && microdnf update \ - && microdnf clean all \ - && mkdir /deployments \ - && chown 1001 /deployments \ - && chmod "g+rwX" /deployments \ - && chown 1001:root /deployments \ - && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ - && chown 1001 /deployments/run-java.sh \ - && chmod 540 /deployments/run-java.sh \ - && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security -# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. -ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" # We make four distinct layers so if there are application changes the library layers can be re-used -COPY --chown=1001 target/quarkus-app/lib/ /deployments/lib/ -COPY --chown=1001 target/quarkus-app/*.jar /deployments/ -COPY --chown=1001 target/quarkus-app/app/ /deployments/app/ -COPY --chown=1001 target/quarkus-app/quarkus/ /deployments/quarkus/ +COPY --chown=185 target/quarkus-app/lib/ /deployments/lib/ +COPY --chown=185 target/quarkus-app/*.jar /deployments/ +COPY --chown=185 target/quarkus-app/app/ /deployments/app/ +COPY --chown=185 target/quarkus-app/quarkus/ /deployments/quarkus/ EXPOSE 8080 -USER 1001 +USER 185 +ENV AB_JOLOKIA_OFF="" +ENV JAVA_OPTS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +ENV JAVA_APP_JAR="/deployments/quarkus-run.jar" -ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/rest-json-quickstart/src/main/docker/Dockerfile.legacy-jar b/rest-json-quickstart/src/main/docker/Dockerfile.legacy-jar index 683de83ea5..798529a14b 100644 --- a/rest-json-quickstart/src/main/docker/Dockerfile.legacy-jar +++ b/rest-json-quickstart/src/main/docker/Dockerfile.legacy-jar @@ -7,45 +7,84 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/rest-json-legacy-jar . +# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/rest-json-quickstart-legacy-jar . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/rest-json-legacy-jar +# docker run -i --rm -p 8080:8080 quarkus/rest-json-quickstart-legacy-jar # # If you want to include the debug port into your docker image -# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5005 # # Then run the container using : # -# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/rest-json-legacy-jar +# docker run -i --rm -p 8080:8080 quarkus/rest-json-quickstart-legacy-jar +# +# This image uses the `run-java.sh` script to run the application. +# This scripts computes the command line to execute your Java application, and +# includes memory/GC tuning. +# You can configure the behavior using the following environment properties: +# - JAVA_OPTS: JVM options passed to the `java` command (example: "-verbose:class") +# - JAVA_OPTS_APPEND: User specified Java options to be appended to generated options +# in JAVA_OPTS (example: "-Dsome.property=foo") +# - JAVA_MAX_MEM_RATIO: Is used when no `-Xmx` option is given in JAVA_OPTS. This is +# used to calculate a default maximal heap memory based on a containers restriction. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xmx` is set to a ratio +# of the container available memory as set here. The default is `50` which means 50% +# of the available memory is used as an upper boundary. You can skip this mechanism by +# setting this value to `0` in which case no `-Xmx` option is added. +# - JAVA_INITIAL_MEM_RATIO: Is used when no `-Xms` option is given in JAVA_OPTS. This +# is used to calculate a default initial heap memory based on the maximum heap memory. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xms` is set to a ratio +# of the `-Xmx` memory as set here. The default is `25` which means 25% of the `-Xmx` +# is used as the initial heap size. You can skip this mechanism by setting this value +# to `0` in which case no `-Xms` option is added (example: "25") +# - JAVA_MAX_INITIAL_MEM: Is used when no `-Xms` option is given in JAVA_OPTS. +# This is used to calculate the maximum value of the initial heap memory. If used in +# a container without any memory constraints for the container then this option has +# no effect. If there is a memory constraint then `-Xms` is limited to the value set +# here. The default is 4096MB which means the calculated value of `-Xms` never will +# be greater than 4096MB. The value of this variable is expressed in MB (example: "4096") +# - JAVA_DIAGNOSTICS: Set this to get some diagnostics information to standard output +# when things are happening. This option, if set to true, will set +# `-XX:+UnlockDiagnosticVMOptions`. Disabled by default (example: "true"). +# - JAVA_DEBUG: If set remote debugging will be switched on. Disabled by default (example: +# true"). +# - JAVA_DEBUG_PORT: Port used for remote debugging. Defaults to 5005 (example: "8787"). +# - CONTAINER_CORE_LIMIT: A calculated core limit as described in +# https://www.kernel.org/doc/Documentation/scheduler/sched-bwc.txt. (example: "2") +# - CONTAINER_MAX_MEMORY: Memory limit given to the container (example: "1024"). +# - GC_MIN_HEAP_FREE_RATIO: Minimum percentage of heap free after GC to avoid expansion. +# (example: "20") +# - GC_MAX_HEAP_FREE_RATIO: Maximum percentage of heap free after GC to avoid shrinking. +# (example: "40") +# - GC_TIME_RATIO: Specifies the ratio of the time spent outside the garbage collection. +# (example: "4") +# - GC_ADAPTIVE_SIZE_POLICY_WEIGHT: The weighting given to the current GC time versus +# previous GC times. (example: "90") +# - GC_METASPACE_SIZE: The initial metaspace size. (example: "20") +# - GC_MAX_METASPACE_SIZE: The maximum metaspace size. (example: "100") +# - GC_CONTAINER_OPTIONS: Specify Java GC to use. The value of this variable should +# contain the necessary JRE command-line options to specify the required GC, which +# will override the default of `-XX:+UseParallelGC` (example: -XX:+UseG1GC). +# - HTTPS_PROXY: The location of the https proxy. (example: "myuser@127.0.0.1:8080") +# - HTTP_PROXY: The location of the http proxy. (example: "myuser@127.0.0.1:8080") +# - NO_PROXY: A comma separated lists of hosts, IP addresses or domains that can be +# accessed directly. (example: "foo.example.com,bar.example.com") # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/openjdk-11:1.14 + +ENV LANGUAGE='en_US:en' -ARG JAVA_PACKAGE=java-11-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.8 -ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' -# Install java and the run-java script -# Also set up permissions for user `1001` -RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ - && microdnf update \ - && microdnf clean all \ - && mkdir /deployments \ - && chown 1001 /deployments \ - && chmod "g+rwX" /deployments \ - && chown 1001:root /deployments \ - && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ - && chown 1001 /deployments/run-java.sh \ - && chmod 540 /deployments/run-java.sh \ - && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security -# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. -ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" COPY target/lib/* /deployments/lib/ -COPY target/*-runner.jar /deployments/app.jar +COPY target/*-runner.jar /deployments/quarkus-run.jar EXPOSE 8080 -USER 1001 - -ENTRYPOINT [ "/deployments/run-java.sh" ] +USER 185 +ENV AB_JOLOKIA_OFF="" +ENV JAVA_OPTS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +ENV JAVA_APP_JAR="/deployments/quarkus-run.jar" diff --git a/rest-json-quickstart/src/main/docker/Dockerfile.native b/rest-json-quickstart/src/main/docker/Dockerfile.native index 212511e938..27a8aab4e1 100644 --- a/rest-json-quickstart/src/main/docker/Dockerfile.native +++ b/rest-json-quickstart/src/main/docker/Dockerfile.native @@ -1,5 +1,5 @@ #### -# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode. # # Before building the container image run: # @@ -7,14 +7,14 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native -t quarkus/rest-json . +# docker build -f src/main/docker/Dockerfile.native -t quarkus/rest-json-quickstart . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/rest-json +# docker run -i --rm -p 8080:8080 quarkus/rest-json-quickstart # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.6 WORKDIR /work/ RUN chown 1001 /work \ && chmod "g+rwX" /work \ diff --git a/rest-json-quickstart/src/main/docker/Dockerfile.native-micro b/rest-json-quickstart/src/main/docker/Dockerfile.native-micro index 308d6c4438..0289e20ade 100644 --- a/rest-json-quickstart/src/main/docker/Dockerfile.native-micro +++ b/rest-json-quickstart/src/main/docker/Dockerfile.native-micro @@ -1,5 +1,8 @@ #### -# This Dockerfile is used in order to build a distroless container that runs the Quarkus application in native (no JVM) mode +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode. +# It uses a micro base image, tuned for Quarkus native executables. +# It reduces the size of the resulting container image. +# Check https://quarkus.io/guides/quarkus-runtime-base-image for further information about this image. # # Before building the container image run: # @@ -7,15 +10,19 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native-micro -t quarkus/rest-json . +# docker build -f src/main/docker/Dockerfile.native-micro -t quarkus/rest-json-quickstart . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/rest-json +# docker run -i --rm -p 8080:8080 quarkus/rest-json-quickstart # ### -FROM quay.io/quarkus/quarkus-micro-image:1.0 -COPY target/*-runner /application +FROM quay.io/quarkus/quarkus-micro-image:2.0 +WORKDIR /work/ +RUN chown 1001 /work \ + && chmod "g+rwX" /work \ + && chown 1001:root /work +COPY --chown=1001:root target/*-runner /work/application EXPOSE 8080 USER 1001 diff --git a/scheduler-quickstart/pom.xml b/scheduler-quickstart/pom.xml index 6b0b47b5e0..6a2936790b 100644 --- a/scheduler-quickstart/pom.xml +++ b/scheduler-quickstart/pom.xml @@ -8,7 +8,7 @@ quarkus-bom io.quarkus - 999-SNAPSHOT + 2.14.0.Final 3.0.0-M7 UTF-8 11 diff --git a/scheduler-quickstart/src/main/docker/Dockerfile.jvm b/scheduler-quickstart/src/main/docker/Dockerfile.jvm index a127d5397d..de7c734e0a 100644 --- a/scheduler-quickstart/src/main/docker/Dockerfile.jvm +++ b/scheduler-quickstart/src/main/docker/Dockerfile.jvm @@ -7,48 +7,88 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/scheduler-jvm . +# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/scheduler-quickstart-jvm . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/scheduler-jvm +# docker run -i --rm -p 8080:8080 quarkus/scheduler-quickstart-jvm # # If you want to include the debug port into your docker image -# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5005 # # Then run the container using : # -# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/scheduler-jvm +# docker run -i --rm -p 8080:8080 quarkus/scheduler-quickstart-jvm +# +# This image uses the `run-java.sh` script to run the application. +# This scripts computes the command line to execute your Java application, and +# includes memory/GC tuning. +# You can configure the behavior using the following environment properties: +# - JAVA_OPTS: JVM options passed to the `java` command (example: "-verbose:class") +# - JAVA_OPTS_APPEND: User specified Java options to be appended to generated options +# in JAVA_OPTS (example: "-Dsome.property=foo") +# - JAVA_MAX_MEM_RATIO: Is used when no `-Xmx` option is given in JAVA_OPTS. This is +# used to calculate a default maximal heap memory based on a containers restriction. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xmx` is set to a ratio +# of the container available memory as set here. The default is `50` which means 50% +# of the available memory is used as an upper boundary. You can skip this mechanism by +# setting this value to `0` in which case no `-Xmx` option is added. +# - JAVA_INITIAL_MEM_RATIO: Is used when no `-Xms` option is given in JAVA_OPTS. This +# is used to calculate a default initial heap memory based on the maximum heap memory. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xms` is set to a ratio +# of the `-Xmx` memory as set here. The default is `25` which means 25% of the `-Xmx` +# is used as the initial heap size. You can skip this mechanism by setting this value +# to `0` in which case no `-Xms` option is added (example: "25") +# - JAVA_MAX_INITIAL_MEM: Is used when no `-Xms` option is given in JAVA_OPTS. +# This is used to calculate the maximum value of the initial heap memory. If used in +# a container without any memory constraints for the container then this option has +# no effect. If there is a memory constraint then `-Xms` is limited to the value set +# here. The default is 4096MB which means the calculated value of `-Xms` never will +# be greater than 4096MB. The value of this variable is expressed in MB (example: "4096") +# - JAVA_DIAGNOSTICS: Set this to get some diagnostics information to standard output +# when things are happening. This option, if set to true, will set +# `-XX:+UnlockDiagnosticVMOptions`. Disabled by default (example: "true"). +# - JAVA_DEBUG: If set remote debugging will be switched on. Disabled by default (example: +# true"). +# - JAVA_DEBUG_PORT: Port used for remote debugging. Defaults to 5005 (example: "8787"). +# - CONTAINER_CORE_LIMIT: A calculated core limit as described in +# https://www.kernel.org/doc/Documentation/scheduler/sched-bwc.txt. (example: "2") +# - CONTAINER_MAX_MEMORY: Memory limit given to the container (example: "1024"). +# - GC_MIN_HEAP_FREE_RATIO: Minimum percentage of heap free after GC to avoid expansion. +# (example: "20") +# - GC_MAX_HEAP_FREE_RATIO: Maximum percentage of heap free after GC to avoid shrinking. +# (example: "40") +# - GC_TIME_RATIO: Specifies the ratio of the time spent outside the garbage collection. +# (example: "4") +# - GC_ADAPTIVE_SIZE_POLICY_WEIGHT: The weighting given to the current GC time versus +# previous GC times. (example: "90") +# - GC_METASPACE_SIZE: The initial metaspace size. (example: "20") +# - GC_MAX_METASPACE_SIZE: The maximum metaspace size. (example: "100") +# - GC_CONTAINER_OPTIONS: Specify Java GC to use. The value of this variable should +# contain the necessary JRE command-line options to specify the required GC, which +# will override the default of `-XX:+UseParallelGC` (example: -XX:+UseG1GC). +# - HTTPS_PROXY: The location of the https proxy. (example: "myuser@127.0.0.1:8080") +# - HTTP_PROXY: The location of the http proxy. (example: "myuser@127.0.0.1:8080") +# - NO_PROXY: A comma separated lists of hosts, IP addresses or domains that can be +# accessed directly. (example: "foo.example.com,bar.example.com") # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/openjdk-11:1.14 + +ENV LANGUAGE='en_US:en' -ARG JAVA_PACKAGE=java-11-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.8 -ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' -# Install java and the run-java script -# Also set up permissions for user `1001` -RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ - && microdnf update \ - && microdnf clean all \ - && mkdir /deployments \ - && chown 1001 /deployments \ - && chmod "g+rwX" /deployments \ - && chown 1001:root /deployments \ - && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ - && chown 1001 /deployments/run-java.sh \ - && chmod 540 /deployments/run-java.sh \ - && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security -# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. -ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" # We make four distinct layers so if there are application changes the library layers can be re-used -COPY --chown=1001 target/quarkus-app/lib/ /deployments/lib/ -COPY --chown=1001 target/quarkus-app/*.jar /deployments/ -COPY --chown=1001 target/quarkus-app/app/ /deployments/app/ -COPY --chown=1001 target/quarkus-app/quarkus/ /deployments/quarkus/ +COPY --chown=185 target/quarkus-app/lib/ /deployments/lib/ +COPY --chown=185 target/quarkus-app/*.jar /deployments/ +COPY --chown=185 target/quarkus-app/app/ /deployments/app/ +COPY --chown=185 target/quarkus-app/quarkus/ /deployments/quarkus/ EXPOSE 8080 -USER 1001 +USER 185 +ENV AB_JOLOKIA_OFF="" +ENV JAVA_OPTS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +ENV JAVA_APP_JAR="/deployments/quarkus-run.jar" -ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/scheduler-quickstart/src/main/docker/Dockerfile.legacy-jar b/scheduler-quickstart/src/main/docker/Dockerfile.legacy-jar index 9dfb1ca08c..a7ecd3c3e9 100644 --- a/scheduler-quickstart/src/main/docker/Dockerfile.legacy-jar +++ b/scheduler-quickstart/src/main/docker/Dockerfile.legacy-jar @@ -7,45 +7,84 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/scheduler-legacy-jar . +# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/scheduler-quickstart-legacy-jar . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/scheduler-legacy-jar +# docker run -i --rm -p 8080:8080 quarkus/scheduler-quickstart-legacy-jar # # If you want to include the debug port into your docker image -# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5005 # # Then run the container using : # -# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/scheduler-legacy-jar +# docker run -i --rm -p 8080:8080 quarkus/scheduler-quickstart-legacy-jar +# +# This image uses the `run-java.sh` script to run the application. +# This scripts computes the command line to execute your Java application, and +# includes memory/GC tuning. +# You can configure the behavior using the following environment properties: +# - JAVA_OPTS: JVM options passed to the `java` command (example: "-verbose:class") +# - JAVA_OPTS_APPEND: User specified Java options to be appended to generated options +# in JAVA_OPTS (example: "-Dsome.property=foo") +# - JAVA_MAX_MEM_RATIO: Is used when no `-Xmx` option is given in JAVA_OPTS. This is +# used to calculate a default maximal heap memory based on a containers restriction. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xmx` is set to a ratio +# of the container available memory as set here. The default is `50` which means 50% +# of the available memory is used as an upper boundary. You can skip this mechanism by +# setting this value to `0` in which case no `-Xmx` option is added. +# - JAVA_INITIAL_MEM_RATIO: Is used when no `-Xms` option is given in JAVA_OPTS. This +# is used to calculate a default initial heap memory based on the maximum heap memory. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xms` is set to a ratio +# of the `-Xmx` memory as set here. The default is `25` which means 25% of the `-Xmx` +# is used as the initial heap size. You can skip this mechanism by setting this value +# to `0` in which case no `-Xms` option is added (example: "25") +# - JAVA_MAX_INITIAL_MEM: Is used when no `-Xms` option is given in JAVA_OPTS. +# This is used to calculate the maximum value of the initial heap memory. If used in +# a container without any memory constraints for the container then this option has +# no effect. If there is a memory constraint then `-Xms` is limited to the value set +# here. The default is 4096MB which means the calculated value of `-Xms` never will +# be greater than 4096MB. The value of this variable is expressed in MB (example: "4096") +# - JAVA_DIAGNOSTICS: Set this to get some diagnostics information to standard output +# when things are happening. This option, if set to true, will set +# `-XX:+UnlockDiagnosticVMOptions`. Disabled by default (example: "true"). +# - JAVA_DEBUG: If set remote debugging will be switched on. Disabled by default (example: +# true"). +# - JAVA_DEBUG_PORT: Port used for remote debugging. Defaults to 5005 (example: "8787"). +# - CONTAINER_CORE_LIMIT: A calculated core limit as described in +# https://www.kernel.org/doc/Documentation/scheduler/sched-bwc.txt. (example: "2") +# - CONTAINER_MAX_MEMORY: Memory limit given to the container (example: "1024"). +# - GC_MIN_HEAP_FREE_RATIO: Minimum percentage of heap free after GC to avoid expansion. +# (example: "20") +# - GC_MAX_HEAP_FREE_RATIO: Maximum percentage of heap free after GC to avoid shrinking. +# (example: "40") +# - GC_TIME_RATIO: Specifies the ratio of the time spent outside the garbage collection. +# (example: "4") +# - GC_ADAPTIVE_SIZE_POLICY_WEIGHT: The weighting given to the current GC time versus +# previous GC times. (example: "90") +# - GC_METASPACE_SIZE: The initial metaspace size. (example: "20") +# - GC_MAX_METASPACE_SIZE: The maximum metaspace size. (example: "100") +# - GC_CONTAINER_OPTIONS: Specify Java GC to use. The value of this variable should +# contain the necessary JRE command-line options to specify the required GC, which +# will override the default of `-XX:+UseParallelGC` (example: -XX:+UseG1GC). +# - HTTPS_PROXY: The location of the https proxy. (example: "myuser@127.0.0.1:8080") +# - HTTP_PROXY: The location of the http proxy. (example: "myuser@127.0.0.1:8080") +# - NO_PROXY: A comma separated lists of hosts, IP addresses or domains that can be +# accessed directly. (example: "foo.example.com,bar.example.com") # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/openjdk-11:1.14 + +ENV LANGUAGE='en_US:en' -ARG JAVA_PACKAGE=java-11-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.8 -ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' -# Install java and the run-java script -# Also set up permissions for user `1001` -RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ - && microdnf update \ - && microdnf clean all \ - && mkdir /deployments \ - && chown 1001 /deployments \ - && chmod "g+rwX" /deployments \ - && chown 1001:root /deployments \ - && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ - && chown 1001 /deployments/run-java.sh \ - && chmod 540 /deployments/run-java.sh \ - && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security -# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. -ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" COPY target/lib/* /deployments/lib/ -COPY target/*-runner.jar /deployments/app.jar +COPY target/*-runner.jar /deployments/quarkus-run.jar EXPOSE 8080 -USER 1001 - -ENTRYPOINT [ "/deployments/run-java.sh" ] +USER 185 +ENV AB_JOLOKIA_OFF="" +ENV JAVA_OPTS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +ENV JAVA_APP_JAR="/deployments/quarkus-run.jar" diff --git a/scheduler-quickstart/src/main/docker/Dockerfile.native b/scheduler-quickstart/src/main/docker/Dockerfile.native index ad936e28c2..74f538c054 100644 --- a/scheduler-quickstart/src/main/docker/Dockerfile.native +++ b/scheduler-quickstart/src/main/docker/Dockerfile.native @@ -1,5 +1,5 @@ #### -# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode. # # Before building the container image run: # @@ -7,14 +7,14 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native -t quarkus/scheduler . +# docker build -f src/main/docker/Dockerfile.native -t quarkus/scheduler-quickstart . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/scheduler +# docker run -i --rm -p 8080:8080 quarkus/scheduler-quickstart # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.6 WORKDIR /work/ RUN chown 1001 /work \ && chmod "g+rwX" /work \ diff --git a/scheduler-quickstart/src/main/docker/Dockerfile.native-micro b/scheduler-quickstart/src/main/docker/Dockerfile.native-micro index 8cb607f47b..ed88c77382 100644 --- a/scheduler-quickstart/src/main/docker/Dockerfile.native-micro +++ b/scheduler-quickstart/src/main/docker/Dockerfile.native-micro @@ -1,5 +1,8 @@ #### -# This Dockerfile is used in order to build a distroless container that runs the Quarkus application in native (no JVM) mode +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode. +# It uses a micro base image, tuned for Quarkus native executables. +# It reduces the size of the resulting container image. +# Check https://quarkus.io/guides/quarkus-runtime-base-image for further information about this image. # # Before building the container image run: # @@ -7,15 +10,19 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native-micro -t quarkus/scheduler . +# docker build -f src/main/docker/Dockerfile.native-micro -t quarkus/scheduler-quickstart . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/scheduler +# docker run -i --rm -p 8080:8080 quarkus/scheduler-quickstart # ### -FROM quay.io/quarkus/quarkus-micro-image:1.0 -COPY target/*-runner /application +FROM quay.io/quarkus/quarkus-micro-image:2.0 +WORKDIR /work/ +RUN chown 1001 /work \ + && chmod "g+rwX" /work \ + && chown 1001:root /work +COPY --chown=1001:root target/*-runner /work/application EXPOSE 8080 USER 1001 diff --git a/security-jdbc-quickstart/pom.xml b/security-jdbc-quickstart/pom.xml index 1e39fe2a67..001f7fd0a5 100644 --- a/security-jdbc-quickstart/pom.xml +++ b/security-jdbc-quickstart/pom.xml @@ -10,7 +10,7 @@ 3.0.0-M7 quarkus-bom io.quarkus - 999-SNAPSHOT + 2.14.0.Final UTF-8 11 11 diff --git a/security-jdbc-quickstart/src/main/docker/Dockerfile.jvm b/security-jdbc-quickstart/src/main/docker/Dockerfile.jvm index 4579dbfb5a..0fa0da7fa5 100644 --- a/security-jdbc-quickstart/src/main/docker/Dockerfile.jvm +++ b/security-jdbc-quickstart/src/main/docker/Dockerfile.jvm @@ -7,48 +7,88 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/security-jdbc-jvm . +# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/security-jdbc-quickstart-jvm . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/security-jdbc-jvm +# docker run -i --rm -p 8080:8080 quarkus/security-jdbc-quickstart-jvm # # If you want to include the debug port into your docker image -# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5005 # # Then run the container using : # -# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/security-jdbc-jvm +# docker run -i --rm -p 8080:8080 quarkus/security-jdbc-quickstart-jvm +# +# This image uses the `run-java.sh` script to run the application. +# This scripts computes the command line to execute your Java application, and +# includes memory/GC tuning. +# You can configure the behavior using the following environment properties: +# - JAVA_OPTS: JVM options passed to the `java` command (example: "-verbose:class") +# - JAVA_OPTS_APPEND: User specified Java options to be appended to generated options +# in JAVA_OPTS (example: "-Dsome.property=foo") +# - JAVA_MAX_MEM_RATIO: Is used when no `-Xmx` option is given in JAVA_OPTS. This is +# used to calculate a default maximal heap memory based on a containers restriction. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xmx` is set to a ratio +# of the container available memory as set here. The default is `50` which means 50% +# of the available memory is used as an upper boundary. You can skip this mechanism by +# setting this value to `0` in which case no `-Xmx` option is added. +# - JAVA_INITIAL_MEM_RATIO: Is used when no `-Xms` option is given in JAVA_OPTS. This +# is used to calculate a default initial heap memory based on the maximum heap memory. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xms` is set to a ratio +# of the `-Xmx` memory as set here. The default is `25` which means 25% of the `-Xmx` +# is used as the initial heap size. You can skip this mechanism by setting this value +# to `0` in which case no `-Xms` option is added (example: "25") +# - JAVA_MAX_INITIAL_MEM: Is used when no `-Xms` option is given in JAVA_OPTS. +# This is used to calculate the maximum value of the initial heap memory. If used in +# a container without any memory constraints for the container then this option has +# no effect. If there is a memory constraint then `-Xms` is limited to the value set +# here. The default is 4096MB which means the calculated value of `-Xms` never will +# be greater than 4096MB. The value of this variable is expressed in MB (example: "4096") +# - JAVA_DIAGNOSTICS: Set this to get some diagnostics information to standard output +# when things are happening. This option, if set to true, will set +# `-XX:+UnlockDiagnosticVMOptions`. Disabled by default (example: "true"). +# - JAVA_DEBUG: If set remote debugging will be switched on. Disabled by default (example: +# true"). +# - JAVA_DEBUG_PORT: Port used for remote debugging. Defaults to 5005 (example: "8787"). +# - CONTAINER_CORE_LIMIT: A calculated core limit as described in +# https://www.kernel.org/doc/Documentation/scheduler/sched-bwc.txt. (example: "2") +# - CONTAINER_MAX_MEMORY: Memory limit given to the container (example: "1024"). +# - GC_MIN_HEAP_FREE_RATIO: Minimum percentage of heap free after GC to avoid expansion. +# (example: "20") +# - GC_MAX_HEAP_FREE_RATIO: Maximum percentage of heap free after GC to avoid shrinking. +# (example: "40") +# - GC_TIME_RATIO: Specifies the ratio of the time spent outside the garbage collection. +# (example: "4") +# - GC_ADAPTIVE_SIZE_POLICY_WEIGHT: The weighting given to the current GC time versus +# previous GC times. (example: "90") +# - GC_METASPACE_SIZE: The initial metaspace size. (example: "20") +# - GC_MAX_METASPACE_SIZE: The maximum metaspace size. (example: "100") +# - GC_CONTAINER_OPTIONS: Specify Java GC to use. The value of this variable should +# contain the necessary JRE command-line options to specify the required GC, which +# will override the default of `-XX:+UseParallelGC` (example: -XX:+UseG1GC). +# - HTTPS_PROXY: The location of the https proxy. (example: "myuser@127.0.0.1:8080") +# - HTTP_PROXY: The location of the http proxy. (example: "myuser@127.0.0.1:8080") +# - NO_PROXY: A comma separated lists of hosts, IP addresses or domains that can be +# accessed directly. (example: "foo.example.com,bar.example.com") # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/openjdk-11:1.14 + +ENV LANGUAGE='en_US:en' -ARG JAVA_PACKAGE=java-11-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.8 -ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' -# Install java and the run-java script -# Also set up permissions for user `1001` -RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ - && microdnf update \ - && microdnf clean all \ - && mkdir /deployments \ - && chown 1001 /deployments \ - && chmod "g+rwX" /deployments \ - && chown 1001:root /deployments \ - && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ - && chown 1001 /deployments/run-java.sh \ - && chmod 540 /deployments/run-java.sh \ - && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security -# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. -ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" # We make four distinct layers so if there are application changes the library layers can be re-used -COPY --chown=1001 target/quarkus-app/lib/ /deployments/lib/ -COPY --chown=1001 target/quarkus-app/*.jar /deployments/ -COPY --chown=1001 target/quarkus-app/app/ /deployments/app/ -COPY --chown=1001 target/quarkus-app/quarkus/ /deployments/quarkus/ +COPY --chown=185 target/quarkus-app/lib/ /deployments/lib/ +COPY --chown=185 target/quarkus-app/*.jar /deployments/ +COPY --chown=185 target/quarkus-app/app/ /deployments/app/ +COPY --chown=185 target/quarkus-app/quarkus/ /deployments/quarkus/ EXPOSE 8080 -USER 1001 +USER 185 +ENV AB_JOLOKIA_OFF="" +ENV JAVA_OPTS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +ENV JAVA_APP_JAR="/deployments/quarkus-run.jar" -ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/security-jdbc-quickstart/src/main/docker/Dockerfile.legacy-jar b/security-jdbc-quickstart/src/main/docker/Dockerfile.legacy-jar index ffd09cf699..4bd5261ec4 100644 --- a/security-jdbc-quickstart/src/main/docker/Dockerfile.legacy-jar +++ b/security-jdbc-quickstart/src/main/docker/Dockerfile.legacy-jar @@ -7,45 +7,84 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/security-jdbc-legacy-jar . +# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/security-jdbc-quickstart-legacy-jar . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/security-jdbc-legacy-jar +# docker run -i --rm -p 8080:8080 quarkus/security-jdbc-quickstart-legacy-jar # # If you want to include the debug port into your docker image -# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5005 # # Then run the container using : # -# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/security-jdbc-legacy-jar +# docker run -i --rm -p 8080:8080 quarkus/security-jdbc-quickstart-legacy-jar +# +# This image uses the `run-java.sh` script to run the application. +# This scripts computes the command line to execute your Java application, and +# includes memory/GC tuning. +# You can configure the behavior using the following environment properties: +# - JAVA_OPTS: JVM options passed to the `java` command (example: "-verbose:class") +# - JAVA_OPTS_APPEND: User specified Java options to be appended to generated options +# in JAVA_OPTS (example: "-Dsome.property=foo") +# - JAVA_MAX_MEM_RATIO: Is used when no `-Xmx` option is given in JAVA_OPTS. This is +# used to calculate a default maximal heap memory based on a containers restriction. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xmx` is set to a ratio +# of the container available memory as set here. The default is `50` which means 50% +# of the available memory is used as an upper boundary. You can skip this mechanism by +# setting this value to `0` in which case no `-Xmx` option is added. +# - JAVA_INITIAL_MEM_RATIO: Is used when no `-Xms` option is given in JAVA_OPTS. This +# is used to calculate a default initial heap memory based on the maximum heap memory. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xms` is set to a ratio +# of the `-Xmx` memory as set here. The default is `25` which means 25% of the `-Xmx` +# is used as the initial heap size. You can skip this mechanism by setting this value +# to `0` in which case no `-Xms` option is added (example: "25") +# - JAVA_MAX_INITIAL_MEM: Is used when no `-Xms` option is given in JAVA_OPTS. +# This is used to calculate the maximum value of the initial heap memory. If used in +# a container without any memory constraints for the container then this option has +# no effect. If there is a memory constraint then `-Xms` is limited to the value set +# here. The default is 4096MB which means the calculated value of `-Xms` never will +# be greater than 4096MB. The value of this variable is expressed in MB (example: "4096") +# - JAVA_DIAGNOSTICS: Set this to get some diagnostics information to standard output +# when things are happening. This option, if set to true, will set +# `-XX:+UnlockDiagnosticVMOptions`. Disabled by default (example: "true"). +# - JAVA_DEBUG: If set remote debugging will be switched on. Disabled by default (example: +# true"). +# - JAVA_DEBUG_PORT: Port used for remote debugging. Defaults to 5005 (example: "8787"). +# - CONTAINER_CORE_LIMIT: A calculated core limit as described in +# https://www.kernel.org/doc/Documentation/scheduler/sched-bwc.txt. (example: "2") +# - CONTAINER_MAX_MEMORY: Memory limit given to the container (example: "1024"). +# - GC_MIN_HEAP_FREE_RATIO: Minimum percentage of heap free after GC to avoid expansion. +# (example: "20") +# - GC_MAX_HEAP_FREE_RATIO: Maximum percentage of heap free after GC to avoid shrinking. +# (example: "40") +# - GC_TIME_RATIO: Specifies the ratio of the time spent outside the garbage collection. +# (example: "4") +# - GC_ADAPTIVE_SIZE_POLICY_WEIGHT: The weighting given to the current GC time versus +# previous GC times. (example: "90") +# - GC_METASPACE_SIZE: The initial metaspace size. (example: "20") +# - GC_MAX_METASPACE_SIZE: The maximum metaspace size. (example: "100") +# - GC_CONTAINER_OPTIONS: Specify Java GC to use. The value of this variable should +# contain the necessary JRE command-line options to specify the required GC, which +# will override the default of `-XX:+UseParallelGC` (example: -XX:+UseG1GC). +# - HTTPS_PROXY: The location of the https proxy. (example: "myuser@127.0.0.1:8080") +# - HTTP_PROXY: The location of the http proxy. (example: "myuser@127.0.0.1:8080") +# - NO_PROXY: A comma separated lists of hosts, IP addresses or domains that can be +# accessed directly. (example: "foo.example.com,bar.example.com") # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/openjdk-11:1.14 + +ENV LANGUAGE='en_US:en' -ARG JAVA_PACKAGE=java-11-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.8 -ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' -# Install java and the run-java script -# Also set up permissions for user `1001` -RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ - && microdnf update \ - && microdnf clean all \ - && mkdir /deployments \ - && chown 1001 /deployments \ - && chmod "g+rwX" /deployments \ - && chown 1001:root /deployments \ - && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ - && chown 1001 /deployments/run-java.sh \ - && chmod 540 /deployments/run-java.sh \ - && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security -# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. -ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" COPY target/lib/* /deployments/lib/ -COPY target/*-runner.jar /deployments/app.jar +COPY target/*-runner.jar /deployments/quarkus-run.jar EXPOSE 8080 -USER 1001 - -ENTRYPOINT [ "/deployments/run-java.sh" ] +USER 185 +ENV AB_JOLOKIA_OFF="" +ENV JAVA_OPTS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +ENV JAVA_APP_JAR="/deployments/quarkus-run.jar" diff --git a/security-jdbc-quickstart/src/main/docker/Dockerfile.native b/security-jdbc-quickstart/src/main/docker/Dockerfile.native index 3288bf065d..c68a9ba19f 100644 --- a/security-jdbc-quickstart/src/main/docker/Dockerfile.native +++ b/security-jdbc-quickstart/src/main/docker/Dockerfile.native @@ -1,5 +1,5 @@ #### -# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode. # # Before building the container image run: # @@ -7,14 +7,14 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native -t quarkus/security-jdbc . +# docker build -f src/main/docker/Dockerfile.native -t quarkus/security-jdbc-quickstart . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/security-jdbc +# docker run -i --rm -p 8080:8080 quarkus/security-jdbc-quickstart # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.6 WORKDIR /work/ RUN chown 1001 /work \ && chmod "g+rwX" /work \ diff --git a/security-jdbc-quickstart/src/main/docker/Dockerfile.native-micro b/security-jdbc-quickstart/src/main/docker/Dockerfile.native-micro index 932c689703..0c28f8c862 100644 --- a/security-jdbc-quickstart/src/main/docker/Dockerfile.native-micro +++ b/security-jdbc-quickstart/src/main/docker/Dockerfile.native-micro @@ -1,5 +1,8 @@ #### -# This Dockerfile is used in order to build a distroless container that runs the Quarkus application in native (no JVM) mode +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode. +# It uses a micro base image, tuned for Quarkus native executables. +# It reduces the size of the resulting container image. +# Check https://quarkus.io/guides/quarkus-runtime-base-image for further information about this image. # # Before building the container image run: # @@ -7,15 +10,19 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native-micro -t quarkus/security-jdbc . +# docker build -f src/main/docker/Dockerfile.native-micro -t quarkus/security-jdbc-quickstart . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/security-jdbc +# docker run -i --rm -p 8080:8080 quarkus/security-jdbc-quickstart # ### -FROM quay.io/quarkus/quarkus-micro-image:1.0 -COPY target/*-runner /application +FROM quay.io/quarkus/quarkus-micro-image:2.0 +WORKDIR /work/ +RUN chown 1001 /work \ + && chmod "g+rwX" /work \ + && chown 1001:root /work +COPY --chown=1001:root target/*-runner /work/application EXPOSE 8080 USER 1001 diff --git a/security-jdbc-quickstart/src/main/resources/META-INF/resources/index.html b/security-jdbc-quickstart/src/main/resources/META-INF/resources/index.html index 4d066a87b3..66bc842712 100644 --- a/security-jdbc-quickstart/src/main/resources/META-INF/resources/index.html +++ b/security-jdbc-quickstart/src/main/resources/META-INF/resources/index.html @@ -133,7 +133,7 @@

    Application

  • GroupId: org.acme
  • ArtifactId: using-elytron-security-jdbc
  • Version: 1.0.0-SNAPSHOT
  • -
  • Quarkus Version: 999-SNAPSHOT
  • +
  • Quarkus Version: 2.14.0.Final
  • diff --git a/security-jpa-quickstart/pom.xml b/security-jpa-quickstart/pom.xml index b75728c1b7..8d33d3678f 100644 --- a/security-jpa-quickstart/pom.xml +++ b/security-jpa-quickstart/pom.xml @@ -8,7 +8,7 @@ quarkus-bom io.quarkus - 999-SNAPSHOT + 2.14.0.Final 3.8.1 3.0.0-M7 11 diff --git a/security-jpa-quickstart/src/main/docker/Dockerfile.jvm b/security-jpa-quickstart/src/main/docker/Dockerfile.jvm index 98f12be1c1..58561fabb9 100644 --- a/security-jpa-quickstart/src/main/docker/Dockerfile.jvm +++ b/security-jpa-quickstart/src/main/docker/Dockerfile.jvm @@ -7,48 +7,88 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/security-jpa-jvm . +# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/security-jpa-quickstart-jvm . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/security-jpa-jvm +# docker run -i --rm -p 8080:8080 quarkus/security-jpa-quickstart-jvm # # If you want to include the debug port into your docker image -# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5005 # # Then run the container using : # -# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/security-jpa-jvm +# docker run -i --rm -p 8080:8080 quarkus/security-jpa-quickstart-jvm +# +# This image uses the `run-java.sh` script to run the application. +# This scripts computes the command line to execute your Java application, and +# includes memory/GC tuning. +# You can configure the behavior using the following environment properties: +# - JAVA_OPTS: JVM options passed to the `java` command (example: "-verbose:class") +# - JAVA_OPTS_APPEND: User specified Java options to be appended to generated options +# in JAVA_OPTS (example: "-Dsome.property=foo") +# - JAVA_MAX_MEM_RATIO: Is used when no `-Xmx` option is given in JAVA_OPTS. This is +# used to calculate a default maximal heap memory based on a containers restriction. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xmx` is set to a ratio +# of the container available memory as set here. The default is `50` which means 50% +# of the available memory is used as an upper boundary. You can skip this mechanism by +# setting this value to `0` in which case no `-Xmx` option is added. +# - JAVA_INITIAL_MEM_RATIO: Is used when no `-Xms` option is given in JAVA_OPTS. This +# is used to calculate a default initial heap memory based on the maximum heap memory. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xms` is set to a ratio +# of the `-Xmx` memory as set here. The default is `25` which means 25% of the `-Xmx` +# is used as the initial heap size. You can skip this mechanism by setting this value +# to `0` in which case no `-Xms` option is added (example: "25") +# - JAVA_MAX_INITIAL_MEM: Is used when no `-Xms` option is given in JAVA_OPTS. +# This is used to calculate the maximum value of the initial heap memory. If used in +# a container without any memory constraints for the container then this option has +# no effect. If there is a memory constraint then `-Xms` is limited to the value set +# here. The default is 4096MB which means the calculated value of `-Xms` never will +# be greater than 4096MB. The value of this variable is expressed in MB (example: "4096") +# - JAVA_DIAGNOSTICS: Set this to get some diagnostics information to standard output +# when things are happening. This option, if set to true, will set +# `-XX:+UnlockDiagnosticVMOptions`. Disabled by default (example: "true"). +# - JAVA_DEBUG: If set remote debugging will be switched on. Disabled by default (example: +# true"). +# - JAVA_DEBUG_PORT: Port used for remote debugging. Defaults to 5005 (example: "8787"). +# - CONTAINER_CORE_LIMIT: A calculated core limit as described in +# https://www.kernel.org/doc/Documentation/scheduler/sched-bwc.txt. (example: "2") +# - CONTAINER_MAX_MEMORY: Memory limit given to the container (example: "1024"). +# - GC_MIN_HEAP_FREE_RATIO: Minimum percentage of heap free after GC to avoid expansion. +# (example: "20") +# - GC_MAX_HEAP_FREE_RATIO: Maximum percentage of heap free after GC to avoid shrinking. +# (example: "40") +# - GC_TIME_RATIO: Specifies the ratio of the time spent outside the garbage collection. +# (example: "4") +# - GC_ADAPTIVE_SIZE_POLICY_WEIGHT: The weighting given to the current GC time versus +# previous GC times. (example: "90") +# - GC_METASPACE_SIZE: The initial metaspace size. (example: "20") +# - GC_MAX_METASPACE_SIZE: The maximum metaspace size. (example: "100") +# - GC_CONTAINER_OPTIONS: Specify Java GC to use. The value of this variable should +# contain the necessary JRE command-line options to specify the required GC, which +# will override the default of `-XX:+UseParallelGC` (example: -XX:+UseG1GC). +# - HTTPS_PROXY: The location of the https proxy. (example: "myuser@127.0.0.1:8080") +# - HTTP_PROXY: The location of the http proxy. (example: "myuser@127.0.0.1:8080") +# - NO_PROXY: A comma separated lists of hosts, IP addresses or domains that can be +# accessed directly. (example: "foo.example.com,bar.example.com") # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/openjdk-11:1.14 + +ENV LANGUAGE='en_US:en' -ARG JAVA_PACKAGE=java-11-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.8 -ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' -# Install java and the run-java script -# Also set up permissions for user `1001` -RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ - && microdnf update \ - && microdnf clean all \ - && mkdir /deployments \ - && chown 1001 /deployments \ - && chmod "g+rwX" /deployments \ - && chown 1001:root /deployments \ - && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ - && chown 1001 /deployments/run-java.sh \ - && chmod 540 /deployments/run-java.sh \ - && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security -# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. -ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" # We make four distinct layers so if there are application changes the library layers can be re-used -COPY --chown=1001 target/quarkus-app/lib/ /deployments/lib/ -COPY --chown=1001 target/quarkus-app/*.jar /deployments/ -COPY --chown=1001 target/quarkus-app/app/ /deployments/app/ -COPY --chown=1001 target/quarkus-app/quarkus/ /deployments/quarkus/ +COPY --chown=185 target/quarkus-app/lib/ /deployments/lib/ +COPY --chown=185 target/quarkus-app/*.jar /deployments/ +COPY --chown=185 target/quarkus-app/app/ /deployments/app/ +COPY --chown=185 target/quarkus-app/quarkus/ /deployments/quarkus/ EXPOSE 8080 -USER 1001 +USER 185 +ENV AB_JOLOKIA_OFF="" +ENV JAVA_OPTS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +ENV JAVA_APP_JAR="/deployments/quarkus-run.jar" -ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/security-jpa-quickstart/src/main/docker/Dockerfile.legacy-jar b/security-jpa-quickstart/src/main/docker/Dockerfile.legacy-jar index 420946d827..7378d7be46 100644 --- a/security-jpa-quickstart/src/main/docker/Dockerfile.legacy-jar +++ b/security-jpa-quickstart/src/main/docker/Dockerfile.legacy-jar @@ -7,45 +7,84 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/security-jpa-legacy-jar . +# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/security-jpa-quickstart-legacy-jar . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/security-jpa-legacy-jar +# docker run -i --rm -p 8080:8080 quarkus/security-jpa-quickstart-legacy-jar # # If you want to include the debug port into your docker image -# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5005 # # Then run the container using : # -# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/security-jpa-legacy-jar +# docker run -i --rm -p 8080:8080 quarkus/security-jpa-quickstart-legacy-jar +# +# This image uses the `run-java.sh` script to run the application. +# This scripts computes the command line to execute your Java application, and +# includes memory/GC tuning. +# You can configure the behavior using the following environment properties: +# - JAVA_OPTS: JVM options passed to the `java` command (example: "-verbose:class") +# - JAVA_OPTS_APPEND: User specified Java options to be appended to generated options +# in JAVA_OPTS (example: "-Dsome.property=foo") +# - JAVA_MAX_MEM_RATIO: Is used when no `-Xmx` option is given in JAVA_OPTS. This is +# used to calculate a default maximal heap memory based on a containers restriction. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xmx` is set to a ratio +# of the container available memory as set here. The default is `50` which means 50% +# of the available memory is used as an upper boundary. You can skip this mechanism by +# setting this value to `0` in which case no `-Xmx` option is added. +# - JAVA_INITIAL_MEM_RATIO: Is used when no `-Xms` option is given in JAVA_OPTS. This +# is used to calculate a default initial heap memory based on the maximum heap memory. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xms` is set to a ratio +# of the `-Xmx` memory as set here. The default is `25` which means 25% of the `-Xmx` +# is used as the initial heap size. You can skip this mechanism by setting this value +# to `0` in which case no `-Xms` option is added (example: "25") +# - JAVA_MAX_INITIAL_MEM: Is used when no `-Xms` option is given in JAVA_OPTS. +# This is used to calculate the maximum value of the initial heap memory. If used in +# a container without any memory constraints for the container then this option has +# no effect. If there is a memory constraint then `-Xms` is limited to the value set +# here. The default is 4096MB which means the calculated value of `-Xms` never will +# be greater than 4096MB. The value of this variable is expressed in MB (example: "4096") +# - JAVA_DIAGNOSTICS: Set this to get some diagnostics information to standard output +# when things are happening. This option, if set to true, will set +# `-XX:+UnlockDiagnosticVMOptions`. Disabled by default (example: "true"). +# - JAVA_DEBUG: If set remote debugging will be switched on. Disabled by default (example: +# true"). +# - JAVA_DEBUG_PORT: Port used for remote debugging. Defaults to 5005 (example: "8787"). +# - CONTAINER_CORE_LIMIT: A calculated core limit as described in +# https://www.kernel.org/doc/Documentation/scheduler/sched-bwc.txt. (example: "2") +# - CONTAINER_MAX_MEMORY: Memory limit given to the container (example: "1024"). +# - GC_MIN_HEAP_FREE_RATIO: Minimum percentage of heap free after GC to avoid expansion. +# (example: "20") +# - GC_MAX_HEAP_FREE_RATIO: Maximum percentage of heap free after GC to avoid shrinking. +# (example: "40") +# - GC_TIME_RATIO: Specifies the ratio of the time spent outside the garbage collection. +# (example: "4") +# - GC_ADAPTIVE_SIZE_POLICY_WEIGHT: The weighting given to the current GC time versus +# previous GC times. (example: "90") +# - GC_METASPACE_SIZE: The initial metaspace size. (example: "20") +# - GC_MAX_METASPACE_SIZE: The maximum metaspace size. (example: "100") +# - GC_CONTAINER_OPTIONS: Specify Java GC to use. The value of this variable should +# contain the necessary JRE command-line options to specify the required GC, which +# will override the default of `-XX:+UseParallelGC` (example: -XX:+UseG1GC). +# - HTTPS_PROXY: The location of the https proxy. (example: "myuser@127.0.0.1:8080") +# - HTTP_PROXY: The location of the http proxy. (example: "myuser@127.0.0.1:8080") +# - NO_PROXY: A comma separated lists of hosts, IP addresses or domains that can be +# accessed directly. (example: "foo.example.com,bar.example.com") # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/openjdk-11:1.14 + +ENV LANGUAGE='en_US:en' -ARG JAVA_PACKAGE=java-11-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.8 -ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' -# Install java and the run-java script -# Also set up permissions for user `1001` -RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ - && microdnf update \ - && microdnf clean all \ - && mkdir /deployments \ - && chown 1001 /deployments \ - && chmod "g+rwX" /deployments \ - && chown 1001:root /deployments \ - && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ - && chown 1001 /deployments/run-java.sh \ - && chmod 540 /deployments/run-java.sh \ - && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security -# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. -ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" COPY target/lib/* /deployments/lib/ -COPY target/*-runner.jar /deployments/app.jar +COPY target/*-runner.jar /deployments/quarkus-run.jar EXPOSE 8080 -USER 1001 - -ENTRYPOINT [ "/deployments/run-java.sh" ] +USER 185 +ENV AB_JOLOKIA_OFF="" +ENV JAVA_OPTS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +ENV JAVA_APP_JAR="/deployments/quarkus-run.jar" diff --git a/security-jpa-quickstart/src/main/docker/Dockerfile.native b/security-jpa-quickstart/src/main/docker/Dockerfile.native index 5e0dd433a2..7edfed4da8 100644 --- a/security-jpa-quickstart/src/main/docker/Dockerfile.native +++ b/security-jpa-quickstart/src/main/docker/Dockerfile.native @@ -1,5 +1,5 @@ #### -# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode. # # Before building the container image run: # @@ -7,14 +7,14 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native -t quarkus/security-jpa . +# docker build -f src/main/docker/Dockerfile.native -t quarkus/security-jpa-quickstart . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/security-jpa +# docker run -i --rm -p 8080:8080 quarkus/security-jpa-quickstart # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.6 WORKDIR /work/ RUN chown 1001 /work \ && chmod "g+rwX" /work \ diff --git a/security-jpa-quickstart/src/main/docker/Dockerfile.native-micro b/security-jpa-quickstart/src/main/docker/Dockerfile.native-micro index 1b74dc3332..387e7fd185 100644 --- a/security-jpa-quickstart/src/main/docker/Dockerfile.native-micro +++ b/security-jpa-quickstart/src/main/docker/Dockerfile.native-micro @@ -1,5 +1,8 @@ #### -# This Dockerfile is used in order to build a distroless container that runs the Quarkus application in native (no JVM) mode +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode. +# It uses a micro base image, tuned for Quarkus native executables. +# It reduces the size of the resulting container image. +# Check https://quarkus.io/guides/quarkus-runtime-base-image for further information about this image. # # Before building the container image run: # @@ -7,15 +10,19 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native-micro -t quarkus/security-jpa . +# docker build -f src/main/docker/Dockerfile.native-micro -t quarkus/security-jpa-quickstart . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/security-jpa +# docker run -i --rm -p 8080:8080 quarkus/security-jpa-quickstart # ### -FROM quay.io/quarkus/quarkus-micro-image:1.0 -COPY target/*-runner /application +FROM quay.io/quarkus/quarkus-micro-image:2.0 +WORKDIR /work/ +RUN chown 1001 /work \ + && chmod "g+rwX" /work \ + && chown 1001:root /work +COPY --chown=1001:root target/*-runner /work/application EXPOSE 8080 USER 1001 diff --git a/security-jpa-quickstart/src/main/resources/META-INF/resources/index.html b/security-jpa-quickstart/src/main/resources/META-INF/resources/index.html index e982993984..536718e3a9 100644 --- a/security-jpa-quickstart/src/main/resources/META-INF/resources/index.html +++ b/security-jpa-quickstart/src/main/resources/META-INF/resources/index.html @@ -133,7 +133,7 @@

    Application

  • GroupId: org.acme
  • ArtifactId: using-elytron-security-jdbc
  • Version: 1.0.0-SNAPSHOT
  • -
  • Quarkus Version: 999-SNAPSHOT
  • +
  • Quarkus Version: 2.14.0.Final
  • diff --git a/security-jwt-quickstart/pom.xml b/security-jwt-quickstart/pom.xml index 9a8d51d67c..9e4e23683c 100644 --- a/security-jwt-quickstart/pom.xml +++ b/security-jwt-quickstart/pom.xml @@ -9,7 +9,7 @@ 3.0.0-M7 quarkus-bom io.quarkus - 999-SNAPSHOT + 2.14.0.Final UTF-8 11 11 diff --git a/security-jwt-quickstart/src/main/docker/Dockerfile.jvm b/security-jwt-quickstart/src/main/docker/Dockerfile.jvm index df6cdb39a4..203e30b149 100644 --- a/security-jwt-quickstart/src/main/docker/Dockerfile.jvm +++ b/security-jwt-quickstart/src/main/docker/Dockerfile.jvm @@ -7,48 +7,88 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/security-jwt-jvm . +# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/security-jwt-quickstart-jvm . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/security-jwt-jvm +# docker run -i --rm -p 8080:8080 quarkus/security-jwt-quickstart-jvm # # If you want to include the debug port into your docker image -# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5005 # # Then run the container using : # -# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/security-jwt-jvm +# docker run -i --rm -p 8080:8080 quarkus/security-jwt-quickstart-jvm +# +# This image uses the `run-java.sh` script to run the application. +# This scripts computes the command line to execute your Java application, and +# includes memory/GC tuning. +# You can configure the behavior using the following environment properties: +# - JAVA_OPTS: JVM options passed to the `java` command (example: "-verbose:class") +# - JAVA_OPTS_APPEND: User specified Java options to be appended to generated options +# in JAVA_OPTS (example: "-Dsome.property=foo") +# - JAVA_MAX_MEM_RATIO: Is used when no `-Xmx` option is given in JAVA_OPTS. This is +# used to calculate a default maximal heap memory based on a containers restriction. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xmx` is set to a ratio +# of the container available memory as set here. The default is `50` which means 50% +# of the available memory is used as an upper boundary. You can skip this mechanism by +# setting this value to `0` in which case no `-Xmx` option is added. +# - JAVA_INITIAL_MEM_RATIO: Is used when no `-Xms` option is given in JAVA_OPTS. This +# is used to calculate a default initial heap memory based on the maximum heap memory. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xms` is set to a ratio +# of the `-Xmx` memory as set here. The default is `25` which means 25% of the `-Xmx` +# is used as the initial heap size. You can skip this mechanism by setting this value +# to `0` in which case no `-Xms` option is added (example: "25") +# - JAVA_MAX_INITIAL_MEM: Is used when no `-Xms` option is given in JAVA_OPTS. +# This is used to calculate the maximum value of the initial heap memory. If used in +# a container without any memory constraints for the container then this option has +# no effect. If there is a memory constraint then `-Xms` is limited to the value set +# here. The default is 4096MB which means the calculated value of `-Xms` never will +# be greater than 4096MB. The value of this variable is expressed in MB (example: "4096") +# - JAVA_DIAGNOSTICS: Set this to get some diagnostics information to standard output +# when things are happening. This option, if set to true, will set +# `-XX:+UnlockDiagnosticVMOptions`. Disabled by default (example: "true"). +# - JAVA_DEBUG: If set remote debugging will be switched on. Disabled by default (example: +# true"). +# - JAVA_DEBUG_PORT: Port used for remote debugging. Defaults to 5005 (example: "8787"). +# - CONTAINER_CORE_LIMIT: A calculated core limit as described in +# https://www.kernel.org/doc/Documentation/scheduler/sched-bwc.txt. (example: "2") +# - CONTAINER_MAX_MEMORY: Memory limit given to the container (example: "1024"). +# - GC_MIN_HEAP_FREE_RATIO: Minimum percentage of heap free after GC to avoid expansion. +# (example: "20") +# - GC_MAX_HEAP_FREE_RATIO: Maximum percentage of heap free after GC to avoid shrinking. +# (example: "40") +# - GC_TIME_RATIO: Specifies the ratio of the time spent outside the garbage collection. +# (example: "4") +# - GC_ADAPTIVE_SIZE_POLICY_WEIGHT: The weighting given to the current GC time versus +# previous GC times. (example: "90") +# - GC_METASPACE_SIZE: The initial metaspace size. (example: "20") +# - GC_MAX_METASPACE_SIZE: The maximum metaspace size. (example: "100") +# - GC_CONTAINER_OPTIONS: Specify Java GC to use. The value of this variable should +# contain the necessary JRE command-line options to specify the required GC, which +# will override the default of `-XX:+UseParallelGC` (example: -XX:+UseG1GC). +# - HTTPS_PROXY: The location of the https proxy. (example: "myuser@127.0.0.1:8080") +# - HTTP_PROXY: The location of the http proxy. (example: "myuser@127.0.0.1:8080") +# - NO_PROXY: A comma separated lists of hosts, IP addresses or domains that can be +# accessed directly. (example: "foo.example.com,bar.example.com") # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/openjdk-11:1.14 + +ENV LANGUAGE='en_US:en' -ARG JAVA_PACKAGE=java-11-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.8 -ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' -# Install java and the run-java script -# Also set up permissions for user `1001` -RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ - && microdnf update \ - && microdnf clean all \ - && mkdir /deployments \ - && chown 1001 /deployments \ - && chmod "g+rwX" /deployments \ - && chown 1001:root /deployments \ - && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ - && chown 1001 /deployments/run-java.sh \ - && chmod 540 /deployments/run-java.sh \ - && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security -# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. -ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" # We make four distinct layers so if there are application changes the library layers can be re-used -COPY --chown=1001 target/quarkus-app/lib/ /deployments/lib/ -COPY --chown=1001 target/quarkus-app/*.jar /deployments/ -COPY --chown=1001 target/quarkus-app/app/ /deployments/app/ -COPY --chown=1001 target/quarkus-app/quarkus/ /deployments/quarkus/ +COPY --chown=185 target/quarkus-app/lib/ /deployments/lib/ +COPY --chown=185 target/quarkus-app/*.jar /deployments/ +COPY --chown=185 target/quarkus-app/app/ /deployments/app/ +COPY --chown=185 target/quarkus-app/quarkus/ /deployments/quarkus/ EXPOSE 8080 -USER 1001 +USER 185 +ENV AB_JOLOKIA_OFF="" +ENV JAVA_OPTS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +ENV JAVA_APP_JAR="/deployments/quarkus-run.jar" -ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/security-jwt-quickstart/src/main/docker/Dockerfile.legacy-jar b/security-jwt-quickstart/src/main/docker/Dockerfile.legacy-jar index 9e874c0dfd..35e6410f90 100644 --- a/security-jwt-quickstart/src/main/docker/Dockerfile.legacy-jar +++ b/security-jwt-quickstart/src/main/docker/Dockerfile.legacy-jar @@ -7,45 +7,84 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/security-jwt-legacy-jar . +# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/security-jwt-quickstart-legacy-jar . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/security-jwt-legacy-jar +# docker run -i --rm -p 8080:8080 quarkus/security-jwt-quickstart-legacy-jar # # If you want to include the debug port into your docker image -# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5005 # # Then run the container using : # -# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/security-jwt-legacy-jar +# docker run -i --rm -p 8080:8080 quarkus/security-jwt-quickstart-legacy-jar +# +# This image uses the `run-java.sh` script to run the application. +# This scripts computes the command line to execute your Java application, and +# includes memory/GC tuning. +# You can configure the behavior using the following environment properties: +# - JAVA_OPTS: JVM options passed to the `java` command (example: "-verbose:class") +# - JAVA_OPTS_APPEND: User specified Java options to be appended to generated options +# in JAVA_OPTS (example: "-Dsome.property=foo") +# - JAVA_MAX_MEM_RATIO: Is used when no `-Xmx` option is given in JAVA_OPTS. This is +# used to calculate a default maximal heap memory based on a containers restriction. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xmx` is set to a ratio +# of the container available memory as set here. The default is `50` which means 50% +# of the available memory is used as an upper boundary. You can skip this mechanism by +# setting this value to `0` in which case no `-Xmx` option is added. +# - JAVA_INITIAL_MEM_RATIO: Is used when no `-Xms` option is given in JAVA_OPTS. This +# is used to calculate a default initial heap memory based on the maximum heap memory. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xms` is set to a ratio +# of the `-Xmx` memory as set here. The default is `25` which means 25% of the `-Xmx` +# is used as the initial heap size. You can skip this mechanism by setting this value +# to `0` in which case no `-Xms` option is added (example: "25") +# - JAVA_MAX_INITIAL_MEM: Is used when no `-Xms` option is given in JAVA_OPTS. +# This is used to calculate the maximum value of the initial heap memory. If used in +# a container without any memory constraints for the container then this option has +# no effect. If there is a memory constraint then `-Xms` is limited to the value set +# here. The default is 4096MB which means the calculated value of `-Xms` never will +# be greater than 4096MB. The value of this variable is expressed in MB (example: "4096") +# - JAVA_DIAGNOSTICS: Set this to get some diagnostics information to standard output +# when things are happening. This option, if set to true, will set +# `-XX:+UnlockDiagnosticVMOptions`. Disabled by default (example: "true"). +# - JAVA_DEBUG: If set remote debugging will be switched on. Disabled by default (example: +# true"). +# - JAVA_DEBUG_PORT: Port used for remote debugging. Defaults to 5005 (example: "8787"). +# - CONTAINER_CORE_LIMIT: A calculated core limit as described in +# https://www.kernel.org/doc/Documentation/scheduler/sched-bwc.txt. (example: "2") +# - CONTAINER_MAX_MEMORY: Memory limit given to the container (example: "1024"). +# - GC_MIN_HEAP_FREE_RATIO: Minimum percentage of heap free after GC to avoid expansion. +# (example: "20") +# - GC_MAX_HEAP_FREE_RATIO: Maximum percentage of heap free after GC to avoid shrinking. +# (example: "40") +# - GC_TIME_RATIO: Specifies the ratio of the time spent outside the garbage collection. +# (example: "4") +# - GC_ADAPTIVE_SIZE_POLICY_WEIGHT: The weighting given to the current GC time versus +# previous GC times. (example: "90") +# - GC_METASPACE_SIZE: The initial metaspace size. (example: "20") +# - GC_MAX_METASPACE_SIZE: The maximum metaspace size. (example: "100") +# - GC_CONTAINER_OPTIONS: Specify Java GC to use. The value of this variable should +# contain the necessary JRE command-line options to specify the required GC, which +# will override the default of `-XX:+UseParallelGC` (example: -XX:+UseG1GC). +# - HTTPS_PROXY: The location of the https proxy. (example: "myuser@127.0.0.1:8080") +# - HTTP_PROXY: The location of the http proxy. (example: "myuser@127.0.0.1:8080") +# - NO_PROXY: A comma separated lists of hosts, IP addresses or domains that can be +# accessed directly. (example: "foo.example.com,bar.example.com") # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/openjdk-11:1.14 + +ENV LANGUAGE='en_US:en' -ARG JAVA_PACKAGE=java-11-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.8 -ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' -# Install java and the run-java script -# Also set up permissions for user `1001` -RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ - && microdnf update \ - && microdnf clean all \ - && mkdir /deployments \ - && chown 1001 /deployments \ - && chmod "g+rwX" /deployments \ - && chown 1001:root /deployments \ - && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ - && chown 1001 /deployments/run-java.sh \ - && chmod 540 /deployments/run-java.sh \ - && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security -# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. -ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" COPY target/lib/* /deployments/lib/ -COPY target/*-runner.jar /deployments/app.jar +COPY target/*-runner.jar /deployments/quarkus-run.jar EXPOSE 8080 -USER 1001 - -ENTRYPOINT [ "/deployments/run-java.sh" ] +USER 185 +ENV AB_JOLOKIA_OFF="" +ENV JAVA_OPTS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +ENV JAVA_APP_JAR="/deployments/quarkus-run.jar" diff --git a/security-jwt-quickstart/src/main/docker/Dockerfile.native b/security-jwt-quickstart/src/main/docker/Dockerfile.native index 4bb990be6e..db11de01bb 100644 --- a/security-jwt-quickstart/src/main/docker/Dockerfile.native +++ b/security-jwt-quickstart/src/main/docker/Dockerfile.native @@ -1,5 +1,5 @@ #### -# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode. # # Before building the container image run: # @@ -7,14 +7,14 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native -t quarkus/security-jwt . +# docker build -f src/main/docker/Dockerfile.native -t quarkus/security-jwt-quickstart . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/security-jwt +# docker run -i --rm -p 8080:8080 quarkus/security-jwt-quickstart # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.6 WORKDIR /work/ RUN chown 1001 /work \ && chmod "g+rwX" /work \ diff --git a/security-jwt-quickstart/src/main/docker/Dockerfile.native-micro b/security-jwt-quickstart/src/main/docker/Dockerfile.native-micro index dbc1edf979..f9b697fc15 100644 --- a/security-jwt-quickstart/src/main/docker/Dockerfile.native-micro +++ b/security-jwt-quickstart/src/main/docker/Dockerfile.native-micro @@ -1,5 +1,8 @@ #### -# This Dockerfile is used in order to build a distroless container that runs the Quarkus application in native (no JVM) mode +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode. +# It uses a micro base image, tuned for Quarkus native executables. +# It reduces the size of the resulting container image. +# Check https://quarkus.io/guides/quarkus-runtime-base-image for further information about this image. # # Before building the container image run: # @@ -7,15 +10,19 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native-micro -t quarkus/security-jwt . +# docker build -f src/main/docker/Dockerfile.native-micro -t quarkus/security-jwt-quickstart . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/security-jwt +# docker run -i --rm -p 8080:8080 quarkus/security-jwt-quickstart # ### -FROM quay.io/quarkus/quarkus-micro-image:1.0 -COPY target/*-runner /application +FROM quay.io/quarkus/quarkus-micro-image:2.0 +WORKDIR /work/ +RUN chown 1001 /work \ + && chmod "g+rwX" /work \ + && chown 1001:root /work +COPY --chown=1001:root target/*-runner /work/application EXPOSE 8080 USER 1001 diff --git a/security-jwt-quickstart/src/main/resources/META-INF/resources/index.html b/security-jwt-quickstart/src/main/resources/META-INF/resources/index.html index 4b8d2ffe74..dab3bc720f 100644 --- a/security-jwt-quickstart/src/main/resources/META-INF/resources/index.html +++ b/security-jwt-quickstart/src/main/resources/META-INF/resources/index.html @@ -133,7 +133,7 @@

    Application

  • GroupId: org.acme
  • ArtifactId: using-jwt-rbac
  • Version: 1.0.0-SNAPSHOT
  • -
  • Quarkus Version: 999-SNAPSHOT
  • +
  • Quarkus Version: 2.14.0.Final
  • diff --git a/security-keycloak-authorization-quickstart/pom.xml b/security-keycloak-authorization-quickstart/pom.xml index 995b055ee8..4d06c2310e 100644 --- a/security-keycloak-authorization-quickstart/pom.xml +++ b/security-keycloak-authorization-quickstart/pom.xml @@ -12,7 +12,7 @@ quarkus-bom io.quarkus - 999-SNAPSHOT + 2.14.0.Final 3.0.0-M7 11 11 diff --git a/security-keycloak-authorization-quickstart/src/main/docker/Dockerfile.jvm b/security-keycloak-authorization-quickstart/src/main/docker/Dockerfile.jvm index 1d54df5ea3..1f972614c9 100644 --- a/security-keycloak-authorization-quickstart/src/main/docker/Dockerfile.jvm +++ b/security-keycloak-authorization-quickstart/src/main/docker/Dockerfile.jvm @@ -7,48 +7,88 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/security-keycloak-authorization-jvm . +# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/security-keycloak-authorization-quickstart-jvm . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/security-keycloak-authorization-jvm +# docker run -i --rm -p 8080:8080 quarkus/security-keycloak-authorization-quickstart-jvm # # If you want to include the debug port into your docker image -# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5005 # # Then run the container using : # -# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/security-keycloak-authorization-jvm +# docker run -i --rm -p 8080:8080 quarkus/security-keycloak-authorization-quickstart-jvm +# +# This image uses the `run-java.sh` script to run the application. +# This scripts computes the command line to execute your Java application, and +# includes memory/GC tuning. +# You can configure the behavior using the following environment properties: +# - JAVA_OPTS: JVM options passed to the `java` command (example: "-verbose:class") +# - JAVA_OPTS_APPEND: User specified Java options to be appended to generated options +# in JAVA_OPTS (example: "-Dsome.property=foo") +# - JAVA_MAX_MEM_RATIO: Is used when no `-Xmx` option is given in JAVA_OPTS. This is +# used to calculate a default maximal heap memory based on a containers restriction. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xmx` is set to a ratio +# of the container available memory as set here. The default is `50` which means 50% +# of the available memory is used as an upper boundary. You can skip this mechanism by +# setting this value to `0` in which case no `-Xmx` option is added. +# - JAVA_INITIAL_MEM_RATIO: Is used when no `-Xms` option is given in JAVA_OPTS. This +# is used to calculate a default initial heap memory based on the maximum heap memory. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xms` is set to a ratio +# of the `-Xmx` memory as set here. The default is `25` which means 25% of the `-Xmx` +# is used as the initial heap size. You can skip this mechanism by setting this value +# to `0` in which case no `-Xms` option is added (example: "25") +# - JAVA_MAX_INITIAL_MEM: Is used when no `-Xms` option is given in JAVA_OPTS. +# This is used to calculate the maximum value of the initial heap memory. If used in +# a container without any memory constraints for the container then this option has +# no effect. If there is a memory constraint then `-Xms` is limited to the value set +# here. The default is 4096MB which means the calculated value of `-Xms` never will +# be greater than 4096MB. The value of this variable is expressed in MB (example: "4096") +# - JAVA_DIAGNOSTICS: Set this to get some diagnostics information to standard output +# when things are happening. This option, if set to true, will set +# `-XX:+UnlockDiagnosticVMOptions`. Disabled by default (example: "true"). +# - JAVA_DEBUG: If set remote debugging will be switched on. Disabled by default (example: +# true"). +# - JAVA_DEBUG_PORT: Port used for remote debugging. Defaults to 5005 (example: "8787"). +# - CONTAINER_CORE_LIMIT: A calculated core limit as described in +# https://www.kernel.org/doc/Documentation/scheduler/sched-bwc.txt. (example: "2") +# - CONTAINER_MAX_MEMORY: Memory limit given to the container (example: "1024"). +# - GC_MIN_HEAP_FREE_RATIO: Minimum percentage of heap free after GC to avoid expansion. +# (example: "20") +# - GC_MAX_HEAP_FREE_RATIO: Maximum percentage of heap free after GC to avoid shrinking. +# (example: "40") +# - GC_TIME_RATIO: Specifies the ratio of the time spent outside the garbage collection. +# (example: "4") +# - GC_ADAPTIVE_SIZE_POLICY_WEIGHT: The weighting given to the current GC time versus +# previous GC times. (example: "90") +# - GC_METASPACE_SIZE: The initial metaspace size. (example: "20") +# - GC_MAX_METASPACE_SIZE: The maximum metaspace size. (example: "100") +# - GC_CONTAINER_OPTIONS: Specify Java GC to use. The value of this variable should +# contain the necessary JRE command-line options to specify the required GC, which +# will override the default of `-XX:+UseParallelGC` (example: -XX:+UseG1GC). +# - HTTPS_PROXY: The location of the https proxy. (example: "myuser@127.0.0.1:8080") +# - HTTP_PROXY: The location of the http proxy. (example: "myuser@127.0.0.1:8080") +# - NO_PROXY: A comma separated lists of hosts, IP addresses or domains that can be +# accessed directly. (example: "foo.example.com,bar.example.com") # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/openjdk-11:1.14 + +ENV LANGUAGE='en_US:en' -ARG JAVA_PACKAGE=java-11-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.8 -ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' -# Install java and the run-java script -# Also set up permissions for user `1001` -RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ - && microdnf update \ - && microdnf clean all \ - && mkdir /deployments \ - && chown 1001 /deployments \ - && chmod "g+rwX" /deployments \ - && chown 1001:root /deployments \ - && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ - && chown 1001 /deployments/run-java.sh \ - && chmod 540 /deployments/run-java.sh \ - && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security -# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. -ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" # We make four distinct layers so if there are application changes the library layers can be re-used -COPY --chown=1001 target/quarkus-app/lib/ /deployments/lib/ -COPY --chown=1001 target/quarkus-app/*.jar /deployments/ -COPY --chown=1001 target/quarkus-app/app/ /deployments/app/ -COPY --chown=1001 target/quarkus-app/quarkus/ /deployments/quarkus/ +COPY --chown=185 target/quarkus-app/lib/ /deployments/lib/ +COPY --chown=185 target/quarkus-app/*.jar /deployments/ +COPY --chown=185 target/quarkus-app/app/ /deployments/app/ +COPY --chown=185 target/quarkus-app/quarkus/ /deployments/quarkus/ EXPOSE 8080 -USER 1001 +USER 185 +ENV AB_JOLOKIA_OFF="" +ENV JAVA_OPTS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +ENV JAVA_APP_JAR="/deployments/quarkus-run.jar" -ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/security-keycloak-authorization-quickstart/src/main/docker/Dockerfile.legacy-jar b/security-keycloak-authorization-quickstart/src/main/docker/Dockerfile.legacy-jar index fdb0863d48..58ef6ae4ae 100644 --- a/security-keycloak-authorization-quickstart/src/main/docker/Dockerfile.legacy-jar +++ b/security-keycloak-authorization-quickstart/src/main/docker/Dockerfile.legacy-jar @@ -7,45 +7,84 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/security-keycloak-authorization-legacy-jar . +# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/security-keycloak-authorization-quickstart-legacy-jar . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/security-keycloak-authorization-legacy-jar +# docker run -i --rm -p 8080:8080 quarkus/security-keycloak-authorization-quickstart-legacy-jar # # If you want to include the debug port into your docker image -# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5005 # # Then run the container using : # -# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/security-keycloak-authorization-legacy-jar +# docker run -i --rm -p 8080:8080 quarkus/security-keycloak-authorization-quickstart-legacy-jar +# +# This image uses the `run-java.sh` script to run the application. +# This scripts computes the command line to execute your Java application, and +# includes memory/GC tuning. +# You can configure the behavior using the following environment properties: +# - JAVA_OPTS: JVM options passed to the `java` command (example: "-verbose:class") +# - JAVA_OPTS_APPEND: User specified Java options to be appended to generated options +# in JAVA_OPTS (example: "-Dsome.property=foo") +# - JAVA_MAX_MEM_RATIO: Is used when no `-Xmx` option is given in JAVA_OPTS. This is +# used to calculate a default maximal heap memory based on a containers restriction. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xmx` is set to a ratio +# of the container available memory as set here. The default is `50` which means 50% +# of the available memory is used as an upper boundary. You can skip this mechanism by +# setting this value to `0` in which case no `-Xmx` option is added. +# - JAVA_INITIAL_MEM_RATIO: Is used when no `-Xms` option is given in JAVA_OPTS. This +# is used to calculate a default initial heap memory based on the maximum heap memory. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xms` is set to a ratio +# of the `-Xmx` memory as set here. The default is `25` which means 25% of the `-Xmx` +# is used as the initial heap size. You can skip this mechanism by setting this value +# to `0` in which case no `-Xms` option is added (example: "25") +# - JAVA_MAX_INITIAL_MEM: Is used when no `-Xms` option is given in JAVA_OPTS. +# This is used to calculate the maximum value of the initial heap memory. If used in +# a container without any memory constraints for the container then this option has +# no effect. If there is a memory constraint then `-Xms` is limited to the value set +# here. The default is 4096MB which means the calculated value of `-Xms` never will +# be greater than 4096MB. The value of this variable is expressed in MB (example: "4096") +# - JAVA_DIAGNOSTICS: Set this to get some diagnostics information to standard output +# when things are happening. This option, if set to true, will set +# `-XX:+UnlockDiagnosticVMOptions`. Disabled by default (example: "true"). +# - JAVA_DEBUG: If set remote debugging will be switched on. Disabled by default (example: +# true"). +# - JAVA_DEBUG_PORT: Port used for remote debugging. Defaults to 5005 (example: "8787"). +# - CONTAINER_CORE_LIMIT: A calculated core limit as described in +# https://www.kernel.org/doc/Documentation/scheduler/sched-bwc.txt. (example: "2") +# - CONTAINER_MAX_MEMORY: Memory limit given to the container (example: "1024"). +# - GC_MIN_HEAP_FREE_RATIO: Minimum percentage of heap free after GC to avoid expansion. +# (example: "20") +# - GC_MAX_HEAP_FREE_RATIO: Maximum percentage of heap free after GC to avoid shrinking. +# (example: "40") +# - GC_TIME_RATIO: Specifies the ratio of the time spent outside the garbage collection. +# (example: "4") +# - GC_ADAPTIVE_SIZE_POLICY_WEIGHT: The weighting given to the current GC time versus +# previous GC times. (example: "90") +# - GC_METASPACE_SIZE: The initial metaspace size. (example: "20") +# - GC_MAX_METASPACE_SIZE: The maximum metaspace size. (example: "100") +# - GC_CONTAINER_OPTIONS: Specify Java GC to use. The value of this variable should +# contain the necessary JRE command-line options to specify the required GC, which +# will override the default of `-XX:+UseParallelGC` (example: -XX:+UseG1GC). +# - HTTPS_PROXY: The location of the https proxy. (example: "myuser@127.0.0.1:8080") +# - HTTP_PROXY: The location of the http proxy. (example: "myuser@127.0.0.1:8080") +# - NO_PROXY: A comma separated lists of hosts, IP addresses or domains that can be +# accessed directly. (example: "foo.example.com,bar.example.com") # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/openjdk-11:1.14 + +ENV LANGUAGE='en_US:en' -ARG JAVA_PACKAGE=java-11-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.8 -ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' -# Install java and the run-java script -# Also set up permissions for user `1001` -RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ - && microdnf update \ - && microdnf clean all \ - && mkdir /deployments \ - && chown 1001 /deployments \ - && chmod "g+rwX" /deployments \ - && chown 1001:root /deployments \ - && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ - && chown 1001 /deployments/run-java.sh \ - && chmod 540 /deployments/run-java.sh \ - && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security -# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. -ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" COPY target/lib/* /deployments/lib/ -COPY target/*-runner.jar /deployments/app.jar +COPY target/*-runner.jar /deployments/quarkus-run.jar EXPOSE 8080 -USER 1001 - -ENTRYPOINT [ "/deployments/run-java.sh" ] +USER 185 +ENV AB_JOLOKIA_OFF="" +ENV JAVA_OPTS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +ENV JAVA_APP_JAR="/deployments/quarkus-run.jar" diff --git a/security-keycloak-authorization-quickstart/src/main/docker/Dockerfile.native b/security-keycloak-authorization-quickstart/src/main/docker/Dockerfile.native index aa62636bf5..c96ee25d70 100644 --- a/security-keycloak-authorization-quickstart/src/main/docker/Dockerfile.native +++ b/security-keycloak-authorization-quickstart/src/main/docker/Dockerfile.native @@ -1,5 +1,5 @@ #### -# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode. # # Before building the container image run: # @@ -7,14 +7,14 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native -t quarkus/security-keycloak-authorization . +# docker build -f src/main/docker/Dockerfile.native -t quarkus/security-keycloak-authorization-quickstart . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/security-keycloak-authorization +# docker run -i --rm -p 8080:8080 quarkus/security-keycloak-authorization-quickstart # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.6 WORKDIR /work/ RUN chown 1001 /work \ && chmod "g+rwX" /work \ diff --git a/security-keycloak-authorization-quickstart/src/main/docker/Dockerfile.native-micro b/security-keycloak-authorization-quickstart/src/main/docker/Dockerfile.native-micro index 663b8d24b6..8f90612edb 100644 --- a/security-keycloak-authorization-quickstart/src/main/docker/Dockerfile.native-micro +++ b/security-keycloak-authorization-quickstart/src/main/docker/Dockerfile.native-micro @@ -1,5 +1,8 @@ #### -# This Dockerfile is used in order to build a distroless container that runs the Quarkus application in native (no JVM) mode +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode. +# It uses a micro base image, tuned for Quarkus native executables. +# It reduces the size of the resulting container image. +# Check https://quarkus.io/guides/quarkus-runtime-base-image for further information about this image. # # Before building the container image run: # @@ -7,15 +10,19 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native-micro -t quarkus/security-keycloak-authorization . +# docker build -f src/main/docker/Dockerfile.native-micro -t quarkus/security-keycloak-authorization-quickstart . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/security-keycloak-authorization +# docker run -i --rm -p 8080:8080 quarkus/security-keycloak-authorization-quickstart # ### -FROM quay.io/quarkus/quarkus-micro-image:1.0 -COPY target/*-runner /application +FROM quay.io/quarkus/quarkus-micro-image:2.0 +WORKDIR /work/ +RUN chown 1001 /work \ + && chmod "g+rwX" /work \ + && chown 1001:root /work +COPY --chown=1001:root target/*-runner /work/application EXPOSE 8080 USER 1001 diff --git a/security-ldap-quickstart/pom.xml b/security-ldap-quickstart/pom.xml index b6fdce2822..dc4dbee7c8 100644 --- a/security-ldap-quickstart/pom.xml +++ b/security-ldap-quickstart/pom.xml @@ -12,7 +12,7 @@ UTF-8 quarkus-bom io.quarkus - 999-SNAPSHOT + 2.14.0.Final 3.0.0-M7 diff --git a/security-ldap-quickstart/src/main/docker/Dockerfile.jvm b/security-ldap-quickstart/src/main/docker/Dockerfile.jvm index 00d40be277..b74ac83bf1 100644 --- a/security-ldap-quickstart/src/main/docker/Dockerfile.jvm +++ b/security-ldap-quickstart/src/main/docker/Dockerfile.jvm @@ -7,48 +7,88 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/security-ldap-quickstart . +# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/security-ldap-quickstart-jvm . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/security-ldap-quickstart +# docker run -i --rm -p 8080:8080 quarkus/security-ldap-quickstart-jvm # # If you want to include the debug port into your docker image -# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5005 # # Then run the container using : # -# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/security-ldap-quickstart +# docker run -i --rm -p 8080:8080 quarkus/security-ldap-quickstart-jvm +# +# This image uses the `run-java.sh` script to run the application. +# This scripts computes the command line to execute your Java application, and +# includes memory/GC tuning. +# You can configure the behavior using the following environment properties: +# - JAVA_OPTS: JVM options passed to the `java` command (example: "-verbose:class") +# - JAVA_OPTS_APPEND: User specified Java options to be appended to generated options +# in JAVA_OPTS (example: "-Dsome.property=foo") +# - JAVA_MAX_MEM_RATIO: Is used when no `-Xmx` option is given in JAVA_OPTS. This is +# used to calculate a default maximal heap memory based on a containers restriction. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xmx` is set to a ratio +# of the container available memory as set here. The default is `50` which means 50% +# of the available memory is used as an upper boundary. You can skip this mechanism by +# setting this value to `0` in which case no `-Xmx` option is added. +# - JAVA_INITIAL_MEM_RATIO: Is used when no `-Xms` option is given in JAVA_OPTS. This +# is used to calculate a default initial heap memory based on the maximum heap memory. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xms` is set to a ratio +# of the `-Xmx` memory as set here. The default is `25` which means 25% of the `-Xmx` +# is used as the initial heap size. You can skip this mechanism by setting this value +# to `0` in which case no `-Xms` option is added (example: "25") +# - JAVA_MAX_INITIAL_MEM: Is used when no `-Xms` option is given in JAVA_OPTS. +# This is used to calculate the maximum value of the initial heap memory. If used in +# a container without any memory constraints for the container then this option has +# no effect. If there is a memory constraint then `-Xms` is limited to the value set +# here. The default is 4096MB which means the calculated value of `-Xms` never will +# be greater than 4096MB. The value of this variable is expressed in MB (example: "4096") +# - JAVA_DIAGNOSTICS: Set this to get some diagnostics information to standard output +# when things are happening. This option, if set to true, will set +# `-XX:+UnlockDiagnosticVMOptions`. Disabled by default (example: "true"). +# - JAVA_DEBUG: If set remote debugging will be switched on. Disabled by default (example: +# true"). +# - JAVA_DEBUG_PORT: Port used for remote debugging. Defaults to 5005 (example: "8787"). +# - CONTAINER_CORE_LIMIT: A calculated core limit as described in +# https://www.kernel.org/doc/Documentation/scheduler/sched-bwc.txt. (example: "2") +# - CONTAINER_MAX_MEMORY: Memory limit given to the container (example: "1024"). +# - GC_MIN_HEAP_FREE_RATIO: Minimum percentage of heap free after GC to avoid expansion. +# (example: "20") +# - GC_MAX_HEAP_FREE_RATIO: Maximum percentage of heap free after GC to avoid shrinking. +# (example: "40") +# - GC_TIME_RATIO: Specifies the ratio of the time spent outside the garbage collection. +# (example: "4") +# - GC_ADAPTIVE_SIZE_POLICY_WEIGHT: The weighting given to the current GC time versus +# previous GC times. (example: "90") +# - GC_METASPACE_SIZE: The initial metaspace size. (example: "20") +# - GC_MAX_METASPACE_SIZE: The maximum metaspace size. (example: "100") +# - GC_CONTAINER_OPTIONS: Specify Java GC to use. The value of this variable should +# contain the necessary JRE command-line options to specify the required GC, which +# will override the default of `-XX:+UseParallelGC` (example: -XX:+UseG1GC). +# - HTTPS_PROXY: The location of the https proxy. (example: "myuser@127.0.0.1:8080") +# - HTTP_PROXY: The location of the http proxy. (example: "myuser@127.0.0.1:8080") +# - NO_PROXY: A comma separated lists of hosts, IP addresses or domains that can be +# accessed directly. (example: "foo.example.com,bar.example.com") # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/openjdk-11:1.14 + +ENV LANGUAGE='en_US:en' -ARG JAVA_PACKAGE=java-11-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.8 -ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' -# Install java and the run-java script -# Also set up permissions for user `1001` -RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ - && microdnf update \ - && microdnf clean all \ - && mkdir /deployments \ - && chown 1001 /deployments \ - && chmod "g+rwX" /deployments \ - && chown 1001:root /deployments \ - && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ - && chown 1001 /deployments/run-java.sh \ - && chmod 540 /deployments/run-java.sh \ - && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security -# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. -ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" # We make four distinct layers so if there are application changes the library layers can be re-used -COPY --chown=1001 target/quarkus-app/lib/ /deployments/lib/ -COPY --chown=1001 target/quarkus-app/*.jar /deployments/ -COPY --chown=1001 target/quarkus-app/app/ /deployments/app/ -COPY --chown=1001 target/quarkus-app/quarkus/ /deployments/quarkus/ +COPY --chown=185 target/quarkus-app/lib/ /deployments/lib/ +COPY --chown=185 target/quarkus-app/*.jar /deployments/ +COPY --chown=185 target/quarkus-app/app/ /deployments/app/ +COPY --chown=185 target/quarkus-app/quarkus/ /deployments/quarkus/ EXPOSE 8080 -USER 1001 +USER 185 +ENV AB_JOLOKIA_OFF="" +ENV JAVA_OPTS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +ENV JAVA_APP_JAR="/deployments/quarkus-run.jar" -ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/security-ldap-quickstart/src/main/docker/Dockerfile.legacy-jar b/security-ldap-quickstart/src/main/docker/Dockerfile.legacy-jar index 1963546bfb..14950c559c 100644 --- a/security-ldap-quickstart/src/main/docker/Dockerfile.legacy-jar +++ b/security-ldap-quickstart/src/main/docker/Dockerfile.legacy-jar @@ -14,38 +14,77 @@ # docker run -i --rm -p 8080:8080 quarkus/security-ldap-quickstart-legacy-jar # # If you want to include the debug port into your docker image -# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5005 # # Then run the container using : # -# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/security-ldap-quickstart-legacy-jar +# docker run -i --rm -p 8080:8080 quarkus/security-ldap-quickstart-legacy-jar +# +# This image uses the `run-java.sh` script to run the application. +# This scripts computes the command line to execute your Java application, and +# includes memory/GC tuning. +# You can configure the behavior using the following environment properties: +# - JAVA_OPTS: JVM options passed to the `java` command (example: "-verbose:class") +# - JAVA_OPTS_APPEND: User specified Java options to be appended to generated options +# in JAVA_OPTS (example: "-Dsome.property=foo") +# - JAVA_MAX_MEM_RATIO: Is used when no `-Xmx` option is given in JAVA_OPTS. This is +# used to calculate a default maximal heap memory based on a containers restriction. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xmx` is set to a ratio +# of the container available memory as set here. The default is `50` which means 50% +# of the available memory is used as an upper boundary. You can skip this mechanism by +# setting this value to `0` in which case no `-Xmx` option is added. +# - JAVA_INITIAL_MEM_RATIO: Is used when no `-Xms` option is given in JAVA_OPTS. This +# is used to calculate a default initial heap memory based on the maximum heap memory. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xms` is set to a ratio +# of the `-Xmx` memory as set here. The default is `25` which means 25% of the `-Xmx` +# is used as the initial heap size. You can skip this mechanism by setting this value +# to `0` in which case no `-Xms` option is added (example: "25") +# - JAVA_MAX_INITIAL_MEM: Is used when no `-Xms` option is given in JAVA_OPTS. +# This is used to calculate the maximum value of the initial heap memory. If used in +# a container without any memory constraints for the container then this option has +# no effect. If there is a memory constraint then `-Xms` is limited to the value set +# here. The default is 4096MB which means the calculated value of `-Xms` never will +# be greater than 4096MB. The value of this variable is expressed in MB (example: "4096") +# - JAVA_DIAGNOSTICS: Set this to get some diagnostics information to standard output +# when things are happening. This option, if set to true, will set +# `-XX:+UnlockDiagnosticVMOptions`. Disabled by default (example: "true"). +# - JAVA_DEBUG: If set remote debugging will be switched on. Disabled by default (example: +# true"). +# - JAVA_DEBUG_PORT: Port used for remote debugging. Defaults to 5005 (example: "8787"). +# - CONTAINER_CORE_LIMIT: A calculated core limit as described in +# https://www.kernel.org/doc/Documentation/scheduler/sched-bwc.txt. (example: "2") +# - CONTAINER_MAX_MEMORY: Memory limit given to the container (example: "1024"). +# - GC_MIN_HEAP_FREE_RATIO: Minimum percentage of heap free after GC to avoid expansion. +# (example: "20") +# - GC_MAX_HEAP_FREE_RATIO: Maximum percentage of heap free after GC to avoid shrinking. +# (example: "40") +# - GC_TIME_RATIO: Specifies the ratio of the time spent outside the garbage collection. +# (example: "4") +# - GC_ADAPTIVE_SIZE_POLICY_WEIGHT: The weighting given to the current GC time versus +# previous GC times. (example: "90") +# - GC_METASPACE_SIZE: The initial metaspace size. (example: "20") +# - GC_MAX_METASPACE_SIZE: The maximum metaspace size. (example: "100") +# - GC_CONTAINER_OPTIONS: Specify Java GC to use. The value of this variable should +# contain the necessary JRE command-line options to specify the required GC, which +# will override the default of `-XX:+UseParallelGC` (example: -XX:+UseG1GC). +# - HTTPS_PROXY: The location of the https proxy. (example: "myuser@127.0.0.1:8080") +# - HTTP_PROXY: The location of the http proxy. (example: "myuser@127.0.0.1:8080") +# - NO_PROXY: A comma separated lists of hosts, IP addresses or domains that can be +# accessed directly. (example: "foo.example.com,bar.example.com") # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/openjdk-11:1.14 + +ENV LANGUAGE='en_US:en' -ARG JAVA_PACKAGE=java-11-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.8 -ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' -# Install java and the run-java script -# Also set up permissions for user `1001` -RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ - && microdnf update \ - && microdnf clean all \ - && mkdir /deployments \ - && chown 1001 /deployments \ - && chmod "g+rwX" /deployments \ - && chown 1001:root /deployments \ - && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ - && chown 1001 /deployments/run-java.sh \ - && chmod 540 /deployments/run-java.sh \ - && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security -# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. -ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" COPY target/lib/* /deployments/lib/ -COPY target/*-runner.jar /deployments/app.jar +COPY target/*-runner.jar /deployments/quarkus-run.jar EXPOSE 8080 -USER 1001 - -ENTRYPOINT [ "/deployments/run-java.sh" ] +USER 185 +ENV AB_JOLOKIA_OFF="" +ENV JAVA_OPTS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +ENV JAVA_APP_JAR="/deployments/quarkus-run.jar" diff --git a/security-ldap-quickstart/src/main/docker/Dockerfile.native b/security-ldap-quickstart/src/main/docker/Dockerfile.native index 00f54e504d..d8e8f12f9c 100644 --- a/security-ldap-quickstart/src/main/docker/Dockerfile.native +++ b/security-ldap-quickstart/src/main/docker/Dockerfile.native @@ -1,5 +1,5 @@ #### -# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode. # # Before building the container image run: # @@ -14,7 +14,7 @@ # docker run -i --rm -p 8080:8080 quarkus/security-ldap-quickstart # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.6 WORKDIR /work/ RUN chown 1001 /work \ && chmod "g+rwX" /work \ diff --git a/security-ldap-quickstart/src/main/docker/Dockerfile.native-micro b/security-ldap-quickstart/src/main/docker/Dockerfile.native-micro index 26470c4ab4..b33cccb520 100644 --- a/security-ldap-quickstart/src/main/docker/Dockerfile.native-micro +++ b/security-ldap-quickstart/src/main/docker/Dockerfile.native-micro @@ -1,5 +1,8 @@ #### -# This Dockerfile is used in order to build a distroless container that runs the Quarkus application in native (no JVM) mode +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode. +# It uses a micro base image, tuned for Quarkus native executables. +# It reduces the size of the resulting container image. +# Check https://quarkus.io/guides/quarkus-runtime-base-image for further information about this image. # # Before building the container image run: # @@ -14,8 +17,12 @@ # docker run -i --rm -p 8080:8080 quarkus/security-ldap-quickstart # ### -FROM quay.io/quarkus/quarkus-micro-image:1.0 -COPY target/*-runner /application +FROM quay.io/quarkus/quarkus-micro-image:2.0 +WORKDIR /work/ +RUN chown 1001 /work \ + && chmod "g+rwX" /work \ + && chown 1001:root /work +COPY --chown=1001:root target/*-runner /work/application EXPOSE 8080 USER 1001 diff --git a/security-oauth2-quickstart/pom.xml b/security-oauth2-quickstart/pom.xml index 5e1deb82e4..a1af0120c0 100644 --- a/security-oauth2-quickstart/pom.xml +++ b/security-oauth2-quickstart/pom.xml @@ -11,7 +11,7 @@ 11 quarkus-bom io.quarkus - 999-SNAPSHOT + 2.14.0.Final UTF-8 UTF-8 2.26.3 diff --git a/security-oauth2-quickstart/src/main/docker/Dockerfile.jvm b/security-oauth2-quickstart/src/main/docker/Dockerfile.jvm index b32ae2f14c..e4b4acb780 100644 --- a/security-oauth2-quickstart/src/main/docker/Dockerfile.jvm +++ b/security-oauth2-quickstart/src/main/docker/Dockerfile.jvm @@ -7,48 +7,88 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/security-oauth2-jvm . +# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/security-oauth2-quickstart-jvm . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/security-oauth2-jvm +# docker run -i --rm -p 8080:8080 quarkus/security-oauth2-quickstart-jvm # # If you want to include the debug port into your docker image -# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5005 # # Then run the container using : # -# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/security-oauth2-jvm +# docker run -i --rm -p 8080:8080 quarkus/security-oauth2-quickstart-jvm +# +# This image uses the `run-java.sh` script to run the application. +# This scripts computes the command line to execute your Java application, and +# includes memory/GC tuning. +# You can configure the behavior using the following environment properties: +# - JAVA_OPTS: JVM options passed to the `java` command (example: "-verbose:class") +# - JAVA_OPTS_APPEND: User specified Java options to be appended to generated options +# in JAVA_OPTS (example: "-Dsome.property=foo") +# - JAVA_MAX_MEM_RATIO: Is used when no `-Xmx` option is given in JAVA_OPTS. This is +# used to calculate a default maximal heap memory based on a containers restriction. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xmx` is set to a ratio +# of the container available memory as set here. The default is `50` which means 50% +# of the available memory is used as an upper boundary. You can skip this mechanism by +# setting this value to `0` in which case no `-Xmx` option is added. +# - JAVA_INITIAL_MEM_RATIO: Is used when no `-Xms` option is given in JAVA_OPTS. This +# is used to calculate a default initial heap memory based on the maximum heap memory. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xms` is set to a ratio +# of the `-Xmx` memory as set here. The default is `25` which means 25% of the `-Xmx` +# is used as the initial heap size. You can skip this mechanism by setting this value +# to `0` in which case no `-Xms` option is added (example: "25") +# - JAVA_MAX_INITIAL_MEM: Is used when no `-Xms` option is given in JAVA_OPTS. +# This is used to calculate the maximum value of the initial heap memory. If used in +# a container without any memory constraints for the container then this option has +# no effect. If there is a memory constraint then `-Xms` is limited to the value set +# here. The default is 4096MB which means the calculated value of `-Xms` never will +# be greater than 4096MB. The value of this variable is expressed in MB (example: "4096") +# - JAVA_DIAGNOSTICS: Set this to get some diagnostics information to standard output +# when things are happening. This option, if set to true, will set +# `-XX:+UnlockDiagnosticVMOptions`. Disabled by default (example: "true"). +# - JAVA_DEBUG: If set remote debugging will be switched on. Disabled by default (example: +# true"). +# - JAVA_DEBUG_PORT: Port used for remote debugging. Defaults to 5005 (example: "8787"). +# - CONTAINER_CORE_LIMIT: A calculated core limit as described in +# https://www.kernel.org/doc/Documentation/scheduler/sched-bwc.txt. (example: "2") +# - CONTAINER_MAX_MEMORY: Memory limit given to the container (example: "1024"). +# - GC_MIN_HEAP_FREE_RATIO: Minimum percentage of heap free after GC to avoid expansion. +# (example: "20") +# - GC_MAX_HEAP_FREE_RATIO: Maximum percentage of heap free after GC to avoid shrinking. +# (example: "40") +# - GC_TIME_RATIO: Specifies the ratio of the time spent outside the garbage collection. +# (example: "4") +# - GC_ADAPTIVE_SIZE_POLICY_WEIGHT: The weighting given to the current GC time versus +# previous GC times. (example: "90") +# - GC_METASPACE_SIZE: The initial metaspace size. (example: "20") +# - GC_MAX_METASPACE_SIZE: The maximum metaspace size. (example: "100") +# - GC_CONTAINER_OPTIONS: Specify Java GC to use. The value of this variable should +# contain the necessary JRE command-line options to specify the required GC, which +# will override the default of `-XX:+UseParallelGC` (example: -XX:+UseG1GC). +# - HTTPS_PROXY: The location of the https proxy. (example: "myuser@127.0.0.1:8080") +# - HTTP_PROXY: The location of the http proxy. (example: "myuser@127.0.0.1:8080") +# - NO_PROXY: A comma separated lists of hosts, IP addresses or domains that can be +# accessed directly. (example: "foo.example.com,bar.example.com") # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/openjdk-11:1.14 + +ENV LANGUAGE='en_US:en' -ARG JAVA_PACKAGE=java-11-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.8 -ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' -# Install java and the run-java script -# Also set up permissions for user `1001` -RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ - && microdnf update \ - && microdnf clean all \ - && mkdir /deployments \ - && chown 1001 /deployments \ - && chmod "g+rwX" /deployments \ - && chown 1001:root /deployments \ - && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ - && chown 1001 /deployments/run-java.sh \ - && chmod 540 /deployments/run-java.sh \ - && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security -# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. -ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" # We make four distinct layers so if there are application changes the library layers can be re-used -COPY --chown=1001 target/quarkus-app/lib/ /deployments/lib/ -COPY --chown=1001 target/quarkus-app/*.jar /deployments/ -COPY --chown=1001 target/quarkus-app/app/ /deployments/app/ -COPY --chown=1001 target/quarkus-app/quarkus/ /deployments/quarkus/ +COPY --chown=185 target/quarkus-app/lib/ /deployments/lib/ +COPY --chown=185 target/quarkus-app/*.jar /deployments/ +COPY --chown=185 target/quarkus-app/app/ /deployments/app/ +COPY --chown=185 target/quarkus-app/quarkus/ /deployments/quarkus/ EXPOSE 8080 -USER 1001 +USER 185 +ENV AB_JOLOKIA_OFF="" +ENV JAVA_OPTS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +ENV JAVA_APP_JAR="/deployments/quarkus-run.jar" -ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/security-oauth2-quickstart/src/main/docker/Dockerfile.legacy-jar b/security-oauth2-quickstart/src/main/docker/Dockerfile.legacy-jar index fc8e640c43..dc913c00dd 100644 --- a/security-oauth2-quickstart/src/main/docker/Dockerfile.legacy-jar +++ b/security-oauth2-quickstart/src/main/docker/Dockerfile.legacy-jar @@ -7,45 +7,84 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/security-oauth2-legacy-jar . +# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/security-oauth2-quickstart-legacy-jar . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/security-oauth2-legacy-jar +# docker run -i --rm -p 8080:8080 quarkus/security-oauth2-quickstart-legacy-jar # # If you want to include the debug port into your docker image -# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5005 # # Then run the container using : # -# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/security-oauth2-legacy-jar +# docker run -i --rm -p 8080:8080 quarkus/security-oauth2-quickstart-legacy-jar +# +# This image uses the `run-java.sh` script to run the application. +# This scripts computes the command line to execute your Java application, and +# includes memory/GC tuning. +# You can configure the behavior using the following environment properties: +# - JAVA_OPTS: JVM options passed to the `java` command (example: "-verbose:class") +# - JAVA_OPTS_APPEND: User specified Java options to be appended to generated options +# in JAVA_OPTS (example: "-Dsome.property=foo") +# - JAVA_MAX_MEM_RATIO: Is used when no `-Xmx` option is given in JAVA_OPTS. This is +# used to calculate a default maximal heap memory based on a containers restriction. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xmx` is set to a ratio +# of the container available memory as set here. The default is `50` which means 50% +# of the available memory is used as an upper boundary. You can skip this mechanism by +# setting this value to `0` in which case no `-Xmx` option is added. +# - JAVA_INITIAL_MEM_RATIO: Is used when no `-Xms` option is given in JAVA_OPTS. This +# is used to calculate a default initial heap memory based on the maximum heap memory. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xms` is set to a ratio +# of the `-Xmx` memory as set here. The default is `25` which means 25% of the `-Xmx` +# is used as the initial heap size. You can skip this mechanism by setting this value +# to `0` in which case no `-Xms` option is added (example: "25") +# - JAVA_MAX_INITIAL_MEM: Is used when no `-Xms` option is given in JAVA_OPTS. +# This is used to calculate the maximum value of the initial heap memory. If used in +# a container without any memory constraints for the container then this option has +# no effect. If there is a memory constraint then `-Xms` is limited to the value set +# here. The default is 4096MB which means the calculated value of `-Xms` never will +# be greater than 4096MB. The value of this variable is expressed in MB (example: "4096") +# - JAVA_DIAGNOSTICS: Set this to get some diagnostics information to standard output +# when things are happening. This option, if set to true, will set +# `-XX:+UnlockDiagnosticVMOptions`. Disabled by default (example: "true"). +# - JAVA_DEBUG: If set remote debugging will be switched on. Disabled by default (example: +# true"). +# - JAVA_DEBUG_PORT: Port used for remote debugging. Defaults to 5005 (example: "8787"). +# - CONTAINER_CORE_LIMIT: A calculated core limit as described in +# https://www.kernel.org/doc/Documentation/scheduler/sched-bwc.txt. (example: "2") +# - CONTAINER_MAX_MEMORY: Memory limit given to the container (example: "1024"). +# - GC_MIN_HEAP_FREE_RATIO: Minimum percentage of heap free after GC to avoid expansion. +# (example: "20") +# - GC_MAX_HEAP_FREE_RATIO: Maximum percentage of heap free after GC to avoid shrinking. +# (example: "40") +# - GC_TIME_RATIO: Specifies the ratio of the time spent outside the garbage collection. +# (example: "4") +# - GC_ADAPTIVE_SIZE_POLICY_WEIGHT: The weighting given to the current GC time versus +# previous GC times. (example: "90") +# - GC_METASPACE_SIZE: The initial metaspace size. (example: "20") +# - GC_MAX_METASPACE_SIZE: The maximum metaspace size. (example: "100") +# - GC_CONTAINER_OPTIONS: Specify Java GC to use. The value of this variable should +# contain the necessary JRE command-line options to specify the required GC, which +# will override the default of `-XX:+UseParallelGC` (example: -XX:+UseG1GC). +# - HTTPS_PROXY: The location of the https proxy. (example: "myuser@127.0.0.1:8080") +# - HTTP_PROXY: The location of the http proxy. (example: "myuser@127.0.0.1:8080") +# - NO_PROXY: A comma separated lists of hosts, IP addresses or domains that can be +# accessed directly. (example: "foo.example.com,bar.example.com") # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/openjdk-11:1.14 + +ENV LANGUAGE='en_US:en' -ARG JAVA_PACKAGE=java-11-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.8 -ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' -# Install java and the run-java script -# Also set up permissions for user `1001` -RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ - && microdnf update \ - && microdnf clean all \ - && mkdir /deployments \ - && chown 1001 /deployments \ - && chmod "g+rwX" /deployments \ - && chown 1001:root /deployments \ - && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ - && chown 1001 /deployments/run-java.sh \ - && chmod 540 /deployments/run-java.sh \ - && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security -# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. -ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" COPY target/lib/* /deployments/lib/ -COPY target/*-runner.jar /deployments/app.jar +COPY target/*-runner.jar /deployments/quarkus-run.jar EXPOSE 8080 -USER 1001 - -ENTRYPOINT [ "/deployments/run-java.sh" ] +USER 185 +ENV AB_JOLOKIA_OFF="" +ENV JAVA_OPTS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +ENV JAVA_APP_JAR="/deployments/quarkus-run.jar" diff --git a/security-oauth2-quickstart/src/main/docker/Dockerfile.native b/security-oauth2-quickstart/src/main/docker/Dockerfile.native index 581de9ec4d..db58c4b62d 100644 --- a/security-oauth2-quickstart/src/main/docker/Dockerfile.native +++ b/security-oauth2-quickstart/src/main/docker/Dockerfile.native @@ -1,5 +1,5 @@ #### -# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode. # # Before building the container image run: # @@ -7,14 +7,14 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native -t quarkus/security-oauth2 . +# docker build -f src/main/docker/Dockerfile.native -t quarkus/security-oauth2-quickstart . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/security-oauth2 +# docker run -i --rm -p 8080:8080 quarkus/security-oauth2-quickstart # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.6 WORKDIR /work/ RUN chown 1001 /work \ && chmod "g+rwX" /work \ diff --git a/security-oauth2-quickstart/src/main/docker/Dockerfile.native-micro b/security-oauth2-quickstart/src/main/docker/Dockerfile.native-micro index 0179deb708..210709f7e0 100644 --- a/security-oauth2-quickstart/src/main/docker/Dockerfile.native-micro +++ b/security-oauth2-quickstart/src/main/docker/Dockerfile.native-micro @@ -1,5 +1,8 @@ #### -# This Dockerfile is used in order to build a distroless container that runs the Quarkus application in native (no JVM) mode +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode. +# It uses a micro base image, tuned for Quarkus native executables. +# It reduces the size of the resulting container image. +# Check https://quarkus.io/guides/quarkus-runtime-base-image for further information about this image. # # Before building the container image run: # @@ -7,15 +10,19 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native-micro -t quarkus/security-oauth2 . +# docker build -f src/main/docker/Dockerfile.native-micro -t quarkus/security-oauth2-quickstart . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/security-oauth2 +# docker run -i --rm -p 8080:8080 quarkus/security-oauth2-quickstart # ### -FROM quay.io/quarkus/quarkus-micro-image:1.0 -COPY target/*-runner /application +FROM quay.io/quarkus/quarkus-micro-image:2.0 +WORKDIR /work/ +RUN chown 1001 /work \ + && chmod "g+rwX" /work \ + && chown 1001:root /work +COPY --chown=1001:root target/*-runner /work/application EXPOSE 8080 USER 1001 diff --git a/security-oauth2-quickstart/src/main/resources/META-INF/resources/index.html b/security-oauth2-quickstart/src/main/resources/META-INF/resources/index.html index 344527ebf9..18c97013d9 100644 --- a/security-oauth2-quickstart/src/main/resources/META-INF/resources/index.html +++ b/security-oauth2-quickstart/src/main/resources/META-INF/resources/index.html @@ -133,7 +133,7 @@

    Application

  • GroupId: org.acme
  • ArtifactId: using-oauth2-rbac
  • Version: 1.0.0-SNAPSHOT
  • -
  • Quarkus Version: 999-SNAPSHOT
  • +
  • Quarkus Version: 2.14.0.Final
  • diff --git a/security-openid-connect-client-quickstart/pom.xml b/security-openid-connect-client-quickstart/pom.xml index 624f376341..87a427b2a9 100644 --- a/security-openid-connect-client-quickstart/pom.xml +++ b/security-openid-connect-client-quickstart/pom.xml @@ -12,7 +12,7 @@ quarkus-bom io.quarkus - 999-SNAPSHOT + 2.14.0.Final 3.0.0-M7 11 11 diff --git a/security-openid-connect-client-quickstart/src/main/docker/Dockerfile.jvm b/security-openid-connect-client-quickstart/src/main/docker/Dockerfile.jvm index 07b87ceea7..5f78fce09f 100644 --- a/security-openid-connect-client-quickstart/src/main/docker/Dockerfile.jvm +++ b/security-openid-connect-client-quickstart/src/main/docker/Dockerfile.jvm @@ -7,48 +7,88 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/security-openid-connect-jvm . +# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/security-openid-connect-client-quickstart-jvm . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/security-openid-connect-jvm +# docker run -i --rm -p 8080:8080 quarkus/security-openid-connect-client-quickstart-jvm # # If you want to include the debug port into your docker image -# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5005 # # Then run the container using : # -# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/security-openid-connect-jvm +# docker run -i --rm -p 8080:8080 quarkus/security-openid-connect-client-quickstart-jvm +# +# This image uses the `run-java.sh` script to run the application. +# This scripts computes the command line to execute your Java application, and +# includes memory/GC tuning. +# You can configure the behavior using the following environment properties: +# - JAVA_OPTS: JVM options passed to the `java` command (example: "-verbose:class") +# - JAVA_OPTS_APPEND: User specified Java options to be appended to generated options +# in JAVA_OPTS (example: "-Dsome.property=foo") +# - JAVA_MAX_MEM_RATIO: Is used when no `-Xmx` option is given in JAVA_OPTS. This is +# used to calculate a default maximal heap memory based on a containers restriction. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xmx` is set to a ratio +# of the container available memory as set here. The default is `50` which means 50% +# of the available memory is used as an upper boundary. You can skip this mechanism by +# setting this value to `0` in which case no `-Xmx` option is added. +# - JAVA_INITIAL_MEM_RATIO: Is used when no `-Xms` option is given in JAVA_OPTS. This +# is used to calculate a default initial heap memory based on the maximum heap memory. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xms` is set to a ratio +# of the `-Xmx` memory as set here. The default is `25` which means 25% of the `-Xmx` +# is used as the initial heap size. You can skip this mechanism by setting this value +# to `0` in which case no `-Xms` option is added (example: "25") +# - JAVA_MAX_INITIAL_MEM: Is used when no `-Xms` option is given in JAVA_OPTS. +# This is used to calculate the maximum value of the initial heap memory. If used in +# a container without any memory constraints for the container then this option has +# no effect. If there is a memory constraint then `-Xms` is limited to the value set +# here. The default is 4096MB which means the calculated value of `-Xms` never will +# be greater than 4096MB. The value of this variable is expressed in MB (example: "4096") +# - JAVA_DIAGNOSTICS: Set this to get some diagnostics information to standard output +# when things are happening. This option, if set to true, will set +# `-XX:+UnlockDiagnosticVMOptions`. Disabled by default (example: "true"). +# - JAVA_DEBUG: If set remote debugging will be switched on. Disabled by default (example: +# true"). +# - JAVA_DEBUG_PORT: Port used for remote debugging. Defaults to 5005 (example: "8787"). +# - CONTAINER_CORE_LIMIT: A calculated core limit as described in +# https://www.kernel.org/doc/Documentation/scheduler/sched-bwc.txt. (example: "2") +# - CONTAINER_MAX_MEMORY: Memory limit given to the container (example: "1024"). +# - GC_MIN_HEAP_FREE_RATIO: Minimum percentage of heap free after GC to avoid expansion. +# (example: "20") +# - GC_MAX_HEAP_FREE_RATIO: Maximum percentage of heap free after GC to avoid shrinking. +# (example: "40") +# - GC_TIME_RATIO: Specifies the ratio of the time spent outside the garbage collection. +# (example: "4") +# - GC_ADAPTIVE_SIZE_POLICY_WEIGHT: The weighting given to the current GC time versus +# previous GC times. (example: "90") +# - GC_METASPACE_SIZE: The initial metaspace size. (example: "20") +# - GC_MAX_METASPACE_SIZE: The maximum metaspace size. (example: "100") +# - GC_CONTAINER_OPTIONS: Specify Java GC to use. The value of this variable should +# contain the necessary JRE command-line options to specify the required GC, which +# will override the default of `-XX:+UseParallelGC` (example: -XX:+UseG1GC). +# - HTTPS_PROXY: The location of the https proxy. (example: "myuser@127.0.0.1:8080") +# - HTTP_PROXY: The location of the http proxy. (example: "myuser@127.0.0.1:8080") +# - NO_PROXY: A comma separated lists of hosts, IP addresses or domains that can be +# accessed directly. (example: "foo.example.com,bar.example.com") # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/openjdk-11:1.14 + +ENV LANGUAGE='en_US:en' -ARG JAVA_PACKAGE=java-11-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.8 -ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' -# Install java and the run-java script -# Also set up permissions for user `1001` -RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ - && microdnf update \ - && microdnf clean all \ - && mkdir /deployments \ - && chown 1001 /deployments \ - && chmod "g+rwX" /deployments \ - && chown 1001:root /deployments \ - && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ - && chown 1001 /deployments/run-java.sh \ - && chmod 540 /deployments/run-java.sh \ - && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security -# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. -ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" # We make four distinct layers so if there are application changes the library layers can be re-used -COPY --chown=1001 target/quarkus-app/lib/ /deployments/lib/ -COPY --chown=1001 target/quarkus-app/*.jar /deployments/ -COPY --chown=1001 target/quarkus-app/app/ /deployments/app/ -COPY --chown=1001 target/quarkus-app/quarkus/ /deployments/quarkus/ +COPY --chown=185 target/quarkus-app/lib/ /deployments/lib/ +COPY --chown=185 target/quarkus-app/*.jar /deployments/ +COPY --chown=185 target/quarkus-app/app/ /deployments/app/ +COPY --chown=185 target/quarkus-app/quarkus/ /deployments/quarkus/ EXPOSE 8080 -USER 1001 +USER 185 +ENV AB_JOLOKIA_OFF="" +ENV JAVA_OPTS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +ENV JAVA_APP_JAR="/deployments/quarkus-run.jar" -ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/security-openid-connect-client-quickstart/src/main/docker/Dockerfile.legacy-jar b/security-openid-connect-client-quickstart/src/main/docker/Dockerfile.legacy-jar index 9a7d51d059..ef83a25ae3 100644 --- a/security-openid-connect-client-quickstart/src/main/docker/Dockerfile.legacy-jar +++ b/security-openid-connect-client-quickstart/src/main/docker/Dockerfile.legacy-jar @@ -7,45 +7,84 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/security-openid-connect-legacy-jar . +# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/security-openid-connect-client-quickstart-legacy-jar . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/security-openid-connect-legacy-jar +# docker run -i --rm -p 8080:8080 quarkus/security-openid-connect-client-quickstart-legacy-jar # # If you want to include the debug port into your docker image -# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5005 # # Then run the container using : # -# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/security-openid-connect-legacy-jar +# docker run -i --rm -p 8080:8080 quarkus/security-openid-connect-client-quickstart-legacy-jar +# +# This image uses the `run-java.sh` script to run the application. +# This scripts computes the command line to execute your Java application, and +# includes memory/GC tuning. +# You can configure the behavior using the following environment properties: +# - JAVA_OPTS: JVM options passed to the `java` command (example: "-verbose:class") +# - JAVA_OPTS_APPEND: User specified Java options to be appended to generated options +# in JAVA_OPTS (example: "-Dsome.property=foo") +# - JAVA_MAX_MEM_RATIO: Is used when no `-Xmx` option is given in JAVA_OPTS. This is +# used to calculate a default maximal heap memory based on a containers restriction. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xmx` is set to a ratio +# of the container available memory as set here. The default is `50` which means 50% +# of the available memory is used as an upper boundary. You can skip this mechanism by +# setting this value to `0` in which case no `-Xmx` option is added. +# - JAVA_INITIAL_MEM_RATIO: Is used when no `-Xms` option is given in JAVA_OPTS. This +# is used to calculate a default initial heap memory based on the maximum heap memory. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xms` is set to a ratio +# of the `-Xmx` memory as set here. The default is `25` which means 25% of the `-Xmx` +# is used as the initial heap size. You can skip this mechanism by setting this value +# to `0` in which case no `-Xms` option is added (example: "25") +# - JAVA_MAX_INITIAL_MEM: Is used when no `-Xms` option is given in JAVA_OPTS. +# This is used to calculate the maximum value of the initial heap memory. If used in +# a container without any memory constraints for the container then this option has +# no effect. If there is a memory constraint then `-Xms` is limited to the value set +# here. The default is 4096MB which means the calculated value of `-Xms` never will +# be greater than 4096MB. The value of this variable is expressed in MB (example: "4096") +# - JAVA_DIAGNOSTICS: Set this to get some diagnostics information to standard output +# when things are happening. This option, if set to true, will set +# `-XX:+UnlockDiagnosticVMOptions`. Disabled by default (example: "true"). +# - JAVA_DEBUG: If set remote debugging will be switched on. Disabled by default (example: +# true"). +# - JAVA_DEBUG_PORT: Port used for remote debugging. Defaults to 5005 (example: "8787"). +# - CONTAINER_CORE_LIMIT: A calculated core limit as described in +# https://www.kernel.org/doc/Documentation/scheduler/sched-bwc.txt. (example: "2") +# - CONTAINER_MAX_MEMORY: Memory limit given to the container (example: "1024"). +# - GC_MIN_HEAP_FREE_RATIO: Minimum percentage of heap free after GC to avoid expansion. +# (example: "20") +# - GC_MAX_HEAP_FREE_RATIO: Maximum percentage of heap free after GC to avoid shrinking. +# (example: "40") +# - GC_TIME_RATIO: Specifies the ratio of the time spent outside the garbage collection. +# (example: "4") +# - GC_ADAPTIVE_SIZE_POLICY_WEIGHT: The weighting given to the current GC time versus +# previous GC times. (example: "90") +# - GC_METASPACE_SIZE: The initial metaspace size. (example: "20") +# - GC_MAX_METASPACE_SIZE: The maximum metaspace size. (example: "100") +# - GC_CONTAINER_OPTIONS: Specify Java GC to use. The value of this variable should +# contain the necessary JRE command-line options to specify the required GC, which +# will override the default of `-XX:+UseParallelGC` (example: -XX:+UseG1GC). +# - HTTPS_PROXY: The location of the https proxy. (example: "myuser@127.0.0.1:8080") +# - HTTP_PROXY: The location of the http proxy. (example: "myuser@127.0.0.1:8080") +# - NO_PROXY: A comma separated lists of hosts, IP addresses or domains that can be +# accessed directly. (example: "foo.example.com,bar.example.com") # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/openjdk-11:1.14 + +ENV LANGUAGE='en_US:en' -ARG JAVA_PACKAGE=java-11-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.8 -ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' -# Install java and the run-java script -# Also set up permissions for user `1001` -RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ - && microdnf update \ - && microdnf clean all \ - && mkdir /deployments \ - && chown 1001 /deployments \ - && chmod "g+rwX" /deployments \ - && chown 1001:root /deployments \ - && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ - && chown 1001 /deployments/run-java.sh \ - && chmod 540 /deployments/run-java.sh \ - && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security -# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. -ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" COPY target/lib/* /deployments/lib/ -COPY target/*-runner.jar /deployments/app.jar +COPY target/*-runner.jar /deployments/quarkus-run.jar EXPOSE 8080 -USER 1001 - -ENTRYPOINT [ "/deployments/run-java.sh" ] +USER 185 +ENV AB_JOLOKIA_OFF="" +ENV JAVA_OPTS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +ENV JAVA_APP_JAR="/deployments/quarkus-run.jar" diff --git a/security-openid-connect-client-quickstart/src/main/docker/Dockerfile.native b/security-openid-connect-client-quickstart/src/main/docker/Dockerfile.native index 80a5e61e1a..ef20234fce 100644 --- a/security-openid-connect-client-quickstart/src/main/docker/Dockerfile.native +++ b/security-openid-connect-client-quickstart/src/main/docker/Dockerfile.native @@ -1,5 +1,5 @@ #### -# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode. # # Before building the container image run: # @@ -7,14 +7,14 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native -t quarkus/security-openid-connect . +# docker build -f src/main/docker/Dockerfile.native -t quarkus/security-openid-connect-client-quickstart . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/security-openid-connect +# docker run -i --rm -p 8080:8080 quarkus/security-openid-connect-client-quickstart # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.6 WORKDIR /work/ RUN chown 1001 /work \ && chmod "g+rwX" /work \ diff --git a/security-openid-connect-client-quickstart/src/main/docker/Dockerfile.native-micro b/security-openid-connect-client-quickstart/src/main/docker/Dockerfile.native-micro index 9034135930..e4b6fb800b 100644 --- a/security-openid-connect-client-quickstart/src/main/docker/Dockerfile.native-micro +++ b/security-openid-connect-client-quickstart/src/main/docker/Dockerfile.native-micro @@ -1,5 +1,8 @@ #### -# This Dockerfile is used in order to build a distroless container that runs the Quarkus application in native (no JVM) mode +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode. +# It uses a micro base image, tuned for Quarkus native executables. +# It reduces the size of the resulting container image. +# Check https://quarkus.io/guides/quarkus-runtime-base-image for further information about this image. # # Before building the container image run: # @@ -7,15 +10,19 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native-micro -t quarkus/security-openid-connect . +# docker build -f src/main/docker/Dockerfile.native-micro -t quarkus/security-openid-connect-client-quickstart . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/security-openid-connect +# docker run -i --rm -p 8080:8080 quarkus/security-openid-connect-client-quickstart # ### -FROM quay.io/quarkus/quarkus-micro-image:1.0 -COPY target/*-runner /application +FROM quay.io/quarkus/quarkus-micro-image:2.0 +WORKDIR /work/ +RUN chown 1001 /work \ + && chmod "g+rwX" /work \ + && chown 1001:root /work +COPY --chown=1001:root target/*-runner /work/application EXPOSE 8080 USER 1001 diff --git a/security-openid-connect-multi-tenancy-quickstart/pom.xml b/security-openid-connect-multi-tenancy-quickstart/pom.xml index 8ca94dea7b..ad10ff5519 100644 --- a/security-openid-connect-multi-tenancy-quickstart/pom.xml +++ b/security-openid-connect-multi-tenancy-quickstart/pom.xml @@ -12,7 +12,7 @@ quarkus-bom io.quarkus - 999-SNAPSHOT + 2.14.0.Final 19.0.1-legacy 3.0.0-M7 11 diff --git a/security-openid-connect-multi-tenancy-quickstart/src/main/docker/Dockerfile.jvm b/security-openid-connect-multi-tenancy-quickstart/src/main/docker/Dockerfile.jvm index 34452b5691..94c1985bb7 100644 --- a/security-openid-connect-multi-tenancy-quickstart/src/main/docker/Dockerfile.jvm +++ b/security-openid-connect-multi-tenancy-quickstart/src/main/docker/Dockerfile.jvm @@ -7,48 +7,88 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/security-openid-connect-multi-tenancy-jvm . +# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/security-openid-connect-multi-tenancy-quickstart-jvm . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/security-openid-connect-multi-tenancy-jvm +# docker run -i --rm -p 8080:8080 quarkus/security-openid-connect-multi-tenancy-quickstart-jvm # # If you want to include the debug port into your docker image -# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5005 # # Then run the container using : # -# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/security-openid-connect-multi-tenancy-jvm +# docker run -i --rm -p 8080:8080 quarkus/security-openid-connect-multi-tenancy-quickstart-jvm +# +# This image uses the `run-java.sh` script to run the application. +# This scripts computes the command line to execute your Java application, and +# includes memory/GC tuning. +# You can configure the behavior using the following environment properties: +# - JAVA_OPTS: JVM options passed to the `java` command (example: "-verbose:class") +# - JAVA_OPTS_APPEND: User specified Java options to be appended to generated options +# in JAVA_OPTS (example: "-Dsome.property=foo") +# - JAVA_MAX_MEM_RATIO: Is used when no `-Xmx` option is given in JAVA_OPTS. This is +# used to calculate a default maximal heap memory based on a containers restriction. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xmx` is set to a ratio +# of the container available memory as set here. The default is `50` which means 50% +# of the available memory is used as an upper boundary. You can skip this mechanism by +# setting this value to `0` in which case no `-Xmx` option is added. +# - JAVA_INITIAL_MEM_RATIO: Is used when no `-Xms` option is given in JAVA_OPTS. This +# is used to calculate a default initial heap memory based on the maximum heap memory. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xms` is set to a ratio +# of the `-Xmx` memory as set here. The default is `25` which means 25% of the `-Xmx` +# is used as the initial heap size. You can skip this mechanism by setting this value +# to `0` in which case no `-Xms` option is added (example: "25") +# - JAVA_MAX_INITIAL_MEM: Is used when no `-Xms` option is given in JAVA_OPTS. +# This is used to calculate the maximum value of the initial heap memory. If used in +# a container without any memory constraints for the container then this option has +# no effect. If there is a memory constraint then `-Xms` is limited to the value set +# here. The default is 4096MB which means the calculated value of `-Xms` never will +# be greater than 4096MB. The value of this variable is expressed in MB (example: "4096") +# - JAVA_DIAGNOSTICS: Set this to get some diagnostics information to standard output +# when things are happening. This option, if set to true, will set +# `-XX:+UnlockDiagnosticVMOptions`. Disabled by default (example: "true"). +# - JAVA_DEBUG: If set remote debugging will be switched on. Disabled by default (example: +# true"). +# - JAVA_DEBUG_PORT: Port used for remote debugging. Defaults to 5005 (example: "8787"). +# - CONTAINER_CORE_LIMIT: A calculated core limit as described in +# https://www.kernel.org/doc/Documentation/scheduler/sched-bwc.txt. (example: "2") +# - CONTAINER_MAX_MEMORY: Memory limit given to the container (example: "1024"). +# - GC_MIN_HEAP_FREE_RATIO: Minimum percentage of heap free after GC to avoid expansion. +# (example: "20") +# - GC_MAX_HEAP_FREE_RATIO: Maximum percentage of heap free after GC to avoid shrinking. +# (example: "40") +# - GC_TIME_RATIO: Specifies the ratio of the time spent outside the garbage collection. +# (example: "4") +# - GC_ADAPTIVE_SIZE_POLICY_WEIGHT: The weighting given to the current GC time versus +# previous GC times. (example: "90") +# - GC_METASPACE_SIZE: The initial metaspace size. (example: "20") +# - GC_MAX_METASPACE_SIZE: The maximum metaspace size. (example: "100") +# - GC_CONTAINER_OPTIONS: Specify Java GC to use. The value of this variable should +# contain the necessary JRE command-line options to specify the required GC, which +# will override the default of `-XX:+UseParallelGC` (example: -XX:+UseG1GC). +# - HTTPS_PROXY: The location of the https proxy. (example: "myuser@127.0.0.1:8080") +# - HTTP_PROXY: The location of the http proxy. (example: "myuser@127.0.0.1:8080") +# - NO_PROXY: A comma separated lists of hosts, IP addresses or domains that can be +# accessed directly. (example: "foo.example.com,bar.example.com") # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/openjdk-11:1.14 + +ENV LANGUAGE='en_US:en' -ARG JAVA_PACKAGE=java-11-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.8 -ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' -# Install java and the run-java script -# Also set up permissions for user `1001` -RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ - && microdnf update \ - && microdnf clean all \ - && mkdir /deployments \ - && chown 1001 /deployments \ - && chmod "g+rwX" /deployments \ - && chown 1001:root /deployments \ - && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ - && chown 1001 /deployments/run-java.sh \ - && chmod 540 /deployments/run-java.sh \ - && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security -# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. -ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" # We make four distinct layers so if there are application changes the library layers can be re-used -COPY --chown=1001 target/quarkus-app/lib/ /deployments/lib/ -COPY --chown=1001 target/quarkus-app/*.jar /deployments/ -COPY --chown=1001 target/quarkus-app/app/ /deployments/app/ -COPY --chown=1001 target/quarkus-app/quarkus/ /deployments/quarkus/ +COPY --chown=185 target/quarkus-app/lib/ /deployments/lib/ +COPY --chown=185 target/quarkus-app/*.jar /deployments/ +COPY --chown=185 target/quarkus-app/app/ /deployments/app/ +COPY --chown=185 target/quarkus-app/quarkus/ /deployments/quarkus/ EXPOSE 8080 -USER 1001 +USER 185 +ENV AB_JOLOKIA_OFF="" +ENV JAVA_OPTS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +ENV JAVA_APP_JAR="/deployments/quarkus-run.jar" -ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/security-openid-connect-multi-tenancy-quickstart/src/main/docker/Dockerfile.legacy-jar b/security-openid-connect-multi-tenancy-quickstart/src/main/docker/Dockerfile.legacy-jar index b14f231c01..98b8b14b4f 100644 --- a/security-openid-connect-multi-tenancy-quickstart/src/main/docker/Dockerfile.legacy-jar +++ b/security-openid-connect-multi-tenancy-quickstart/src/main/docker/Dockerfile.legacy-jar @@ -7,45 +7,84 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/security-openid-connect-multi-tenancy-legacy-jar . +# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/security-openid-connect-multi-tenancy-quickstart-legacy-jar . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/security-openid-connect-multi-tenancy-legacy-jar +# docker run -i --rm -p 8080:8080 quarkus/security-openid-connect-multi-tenancy-quickstart-legacy-jar # # If you want to include the debug port into your docker image -# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5005 # # Then run the container using : # -# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/security-openid-connect-multi-tenancy-legacy-jar +# docker run -i --rm -p 8080:8080 quarkus/security-openid-connect-multi-tenancy-quickstart-legacy-jar +# +# This image uses the `run-java.sh` script to run the application. +# This scripts computes the command line to execute your Java application, and +# includes memory/GC tuning. +# You can configure the behavior using the following environment properties: +# - JAVA_OPTS: JVM options passed to the `java` command (example: "-verbose:class") +# - JAVA_OPTS_APPEND: User specified Java options to be appended to generated options +# in JAVA_OPTS (example: "-Dsome.property=foo") +# - JAVA_MAX_MEM_RATIO: Is used when no `-Xmx` option is given in JAVA_OPTS. This is +# used to calculate a default maximal heap memory based on a containers restriction. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xmx` is set to a ratio +# of the container available memory as set here. The default is `50` which means 50% +# of the available memory is used as an upper boundary. You can skip this mechanism by +# setting this value to `0` in which case no `-Xmx` option is added. +# - JAVA_INITIAL_MEM_RATIO: Is used when no `-Xms` option is given in JAVA_OPTS. This +# is used to calculate a default initial heap memory based on the maximum heap memory. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xms` is set to a ratio +# of the `-Xmx` memory as set here. The default is `25` which means 25% of the `-Xmx` +# is used as the initial heap size. You can skip this mechanism by setting this value +# to `0` in which case no `-Xms` option is added (example: "25") +# - JAVA_MAX_INITIAL_MEM: Is used when no `-Xms` option is given in JAVA_OPTS. +# This is used to calculate the maximum value of the initial heap memory. If used in +# a container without any memory constraints for the container then this option has +# no effect. If there is a memory constraint then `-Xms` is limited to the value set +# here. The default is 4096MB which means the calculated value of `-Xms` never will +# be greater than 4096MB. The value of this variable is expressed in MB (example: "4096") +# - JAVA_DIAGNOSTICS: Set this to get some diagnostics information to standard output +# when things are happening. This option, if set to true, will set +# `-XX:+UnlockDiagnosticVMOptions`. Disabled by default (example: "true"). +# - JAVA_DEBUG: If set remote debugging will be switched on. Disabled by default (example: +# true"). +# - JAVA_DEBUG_PORT: Port used for remote debugging. Defaults to 5005 (example: "8787"). +# - CONTAINER_CORE_LIMIT: A calculated core limit as described in +# https://www.kernel.org/doc/Documentation/scheduler/sched-bwc.txt. (example: "2") +# - CONTAINER_MAX_MEMORY: Memory limit given to the container (example: "1024"). +# - GC_MIN_HEAP_FREE_RATIO: Minimum percentage of heap free after GC to avoid expansion. +# (example: "20") +# - GC_MAX_HEAP_FREE_RATIO: Maximum percentage of heap free after GC to avoid shrinking. +# (example: "40") +# - GC_TIME_RATIO: Specifies the ratio of the time spent outside the garbage collection. +# (example: "4") +# - GC_ADAPTIVE_SIZE_POLICY_WEIGHT: The weighting given to the current GC time versus +# previous GC times. (example: "90") +# - GC_METASPACE_SIZE: The initial metaspace size. (example: "20") +# - GC_MAX_METASPACE_SIZE: The maximum metaspace size. (example: "100") +# - GC_CONTAINER_OPTIONS: Specify Java GC to use. The value of this variable should +# contain the necessary JRE command-line options to specify the required GC, which +# will override the default of `-XX:+UseParallelGC` (example: -XX:+UseG1GC). +# - HTTPS_PROXY: The location of the https proxy. (example: "myuser@127.0.0.1:8080") +# - HTTP_PROXY: The location of the http proxy. (example: "myuser@127.0.0.1:8080") +# - NO_PROXY: A comma separated lists of hosts, IP addresses or domains that can be +# accessed directly. (example: "foo.example.com,bar.example.com") # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/openjdk-11:1.14 + +ENV LANGUAGE='en_US:en' -ARG JAVA_PACKAGE=java-11-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.8 -ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' -# Install java and the run-java script -# Also set up permissions for user `1001` -RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ - && microdnf update \ - && microdnf clean all \ - && mkdir /deployments \ - && chown 1001 /deployments \ - && chmod "g+rwX" /deployments \ - && chown 1001:root /deployments \ - && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ - && chown 1001 /deployments/run-java.sh \ - && chmod 540 /deployments/run-java.sh \ - && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security -# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. -ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" COPY target/lib/* /deployments/lib/ -COPY target/*-runner.jar /deployments/app.jar +COPY target/*-runner.jar /deployments/quarkus-run.jar EXPOSE 8080 -USER 1001 - -ENTRYPOINT [ "/deployments/run-java.sh" ] +USER 185 +ENV AB_JOLOKIA_OFF="" +ENV JAVA_OPTS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +ENV JAVA_APP_JAR="/deployments/quarkus-run.jar" diff --git a/security-openid-connect-multi-tenancy-quickstart/src/main/docker/Dockerfile.native b/security-openid-connect-multi-tenancy-quickstart/src/main/docker/Dockerfile.native index 14afbe827b..6af0270b63 100644 --- a/security-openid-connect-multi-tenancy-quickstart/src/main/docker/Dockerfile.native +++ b/security-openid-connect-multi-tenancy-quickstart/src/main/docker/Dockerfile.native @@ -1,5 +1,5 @@ #### -# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode. # # Before building the container image run: # @@ -7,14 +7,14 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native -t quarkus/security-openid-connect-multi-tenancy . +# docker build -f src/main/docker/Dockerfile.native -t quarkus/security-openid-connect-multi-tenancy-quickstart . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/security-openid-connect-multi-tenancy +# docker run -i --rm -p 8080:8080 quarkus/security-openid-connect-multi-tenancy-quickstart # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.6 WORKDIR /work/ RUN chown 1001 /work \ && chmod "g+rwX" /work \ diff --git a/security-openid-connect-multi-tenancy-quickstart/src/main/docker/Dockerfile.native-micro b/security-openid-connect-multi-tenancy-quickstart/src/main/docker/Dockerfile.native-micro index cdf5669f3a..3c239e7255 100644 --- a/security-openid-connect-multi-tenancy-quickstart/src/main/docker/Dockerfile.native-micro +++ b/security-openid-connect-multi-tenancy-quickstart/src/main/docker/Dockerfile.native-micro @@ -1,5 +1,8 @@ #### -# This Dockerfile is used in order to build a distroless container that runs the Quarkus application in native (no JVM) mode +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode. +# It uses a micro base image, tuned for Quarkus native executables. +# It reduces the size of the resulting container image. +# Check https://quarkus.io/guides/quarkus-runtime-base-image for further information about this image. # # Before building the container image run: # @@ -7,15 +10,19 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native-micro -t quarkus/security-openid-connect-multi-tenancy . +# docker build -f src/main/docker/Dockerfile.native-micro -t quarkus/security-openid-connect-multi-tenancy-quickstart . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/security-openid-connect-multi-tenancy +# docker run -i --rm -p 8080:8080 quarkus/security-openid-connect-multi-tenancy-quickstart # ### -FROM quay.io/quarkus/quarkus-micro-image:1.0 -COPY target/*-runner /application +FROM quay.io/quarkus/quarkus-micro-image:2.0 +WORKDIR /work/ +RUN chown 1001 /work \ + && chmod "g+rwX" /work \ + && chown 1001:root /work +COPY --chown=1001:root target/*-runner /work/application EXPOSE 8080 USER 1001 diff --git a/security-openid-connect-quickstart/pom.xml b/security-openid-connect-quickstart/pom.xml index 39f987e894..6b565b45e2 100644 --- a/security-openid-connect-quickstart/pom.xml +++ b/security-openid-connect-quickstart/pom.xml @@ -12,7 +12,7 @@ quarkus-bom io.quarkus - 999-SNAPSHOT + 2.14.0.Final 3.0.0-M7 11 11 diff --git a/security-openid-connect-quickstart/src/main/docker/Dockerfile.jvm b/security-openid-connect-quickstart/src/main/docker/Dockerfile.jvm index 07b87ceea7..adec285169 100644 --- a/security-openid-connect-quickstart/src/main/docker/Dockerfile.jvm +++ b/security-openid-connect-quickstart/src/main/docker/Dockerfile.jvm @@ -7,48 +7,88 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/security-openid-connect-jvm . +# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/security-openid-connect-quickstart-jvm . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/security-openid-connect-jvm +# docker run -i --rm -p 8080:8080 quarkus/security-openid-connect-quickstart-jvm # # If you want to include the debug port into your docker image -# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5005 # # Then run the container using : # -# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/security-openid-connect-jvm +# docker run -i --rm -p 8080:8080 quarkus/security-openid-connect-quickstart-jvm +# +# This image uses the `run-java.sh` script to run the application. +# This scripts computes the command line to execute your Java application, and +# includes memory/GC tuning. +# You can configure the behavior using the following environment properties: +# - JAVA_OPTS: JVM options passed to the `java` command (example: "-verbose:class") +# - JAVA_OPTS_APPEND: User specified Java options to be appended to generated options +# in JAVA_OPTS (example: "-Dsome.property=foo") +# - JAVA_MAX_MEM_RATIO: Is used when no `-Xmx` option is given in JAVA_OPTS. This is +# used to calculate a default maximal heap memory based on a containers restriction. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xmx` is set to a ratio +# of the container available memory as set here. The default is `50` which means 50% +# of the available memory is used as an upper boundary. You can skip this mechanism by +# setting this value to `0` in which case no `-Xmx` option is added. +# - JAVA_INITIAL_MEM_RATIO: Is used when no `-Xms` option is given in JAVA_OPTS. This +# is used to calculate a default initial heap memory based on the maximum heap memory. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xms` is set to a ratio +# of the `-Xmx` memory as set here. The default is `25` which means 25% of the `-Xmx` +# is used as the initial heap size. You can skip this mechanism by setting this value +# to `0` in which case no `-Xms` option is added (example: "25") +# - JAVA_MAX_INITIAL_MEM: Is used when no `-Xms` option is given in JAVA_OPTS. +# This is used to calculate the maximum value of the initial heap memory. If used in +# a container without any memory constraints for the container then this option has +# no effect. If there is a memory constraint then `-Xms` is limited to the value set +# here. The default is 4096MB which means the calculated value of `-Xms` never will +# be greater than 4096MB. The value of this variable is expressed in MB (example: "4096") +# - JAVA_DIAGNOSTICS: Set this to get some diagnostics information to standard output +# when things are happening. This option, if set to true, will set +# `-XX:+UnlockDiagnosticVMOptions`. Disabled by default (example: "true"). +# - JAVA_DEBUG: If set remote debugging will be switched on. Disabled by default (example: +# true"). +# - JAVA_DEBUG_PORT: Port used for remote debugging. Defaults to 5005 (example: "8787"). +# - CONTAINER_CORE_LIMIT: A calculated core limit as described in +# https://www.kernel.org/doc/Documentation/scheduler/sched-bwc.txt. (example: "2") +# - CONTAINER_MAX_MEMORY: Memory limit given to the container (example: "1024"). +# - GC_MIN_HEAP_FREE_RATIO: Minimum percentage of heap free after GC to avoid expansion. +# (example: "20") +# - GC_MAX_HEAP_FREE_RATIO: Maximum percentage of heap free after GC to avoid shrinking. +# (example: "40") +# - GC_TIME_RATIO: Specifies the ratio of the time spent outside the garbage collection. +# (example: "4") +# - GC_ADAPTIVE_SIZE_POLICY_WEIGHT: The weighting given to the current GC time versus +# previous GC times. (example: "90") +# - GC_METASPACE_SIZE: The initial metaspace size. (example: "20") +# - GC_MAX_METASPACE_SIZE: The maximum metaspace size. (example: "100") +# - GC_CONTAINER_OPTIONS: Specify Java GC to use. The value of this variable should +# contain the necessary JRE command-line options to specify the required GC, which +# will override the default of `-XX:+UseParallelGC` (example: -XX:+UseG1GC). +# - HTTPS_PROXY: The location of the https proxy. (example: "myuser@127.0.0.1:8080") +# - HTTP_PROXY: The location of the http proxy. (example: "myuser@127.0.0.1:8080") +# - NO_PROXY: A comma separated lists of hosts, IP addresses or domains that can be +# accessed directly. (example: "foo.example.com,bar.example.com") # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/openjdk-11:1.14 + +ENV LANGUAGE='en_US:en' -ARG JAVA_PACKAGE=java-11-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.8 -ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' -# Install java and the run-java script -# Also set up permissions for user `1001` -RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ - && microdnf update \ - && microdnf clean all \ - && mkdir /deployments \ - && chown 1001 /deployments \ - && chmod "g+rwX" /deployments \ - && chown 1001:root /deployments \ - && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ - && chown 1001 /deployments/run-java.sh \ - && chmod 540 /deployments/run-java.sh \ - && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security -# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. -ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" # We make four distinct layers so if there are application changes the library layers can be re-used -COPY --chown=1001 target/quarkus-app/lib/ /deployments/lib/ -COPY --chown=1001 target/quarkus-app/*.jar /deployments/ -COPY --chown=1001 target/quarkus-app/app/ /deployments/app/ -COPY --chown=1001 target/quarkus-app/quarkus/ /deployments/quarkus/ +COPY --chown=185 target/quarkus-app/lib/ /deployments/lib/ +COPY --chown=185 target/quarkus-app/*.jar /deployments/ +COPY --chown=185 target/quarkus-app/app/ /deployments/app/ +COPY --chown=185 target/quarkus-app/quarkus/ /deployments/quarkus/ EXPOSE 8080 -USER 1001 +USER 185 +ENV AB_JOLOKIA_OFF="" +ENV JAVA_OPTS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +ENV JAVA_APP_JAR="/deployments/quarkus-run.jar" -ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/security-openid-connect-quickstart/src/main/docker/Dockerfile.legacy-jar b/security-openid-connect-quickstart/src/main/docker/Dockerfile.legacy-jar index 9a7d51d059..dbe23c2167 100644 --- a/security-openid-connect-quickstart/src/main/docker/Dockerfile.legacy-jar +++ b/security-openid-connect-quickstart/src/main/docker/Dockerfile.legacy-jar @@ -7,45 +7,84 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/security-openid-connect-legacy-jar . +# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/security-openid-connect-quickstart-legacy-jar . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/security-openid-connect-legacy-jar +# docker run -i --rm -p 8080:8080 quarkus/security-openid-connect-quickstart-legacy-jar # # If you want to include the debug port into your docker image -# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5005 # # Then run the container using : # -# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/security-openid-connect-legacy-jar +# docker run -i --rm -p 8080:8080 quarkus/security-openid-connect-quickstart-legacy-jar +# +# This image uses the `run-java.sh` script to run the application. +# This scripts computes the command line to execute your Java application, and +# includes memory/GC tuning. +# You can configure the behavior using the following environment properties: +# - JAVA_OPTS: JVM options passed to the `java` command (example: "-verbose:class") +# - JAVA_OPTS_APPEND: User specified Java options to be appended to generated options +# in JAVA_OPTS (example: "-Dsome.property=foo") +# - JAVA_MAX_MEM_RATIO: Is used when no `-Xmx` option is given in JAVA_OPTS. This is +# used to calculate a default maximal heap memory based on a containers restriction. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xmx` is set to a ratio +# of the container available memory as set here. The default is `50` which means 50% +# of the available memory is used as an upper boundary. You can skip this mechanism by +# setting this value to `0` in which case no `-Xmx` option is added. +# - JAVA_INITIAL_MEM_RATIO: Is used when no `-Xms` option is given in JAVA_OPTS. This +# is used to calculate a default initial heap memory based on the maximum heap memory. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xms` is set to a ratio +# of the `-Xmx` memory as set here. The default is `25` which means 25% of the `-Xmx` +# is used as the initial heap size. You can skip this mechanism by setting this value +# to `0` in which case no `-Xms` option is added (example: "25") +# - JAVA_MAX_INITIAL_MEM: Is used when no `-Xms` option is given in JAVA_OPTS. +# This is used to calculate the maximum value of the initial heap memory. If used in +# a container without any memory constraints for the container then this option has +# no effect. If there is a memory constraint then `-Xms` is limited to the value set +# here. The default is 4096MB which means the calculated value of `-Xms` never will +# be greater than 4096MB. The value of this variable is expressed in MB (example: "4096") +# - JAVA_DIAGNOSTICS: Set this to get some diagnostics information to standard output +# when things are happening. This option, if set to true, will set +# `-XX:+UnlockDiagnosticVMOptions`. Disabled by default (example: "true"). +# - JAVA_DEBUG: If set remote debugging will be switched on. Disabled by default (example: +# true"). +# - JAVA_DEBUG_PORT: Port used for remote debugging. Defaults to 5005 (example: "8787"). +# - CONTAINER_CORE_LIMIT: A calculated core limit as described in +# https://www.kernel.org/doc/Documentation/scheduler/sched-bwc.txt. (example: "2") +# - CONTAINER_MAX_MEMORY: Memory limit given to the container (example: "1024"). +# - GC_MIN_HEAP_FREE_RATIO: Minimum percentage of heap free after GC to avoid expansion. +# (example: "20") +# - GC_MAX_HEAP_FREE_RATIO: Maximum percentage of heap free after GC to avoid shrinking. +# (example: "40") +# - GC_TIME_RATIO: Specifies the ratio of the time spent outside the garbage collection. +# (example: "4") +# - GC_ADAPTIVE_SIZE_POLICY_WEIGHT: The weighting given to the current GC time versus +# previous GC times. (example: "90") +# - GC_METASPACE_SIZE: The initial metaspace size. (example: "20") +# - GC_MAX_METASPACE_SIZE: The maximum metaspace size. (example: "100") +# - GC_CONTAINER_OPTIONS: Specify Java GC to use. The value of this variable should +# contain the necessary JRE command-line options to specify the required GC, which +# will override the default of `-XX:+UseParallelGC` (example: -XX:+UseG1GC). +# - HTTPS_PROXY: The location of the https proxy. (example: "myuser@127.0.0.1:8080") +# - HTTP_PROXY: The location of the http proxy. (example: "myuser@127.0.0.1:8080") +# - NO_PROXY: A comma separated lists of hosts, IP addresses or domains that can be +# accessed directly. (example: "foo.example.com,bar.example.com") # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/openjdk-11:1.14 + +ENV LANGUAGE='en_US:en' -ARG JAVA_PACKAGE=java-11-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.8 -ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' -# Install java and the run-java script -# Also set up permissions for user `1001` -RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ - && microdnf update \ - && microdnf clean all \ - && mkdir /deployments \ - && chown 1001 /deployments \ - && chmod "g+rwX" /deployments \ - && chown 1001:root /deployments \ - && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ - && chown 1001 /deployments/run-java.sh \ - && chmod 540 /deployments/run-java.sh \ - && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security -# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. -ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" COPY target/lib/* /deployments/lib/ -COPY target/*-runner.jar /deployments/app.jar +COPY target/*-runner.jar /deployments/quarkus-run.jar EXPOSE 8080 -USER 1001 - -ENTRYPOINT [ "/deployments/run-java.sh" ] +USER 185 +ENV AB_JOLOKIA_OFF="" +ENV JAVA_OPTS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +ENV JAVA_APP_JAR="/deployments/quarkus-run.jar" diff --git a/security-openid-connect-quickstart/src/main/docker/Dockerfile.native b/security-openid-connect-quickstart/src/main/docker/Dockerfile.native index 80a5e61e1a..e126bb4efb 100644 --- a/security-openid-connect-quickstart/src/main/docker/Dockerfile.native +++ b/security-openid-connect-quickstart/src/main/docker/Dockerfile.native @@ -1,5 +1,5 @@ #### -# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode. # # Before building the container image run: # @@ -7,14 +7,14 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native -t quarkus/security-openid-connect . +# docker build -f src/main/docker/Dockerfile.native -t quarkus/security-openid-connect-quickstart . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/security-openid-connect +# docker run -i --rm -p 8080:8080 quarkus/security-openid-connect-quickstart # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.6 WORKDIR /work/ RUN chown 1001 /work \ && chmod "g+rwX" /work \ diff --git a/security-openid-connect-quickstart/src/main/docker/Dockerfile.native-micro b/security-openid-connect-quickstart/src/main/docker/Dockerfile.native-micro index 9034135930..9d41982b82 100644 --- a/security-openid-connect-quickstart/src/main/docker/Dockerfile.native-micro +++ b/security-openid-connect-quickstart/src/main/docker/Dockerfile.native-micro @@ -1,5 +1,8 @@ #### -# This Dockerfile is used in order to build a distroless container that runs the Quarkus application in native (no JVM) mode +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode. +# It uses a micro base image, tuned for Quarkus native executables. +# It reduces the size of the resulting container image. +# Check https://quarkus.io/guides/quarkus-runtime-base-image for further information about this image. # # Before building the container image run: # @@ -7,15 +10,19 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native-micro -t quarkus/security-openid-connect . +# docker build -f src/main/docker/Dockerfile.native-micro -t quarkus/security-openid-connect-quickstart . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/security-openid-connect +# docker run -i --rm -p 8080:8080 quarkus/security-openid-connect-quickstart # ### -FROM quay.io/quarkus/quarkus-micro-image:1.0 -COPY target/*-runner /application +FROM quay.io/quarkus/quarkus-micro-image:2.0 +WORKDIR /work/ +RUN chown 1001 /work \ + && chmod "g+rwX" /work \ + && chown 1001:root /work +COPY --chown=1001:root target/*-runner /work/application EXPOSE 8080 USER 1001 diff --git a/security-openid-connect-web-authentication-quickstart/pom.xml b/security-openid-connect-web-authentication-quickstart/pom.xml index 0639343ddb..4aff9dda26 100644 --- a/security-openid-connect-web-authentication-quickstart/pom.xml +++ b/security-openid-connect-web-authentication-quickstart/pom.xml @@ -12,7 +12,7 @@ quarkus-bom io.quarkus - 999-SNAPSHOT + 2.14.0.Final 3.0.0-M7 11 11 diff --git a/security-openid-connect-web-authentication-quickstart/src/main/docker/Dockerfile.jvm b/security-openid-connect-web-authentication-quickstart/src/main/docker/Dockerfile.jvm index f2f85c84ae..3f982a4989 100644 --- a/security-openid-connect-web-authentication-quickstart/src/main/docker/Dockerfile.jvm +++ b/security-openid-connect-web-authentication-quickstart/src/main/docker/Dockerfile.jvm @@ -7,48 +7,88 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/security-openid-connect-web-authentication-jvm . +# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/security-openid-connect-web-authentication-quickstart-jvm . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/security-openid-connect-web-authentication-jvm +# docker run -i --rm -p 8080:8080 quarkus/security-openid-connect-web-authentication-quickstart-jvm # # If you want to include the debug port into your docker image -# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5005 # # Then run the container using : # -# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/security-openid-connect-web-authentication-jvm +# docker run -i --rm -p 8080:8080 quarkus/security-openid-connect-web-authentication-quickstart-jvm +# +# This image uses the `run-java.sh` script to run the application. +# This scripts computes the command line to execute your Java application, and +# includes memory/GC tuning. +# You can configure the behavior using the following environment properties: +# - JAVA_OPTS: JVM options passed to the `java` command (example: "-verbose:class") +# - JAVA_OPTS_APPEND: User specified Java options to be appended to generated options +# in JAVA_OPTS (example: "-Dsome.property=foo") +# - JAVA_MAX_MEM_RATIO: Is used when no `-Xmx` option is given in JAVA_OPTS. This is +# used to calculate a default maximal heap memory based on a containers restriction. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xmx` is set to a ratio +# of the container available memory as set here. The default is `50` which means 50% +# of the available memory is used as an upper boundary. You can skip this mechanism by +# setting this value to `0` in which case no `-Xmx` option is added. +# - JAVA_INITIAL_MEM_RATIO: Is used when no `-Xms` option is given in JAVA_OPTS. This +# is used to calculate a default initial heap memory based on the maximum heap memory. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xms` is set to a ratio +# of the `-Xmx` memory as set here. The default is `25` which means 25% of the `-Xmx` +# is used as the initial heap size. You can skip this mechanism by setting this value +# to `0` in which case no `-Xms` option is added (example: "25") +# - JAVA_MAX_INITIAL_MEM: Is used when no `-Xms` option is given in JAVA_OPTS. +# This is used to calculate the maximum value of the initial heap memory. If used in +# a container without any memory constraints for the container then this option has +# no effect. If there is a memory constraint then `-Xms` is limited to the value set +# here. The default is 4096MB which means the calculated value of `-Xms` never will +# be greater than 4096MB. The value of this variable is expressed in MB (example: "4096") +# - JAVA_DIAGNOSTICS: Set this to get some diagnostics information to standard output +# when things are happening. This option, if set to true, will set +# `-XX:+UnlockDiagnosticVMOptions`. Disabled by default (example: "true"). +# - JAVA_DEBUG: If set remote debugging will be switched on. Disabled by default (example: +# true"). +# - JAVA_DEBUG_PORT: Port used for remote debugging. Defaults to 5005 (example: "8787"). +# - CONTAINER_CORE_LIMIT: A calculated core limit as described in +# https://www.kernel.org/doc/Documentation/scheduler/sched-bwc.txt. (example: "2") +# - CONTAINER_MAX_MEMORY: Memory limit given to the container (example: "1024"). +# - GC_MIN_HEAP_FREE_RATIO: Minimum percentage of heap free after GC to avoid expansion. +# (example: "20") +# - GC_MAX_HEAP_FREE_RATIO: Maximum percentage of heap free after GC to avoid shrinking. +# (example: "40") +# - GC_TIME_RATIO: Specifies the ratio of the time spent outside the garbage collection. +# (example: "4") +# - GC_ADAPTIVE_SIZE_POLICY_WEIGHT: The weighting given to the current GC time versus +# previous GC times. (example: "90") +# - GC_METASPACE_SIZE: The initial metaspace size. (example: "20") +# - GC_MAX_METASPACE_SIZE: The maximum metaspace size. (example: "100") +# - GC_CONTAINER_OPTIONS: Specify Java GC to use. The value of this variable should +# contain the necessary JRE command-line options to specify the required GC, which +# will override the default of `-XX:+UseParallelGC` (example: -XX:+UseG1GC). +# - HTTPS_PROXY: The location of the https proxy. (example: "myuser@127.0.0.1:8080") +# - HTTP_PROXY: The location of the http proxy. (example: "myuser@127.0.0.1:8080") +# - NO_PROXY: A comma separated lists of hosts, IP addresses or domains that can be +# accessed directly. (example: "foo.example.com,bar.example.com") # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/openjdk-11:1.14 + +ENV LANGUAGE='en_US:en' -ARG JAVA_PACKAGE=java-11-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.8 -ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' -# Install java and the run-java script -# Also set up permissions for user `1001` -RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ - && microdnf update \ - && microdnf clean all \ - && mkdir /deployments \ - && chown 1001 /deployments \ - && chmod "g+rwX" /deployments \ - && chown 1001:root /deployments \ - && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ - && chown 1001 /deployments/run-java.sh \ - && chmod 540 /deployments/run-java.sh \ - && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security -# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. -ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" # We make four distinct layers so if there are application changes the library layers can be re-used -COPY --chown=1001 target/quarkus-app/lib/ /deployments/lib/ -COPY --chown=1001 target/quarkus-app/*.jar /deployments/ -COPY --chown=1001 target/quarkus-app/app/ /deployments/app/ -COPY --chown=1001 target/quarkus-app/quarkus/ /deployments/quarkus/ +COPY --chown=185 target/quarkus-app/lib/ /deployments/lib/ +COPY --chown=185 target/quarkus-app/*.jar /deployments/ +COPY --chown=185 target/quarkus-app/app/ /deployments/app/ +COPY --chown=185 target/quarkus-app/quarkus/ /deployments/quarkus/ EXPOSE 8080 -USER 1001 +USER 185 +ENV AB_JOLOKIA_OFF="" +ENV JAVA_OPTS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +ENV JAVA_APP_JAR="/deployments/quarkus-run.jar" -ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/security-openid-connect-web-authentication-quickstart/src/main/docker/Dockerfile.legacy-jar b/security-openid-connect-web-authentication-quickstart/src/main/docker/Dockerfile.legacy-jar index bdeaf3d966..5ec242a6d2 100644 --- a/security-openid-connect-web-authentication-quickstart/src/main/docker/Dockerfile.legacy-jar +++ b/security-openid-connect-web-authentication-quickstart/src/main/docker/Dockerfile.legacy-jar @@ -7,45 +7,84 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/security-openid-connect-web-authentication-legacy-jar . +# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/security-openid-connect-web-authentication-quickstart-legacy-jar . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/security-openid-connect-web-authentication-legacy-jar +# docker run -i --rm -p 8080:8080 quarkus/security-openid-connect-web-authentication-quickstart-legacy-jar # # If you want to include the debug port into your docker image -# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5005 # # Then run the container using : # -# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/security-openid-connect-web-authentication-legacy-jar +# docker run -i --rm -p 8080:8080 quarkus/security-openid-connect-web-authentication-quickstart-legacy-jar +# +# This image uses the `run-java.sh` script to run the application. +# This scripts computes the command line to execute your Java application, and +# includes memory/GC tuning. +# You can configure the behavior using the following environment properties: +# - JAVA_OPTS: JVM options passed to the `java` command (example: "-verbose:class") +# - JAVA_OPTS_APPEND: User specified Java options to be appended to generated options +# in JAVA_OPTS (example: "-Dsome.property=foo") +# - JAVA_MAX_MEM_RATIO: Is used when no `-Xmx` option is given in JAVA_OPTS. This is +# used to calculate a default maximal heap memory based on a containers restriction. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xmx` is set to a ratio +# of the container available memory as set here. The default is `50` which means 50% +# of the available memory is used as an upper boundary. You can skip this mechanism by +# setting this value to `0` in which case no `-Xmx` option is added. +# - JAVA_INITIAL_MEM_RATIO: Is used when no `-Xms` option is given in JAVA_OPTS. This +# is used to calculate a default initial heap memory based on the maximum heap memory. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xms` is set to a ratio +# of the `-Xmx` memory as set here. The default is `25` which means 25% of the `-Xmx` +# is used as the initial heap size. You can skip this mechanism by setting this value +# to `0` in which case no `-Xms` option is added (example: "25") +# - JAVA_MAX_INITIAL_MEM: Is used when no `-Xms` option is given in JAVA_OPTS. +# This is used to calculate the maximum value of the initial heap memory. If used in +# a container without any memory constraints for the container then this option has +# no effect. If there is a memory constraint then `-Xms` is limited to the value set +# here. The default is 4096MB which means the calculated value of `-Xms` never will +# be greater than 4096MB. The value of this variable is expressed in MB (example: "4096") +# - JAVA_DIAGNOSTICS: Set this to get some diagnostics information to standard output +# when things are happening. This option, if set to true, will set +# `-XX:+UnlockDiagnosticVMOptions`. Disabled by default (example: "true"). +# - JAVA_DEBUG: If set remote debugging will be switched on. Disabled by default (example: +# true"). +# - JAVA_DEBUG_PORT: Port used for remote debugging. Defaults to 5005 (example: "8787"). +# - CONTAINER_CORE_LIMIT: A calculated core limit as described in +# https://www.kernel.org/doc/Documentation/scheduler/sched-bwc.txt. (example: "2") +# - CONTAINER_MAX_MEMORY: Memory limit given to the container (example: "1024"). +# - GC_MIN_HEAP_FREE_RATIO: Minimum percentage of heap free after GC to avoid expansion. +# (example: "20") +# - GC_MAX_HEAP_FREE_RATIO: Maximum percentage of heap free after GC to avoid shrinking. +# (example: "40") +# - GC_TIME_RATIO: Specifies the ratio of the time spent outside the garbage collection. +# (example: "4") +# - GC_ADAPTIVE_SIZE_POLICY_WEIGHT: The weighting given to the current GC time versus +# previous GC times. (example: "90") +# - GC_METASPACE_SIZE: The initial metaspace size. (example: "20") +# - GC_MAX_METASPACE_SIZE: The maximum metaspace size. (example: "100") +# - GC_CONTAINER_OPTIONS: Specify Java GC to use. The value of this variable should +# contain the necessary JRE command-line options to specify the required GC, which +# will override the default of `-XX:+UseParallelGC` (example: -XX:+UseG1GC). +# - HTTPS_PROXY: The location of the https proxy. (example: "myuser@127.0.0.1:8080") +# - HTTP_PROXY: The location of the http proxy. (example: "myuser@127.0.0.1:8080") +# - NO_PROXY: A comma separated lists of hosts, IP addresses or domains that can be +# accessed directly. (example: "foo.example.com,bar.example.com") # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/openjdk-11:1.14 + +ENV LANGUAGE='en_US:en' -ARG JAVA_PACKAGE=java-11-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.8 -ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' -# Install java and the run-java script -# Also set up permissions for user `1001` -RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ - && microdnf update \ - && microdnf clean all \ - && mkdir /deployments \ - && chown 1001 /deployments \ - && chmod "g+rwX" /deployments \ - && chown 1001:root /deployments \ - && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ - && chown 1001 /deployments/run-java.sh \ - && chmod 540 /deployments/run-java.sh \ - && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security -# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. -ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" COPY target/lib/* /deployments/lib/ -COPY target/*-runner.jar /deployments/app.jar +COPY target/*-runner.jar /deployments/quarkus-run.jar EXPOSE 8080 -USER 1001 - -ENTRYPOINT [ "/deployments/run-java.sh" ] +USER 185 +ENV AB_JOLOKIA_OFF="" +ENV JAVA_OPTS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +ENV JAVA_APP_JAR="/deployments/quarkus-run.jar" diff --git a/security-openid-connect-web-authentication-quickstart/src/main/docker/Dockerfile.native b/security-openid-connect-web-authentication-quickstart/src/main/docker/Dockerfile.native index f33fc47c16..2e730c6d95 100644 --- a/security-openid-connect-web-authentication-quickstart/src/main/docker/Dockerfile.native +++ b/security-openid-connect-web-authentication-quickstart/src/main/docker/Dockerfile.native @@ -1,5 +1,5 @@ #### -# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode. # # Before building the container image run: # @@ -7,14 +7,14 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native -t quarkus/security-openid-connect-web-authentication . +# docker build -f src/main/docker/Dockerfile.native -t quarkus/security-openid-connect-web-authentication-quickstart . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/security-openid-connect-web-authentication +# docker run -i --rm -p 8080:8080 quarkus/security-openid-connect-web-authentication-quickstart # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.6 WORKDIR /work/ RUN chown 1001 /work \ && chmod "g+rwX" /work \ diff --git a/security-openid-connect-web-authentication-quickstart/src/main/docker/Dockerfile.native-micro b/security-openid-connect-web-authentication-quickstart/src/main/docker/Dockerfile.native-micro index c4e593994b..9968dacc29 100644 --- a/security-openid-connect-web-authentication-quickstart/src/main/docker/Dockerfile.native-micro +++ b/security-openid-connect-web-authentication-quickstart/src/main/docker/Dockerfile.native-micro @@ -1,5 +1,8 @@ #### -# This Dockerfile is used in order to build a distroless container that runs the Quarkus application in native (no JVM) mode +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode. +# It uses a micro base image, tuned for Quarkus native executables. +# It reduces the size of the resulting container image. +# Check https://quarkus.io/guides/quarkus-runtime-base-image for further information about this image. # # Before building the container image run: # @@ -7,15 +10,19 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native-micro -t quarkus/security-openid-connect-web-authentication . +# docker build -f src/main/docker/Dockerfile.native-micro -t quarkus/security-openid-connect-web-authentication-quickstart . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/security-openid-connect-web-authentication +# docker run -i --rm -p 8080:8080 quarkus/security-openid-connect-web-authentication-quickstart # ### -FROM quay.io/quarkus/quarkus-micro-image:1.0 -COPY target/*-runner /application +FROM quay.io/quarkus/quarkus-micro-image:2.0 +WORKDIR /work/ +RUN chown 1001 /work \ + && chmod "g+rwX" /work \ + && chown 1001:root /work +COPY --chown=1001:root target/*-runner /work/application EXPOSE 8080 USER 1001 diff --git a/security-webauthn-quickstart/pom.xml b/security-webauthn-quickstart/pom.xml index 3f825cbe84..f2f2cc92ab 100644 --- a/security-webauthn-quickstart/pom.xml +++ b/security-webauthn-quickstart/pom.xml @@ -12,7 +12,7 @@ UTF-8 quarkus-bom io.quarkus - 999-SNAPSHOT + 2.14.0.Final 3.0.0-M7 diff --git a/security-webauthn-quickstart/src/main/docker/Dockerfile.jvm b/security-webauthn-quickstart/src/main/docker/Dockerfile.jvm index 68b111889b..9a39495ede 100644 --- a/security-webauthn-quickstart/src/main/docker/Dockerfile.jvm +++ b/security-webauthn-quickstart/src/main/docker/Dockerfile.jvm @@ -75,9 +75,9 @@ # accessed directly. (example: "foo.example.com,bar.example.com") # ### -FROM registry.access.redhat.com/ubi8/openjdk-11:1.11 +FROM registry.access.redhat.com/ubi8/openjdk-11:1.14 -ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' +ENV LANGUAGE='en_US:en' # We make four distinct layers so if there are application changes the library layers can be re-used diff --git a/security-webauthn-quickstart/src/main/docker/Dockerfile.legacy-jar b/security-webauthn-quickstart/src/main/docker/Dockerfile.legacy-jar index f615fe80b3..a3e6190e3c 100644 --- a/security-webauthn-quickstart/src/main/docker/Dockerfile.legacy-jar +++ b/security-webauthn-quickstart/src/main/docker/Dockerfile.legacy-jar @@ -75,9 +75,9 @@ # accessed directly. (example: "foo.example.com,bar.example.com") # ### -FROM registry.access.redhat.com/ubi8/openjdk-11:1.11 +FROM registry.access.redhat.com/ubi8/openjdk-11:1.14 -ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' +ENV LANGUAGE='en_US:en' COPY target/lib/* /deployments/lib/ diff --git a/security-webauthn-quickstart/src/main/docker/Dockerfile.native b/security-webauthn-quickstart/src/main/docker/Dockerfile.native index 482c2511c6..6820ddf36b 100644 --- a/security-webauthn-quickstart/src/main/docker/Dockerfile.native +++ b/security-webauthn-quickstart/src/main/docker/Dockerfile.native @@ -14,7 +14,7 @@ # docker run -i --rm -p 8080:8080 quarkus/security-webauthn-quickstart # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.5 +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.6 WORKDIR /work/ RUN chown 1001 /work \ && chmod "g+rwX" /work \ diff --git a/security-webauthn-quickstart/src/main/docker/Dockerfile.native-micro b/security-webauthn-quickstart/src/main/docker/Dockerfile.native-micro index 8629470690..71dcb78a87 100644 --- a/security-webauthn-quickstart/src/main/docker/Dockerfile.native-micro +++ b/security-webauthn-quickstart/src/main/docker/Dockerfile.native-micro @@ -17,7 +17,7 @@ # docker run -i --rm -p 8080:8080 quarkus/security-webauthn-quickstart # ### -FROM quay.io/quarkus/quarkus-micro-image:1.0 +FROM quay.io/quarkus/quarkus-micro-image:2.0 WORKDIR /work/ RUN chown 1001 /work \ && chmod "g+rwX" /work \ diff --git a/software-transactional-memory-quickstart/pom.xml b/software-transactional-memory-quickstart/pom.xml index f9cf59a7ea..2db29c71f4 100644 --- a/software-transactional-memory-quickstart/pom.xml +++ b/software-transactional-memory-quickstart/pom.xml @@ -11,7 +11,7 @@ 3.0.0-M7 quarkus-bom io.quarkus - 999-SNAPSHOT + 2.14.0.Final 11 11 diff --git a/software-transactional-memory-quickstart/src/main/docker/Dockerfile.jvm b/software-transactional-memory-quickstart/src/main/docker/Dockerfile.jvm index b98da3c82b..51fdca9252 100644 --- a/software-transactional-memory-quickstart/src/main/docker/Dockerfile.jvm +++ b/software-transactional-memory-quickstart/src/main/docker/Dockerfile.jvm @@ -7,48 +7,88 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/software-transactional-memory-jvm . +# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/software-transactional-memory-quickstart-jvm . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/software-transactional-memory-jvm +# docker run -i --rm -p 8080:8080 quarkus/software-transactional-memory-quickstart-jvm # # If you want to include the debug port into your docker image -# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5005 # # Then run the container using : # -# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/software-transactional-memory-jvm +# docker run -i --rm -p 8080:8080 quarkus/software-transactional-memory-quickstart-jvm +# +# This image uses the `run-java.sh` script to run the application. +# This scripts computes the command line to execute your Java application, and +# includes memory/GC tuning. +# You can configure the behavior using the following environment properties: +# - JAVA_OPTS: JVM options passed to the `java` command (example: "-verbose:class") +# - JAVA_OPTS_APPEND: User specified Java options to be appended to generated options +# in JAVA_OPTS (example: "-Dsome.property=foo") +# - JAVA_MAX_MEM_RATIO: Is used when no `-Xmx` option is given in JAVA_OPTS. This is +# used to calculate a default maximal heap memory based on a containers restriction. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xmx` is set to a ratio +# of the container available memory as set here. The default is `50` which means 50% +# of the available memory is used as an upper boundary. You can skip this mechanism by +# setting this value to `0` in which case no `-Xmx` option is added. +# - JAVA_INITIAL_MEM_RATIO: Is used when no `-Xms` option is given in JAVA_OPTS. This +# is used to calculate a default initial heap memory based on the maximum heap memory. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xms` is set to a ratio +# of the `-Xmx` memory as set here. The default is `25` which means 25% of the `-Xmx` +# is used as the initial heap size. You can skip this mechanism by setting this value +# to `0` in which case no `-Xms` option is added (example: "25") +# - JAVA_MAX_INITIAL_MEM: Is used when no `-Xms` option is given in JAVA_OPTS. +# This is used to calculate the maximum value of the initial heap memory. If used in +# a container without any memory constraints for the container then this option has +# no effect. If there is a memory constraint then `-Xms` is limited to the value set +# here. The default is 4096MB which means the calculated value of `-Xms` never will +# be greater than 4096MB. The value of this variable is expressed in MB (example: "4096") +# - JAVA_DIAGNOSTICS: Set this to get some diagnostics information to standard output +# when things are happening. This option, if set to true, will set +# `-XX:+UnlockDiagnosticVMOptions`. Disabled by default (example: "true"). +# - JAVA_DEBUG: If set remote debugging will be switched on. Disabled by default (example: +# true"). +# - JAVA_DEBUG_PORT: Port used for remote debugging. Defaults to 5005 (example: "8787"). +# - CONTAINER_CORE_LIMIT: A calculated core limit as described in +# https://www.kernel.org/doc/Documentation/scheduler/sched-bwc.txt. (example: "2") +# - CONTAINER_MAX_MEMORY: Memory limit given to the container (example: "1024"). +# - GC_MIN_HEAP_FREE_RATIO: Minimum percentage of heap free after GC to avoid expansion. +# (example: "20") +# - GC_MAX_HEAP_FREE_RATIO: Maximum percentage of heap free after GC to avoid shrinking. +# (example: "40") +# - GC_TIME_RATIO: Specifies the ratio of the time spent outside the garbage collection. +# (example: "4") +# - GC_ADAPTIVE_SIZE_POLICY_WEIGHT: The weighting given to the current GC time versus +# previous GC times. (example: "90") +# - GC_METASPACE_SIZE: The initial metaspace size. (example: "20") +# - GC_MAX_METASPACE_SIZE: The maximum metaspace size. (example: "100") +# - GC_CONTAINER_OPTIONS: Specify Java GC to use. The value of this variable should +# contain the necessary JRE command-line options to specify the required GC, which +# will override the default of `-XX:+UseParallelGC` (example: -XX:+UseG1GC). +# - HTTPS_PROXY: The location of the https proxy. (example: "myuser@127.0.0.1:8080") +# - HTTP_PROXY: The location of the http proxy. (example: "myuser@127.0.0.1:8080") +# - NO_PROXY: A comma separated lists of hosts, IP addresses or domains that can be +# accessed directly. (example: "foo.example.com,bar.example.com") # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/openjdk-11:1.14 + +ENV LANGUAGE='en_US:en' -ARG JAVA_PACKAGE=java-11-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.8 -ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' -# Install java and the run-java script -# Also set up permissions for user `1001` -RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ - && microdnf update \ - && microdnf clean all \ - && mkdir /deployments \ - && chown 1001 /deployments \ - && chmod "g+rwX" /deployments \ - && chown 1001:root /deployments \ - && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ - && chown 1001 /deployments/run-java.sh \ - && chmod 540 /deployments/run-java.sh \ - && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security -# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. -ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" # We make four distinct layers so if there are application changes the library layers can be re-used -COPY --chown=1001 target/quarkus-app/lib/ /deployments/lib/ -COPY --chown=1001 target/quarkus-app/*.jar /deployments/ -COPY --chown=1001 target/quarkus-app/app/ /deployments/app/ -COPY --chown=1001 target/quarkus-app/quarkus/ /deployments/quarkus/ +COPY --chown=185 target/quarkus-app/lib/ /deployments/lib/ +COPY --chown=185 target/quarkus-app/*.jar /deployments/ +COPY --chown=185 target/quarkus-app/app/ /deployments/app/ +COPY --chown=185 target/quarkus-app/quarkus/ /deployments/quarkus/ EXPOSE 8080 -USER 1001 +USER 185 +ENV AB_JOLOKIA_OFF="" +ENV JAVA_OPTS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +ENV JAVA_APP_JAR="/deployments/quarkus-run.jar" -ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/software-transactional-memory-quickstart/src/main/docker/Dockerfile.legacy-jar b/software-transactional-memory-quickstart/src/main/docker/Dockerfile.legacy-jar index 09e4f07d30..0fbfea11ce 100644 --- a/software-transactional-memory-quickstart/src/main/docker/Dockerfile.legacy-jar +++ b/software-transactional-memory-quickstart/src/main/docker/Dockerfile.legacy-jar @@ -7,45 +7,84 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/software-transactional-memory-legacy-jar . +# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/software-transactional-memory-quickstart-legacy-jar . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/software-transactional-memory-legacy-jar +# docker run -i --rm -p 8080:8080 quarkus/software-transactional-memory-quickstart-legacy-jar # # If you want to include the debug port into your docker image -# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5005 # # Then run the container using : # -# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/software-transactional-memory-legacy-jar +# docker run -i --rm -p 8080:8080 quarkus/software-transactional-memory-quickstart-legacy-jar +# +# This image uses the `run-java.sh` script to run the application. +# This scripts computes the command line to execute your Java application, and +# includes memory/GC tuning. +# You can configure the behavior using the following environment properties: +# - JAVA_OPTS: JVM options passed to the `java` command (example: "-verbose:class") +# - JAVA_OPTS_APPEND: User specified Java options to be appended to generated options +# in JAVA_OPTS (example: "-Dsome.property=foo") +# - JAVA_MAX_MEM_RATIO: Is used when no `-Xmx` option is given in JAVA_OPTS. This is +# used to calculate a default maximal heap memory based on a containers restriction. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xmx` is set to a ratio +# of the container available memory as set here. The default is `50` which means 50% +# of the available memory is used as an upper boundary. You can skip this mechanism by +# setting this value to `0` in which case no `-Xmx` option is added. +# - JAVA_INITIAL_MEM_RATIO: Is used when no `-Xms` option is given in JAVA_OPTS. This +# is used to calculate a default initial heap memory based on the maximum heap memory. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xms` is set to a ratio +# of the `-Xmx` memory as set here. The default is `25` which means 25% of the `-Xmx` +# is used as the initial heap size. You can skip this mechanism by setting this value +# to `0` in which case no `-Xms` option is added (example: "25") +# - JAVA_MAX_INITIAL_MEM: Is used when no `-Xms` option is given in JAVA_OPTS. +# This is used to calculate the maximum value of the initial heap memory. If used in +# a container without any memory constraints for the container then this option has +# no effect. If there is a memory constraint then `-Xms` is limited to the value set +# here. The default is 4096MB which means the calculated value of `-Xms` never will +# be greater than 4096MB. The value of this variable is expressed in MB (example: "4096") +# - JAVA_DIAGNOSTICS: Set this to get some diagnostics information to standard output +# when things are happening. This option, if set to true, will set +# `-XX:+UnlockDiagnosticVMOptions`. Disabled by default (example: "true"). +# - JAVA_DEBUG: If set remote debugging will be switched on. Disabled by default (example: +# true"). +# - JAVA_DEBUG_PORT: Port used for remote debugging. Defaults to 5005 (example: "8787"). +# - CONTAINER_CORE_LIMIT: A calculated core limit as described in +# https://www.kernel.org/doc/Documentation/scheduler/sched-bwc.txt. (example: "2") +# - CONTAINER_MAX_MEMORY: Memory limit given to the container (example: "1024"). +# - GC_MIN_HEAP_FREE_RATIO: Minimum percentage of heap free after GC to avoid expansion. +# (example: "20") +# - GC_MAX_HEAP_FREE_RATIO: Maximum percentage of heap free after GC to avoid shrinking. +# (example: "40") +# - GC_TIME_RATIO: Specifies the ratio of the time spent outside the garbage collection. +# (example: "4") +# - GC_ADAPTIVE_SIZE_POLICY_WEIGHT: The weighting given to the current GC time versus +# previous GC times. (example: "90") +# - GC_METASPACE_SIZE: The initial metaspace size. (example: "20") +# - GC_MAX_METASPACE_SIZE: The maximum metaspace size. (example: "100") +# - GC_CONTAINER_OPTIONS: Specify Java GC to use. The value of this variable should +# contain the necessary JRE command-line options to specify the required GC, which +# will override the default of `-XX:+UseParallelGC` (example: -XX:+UseG1GC). +# - HTTPS_PROXY: The location of the https proxy. (example: "myuser@127.0.0.1:8080") +# - HTTP_PROXY: The location of the http proxy. (example: "myuser@127.0.0.1:8080") +# - NO_PROXY: A comma separated lists of hosts, IP addresses or domains that can be +# accessed directly. (example: "foo.example.com,bar.example.com") # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/openjdk-11:1.14 + +ENV LANGUAGE='en_US:en' -ARG JAVA_PACKAGE=java-11-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.8 -ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' -# Install java and the run-java script -# Also set up permissions for user `1001` -RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ - && microdnf update \ - && microdnf clean all \ - && mkdir /deployments \ - && chown 1001 /deployments \ - && chmod "g+rwX" /deployments \ - && chown 1001:root /deployments \ - && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ - && chown 1001 /deployments/run-java.sh \ - && chmod 540 /deployments/run-java.sh \ - && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security -# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. -ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" COPY target/lib/* /deployments/lib/ -COPY target/*-runner.jar /deployments/app.jar +COPY target/*-runner.jar /deployments/quarkus-run.jar EXPOSE 8080 -USER 1001 - -ENTRYPOINT [ "/deployments/run-java.sh" ] +USER 185 +ENV AB_JOLOKIA_OFF="" +ENV JAVA_OPTS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +ENV JAVA_APP_JAR="/deployments/quarkus-run.jar" diff --git a/software-transactional-memory-quickstart/src/main/docker/Dockerfile.native b/software-transactional-memory-quickstart/src/main/docker/Dockerfile.native index 21759be401..f12facce33 100644 --- a/software-transactional-memory-quickstart/src/main/docker/Dockerfile.native +++ b/software-transactional-memory-quickstart/src/main/docker/Dockerfile.native @@ -1,5 +1,5 @@ #### -# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode. # # Before building the container image run: # @@ -7,14 +7,14 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native -t quarkus/software-transactional-memory . +# docker build -f src/main/docker/Dockerfile.native -t quarkus/software-transactional-memory-quickstart . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/software-transactional-memory +# docker run -i --rm -p 8080:8080 quarkus/software-transactional-memory-quickstart # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.6 WORKDIR /work/ RUN chown 1001 /work \ && chmod "g+rwX" /work \ diff --git a/software-transactional-memory-quickstart/src/main/docker/Dockerfile.native-micro b/software-transactional-memory-quickstart/src/main/docker/Dockerfile.native-micro index a062d3ddae..949e6e7e82 100644 --- a/software-transactional-memory-quickstart/src/main/docker/Dockerfile.native-micro +++ b/software-transactional-memory-quickstart/src/main/docker/Dockerfile.native-micro @@ -1,5 +1,8 @@ #### -# This Dockerfile is used in order to build a distroless container that runs the Quarkus application in native (no JVM) mode +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode. +# It uses a micro base image, tuned for Quarkus native executables. +# It reduces the size of the resulting container image. +# Check https://quarkus.io/guides/quarkus-runtime-base-image for further information about this image. # # Before building the container image run: # @@ -7,15 +10,19 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native-micro -t quarkus/software-transactional-memory . +# docker build -f src/main/docker/Dockerfile.native-micro -t quarkus/software-transactional-memory-quickstart . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/software-transactional-memory +# docker run -i --rm -p 8080:8080 quarkus/software-transactional-memory-quickstart # ### -FROM quay.io/quarkus/quarkus-micro-image:1.0 -COPY target/*-runner /application +FROM quay.io/quarkus/quarkus-micro-image:2.0 +WORKDIR /work/ +RUN chown 1001 /work \ + && chmod "g+rwX" /work \ + && chown 1001:root /work +COPY --chown=1001:root target/*-runner /work/application EXPOSE 8080 USER 1001 diff --git a/spring-boot-properties-quickstart/pom.xml b/spring-boot-properties-quickstart/pom.xml index 0cfa24d642..e86ba44fd6 100644 --- a/spring-boot-properties-quickstart/pom.xml +++ b/spring-boot-properties-quickstart/pom.xml @@ -8,7 +8,7 @@ quarkus-bom io.quarkus - 999-SNAPSHOT + 2.14.0.Final 3.0.0-M7 3.8.1 true diff --git a/spring-boot-properties-quickstart/src/main/docker/Dockerfile.jvm b/spring-boot-properties-quickstart/src/main/docker/Dockerfile.jvm index e2a916832a..3198c34514 100644 --- a/spring-boot-properties-quickstart/src/main/docker/Dockerfile.jvm +++ b/spring-boot-properties-quickstart/src/main/docker/Dockerfile.jvm @@ -7,48 +7,88 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/spring-boot-properties-jvm . +# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/spring-boot-properties-quickstart-jvm . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/spring-boot-properties-jvm +# docker run -i --rm -p 8080:8080 quarkus/spring-boot-properties-quickstart-jvm # # If you want to include the debug port into your docker image -# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5005 # # Then run the container using : # -# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/spring-boot-properties-jvm +# docker run -i --rm -p 8080:8080 quarkus/spring-boot-properties-quickstart-jvm +# +# This image uses the `run-java.sh` script to run the application. +# This scripts computes the command line to execute your Java application, and +# includes memory/GC tuning. +# You can configure the behavior using the following environment properties: +# - JAVA_OPTS: JVM options passed to the `java` command (example: "-verbose:class") +# - JAVA_OPTS_APPEND: User specified Java options to be appended to generated options +# in JAVA_OPTS (example: "-Dsome.property=foo") +# - JAVA_MAX_MEM_RATIO: Is used when no `-Xmx` option is given in JAVA_OPTS. This is +# used to calculate a default maximal heap memory based on a containers restriction. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xmx` is set to a ratio +# of the container available memory as set here. The default is `50` which means 50% +# of the available memory is used as an upper boundary. You can skip this mechanism by +# setting this value to `0` in which case no `-Xmx` option is added. +# - JAVA_INITIAL_MEM_RATIO: Is used when no `-Xms` option is given in JAVA_OPTS. This +# is used to calculate a default initial heap memory based on the maximum heap memory. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xms` is set to a ratio +# of the `-Xmx` memory as set here. The default is `25` which means 25% of the `-Xmx` +# is used as the initial heap size. You can skip this mechanism by setting this value +# to `0` in which case no `-Xms` option is added (example: "25") +# - JAVA_MAX_INITIAL_MEM: Is used when no `-Xms` option is given in JAVA_OPTS. +# This is used to calculate the maximum value of the initial heap memory. If used in +# a container without any memory constraints for the container then this option has +# no effect. If there is a memory constraint then `-Xms` is limited to the value set +# here. The default is 4096MB which means the calculated value of `-Xms` never will +# be greater than 4096MB. The value of this variable is expressed in MB (example: "4096") +# - JAVA_DIAGNOSTICS: Set this to get some diagnostics information to standard output +# when things are happening. This option, if set to true, will set +# `-XX:+UnlockDiagnosticVMOptions`. Disabled by default (example: "true"). +# - JAVA_DEBUG: If set remote debugging will be switched on. Disabled by default (example: +# true"). +# - JAVA_DEBUG_PORT: Port used for remote debugging. Defaults to 5005 (example: "8787"). +# - CONTAINER_CORE_LIMIT: A calculated core limit as described in +# https://www.kernel.org/doc/Documentation/scheduler/sched-bwc.txt. (example: "2") +# - CONTAINER_MAX_MEMORY: Memory limit given to the container (example: "1024"). +# - GC_MIN_HEAP_FREE_RATIO: Minimum percentage of heap free after GC to avoid expansion. +# (example: "20") +# - GC_MAX_HEAP_FREE_RATIO: Maximum percentage of heap free after GC to avoid shrinking. +# (example: "40") +# - GC_TIME_RATIO: Specifies the ratio of the time spent outside the garbage collection. +# (example: "4") +# - GC_ADAPTIVE_SIZE_POLICY_WEIGHT: The weighting given to the current GC time versus +# previous GC times. (example: "90") +# - GC_METASPACE_SIZE: The initial metaspace size. (example: "20") +# - GC_MAX_METASPACE_SIZE: The maximum metaspace size. (example: "100") +# - GC_CONTAINER_OPTIONS: Specify Java GC to use. The value of this variable should +# contain the necessary JRE command-line options to specify the required GC, which +# will override the default of `-XX:+UseParallelGC` (example: -XX:+UseG1GC). +# - HTTPS_PROXY: The location of the https proxy. (example: "myuser@127.0.0.1:8080") +# - HTTP_PROXY: The location of the http proxy. (example: "myuser@127.0.0.1:8080") +# - NO_PROXY: A comma separated lists of hosts, IP addresses or domains that can be +# accessed directly. (example: "foo.example.com,bar.example.com") # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/openjdk-11:1.14 + +ENV LANGUAGE='en_US:en' -ARG JAVA_PACKAGE=java-11-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.8 -ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' -# Install java and the run-java script -# Also set up permissions for user `1001` -RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ - && microdnf update \ - && microdnf clean all \ - && mkdir /deployments \ - && chown 1001 /deployments \ - && chmod "g+rwX" /deployments \ - && chown 1001:root /deployments \ - && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ - && chown 1001 /deployments/run-java.sh \ - && chmod 540 /deployments/run-java.sh \ - && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security -# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. -ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" # We make four distinct layers so if there are application changes the library layers can be re-used -COPY --chown=1001 target/quarkus-app/lib/ /deployments/lib/ -COPY --chown=1001 target/quarkus-app/*.jar /deployments/ -COPY --chown=1001 target/quarkus-app/app/ /deployments/app/ -COPY --chown=1001 target/quarkus-app/quarkus/ /deployments/quarkus/ +COPY --chown=185 target/quarkus-app/lib/ /deployments/lib/ +COPY --chown=185 target/quarkus-app/*.jar /deployments/ +COPY --chown=185 target/quarkus-app/app/ /deployments/app/ +COPY --chown=185 target/quarkus-app/quarkus/ /deployments/quarkus/ EXPOSE 8080 -USER 1001 +USER 185 +ENV AB_JOLOKIA_OFF="" +ENV JAVA_OPTS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +ENV JAVA_APP_JAR="/deployments/quarkus-run.jar" -ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/spring-boot-properties-quickstart/src/main/docker/Dockerfile.legacy-jar b/spring-boot-properties-quickstart/src/main/docker/Dockerfile.legacy-jar index eb337e762f..a682c1c3c9 100644 --- a/spring-boot-properties-quickstart/src/main/docker/Dockerfile.legacy-jar +++ b/spring-boot-properties-quickstart/src/main/docker/Dockerfile.legacy-jar @@ -7,45 +7,84 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/spring-boot-properties-legacy-jar . +# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/spring-boot-properties-quickstart-legacy-jar . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/spring-boot-properties-legacy-jar +# docker run -i --rm -p 8080:8080 quarkus/spring-boot-properties-quickstart-legacy-jar # # If you want to include the debug port into your docker image -# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5005 # # Then run the container using : # -# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/spring-boot-properties-legacy-jar +# docker run -i --rm -p 8080:8080 quarkus/spring-boot-properties-quickstart-legacy-jar +# +# This image uses the `run-java.sh` script to run the application. +# This scripts computes the command line to execute your Java application, and +# includes memory/GC tuning. +# You can configure the behavior using the following environment properties: +# - JAVA_OPTS: JVM options passed to the `java` command (example: "-verbose:class") +# - JAVA_OPTS_APPEND: User specified Java options to be appended to generated options +# in JAVA_OPTS (example: "-Dsome.property=foo") +# - JAVA_MAX_MEM_RATIO: Is used when no `-Xmx` option is given in JAVA_OPTS. This is +# used to calculate a default maximal heap memory based on a containers restriction. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xmx` is set to a ratio +# of the container available memory as set here. The default is `50` which means 50% +# of the available memory is used as an upper boundary. You can skip this mechanism by +# setting this value to `0` in which case no `-Xmx` option is added. +# - JAVA_INITIAL_MEM_RATIO: Is used when no `-Xms` option is given in JAVA_OPTS. This +# is used to calculate a default initial heap memory based on the maximum heap memory. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xms` is set to a ratio +# of the `-Xmx` memory as set here. The default is `25` which means 25% of the `-Xmx` +# is used as the initial heap size. You can skip this mechanism by setting this value +# to `0` in which case no `-Xms` option is added (example: "25") +# - JAVA_MAX_INITIAL_MEM: Is used when no `-Xms` option is given in JAVA_OPTS. +# This is used to calculate the maximum value of the initial heap memory. If used in +# a container without any memory constraints for the container then this option has +# no effect. If there is a memory constraint then `-Xms` is limited to the value set +# here. The default is 4096MB which means the calculated value of `-Xms` never will +# be greater than 4096MB. The value of this variable is expressed in MB (example: "4096") +# - JAVA_DIAGNOSTICS: Set this to get some diagnostics information to standard output +# when things are happening. This option, if set to true, will set +# `-XX:+UnlockDiagnosticVMOptions`. Disabled by default (example: "true"). +# - JAVA_DEBUG: If set remote debugging will be switched on. Disabled by default (example: +# true"). +# - JAVA_DEBUG_PORT: Port used for remote debugging. Defaults to 5005 (example: "8787"). +# - CONTAINER_CORE_LIMIT: A calculated core limit as described in +# https://www.kernel.org/doc/Documentation/scheduler/sched-bwc.txt. (example: "2") +# - CONTAINER_MAX_MEMORY: Memory limit given to the container (example: "1024"). +# - GC_MIN_HEAP_FREE_RATIO: Minimum percentage of heap free after GC to avoid expansion. +# (example: "20") +# - GC_MAX_HEAP_FREE_RATIO: Maximum percentage of heap free after GC to avoid shrinking. +# (example: "40") +# - GC_TIME_RATIO: Specifies the ratio of the time spent outside the garbage collection. +# (example: "4") +# - GC_ADAPTIVE_SIZE_POLICY_WEIGHT: The weighting given to the current GC time versus +# previous GC times. (example: "90") +# - GC_METASPACE_SIZE: The initial metaspace size. (example: "20") +# - GC_MAX_METASPACE_SIZE: The maximum metaspace size. (example: "100") +# - GC_CONTAINER_OPTIONS: Specify Java GC to use. The value of this variable should +# contain the necessary JRE command-line options to specify the required GC, which +# will override the default of `-XX:+UseParallelGC` (example: -XX:+UseG1GC). +# - HTTPS_PROXY: The location of the https proxy. (example: "myuser@127.0.0.1:8080") +# - HTTP_PROXY: The location of the http proxy. (example: "myuser@127.0.0.1:8080") +# - NO_PROXY: A comma separated lists of hosts, IP addresses or domains that can be +# accessed directly. (example: "foo.example.com,bar.example.com") # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/openjdk-11:1.14 + +ENV LANGUAGE='en_US:en' -ARG JAVA_PACKAGE=java-11-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.8 -ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' -# Install java and the run-java script -# Also set up permissions for user `1001` -RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ - && microdnf update \ - && microdnf clean all \ - && mkdir /deployments \ - && chown 1001 /deployments \ - && chmod "g+rwX" /deployments \ - && chown 1001:root /deployments \ - && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ - && chown 1001 /deployments/run-java.sh \ - && chmod 540 /deployments/run-java.sh \ - && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security -# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. -ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" COPY target/lib/* /deployments/lib/ -COPY target/*-runner.jar /deployments/app.jar +COPY target/*-runner.jar /deployments/quarkus-run.jar EXPOSE 8080 -USER 1001 - -ENTRYPOINT [ "/deployments/run-java.sh" ] +USER 185 +ENV AB_JOLOKIA_OFF="" +ENV JAVA_OPTS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +ENV JAVA_APP_JAR="/deployments/quarkus-run.jar" diff --git a/spring-boot-properties-quickstart/src/main/docker/Dockerfile.native b/spring-boot-properties-quickstart/src/main/docker/Dockerfile.native index d20d6c5b39..4965349034 100644 --- a/spring-boot-properties-quickstart/src/main/docker/Dockerfile.native +++ b/spring-boot-properties-quickstart/src/main/docker/Dockerfile.native @@ -1,5 +1,5 @@ #### -# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode. # # Before building the container image run: # @@ -7,14 +7,14 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native -t quarkus/spring-boot-properties . +# docker build -f src/main/docker/Dockerfile.native -t quarkus/spring-boot-properties-quickstart . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/spring-boot-properties +# docker run -i --rm -p 8080:8080 quarkus/spring-boot-properties-quickstart # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.6 WORKDIR /work/ RUN chown 1001 /work \ && chmod "g+rwX" /work \ diff --git a/spring-boot-properties-quickstart/src/main/docker/Dockerfile.native-micro b/spring-boot-properties-quickstart/src/main/docker/Dockerfile.native-micro index c067a9cb69..a184db3426 100644 --- a/spring-boot-properties-quickstart/src/main/docker/Dockerfile.native-micro +++ b/spring-boot-properties-quickstart/src/main/docker/Dockerfile.native-micro @@ -1,5 +1,8 @@ #### -# This Dockerfile is used in order to build a distroless container that runs the Quarkus application in native (no JVM) mode +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode. +# It uses a micro base image, tuned for Quarkus native executables. +# It reduces the size of the resulting container image. +# Check https://quarkus.io/guides/quarkus-runtime-base-image for further information about this image. # # Before building the container image run: # @@ -7,15 +10,19 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native-micro -t quarkus/spring-boot-properties . +# docker build -f src/main/docker/Dockerfile.native-micro -t quarkus/spring-boot-properties-quickstart . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/spring-boot-properties +# docker run -i --rm -p 8080:8080 quarkus/spring-boot-properties-quickstart # ### -FROM quay.io/quarkus/quarkus-micro-image:1.0 -COPY target/*-runner /application +FROM quay.io/quarkus/quarkus-micro-image:2.0 +WORKDIR /work/ +RUN chown 1001 /work \ + && chmod "g+rwX" /work \ + && chown 1001:root /work +COPY --chown=1001:root target/*-runner /work/application EXPOSE 8080 USER 1001 diff --git a/spring-boot-properties-quickstart/src/main/resources/META-INF/resources/index.html b/spring-boot-properties-quickstart/src/main/resources/META-INF/resources/index.html index 9cd03c0840..3bf641162d 100644 --- a/spring-boot-properties-quickstart/src/main/resources/META-INF/resources/index.html +++ b/spring-boot-properties-quickstart/src/main/resources/META-INF/resources/index.html @@ -133,7 +133,7 @@

    Application

  • GroupId: org.acme
  • ArtifactId: spring-boot-properties-quickstart
  • Version: 1.0.0-SNAPSHOT
  • -
  • Quarkus Version: 1.3.1.Final
  • +
  • Quarkus Version: 2.14.0.Final
  • diff --git a/spring-data-jpa-quickstart/pom.xml b/spring-data-jpa-quickstart/pom.xml index 82db0a7669..9f41aa23dd 100644 --- a/spring-data-jpa-quickstart/pom.xml +++ b/spring-data-jpa-quickstart/pom.xml @@ -9,7 +9,7 @@ quarkus-bom io.quarkus - 999-SNAPSHOT + 2.14.0.Final 3.8.1 3.0.0-M7 UTF-8 diff --git a/spring-data-jpa-quickstart/src/main/docker/Dockerfile.jvm b/spring-data-jpa-quickstart/src/main/docker/Dockerfile.jvm index a25e668135..57832978d1 100644 --- a/spring-data-jpa-quickstart/src/main/docker/Dockerfile.jvm +++ b/spring-data-jpa-quickstart/src/main/docker/Dockerfile.jvm @@ -7,48 +7,88 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/spring-data-jpa-jvm . +# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/spring-data-jpa-quickstart-jvm . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/spring-data-jpa-jvm +# docker run -i --rm -p 8080:8080 quarkus/spring-data-jpa-quickstart-jvm # # If you want to include the debug port into your docker image -# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5005 # # Then run the container using : # -# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/spring-data-jpa-jvm +# docker run -i --rm -p 8080:8080 quarkus/spring-data-jpa-quickstart-jvm +# +# This image uses the `run-java.sh` script to run the application. +# This scripts computes the command line to execute your Java application, and +# includes memory/GC tuning. +# You can configure the behavior using the following environment properties: +# - JAVA_OPTS: JVM options passed to the `java` command (example: "-verbose:class") +# - JAVA_OPTS_APPEND: User specified Java options to be appended to generated options +# in JAVA_OPTS (example: "-Dsome.property=foo") +# - JAVA_MAX_MEM_RATIO: Is used when no `-Xmx` option is given in JAVA_OPTS. This is +# used to calculate a default maximal heap memory based on a containers restriction. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xmx` is set to a ratio +# of the container available memory as set here. The default is `50` which means 50% +# of the available memory is used as an upper boundary. You can skip this mechanism by +# setting this value to `0` in which case no `-Xmx` option is added. +# - JAVA_INITIAL_MEM_RATIO: Is used when no `-Xms` option is given in JAVA_OPTS. This +# is used to calculate a default initial heap memory based on the maximum heap memory. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xms` is set to a ratio +# of the `-Xmx` memory as set here. The default is `25` which means 25% of the `-Xmx` +# is used as the initial heap size. You can skip this mechanism by setting this value +# to `0` in which case no `-Xms` option is added (example: "25") +# - JAVA_MAX_INITIAL_MEM: Is used when no `-Xms` option is given in JAVA_OPTS. +# This is used to calculate the maximum value of the initial heap memory. If used in +# a container without any memory constraints for the container then this option has +# no effect. If there is a memory constraint then `-Xms` is limited to the value set +# here. The default is 4096MB which means the calculated value of `-Xms` never will +# be greater than 4096MB. The value of this variable is expressed in MB (example: "4096") +# - JAVA_DIAGNOSTICS: Set this to get some diagnostics information to standard output +# when things are happening. This option, if set to true, will set +# `-XX:+UnlockDiagnosticVMOptions`. Disabled by default (example: "true"). +# - JAVA_DEBUG: If set remote debugging will be switched on. Disabled by default (example: +# true"). +# - JAVA_DEBUG_PORT: Port used for remote debugging. Defaults to 5005 (example: "8787"). +# - CONTAINER_CORE_LIMIT: A calculated core limit as described in +# https://www.kernel.org/doc/Documentation/scheduler/sched-bwc.txt. (example: "2") +# - CONTAINER_MAX_MEMORY: Memory limit given to the container (example: "1024"). +# - GC_MIN_HEAP_FREE_RATIO: Minimum percentage of heap free after GC to avoid expansion. +# (example: "20") +# - GC_MAX_HEAP_FREE_RATIO: Maximum percentage of heap free after GC to avoid shrinking. +# (example: "40") +# - GC_TIME_RATIO: Specifies the ratio of the time spent outside the garbage collection. +# (example: "4") +# - GC_ADAPTIVE_SIZE_POLICY_WEIGHT: The weighting given to the current GC time versus +# previous GC times. (example: "90") +# - GC_METASPACE_SIZE: The initial metaspace size. (example: "20") +# - GC_MAX_METASPACE_SIZE: The maximum metaspace size. (example: "100") +# - GC_CONTAINER_OPTIONS: Specify Java GC to use. The value of this variable should +# contain the necessary JRE command-line options to specify the required GC, which +# will override the default of `-XX:+UseParallelGC` (example: -XX:+UseG1GC). +# - HTTPS_PROXY: The location of the https proxy. (example: "myuser@127.0.0.1:8080") +# - HTTP_PROXY: The location of the http proxy. (example: "myuser@127.0.0.1:8080") +# - NO_PROXY: A comma separated lists of hosts, IP addresses or domains that can be +# accessed directly. (example: "foo.example.com,bar.example.com") # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/openjdk-11:1.14 + +ENV LANGUAGE='en_US:en' -ARG JAVA_PACKAGE=java-11-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.8 -ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' -# Install java and the run-java script -# Also set up permissions for user `1001` -RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ - && microdnf update \ - && microdnf clean all \ - && mkdir /deployments \ - && chown 1001 /deployments \ - && chmod "g+rwX" /deployments \ - && chown 1001:root /deployments \ - && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ - && chown 1001 /deployments/run-java.sh \ - && chmod 540 /deployments/run-java.sh \ - && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security -# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. -ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" # We make four distinct layers so if there are application changes the library layers can be re-used -COPY --chown=1001 target/quarkus-app/lib/ /deployments/lib/ -COPY --chown=1001 target/quarkus-app/*.jar /deployments/ -COPY --chown=1001 target/quarkus-app/app/ /deployments/app/ -COPY --chown=1001 target/quarkus-app/quarkus/ /deployments/quarkus/ +COPY --chown=185 target/quarkus-app/lib/ /deployments/lib/ +COPY --chown=185 target/quarkus-app/*.jar /deployments/ +COPY --chown=185 target/quarkus-app/app/ /deployments/app/ +COPY --chown=185 target/quarkus-app/quarkus/ /deployments/quarkus/ EXPOSE 8080 -USER 1001 +USER 185 +ENV AB_JOLOKIA_OFF="" +ENV JAVA_OPTS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +ENV JAVA_APP_JAR="/deployments/quarkus-run.jar" -ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/spring-data-jpa-quickstart/src/main/docker/Dockerfile.legacy-jar b/spring-data-jpa-quickstart/src/main/docker/Dockerfile.legacy-jar index d0de2ca1dc..3e53117096 100644 --- a/spring-data-jpa-quickstart/src/main/docker/Dockerfile.legacy-jar +++ b/spring-data-jpa-quickstart/src/main/docker/Dockerfile.legacy-jar @@ -7,45 +7,84 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/spring-data-jpa-legacy-jar . +# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/spring-data-jpa-quickstart-legacy-jar . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/spring-data-jpa-legacy-jar +# docker run -i --rm -p 8080:8080 quarkus/spring-data-jpa-quickstart-legacy-jar # # If you want to include the debug port into your docker image -# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5005 # # Then run the container using : # -# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/spring-data-jpa-legacy-jar +# docker run -i --rm -p 8080:8080 quarkus/spring-data-jpa-quickstart-legacy-jar +# +# This image uses the `run-java.sh` script to run the application. +# This scripts computes the command line to execute your Java application, and +# includes memory/GC tuning. +# You can configure the behavior using the following environment properties: +# - JAVA_OPTS: JVM options passed to the `java` command (example: "-verbose:class") +# - JAVA_OPTS_APPEND: User specified Java options to be appended to generated options +# in JAVA_OPTS (example: "-Dsome.property=foo") +# - JAVA_MAX_MEM_RATIO: Is used when no `-Xmx` option is given in JAVA_OPTS. This is +# used to calculate a default maximal heap memory based on a containers restriction. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xmx` is set to a ratio +# of the container available memory as set here. The default is `50` which means 50% +# of the available memory is used as an upper boundary. You can skip this mechanism by +# setting this value to `0` in which case no `-Xmx` option is added. +# - JAVA_INITIAL_MEM_RATIO: Is used when no `-Xms` option is given in JAVA_OPTS. This +# is used to calculate a default initial heap memory based on the maximum heap memory. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xms` is set to a ratio +# of the `-Xmx` memory as set here. The default is `25` which means 25% of the `-Xmx` +# is used as the initial heap size. You can skip this mechanism by setting this value +# to `0` in which case no `-Xms` option is added (example: "25") +# - JAVA_MAX_INITIAL_MEM: Is used when no `-Xms` option is given in JAVA_OPTS. +# This is used to calculate the maximum value of the initial heap memory. If used in +# a container without any memory constraints for the container then this option has +# no effect. If there is a memory constraint then `-Xms` is limited to the value set +# here. The default is 4096MB which means the calculated value of `-Xms` never will +# be greater than 4096MB. The value of this variable is expressed in MB (example: "4096") +# - JAVA_DIAGNOSTICS: Set this to get some diagnostics information to standard output +# when things are happening. This option, if set to true, will set +# `-XX:+UnlockDiagnosticVMOptions`. Disabled by default (example: "true"). +# - JAVA_DEBUG: If set remote debugging will be switched on. Disabled by default (example: +# true"). +# - JAVA_DEBUG_PORT: Port used for remote debugging. Defaults to 5005 (example: "8787"). +# - CONTAINER_CORE_LIMIT: A calculated core limit as described in +# https://www.kernel.org/doc/Documentation/scheduler/sched-bwc.txt. (example: "2") +# - CONTAINER_MAX_MEMORY: Memory limit given to the container (example: "1024"). +# - GC_MIN_HEAP_FREE_RATIO: Minimum percentage of heap free after GC to avoid expansion. +# (example: "20") +# - GC_MAX_HEAP_FREE_RATIO: Maximum percentage of heap free after GC to avoid shrinking. +# (example: "40") +# - GC_TIME_RATIO: Specifies the ratio of the time spent outside the garbage collection. +# (example: "4") +# - GC_ADAPTIVE_SIZE_POLICY_WEIGHT: The weighting given to the current GC time versus +# previous GC times. (example: "90") +# - GC_METASPACE_SIZE: The initial metaspace size. (example: "20") +# - GC_MAX_METASPACE_SIZE: The maximum metaspace size. (example: "100") +# - GC_CONTAINER_OPTIONS: Specify Java GC to use. The value of this variable should +# contain the necessary JRE command-line options to specify the required GC, which +# will override the default of `-XX:+UseParallelGC` (example: -XX:+UseG1GC). +# - HTTPS_PROXY: The location of the https proxy. (example: "myuser@127.0.0.1:8080") +# - HTTP_PROXY: The location of the http proxy. (example: "myuser@127.0.0.1:8080") +# - NO_PROXY: A comma separated lists of hosts, IP addresses or domains that can be +# accessed directly. (example: "foo.example.com,bar.example.com") # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/openjdk-11:1.14 + +ENV LANGUAGE='en_US:en' -ARG JAVA_PACKAGE=java-11-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.8 -ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' -# Install java and the run-java script -# Also set up permissions for user `1001` -RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ - && microdnf update \ - && microdnf clean all \ - && mkdir /deployments \ - && chown 1001 /deployments \ - && chmod "g+rwX" /deployments \ - && chown 1001:root /deployments \ - && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ - && chown 1001 /deployments/run-java.sh \ - && chmod 540 /deployments/run-java.sh \ - && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security -# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. -ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" COPY target/lib/* /deployments/lib/ -COPY target/*-runner.jar /deployments/app.jar +COPY target/*-runner.jar /deployments/quarkus-run.jar EXPOSE 8080 -USER 1001 - -ENTRYPOINT [ "/deployments/run-java.sh" ] +USER 185 +ENV AB_JOLOKIA_OFF="" +ENV JAVA_OPTS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +ENV JAVA_APP_JAR="/deployments/quarkus-run.jar" diff --git a/spring-data-jpa-quickstart/src/main/docker/Dockerfile.native b/spring-data-jpa-quickstart/src/main/docker/Dockerfile.native index 9a15653747..bb81927014 100644 --- a/spring-data-jpa-quickstart/src/main/docker/Dockerfile.native +++ b/spring-data-jpa-quickstart/src/main/docker/Dockerfile.native @@ -1,5 +1,5 @@ #### -# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode. # # Before building the container image run: # @@ -7,14 +7,14 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native -t quarkus/spring-data-jpa . +# docker build -f src/main/docker/Dockerfile.native -t quarkus/spring-data-jpa-quickstart . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/spring-data-jpa +# docker run -i --rm -p 8080:8080 quarkus/spring-data-jpa-quickstart # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.6 WORKDIR /work/ RUN chown 1001 /work \ && chmod "g+rwX" /work \ diff --git a/spring-data-jpa-quickstart/src/main/docker/Dockerfile.native-micro b/spring-data-jpa-quickstart/src/main/docker/Dockerfile.native-micro index 957060fbdd..b8cb14d238 100644 --- a/spring-data-jpa-quickstart/src/main/docker/Dockerfile.native-micro +++ b/spring-data-jpa-quickstart/src/main/docker/Dockerfile.native-micro @@ -1,5 +1,8 @@ #### -# This Dockerfile is used in order to build a distroless container that runs the Quarkus application in native (no JVM) mode +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode. +# It uses a micro base image, tuned for Quarkus native executables. +# It reduces the size of the resulting container image. +# Check https://quarkus.io/guides/quarkus-runtime-base-image for further information about this image. # # Before building the container image run: # @@ -7,15 +10,19 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native-micro -t quarkus/spring-data-jpa . +# docker build -f src/main/docker/Dockerfile.native-micro -t quarkus/spring-data-jpa-quickstart . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/spring-data-jpa +# docker run -i --rm -p 8080:8080 quarkus/spring-data-jpa-quickstart # ### -FROM quay.io/quarkus/quarkus-micro-image:1.0 -COPY target/*-runner /application +FROM quay.io/quarkus/quarkus-micro-image:2.0 +WORKDIR /work/ +RUN chown 1001 /work \ + && chmod "g+rwX" /work \ + && chown 1001:root /work +COPY --chown=1001:root target/*-runner /work/application EXPOSE 8080 USER 1001 diff --git a/spring-data-rest-quickstart/pom.xml b/spring-data-rest-quickstart/pom.xml index a96b791bb3..0bb4c6d8f9 100644 --- a/spring-data-rest-quickstart/pom.xml +++ b/spring-data-rest-quickstart/pom.xml @@ -14,7 +14,7 @@ UTF-8 quarkus-bom io.quarkus - 999-SNAPSHOT + 2.14.0.Final 3.0.0-M7 diff --git a/spring-data-rest-quickstart/src/main/docker/Dockerfile.jvm b/spring-data-rest-quickstart/src/main/docker/Dockerfile.jvm index 39d3e6de89..8449c218fb 100644 --- a/spring-data-rest-quickstart/src/main/docker/Dockerfile.jvm +++ b/spring-data-rest-quickstart/src/main/docker/Dockerfile.jvm @@ -7,48 +7,88 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/spring-data-rest-jvm . +# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/spring-data-rest-quickstart-jvm . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/spring-data-rest-jvm +# docker run -i --rm -p 8080:8080 quarkus/spring-data-rest-quickstart-jvm # # If you want to include the debug port into your docker image -# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5005 # # Then run the container using : # -# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/spring-data-rest-jvm +# docker run -i --rm -p 8080:8080 quarkus/spring-data-rest-quickstart-jvm +# +# This image uses the `run-java.sh` script to run the application. +# This scripts computes the command line to execute your Java application, and +# includes memory/GC tuning. +# You can configure the behavior using the following environment properties: +# - JAVA_OPTS: JVM options passed to the `java` command (example: "-verbose:class") +# - JAVA_OPTS_APPEND: User specified Java options to be appended to generated options +# in JAVA_OPTS (example: "-Dsome.property=foo") +# - JAVA_MAX_MEM_RATIO: Is used when no `-Xmx` option is given in JAVA_OPTS. This is +# used to calculate a default maximal heap memory based on a containers restriction. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xmx` is set to a ratio +# of the container available memory as set here. The default is `50` which means 50% +# of the available memory is used as an upper boundary. You can skip this mechanism by +# setting this value to `0` in which case no `-Xmx` option is added. +# - JAVA_INITIAL_MEM_RATIO: Is used when no `-Xms` option is given in JAVA_OPTS. This +# is used to calculate a default initial heap memory based on the maximum heap memory. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xms` is set to a ratio +# of the `-Xmx` memory as set here. The default is `25` which means 25% of the `-Xmx` +# is used as the initial heap size. You can skip this mechanism by setting this value +# to `0` in which case no `-Xms` option is added (example: "25") +# - JAVA_MAX_INITIAL_MEM: Is used when no `-Xms` option is given in JAVA_OPTS. +# This is used to calculate the maximum value of the initial heap memory. If used in +# a container without any memory constraints for the container then this option has +# no effect. If there is a memory constraint then `-Xms` is limited to the value set +# here. The default is 4096MB which means the calculated value of `-Xms` never will +# be greater than 4096MB. The value of this variable is expressed in MB (example: "4096") +# - JAVA_DIAGNOSTICS: Set this to get some diagnostics information to standard output +# when things are happening. This option, if set to true, will set +# `-XX:+UnlockDiagnosticVMOptions`. Disabled by default (example: "true"). +# - JAVA_DEBUG: If set remote debugging will be switched on. Disabled by default (example: +# true"). +# - JAVA_DEBUG_PORT: Port used for remote debugging. Defaults to 5005 (example: "8787"). +# - CONTAINER_CORE_LIMIT: A calculated core limit as described in +# https://www.kernel.org/doc/Documentation/scheduler/sched-bwc.txt. (example: "2") +# - CONTAINER_MAX_MEMORY: Memory limit given to the container (example: "1024"). +# - GC_MIN_HEAP_FREE_RATIO: Minimum percentage of heap free after GC to avoid expansion. +# (example: "20") +# - GC_MAX_HEAP_FREE_RATIO: Maximum percentage of heap free after GC to avoid shrinking. +# (example: "40") +# - GC_TIME_RATIO: Specifies the ratio of the time spent outside the garbage collection. +# (example: "4") +# - GC_ADAPTIVE_SIZE_POLICY_WEIGHT: The weighting given to the current GC time versus +# previous GC times. (example: "90") +# - GC_METASPACE_SIZE: The initial metaspace size. (example: "20") +# - GC_MAX_METASPACE_SIZE: The maximum metaspace size. (example: "100") +# - GC_CONTAINER_OPTIONS: Specify Java GC to use. The value of this variable should +# contain the necessary JRE command-line options to specify the required GC, which +# will override the default of `-XX:+UseParallelGC` (example: -XX:+UseG1GC). +# - HTTPS_PROXY: The location of the https proxy. (example: "myuser@127.0.0.1:8080") +# - HTTP_PROXY: The location of the http proxy. (example: "myuser@127.0.0.1:8080") +# - NO_PROXY: A comma separated lists of hosts, IP addresses or domains that can be +# accessed directly. (example: "foo.example.com,bar.example.com") # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/openjdk-11:1.14 + +ENV LANGUAGE='en_US:en' -ARG JAVA_PACKAGE=java-11-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.8 -ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' -# Install java and the run-java script -# Also set up permissions for user `1001` -RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ - && microdnf update \ - && microdnf clean all \ - && mkdir /deployments \ - && chown 1001 /deployments \ - && chmod "g+rwX" /deployments \ - && chown 1001:root /deployments \ - && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ - && chown 1001 /deployments/run-java.sh \ - && chmod 540 /deployments/run-java.sh \ - && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security -# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. -ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" # We make four distinct layers so if there are application changes the library layers can be re-used -COPY --chown=1001 target/quarkus-app/lib/ /deployments/lib/ -COPY --chown=1001 target/quarkus-app/*.jar /deployments/ -COPY --chown=1001 target/quarkus-app/app/ /deployments/app/ -COPY --chown=1001 target/quarkus-app/quarkus/ /deployments/quarkus/ +COPY --chown=185 target/quarkus-app/lib/ /deployments/lib/ +COPY --chown=185 target/quarkus-app/*.jar /deployments/ +COPY --chown=185 target/quarkus-app/app/ /deployments/app/ +COPY --chown=185 target/quarkus-app/quarkus/ /deployments/quarkus/ EXPOSE 8080 -USER 1001 +USER 185 +ENV AB_JOLOKIA_OFF="" +ENV JAVA_OPTS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +ENV JAVA_APP_JAR="/deployments/quarkus-run.jar" -ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/spring-data-rest-quickstart/src/main/docker/Dockerfile.legacy-jar b/spring-data-rest-quickstart/src/main/docker/Dockerfile.legacy-jar index 770c4e48b5..ae151b6e27 100644 --- a/spring-data-rest-quickstart/src/main/docker/Dockerfile.legacy-jar +++ b/spring-data-rest-quickstart/src/main/docker/Dockerfile.legacy-jar @@ -7,45 +7,84 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/spring-data-rest-legacy-jar . +# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/spring-data-rest-quickstart-legacy-jar . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/spring-data-rest-legacy-jar +# docker run -i --rm -p 8080:8080 quarkus/spring-data-rest-quickstart-legacy-jar # # If you want to include the debug port into your docker image -# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5005 # # Then run the container using : # -# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/spring-data-rest-legacy-jar +# docker run -i --rm -p 8080:8080 quarkus/spring-data-rest-quickstart-legacy-jar +# +# This image uses the `run-java.sh` script to run the application. +# This scripts computes the command line to execute your Java application, and +# includes memory/GC tuning. +# You can configure the behavior using the following environment properties: +# - JAVA_OPTS: JVM options passed to the `java` command (example: "-verbose:class") +# - JAVA_OPTS_APPEND: User specified Java options to be appended to generated options +# in JAVA_OPTS (example: "-Dsome.property=foo") +# - JAVA_MAX_MEM_RATIO: Is used when no `-Xmx` option is given in JAVA_OPTS. This is +# used to calculate a default maximal heap memory based on a containers restriction. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xmx` is set to a ratio +# of the container available memory as set here. The default is `50` which means 50% +# of the available memory is used as an upper boundary. You can skip this mechanism by +# setting this value to `0` in which case no `-Xmx` option is added. +# - JAVA_INITIAL_MEM_RATIO: Is used when no `-Xms` option is given in JAVA_OPTS. This +# is used to calculate a default initial heap memory based on the maximum heap memory. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xms` is set to a ratio +# of the `-Xmx` memory as set here. The default is `25` which means 25% of the `-Xmx` +# is used as the initial heap size. You can skip this mechanism by setting this value +# to `0` in which case no `-Xms` option is added (example: "25") +# - JAVA_MAX_INITIAL_MEM: Is used when no `-Xms` option is given in JAVA_OPTS. +# This is used to calculate the maximum value of the initial heap memory. If used in +# a container without any memory constraints for the container then this option has +# no effect. If there is a memory constraint then `-Xms` is limited to the value set +# here. The default is 4096MB which means the calculated value of `-Xms` never will +# be greater than 4096MB. The value of this variable is expressed in MB (example: "4096") +# - JAVA_DIAGNOSTICS: Set this to get some diagnostics information to standard output +# when things are happening. This option, if set to true, will set +# `-XX:+UnlockDiagnosticVMOptions`. Disabled by default (example: "true"). +# - JAVA_DEBUG: If set remote debugging will be switched on. Disabled by default (example: +# true"). +# - JAVA_DEBUG_PORT: Port used for remote debugging. Defaults to 5005 (example: "8787"). +# - CONTAINER_CORE_LIMIT: A calculated core limit as described in +# https://www.kernel.org/doc/Documentation/scheduler/sched-bwc.txt. (example: "2") +# - CONTAINER_MAX_MEMORY: Memory limit given to the container (example: "1024"). +# - GC_MIN_HEAP_FREE_RATIO: Minimum percentage of heap free after GC to avoid expansion. +# (example: "20") +# - GC_MAX_HEAP_FREE_RATIO: Maximum percentage of heap free after GC to avoid shrinking. +# (example: "40") +# - GC_TIME_RATIO: Specifies the ratio of the time spent outside the garbage collection. +# (example: "4") +# - GC_ADAPTIVE_SIZE_POLICY_WEIGHT: The weighting given to the current GC time versus +# previous GC times. (example: "90") +# - GC_METASPACE_SIZE: The initial metaspace size. (example: "20") +# - GC_MAX_METASPACE_SIZE: The maximum metaspace size. (example: "100") +# - GC_CONTAINER_OPTIONS: Specify Java GC to use. The value of this variable should +# contain the necessary JRE command-line options to specify the required GC, which +# will override the default of `-XX:+UseParallelGC` (example: -XX:+UseG1GC). +# - HTTPS_PROXY: The location of the https proxy. (example: "myuser@127.0.0.1:8080") +# - HTTP_PROXY: The location of the http proxy. (example: "myuser@127.0.0.1:8080") +# - NO_PROXY: A comma separated lists of hosts, IP addresses or domains that can be +# accessed directly. (example: "foo.example.com,bar.example.com") # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/openjdk-11:1.14 + +ENV LANGUAGE='en_US:en' -ARG JAVA_PACKAGE=java-11-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.8 -ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' -# Install java and the run-java script -# Also set up permissions for user `1001` -RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ - && microdnf update \ - && microdnf clean all \ - && mkdir /deployments \ - && chown 1001 /deployments \ - && chmod "g+rwX" /deployments \ - && chown 1001:root /deployments \ - && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ - && chown 1001 /deployments/run-java.sh \ - && chmod 540 /deployments/run-java.sh \ - && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security -# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. -ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" COPY target/lib/* /deployments/lib/ -COPY target/*-runner.jar /deployments/app.jar +COPY target/*-runner.jar /deployments/quarkus-run.jar EXPOSE 8080 -USER 1001 - -ENTRYPOINT [ "/deployments/run-java.sh" ] +USER 185 +ENV AB_JOLOKIA_OFF="" +ENV JAVA_OPTS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +ENV JAVA_APP_JAR="/deployments/quarkus-run.jar" diff --git a/spring-data-rest-quickstart/src/main/docker/Dockerfile.native b/spring-data-rest-quickstart/src/main/docker/Dockerfile.native index 3f7322532a..1cf9bd006e 100644 --- a/spring-data-rest-quickstart/src/main/docker/Dockerfile.native +++ b/spring-data-rest-quickstart/src/main/docker/Dockerfile.native @@ -1,5 +1,5 @@ #### -# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode. # # Before building the container image run: # @@ -7,14 +7,14 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native -t quarkus/spring-data-rest . +# docker build -f src/main/docker/Dockerfile.native -t quarkus/spring-data-rest-quickstart . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/spring-data-rest +# docker run -i --rm -p 8080:8080 quarkus/spring-data-rest-quickstart # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.6 WORKDIR /work/ RUN chown 1001 /work \ && chmod "g+rwX" /work \ diff --git a/spring-data-rest-quickstart/src/main/docker/Dockerfile.native-micro b/spring-data-rest-quickstart/src/main/docker/Dockerfile.native-micro index c31378c3d7..828ae56363 100644 --- a/spring-data-rest-quickstart/src/main/docker/Dockerfile.native-micro +++ b/spring-data-rest-quickstart/src/main/docker/Dockerfile.native-micro @@ -1,5 +1,8 @@ #### -# This Dockerfile is used in order to build a distroless container that runs the Quarkus application in native (no JVM) mode +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode. +# It uses a micro base image, tuned for Quarkus native executables. +# It reduces the size of the resulting container image. +# Check https://quarkus.io/guides/quarkus-runtime-base-image for further information about this image. # # Before building the container image run: # @@ -7,15 +10,19 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native-micro -t quarkus/spring-data-rest . +# docker build -f src/main/docker/Dockerfile.native-micro -t quarkus/spring-data-rest-quickstart . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/spring-data-rest +# docker run -i --rm -p 8080:8080 quarkus/spring-data-rest-quickstart # ### -FROM quay.io/quarkus/quarkus-micro-image:1.0 -COPY target/*-runner /application +FROM quay.io/quarkus/quarkus-micro-image:2.0 +WORKDIR /work/ +RUN chown 1001 /work \ + && chmod "g+rwX" /work \ + && chown 1001:root /work +COPY --chown=1001:root target/*-runner /work/application EXPOSE 8080 USER 1001 diff --git a/spring-di-quickstart/pom.xml b/spring-di-quickstart/pom.xml index 91b9788d8a..44775471e6 100644 --- a/spring-di-quickstart/pom.xml +++ b/spring-di-quickstart/pom.xml @@ -9,7 +9,7 @@ quarkus-bom io.quarkus - 999-SNAPSHOT + 2.14.0.Final 5.1.4.RELEASE 3.0.0-M7 UTF-8 diff --git a/spring-di-quickstart/src/main/docker/Dockerfile.jvm b/spring-di-quickstart/src/main/docker/Dockerfile.jvm index 32e26ef945..dc47ecfb61 100644 --- a/spring-di-quickstart/src/main/docker/Dockerfile.jvm +++ b/spring-di-quickstart/src/main/docker/Dockerfile.jvm @@ -7,48 +7,88 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/spring-di-jvm . +# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/spring-di-quickstart-jvm . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/spring-di-jvm +# docker run -i --rm -p 8080:8080 quarkus/spring-di-quickstart-jvm # # If you want to include the debug port into your docker image -# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5005 # # Then run the container using : # -# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/spring-di-jvm +# docker run -i --rm -p 8080:8080 quarkus/spring-di-quickstart-jvm +# +# This image uses the `run-java.sh` script to run the application. +# This scripts computes the command line to execute your Java application, and +# includes memory/GC tuning. +# You can configure the behavior using the following environment properties: +# - JAVA_OPTS: JVM options passed to the `java` command (example: "-verbose:class") +# - JAVA_OPTS_APPEND: User specified Java options to be appended to generated options +# in JAVA_OPTS (example: "-Dsome.property=foo") +# - JAVA_MAX_MEM_RATIO: Is used when no `-Xmx` option is given in JAVA_OPTS. This is +# used to calculate a default maximal heap memory based on a containers restriction. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xmx` is set to a ratio +# of the container available memory as set here. The default is `50` which means 50% +# of the available memory is used as an upper boundary. You can skip this mechanism by +# setting this value to `0` in which case no `-Xmx` option is added. +# - JAVA_INITIAL_MEM_RATIO: Is used when no `-Xms` option is given in JAVA_OPTS. This +# is used to calculate a default initial heap memory based on the maximum heap memory. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xms` is set to a ratio +# of the `-Xmx` memory as set here. The default is `25` which means 25% of the `-Xmx` +# is used as the initial heap size. You can skip this mechanism by setting this value +# to `0` in which case no `-Xms` option is added (example: "25") +# - JAVA_MAX_INITIAL_MEM: Is used when no `-Xms` option is given in JAVA_OPTS. +# This is used to calculate the maximum value of the initial heap memory. If used in +# a container without any memory constraints for the container then this option has +# no effect. If there is a memory constraint then `-Xms` is limited to the value set +# here. The default is 4096MB which means the calculated value of `-Xms` never will +# be greater than 4096MB. The value of this variable is expressed in MB (example: "4096") +# - JAVA_DIAGNOSTICS: Set this to get some diagnostics information to standard output +# when things are happening. This option, if set to true, will set +# `-XX:+UnlockDiagnosticVMOptions`. Disabled by default (example: "true"). +# - JAVA_DEBUG: If set remote debugging will be switched on. Disabled by default (example: +# true"). +# - JAVA_DEBUG_PORT: Port used for remote debugging. Defaults to 5005 (example: "8787"). +# - CONTAINER_CORE_LIMIT: A calculated core limit as described in +# https://www.kernel.org/doc/Documentation/scheduler/sched-bwc.txt. (example: "2") +# - CONTAINER_MAX_MEMORY: Memory limit given to the container (example: "1024"). +# - GC_MIN_HEAP_FREE_RATIO: Minimum percentage of heap free after GC to avoid expansion. +# (example: "20") +# - GC_MAX_HEAP_FREE_RATIO: Maximum percentage of heap free after GC to avoid shrinking. +# (example: "40") +# - GC_TIME_RATIO: Specifies the ratio of the time spent outside the garbage collection. +# (example: "4") +# - GC_ADAPTIVE_SIZE_POLICY_WEIGHT: The weighting given to the current GC time versus +# previous GC times. (example: "90") +# - GC_METASPACE_SIZE: The initial metaspace size. (example: "20") +# - GC_MAX_METASPACE_SIZE: The maximum metaspace size. (example: "100") +# - GC_CONTAINER_OPTIONS: Specify Java GC to use. The value of this variable should +# contain the necessary JRE command-line options to specify the required GC, which +# will override the default of `-XX:+UseParallelGC` (example: -XX:+UseG1GC). +# - HTTPS_PROXY: The location of the https proxy. (example: "myuser@127.0.0.1:8080") +# - HTTP_PROXY: The location of the http proxy. (example: "myuser@127.0.0.1:8080") +# - NO_PROXY: A comma separated lists of hosts, IP addresses or domains that can be +# accessed directly. (example: "foo.example.com,bar.example.com") # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/openjdk-11:1.14 + +ENV LANGUAGE='en_US:en' -ARG JAVA_PACKAGE=java-11-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.8 -ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' -# Install java and the run-java script -# Also set up permissions for user `1001` -RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ - && microdnf update \ - && microdnf clean all \ - && mkdir /deployments \ - && chown 1001 /deployments \ - && chmod "g+rwX" /deployments \ - && chown 1001:root /deployments \ - && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ - && chown 1001 /deployments/run-java.sh \ - && chmod 540 /deployments/run-java.sh \ - && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security -# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. -ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" # We make four distinct layers so if there are application changes the library layers can be re-used -COPY --chown=1001 target/quarkus-app/lib/ /deployments/lib/ -COPY --chown=1001 target/quarkus-app/*.jar /deployments/ -COPY --chown=1001 target/quarkus-app/app/ /deployments/app/ -COPY --chown=1001 target/quarkus-app/quarkus/ /deployments/quarkus/ +COPY --chown=185 target/quarkus-app/lib/ /deployments/lib/ +COPY --chown=185 target/quarkus-app/*.jar /deployments/ +COPY --chown=185 target/quarkus-app/app/ /deployments/app/ +COPY --chown=185 target/quarkus-app/quarkus/ /deployments/quarkus/ EXPOSE 8080 -USER 1001 +USER 185 +ENV AB_JOLOKIA_OFF="" +ENV JAVA_OPTS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +ENV JAVA_APP_JAR="/deployments/quarkus-run.jar" -ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/spring-di-quickstart/src/main/docker/Dockerfile.legacy-jar b/spring-di-quickstart/src/main/docker/Dockerfile.legacy-jar index 04a168878f..97ac334e71 100644 --- a/spring-di-quickstart/src/main/docker/Dockerfile.legacy-jar +++ b/spring-di-quickstart/src/main/docker/Dockerfile.legacy-jar @@ -7,45 +7,84 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/spring-di-legacy-jar . +# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/spring-di-quickstart-legacy-jar . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/spring-di-legacy-jar +# docker run -i --rm -p 8080:8080 quarkus/spring-di-quickstart-legacy-jar # # If you want to include the debug port into your docker image -# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5005 # # Then run the container using : # -# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/spring-di-legacy-jar +# docker run -i --rm -p 8080:8080 quarkus/spring-di-quickstart-legacy-jar +# +# This image uses the `run-java.sh` script to run the application. +# This scripts computes the command line to execute your Java application, and +# includes memory/GC tuning. +# You can configure the behavior using the following environment properties: +# - JAVA_OPTS: JVM options passed to the `java` command (example: "-verbose:class") +# - JAVA_OPTS_APPEND: User specified Java options to be appended to generated options +# in JAVA_OPTS (example: "-Dsome.property=foo") +# - JAVA_MAX_MEM_RATIO: Is used when no `-Xmx` option is given in JAVA_OPTS. This is +# used to calculate a default maximal heap memory based on a containers restriction. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xmx` is set to a ratio +# of the container available memory as set here. The default is `50` which means 50% +# of the available memory is used as an upper boundary. You can skip this mechanism by +# setting this value to `0` in which case no `-Xmx` option is added. +# - JAVA_INITIAL_MEM_RATIO: Is used when no `-Xms` option is given in JAVA_OPTS. This +# is used to calculate a default initial heap memory based on the maximum heap memory. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xms` is set to a ratio +# of the `-Xmx` memory as set here. The default is `25` which means 25% of the `-Xmx` +# is used as the initial heap size. You can skip this mechanism by setting this value +# to `0` in which case no `-Xms` option is added (example: "25") +# - JAVA_MAX_INITIAL_MEM: Is used when no `-Xms` option is given in JAVA_OPTS. +# This is used to calculate the maximum value of the initial heap memory. If used in +# a container without any memory constraints for the container then this option has +# no effect. If there is a memory constraint then `-Xms` is limited to the value set +# here. The default is 4096MB which means the calculated value of `-Xms` never will +# be greater than 4096MB. The value of this variable is expressed in MB (example: "4096") +# - JAVA_DIAGNOSTICS: Set this to get some diagnostics information to standard output +# when things are happening. This option, if set to true, will set +# `-XX:+UnlockDiagnosticVMOptions`. Disabled by default (example: "true"). +# - JAVA_DEBUG: If set remote debugging will be switched on. Disabled by default (example: +# true"). +# - JAVA_DEBUG_PORT: Port used for remote debugging. Defaults to 5005 (example: "8787"). +# - CONTAINER_CORE_LIMIT: A calculated core limit as described in +# https://www.kernel.org/doc/Documentation/scheduler/sched-bwc.txt. (example: "2") +# - CONTAINER_MAX_MEMORY: Memory limit given to the container (example: "1024"). +# - GC_MIN_HEAP_FREE_RATIO: Minimum percentage of heap free after GC to avoid expansion. +# (example: "20") +# - GC_MAX_HEAP_FREE_RATIO: Maximum percentage of heap free after GC to avoid shrinking. +# (example: "40") +# - GC_TIME_RATIO: Specifies the ratio of the time spent outside the garbage collection. +# (example: "4") +# - GC_ADAPTIVE_SIZE_POLICY_WEIGHT: The weighting given to the current GC time versus +# previous GC times. (example: "90") +# - GC_METASPACE_SIZE: The initial metaspace size. (example: "20") +# - GC_MAX_METASPACE_SIZE: The maximum metaspace size. (example: "100") +# - GC_CONTAINER_OPTIONS: Specify Java GC to use. The value of this variable should +# contain the necessary JRE command-line options to specify the required GC, which +# will override the default of `-XX:+UseParallelGC` (example: -XX:+UseG1GC). +# - HTTPS_PROXY: The location of the https proxy. (example: "myuser@127.0.0.1:8080") +# - HTTP_PROXY: The location of the http proxy. (example: "myuser@127.0.0.1:8080") +# - NO_PROXY: A comma separated lists of hosts, IP addresses or domains that can be +# accessed directly. (example: "foo.example.com,bar.example.com") # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/openjdk-11:1.14 + +ENV LANGUAGE='en_US:en' -ARG JAVA_PACKAGE=java-11-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.8 -ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' -# Install java and the run-java script -# Also set up permissions for user `1001` -RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ - && microdnf update \ - && microdnf clean all \ - && mkdir /deployments \ - && chown 1001 /deployments \ - && chmod "g+rwX" /deployments \ - && chown 1001:root /deployments \ - && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ - && chown 1001 /deployments/run-java.sh \ - && chmod 540 /deployments/run-java.sh \ - && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security -# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. -ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" COPY target/lib/* /deployments/lib/ -COPY target/*-runner.jar /deployments/app.jar +COPY target/*-runner.jar /deployments/quarkus-run.jar EXPOSE 8080 -USER 1001 - -ENTRYPOINT [ "/deployments/run-java.sh" ] +USER 185 +ENV AB_JOLOKIA_OFF="" +ENV JAVA_OPTS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +ENV JAVA_APP_JAR="/deployments/quarkus-run.jar" diff --git a/spring-di-quickstart/src/main/docker/Dockerfile.native b/spring-di-quickstart/src/main/docker/Dockerfile.native index 1b04871991..cafae18690 100644 --- a/spring-di-quickstart/src/main/docker/Dockerfile.native +++ b/spring-di-quickstart/src/main/docker/Dockerfile.native @@ -1,5 +1,5 @@ #### -# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode. # # Before building the container image run: # @@ -7,14 +7,14 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native -t quarkus/spring-di . +# docker build -f src/main/docker/Dockerfile.native -t quarkus/spring-di-quickstart . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/spring-di +# docker run -i --rm -p 8080:8080 quarkus/spring-di-quickstart # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.6 WORKDIR /work/ RUN chown 1001 /work \ && chmod "g+rwX" /work \ diff --git a/spring-di-quickstart/src/main/docker/Dockerfile.native-micro b/spring-di-quickstart/src/main/docker/Dockerfile.native-micro index e38d989595..0e6b0b426e 100644 --- a/spring-di-quickstart/src/main/docker/Dockerfile.native-micro +++ b/spring-di-quickstart/src/main/docker/Dockerfile.native-micro @@ -1,5 +1,8 @@ #### -# This Dockerfile is used in order to build a distroless container that runs the Quarkus application in native (no JVM) mode +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode. +# It uses a micro base image, tuned for Quarkus native executables. +# It reduces the size of the resulting container image. +# Check https://quarkus.io/guides/quarkus-runtime-base-image for further information about this image. # # Before building the container image run: # @@ -7,15 +10,19 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native-micro -t quarkus/spring-di . +# docker build -f src/main/docker/Dockerfile.native-micro -t quarkus/spring-di-quickstart . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/spring-di +# docker run -i --rm -p 8080:8080 quarkus/spring-di-quickstart # ### -FROM quay.io/quarkus/quarkus-micro-image:1.0 -COPY target/*-runner /application +FROM quay.io/quarkus/quarkus-micro-image:2.0 +WORKDIR /work/ +RUN chown 1001 /work \ + && chmod "g+rwX" /work \ + && chown 1001:root /work +COPY --chown=1001:root target/*-runner /work/application EXPOSE 8080 USER 1001 diff --git a/spring-scheduled-quickstart/pom.xml b/spring-scheduled-quickstart/pom.xml index 464b1f5c14..2c107b8768 100644 --- a/spring-scheduled-quickstart/pom.xml +++ b/spring-scheduled-quickstart/pom.xml @@ -8,7 +8,7 @@ quarkus-bom io.quarkus - 999-SNAPSHOT + 2.14.0.Final 3.0.0-M7 UTF-8 11 diff --git a/spring-scheduled-quickstart/src/main/docker/Dockerfile.jvm b/spring-scheduled-quickstart/src/main/docker/Dockerfile.jvm index 3fc2f0fca3..c1b5ea24fd 100644 --- a/spring-scheduled-quickstart/src/main/docker/Dockerfile.jvm +++ b/spring-scheduled-quickstart/src/main/docker/Dockerfile.jvm @@ -7,48 +7,88 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/spring-scheduled-jvm . +# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/spring-scheduled-quickstart-jvm . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/spring-scheduled-jvm +# docker run -i --rm -p 8080:8080 quarkus/spring-scheduled-quickstart-jvm # # If you want to include the debug port into your docker image -# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5005 # # Then run the container using : # -# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/spring-scheduled-jvm +# docker run -i --rm -p 8080:8080 quarkus/spring-scheduled-quickstart-jvm +# +# This image uses the `run-java.sh` script to run the application. +# This scripts computes the command line to execute your Java application, and +# includes memory/GC tuning. +# You can configure the behavior using the following environment properties: +# - JAVA_OPTS: JVM options passed to the `java` command (example: "-verbose:class") +# - JAVA_OPTS_APPEND: User specified Java options to be appended to generated options +# in JAVA_OPTS (example: "-Dsome.property=foo") +# - JAVA_MAX_MEM_RATIO: Is used when no `-Xmx` option is given in JAVA_OPTS. This is +# used to calculate a default maximal heap memory based on a containers restriction. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xmx` is set to a ratio +# of the container available memory as set here. The default is `50` which means 50% +# of the available memory is used as an upper boundary. You can skip this mechanism by +# setting this value to `0` in which case no `-Xmx` option is added. +# - JAVA_INITIAL_MEM_RATIO: Is used when no `-Xms` option is given in JAVA_OPTS. This +# is used to calculate a default initial heap memory based on the maximum heap memory. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xms` is set to a ratio +# of the `-Xmx` memory as set here. The default is `25` which means 25% of the `-Xmx` +# is used as the initial heap size. You can skip this mechanism by setting this value +# to `0` in which case no `-Xms` option is added (example: "25") +# - JAVA_MAX_INITIAL_MEM: Is used when no `-Xms` option is given in JAVA_OPTS. +# This is used to calculate the maximum value of the initial heap memory. If used in +# a container without any memory constraints for the container then this option has +# no effect. If there is a memory constraint then `-Xms` is limited to the value set +# here. The default is 4096MB which means the calculated value of `-Xms` never will +# be greater than 4096MB. The value of this variable is expressed in MB (example: "4096") +# - JAVA_DIAGNOSTICS: Set this to get some diagnostics information to standard output +# when things are happening. This option, if set to true, will set +# `-XX:+UnlockDiagnosticVMOptions`. Disabled by default (example: "true"). +# - JAVA_DEBUG: If set remote debugging will be switched on. Disabled by default (example: +# true"). +# - JAVA_DEBUG_PORT: Port used for remote debugging. Defaults to 5005 (example: "8787"). +# - CONTAINER_CORE_LIMIT: A calculated core limit as described in +# https://www.kernel.org/doc/Documentation/scheduler/sched-bwc.txt. (example: "2") +# - CONTAINER_MAX_MEMORY: Memory limit given to the container (example: "1024"). +# - GC_MIN_HEAP_FREE_RATIO: Minimum percentage of heap free after GC to avoid expansion. +# (example: "20") +# - GC_MAX_HEAP_FREE_RATIO: Maximum percentage of heap free after GC to avoid shrinking. +# (example: "40") +# - GC_TIME_RATIO: Specifies the ratio of the time spent outside the garbage collection. +# (example: "4") +# - GC_ADAPTIVE_SIZE_POLICY_WEIGHT: The weighting given to the current GC time versus +# previous GC times. (example: "90") +# - GC_METASPACE_SIZE: The initial metaspace size. (example: "20") +# - GC_MAX_METASPACE_SIZE: The maximum metaspace size. (example: "100") +# - GC_CONTAINER_OPTIONS: Specify Java GC to use. The value of this variable should +# contain the necessary JRE command-line options to specify the required GC, which +# will override the default of `-XX:+UseParallelGC` (example: -XX:+UseG1GC). +# - HTTPS_PROXY: The location of the https proxy. (example: "myuser@127.0.0.1:8080") +# - HTTP_PROXY: The location of the http proxy. (example: "myuser@127.0.0.1:8080") +# - NO_PROXY: A comma separated lists of hosts, IP addresses or domains that can be +# accessed directly. (example: "foo.example.com,bar.example.com") # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/openjdk-11:1.14 + +ENV LANGUAGE='en_US:en' -ARG JAVA_PACKAGE=java-11-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.8 -ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' -# Install java and the run-java script -# Also set up permissions for user `1001` -RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ - && microdnf update \ - && microdnf clean all \ - && mkdir /deployments \ - && chown 1001 /deployments \ - && chmod "g+rwX" /deployments \ - && chown 1001:root /deployments \ - && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ - && chown 1001 /deployments/run-java.sh \ - && chmod 540 /deployments/run-java.sh \ - && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security -# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. -ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" # We make four distinct layers so if there are application changes the library layers can be re-used -COPY --chown=1001 target/quarkus-app/lib/ /deployments/lib/ -COPY --chown=1001 target/quarkus-app/*.jar /deployments/ -COPY --chown=1001 target/quarkus-app/app/ /deployments/app/ -COPY --chown=1001 target/quarkus-app/quarkus/ /deployments/quarkus/ +COPY --chown=185 target/quarkus-app/lib/ /deployments/lib/ +COPY --chown=185 target/quarkus-app/*.jar /deployments/ +COPY --chown=185 target/quarkus-app/app/ /deployments/app/ +COPY --chown=185 target/quarkus-app/quarkus/ /deployments/quarkus/ EXPOSE 8080 -USER 1001 +USER 185 +ENV AB_JOLOKIA_OFF="" +ENV JAVA_OPTS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +ENV JAVA_APP_JAR="/deployments/quarkus-run.jar" -ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/spring-scheduled-quickstart/src/main/docker/Dockerfile.legacy-jar b/spring-scheduled-quickstart/src/main/docker/Dockerfile.legacy-jar index 7e98c60249..369f91978d 100644 --- a/spring-scheduled-quickstart/src/main/docker/Dockerfile.legacy-jar +++ b/spring-scheduled-quickstart/src/main/docker/Dockerfile.legacy-jar @@ -7,45 +7,84 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/spring-scheduled-legacy-jar . +# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/spring-scheduled-quickstart-legacy-jar . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/spring-scheduled-legacy-jar +# docker run -i --rm -p 8080:8080 quarkus/spring-scheduled-quickstart-legacy-jar # # If you want to include the debug port into your docker image -# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5005 # # Then run the container using : # -# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/spring-scheduled-legacy-jar +# docker run -i --rm -p 8080:8080 quarkus/spring-scheduled-quickstart-legacy-jar +# +# This image uses the `run-java.sh` script to run the application. +# This scripts computes the command line to execute your Java application, and +# includes memory/GC tuning. +# You can configure the behavior using the following environment properties: +# - JAVA_OPTS: JVM options passed to the `java` command (example: "-verbose:class") +# - JAVA_OPTS_APPEND: User specified Java options to be appended to generated options +# in JAVA_OPTS (example: "-Dsome.property=foo") +# - JAVA_MAX_MEM_RATIO: Is used when no `-Xmx` option is given in JAVA_OPTS. This is +# used to calculate a default maximal heap memory based on a containers restriction. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xmx` is set to a ratio +# of the container available memory as set here. The default is `50` which means 50% +# of the available memory is used as an upper boundary. You can skip this mechanism by +# setting this value to `0` in which case no `-Xmx` option is added. +# - JAVA_INITIAL_MEM_RATIO: Is used when no `-Xms` option is given in JAVA_OPTS. This +# is used to calculate a default initial heap memory based on the maximum heap memory. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xms` is set to a ratio +# of the `-Xmx` memory as set here. The default is `25` which means 25% of the `-Xmx` +# is used as the initial heap size. You can skip this mechanism by setting this value +# to `0` in which case no `-Xms` option is added (example: "25") +# - JAVA_MAX_INITIAL_MEM: Is used when no `-Xms` option is given in JAVA_OPTS. +# This is used to calculate the maximum value of the initial heap memory. If used in +# a container without any memory constraints for the container then this option has +# no effect. If there is a memory constraint then `-Xms` is limited to the value set +# here. The default is 4096MB which means the calculated value of `-Xms` never will +# be greater than 4096MB. The value of this variable is expressed in MB (example: "4096") +# - JAVA_DIAGNOSTICS: Set this to get some diagnostics information to standard output +# when things are happening. This option, if set to true, will set +# `-XX:+UnlockDiagnosticVMOptions`. Disabled by default (example: "true"). +# - JAVA_DEBUG: If set remote debugging will be switched on. Disabled by default (example: +# true"). +# - JAVA_DEBUG_PORT: Port used for remote debugging. Defaults to 5005 (example: "8787"). +# - CONTAINER_CORE_LIMIT: A calculated core limit as described in +# https://www.kernel.org/doc/Documentation/scheduler/sched-bwc.txt. (example: "2") +# - CONTAINER_MAX_MEMORY: Memory limit given to the container (example: "1024"). +# - GC_MIN_HEAP_FREE_RATIO: Minimum percentage of heap free after GC to avoid expansion. +# (example: "20") +# - GC_MAX_HEAP_FREE_RATIO: Maximum percentage of heap free after GC to avoid shrinking. +# (example: "40") +# - GC_TIME_RATIO: Specifies the ratio of the time spent outside the garbage collection. +# (example: "4") +# - GC_ADAPTIVE_SIZE_POLICY_WEIGHT: The weighting given to the current GC time versus +# previous GC times. (example: "90") +# - GC_METASPACE_SIZE: The initial metaspace size. (example: "20") +# - GC_MAX_METASPACE_SIZE: The maximum metaspace size. (example: "100") +# - GC_CONTAINER_OPTIONS: Specify Java GC to use. The value of this variable should +# contain the necessary JRE command-line options to specify the required GC, which +# will override the default of `-XX:+UseParallelGC` (example: -XX:+UseG1GC). +# - HTTPS_PROXY: The location of the https proxy. (example: "myuser@127.0.0.1:8080") +# - HTTP_PROXY: The location of the http proxy. (example: "myuser@127.0.0.1:8080") +# - NO_PROXY: A comma separated lists of hosts, IP addresses or domains that can be +# accessed directly. (example: "foo.example.com,bar.example.com") # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/openjdk-11:1.14 + +ENV LANGUAGE='en_US:en' -ARG JAVA_PACKAGE=java-11-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.8 -ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' -# Install java and the run-java script -# Also set up permissions for user `1001` -RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ - && microdnf update \ - && microdnf clean all \ - && mkdir /deployments \ - && chown 1001 /deployments \ - && chmod "g+rwX" /deployments \ - && chown 1001:root /deployments \ - && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ - && chown 1001 /deployments/run-java.sh \ - && chmod 540 /deployments/run-java.sh \ - && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security -# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. -ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" COPY target/lib/* /deployments/lib/ -COPY target/*-runner.jar /deployments/app.jar +COPY target/*-runner.jar /deployments/quarkus-run.jar EXPOSE 8080 -USER 1001 - -ENTRYPOINT [ "/deployments/run-java.sh" ] +USER 185 +ENV AB_JOLOKIA_OFF="" +ENV JAVA_OPTS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +ENV JAVA_APP_JAR="/deployments/quarkus-run.jar" diff --git a/spring-scheduled-quickstart/src/main/docker/Dockerfile.native b/spring-scheduled-quickstart/src/main/docker/Dockerfile.native index dc99c83b5d..b9fb5935b4 100644 --- a/spring-scheduled-quickstart/src/main/docker/Dockerfile.native +++ b/spring-scheduled-quickstart/src/main/docker/Dockerfile.native @@ -1,5 +1,5 @@ #### -# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode. # # Before building the container image run: # @@ -7,14 +7,14 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native -t quarkus/spring-scheduled . +# docker build -f src/main/docker/Dockerfile.native -t quarkus/spring-scheduled-quickstart . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/spring-scheduled +# docker run -i --rm -p 8080:8080 quarkus/spring-scheduled-quickstart # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.6 WORKDIR /work/ RUN chown 1001 /work \ && chmod "g+rwX" /work \ diff --git a/spring-scheduled-quickstart/src/main/docker/Dockerfile.native-micro b/spring-scheduled-quickstart/src/main/docker/Dockerfile.native-micro index 3f207047c2..e977420cd6 100644 --- a/spring-scheduled-quickstart/src/main/docker/Dockerfile.native-micro +++ b/spring-scheduled-quickstart/src/main/docker/Dockerfile.native-micro @@ -1,5 +1,8 @@ #### -# This Dockerfile is used in order to build a distroless container that runs the Quarkus application in native (no JVM) mode +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode. +# It uses a micro base image, tuned for Quarkus native executables. +# It reduces the size of the resulting container image. +# Check https://quarkus.io/guides/quarkus-runtime-base-image for further information about this image. # # Before building the container image run: # @@ -7,15 +10,19 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native-micro -t quarkus/spring-scheduled . +# docker build -f src/main/docker/Dockerfile.native-micro -t quarkus/spring-scheduled-quickstart . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/spring-scheduled +# docker run -i --rm -p 8080:8080 quarkus/spring-scheduled-quickstart # ### -FROM quay.io/quarkus/quarkus-micro-image:1.0 -COPY target/*-runner /application +FROM quay.io/quarkus/quarkus-micro-image:2.0 +WORKDIR /work/ +RUN chown 1001 /work \ + && chmod "g+rwX" /work \ + && chown 1001:root /work +COPY --chown=1001:root target/*-runner /work/application EXPOSE 8080 USER 1001 diff --git a/spring-security-quickstart/pom.xml b/spring-security-quickstart/pom.xml index e2ab80aeed..728b29f0a9 100644 --- a/spring-security-quickstart/pom.xml +++ b/spring-security-quickstart/pom.xml @@ -8,7 +8,7 @@ quarkus-bom io.quarkus - 999-SNAPSHOT + 2.14.0.Final 3.8.1 true 11 diff --git a/spring-security-quickstart/src/main/docker/Dockerfile.jvm b/spring-security-quickstart/src/main/docker/Dockerfile.jvm index 1c8a10c02a..23f9def6cf 100644 --- a/spring-security-quickstart/src/main/docker/Dockerfile.jvm +++ b/spring-security-quickstart/src/main/docker/Dockerfile.jvm @@ -7,48 +7,88 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/spring-security-jvm . +# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/spring-security-quickstart-jvm . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/spring-security-jvm +# docker run -i --rm -p 8080:8080 quarkus/spring-security-quickstart-jvm # # If you want to include the debug port into your docker image -# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5005 # # Then run the container using : # -# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/spring-security-jvm +# docker run -i --rm -p 8080:8080 quarkus/spring-security-quickstart-jvm +# +# This image uses the `run-java.sh` script to run the application. +# This scripts computes the command line to execute your Java application, and +# includes memory/GC tuning. +# You can configure the behavior using the following environment properties: +# - JAVA_OPTS: JVM options passed to the `java` command (example: "-verbose:class") +# - JAVA_OPTS_APPEND: User specified Java options to be appended to generated options +# in JAVA_OPTS (example: "-Dsome.property=foo") +# - JAVA_MAX_MEM_RATIO: Is used when no `-Xmx` option is given in JAVA_OPTS. This is +# used to calculate a default maximal heap memory based on a containers restriction. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xmx` is set to a ratio +# of the container available memory as set here. The default is `50` which means 50% +# of the available memory is used as an upper boundary. You can skip this mechanism by +# setting this value to `0` in which case no `-Xmx` option is added. +# - JAVA_INITIAL_MEM_RATIO: Is used when no `-Xms` option is given in JAVA_OPTS. This +# is used to calculate a default initial heap memory based on the maximum heap memory. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xms` is set to a ratio +# of the `-Xmx` memory as set here. The default is `25` which means 25% of the `-Xmx` +# is used as the initial heap size. You can skip this mechanism by setting this value +# to `0` in which case no `-Xms` option is added (example: "25") +# - JAVA_MAX_INITIAL_MEM: Is used when no `-Xms` option is given in JAVA_OPTS. +# This is used to calculate the maximum value of the initial heap memory. If used in +# a container without any memory constraints for the container then this option has +# no effect. If there is a memory constraint then `-Xms` is limited to the value set +# here. The default is 4096MB which means the calculated value of `-Xms` never will +# be greater than 4096MB. The value of this variable is expressed in MB (example: "4096") +# - JAVA_DIAGNOSTICS: Set this to get some diagnostics information to standard output +# when things are happening. This option, if set to true, will set +# `-XX:+UnlockDiagnosticVMOptions`. Disabled by default (example: "true"). +# - JAVA_DEBUG: If set remote debugging will be switched on. Disabled by default (example: +# true"). +# - JAVA_DEBUG_PORT: Port used for remote debugging. Defaults to 5005 (example: "8787"). +# - CONTAINER_CORE_LIMIT: A calculated core limit as described in +# https://www.kernel.org/doc/Documentation/scheduler/sched-bwc.txt. (example: "2") +# - CONTAINER_MAX_MEMORY: Memory limit given to the container (example: "1024"). +# - GC_MIN_HEAP_FREE_RATIO: Minimum percentage of heap free after GC to avoid expansion. +# (example: "20") +# - GC_MAX_HEAP_FREE_RATIO: Maximum percentage of heap free after GC to avoid shrinking. +# (example: "40") +# - GC_TIME_RATIO: Specifies the ratio of the time spent outside the garbage collection. +# (example: "4") +# - GC_ADAPTIVE_SIZE_POLICY_WEIGHT: The weighting given to the current GC time versus +# previous GC times. (example: "90") +# - GC_METASPACE_SIZE: The initial metaspace size. (example: "20") +# - GC_MAX_METASPACE_SIZE: The maximum metaspace size. (example: "100") +# - GC_CONTAINER_OPTIONS: Specify Java GC to use. The value of this variable should +# contain the necessary JRE command-line options to specify the required GC, which +# will override the default of `-XX:+UseParallelGC` (example: -XX:+UseG1GC). +# - HTTPS_PROXY: The location of the https proxy. (example: "myuser@127.0.0.1:8080") +# - HTTP_PROXY: The location of the http proxy. (example: "myuser@127.0.0.1:8080") +# - NO_PROXY: A comma separated lists of hosts, IP addresses or domains that can be +# accessed directly. (example: "foo.example.com,bar.example.com") # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/openjdk-11:1.14 + +ENV LANGUAGE='en_US:en' -ARG JAVA_PACKAGE=java-11-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.8 -ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' -# Install java and the run-java script -# Also set up permissions for user `1001` -RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ - && microdnf update \ - && microdnf clean all \ - && mkdir /deployments \ - && chown 1001 /deployments \ - && chmod "g+rwX" /deployments \ - && chown 1001:root /deployments \ - && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ - && chown 1001 /deployments/run-java.sh \ - && chmod 540 /deployments/run-java.sh \ - && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security -# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. -ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" # We make four distinct layers so if there are application changes the library layers can be re-used -COPY --chown=1001 target/quarkus-app/lib/ /deployments/lib/ -COPY --chown=1001 target/quarkus-app/*.jar /deployments/ -COPY --chown=1001 target/quarkus-app/app/ /deployments/app/ -COPY --chown=1001 target/quarkus-app/quarkus/ /deployments/quarkus/ +COPY --chown=185 target/quarkus-app/lib/ /deployments/lib/ +COPY --chown=185 target/quarkus-app/*.jar /deployments/ +COPY --chown=185 target/quarkus-app/app/ /deployments/app/ +COPY --chown=185 target/quarkus-app/quarkus/ /deployments/quarkus/ EXPOSE 8080 -USER 1001 +USER 185 +ENV AB_JOLOKIA_OFF="" +ENV JAVA_OPTS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +ENV JAVA_APP_JAR="/deployments/quarkus-run.jar" -ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/spring-security-quickstart/src/main/docker/Dockerfile.legacy-jar b/spring-security-quickstart/src/main/docker/Dockerfile.legacy-jar index 640b3fb04c..7e670c6a98 100644 --- a/spring-security-quickstart/src/main/docker/Dockerfile.legacy-jar +++ b/spring-security-quickstart/src/main/docker/Dockerfile.legacy-jar @@ -7,45 +7,84 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/spring-security-legacy-jar . +# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/spring-security-quickstart-legacy-jar . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/spring-security-legacy-jar +# docker run -i --rm -p 8080:8080 quarkus/spring-security-quickstart-legacy-jar # # If you want to include the debug port into your docker image -# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5005 # # Then run the container using : # -# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/spring-security-legacy-jar +# docker run -i --rm -p 8080:8080 quarkus/spring-security-quickstart-legacy-jar +# +# This image uses the `run-java.sh` script to run the application. +# This scripts computes the command line to execute your Java application, and +# includes memory/GC tuning. +# You can configure the behavior using the following environment properties: +# - JAVA_OPTS: JVM options passed to the `java` command (example: "-verbose:class") +# - JAVA_OPTS_APPEND: User specified Java options to be appended to generated options +# in JAVA_OPTS (example: "-Dsome.property=foo") +# - JAVA_MAX_MEM_RATIO: Is used when no `-Xmx` option is given in JAVA_OPTS. This is +# used to calculate a default maximal heap memory based on a containers restriction. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xmx` is set to a ratio +# of the container available memory as set here. The default is `50` which means 50% +# of the available memory is used as an upper boundary. You can skip this mechanism by +# setting this value to `0` in which case no `-Xmx` option is added. +# - JAVA_INITIAL_MEM_RATIO: Is used when no `-Xms` option is given in JAVA_OPTS. This +# is used to calculate a default initial heap memory based on the maximum heap memory. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xms` is set to a ratio +# of the `-Xmx` memory as set here. The default is `25` which means 25% of the `-Xmx` +# is used as the initial heap size. You can skip this mechanism by setting this value +# to `0` in which case no `-Xms` option is added (example: "25") +# - JAVA_MAX_INITIAL_MEM: Is used when no `-Xms` option is given in JAVA_OPTS. +# This is used to calculate the maximum value of the initial heap memory. If used in +# a container without any memory constraints for the container then this option has +# no effect. If there is a memory constraint then `-Xms` is limited to the value set +# here. The default is 4096MB which means the calculated value of `-Xms` never will +# be greater than 4096MB. The value of this variable is expressed in MB (example: "4096") +# - JAVA_DIAGNOSTICS: Set this to get some diagnostics information to standard output +# when things are happening. This option, if set to true, will set +# `-XX:+UnlockDiagnosticVMOptions`. Disabled by default (example: "true"). +# - JAVA_DEBUG: If set remote debugging will be switched on. Disabled by default (example: +# true"). +# - JAVA_DEBUG_PORT: Port used for remote debugging. Defaults to 5005 (example: "8787"). +# - CONTAINER_CORE_LIMIT: A calculated core limit as described in +# https://www.kernel.org/doc/Documentation/scheduler/sched-bwc.txt. (example: "2") +# - CONTAINER_MAX_MEMORY: Memory limit given to the container (example: "1024"). +# - GC_MIN_HEAP_FREE_RATIO: Minimum percentage of heap free after GC to avoid expansion. +# (example: "20") +# - GC_MAX_HEAP_FREE_RATIO: Maximum percentage of heap free after GC to avoid shrinking. +# (example: "40") +# - GC_TIME_RATIO: Specifies the ratio of the time spent outside the garbage collection. +# (example: "4") +# - GC_ADAPTIVE_SIZE_POLICY_WEIGHT: The weighting given to the current GC time versus +# previous GC times. (example: "90") +# - GC_METASPACE_SIZE: The initial metaspace size. (example: "20") +# - GC_MAX_METASPACE_SIZE: The maximum metaspace size. (example: "100") +# - GC_CONTAINER_OPTIONS: Specify Java GC to use. The value of this variable should +# contain the necessary JRE command-line options to specify the required GC, which +# will override the default of `-XX:+UseParallelGC` (example: -XX:+UseG1GC). +# - HTTPS_PROXY: The location of the https proxy. (example: "myuser@127.0.0.1:8080") +# - HTTP_PROXY: The location of the http proxy. (example: "myuser@127.0.0.1:8080") +# - NO_PROXY: A comma separated lists of hosts, IP addresses or domains that can be +# accessed directly. (example: "foo.example.com,bar.example.com") # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/openjdk-11:1.14 + +ENV LANGUAGE='en_US:en' -ARG JAVA_PACKAGE=java-11-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.8 -ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' -# Install java and the run-java script -# Also set up permissions for user `1001` -RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ - && microdnf update \ - && microdnf clean all \ - && mkdir /deployments \ - && chown 1001 /deployments \ - && chmod "g+rwX" /deployments \ - && chown 1001:root /deployments \ - && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ - && chown 1001 /deployments/run-java.sh \ - && chmod 540 /deployments/run-java.sh \ - && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security -# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. -ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" COPY target/lib/* /deployments/lib/ -COPY target/*-runner.jar /deployments/app.jar +COPY target/*-runner.jar /deployments/quarkus-run.jar EXPOSE 8080 -USER 1001 - -ENTRYPOINT [ "/deployments/run-java.sh" ] +USER 185 +ENV AB_JOLOKIA_OFF="" +ENV JAVA_OPTS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +ENV JAVA_APP_JAR="/deployments/quarkus-run.jar" diff --git a/spring-security-quickstart/src/main/docker/Dockerfile.native b/spring-security-quickstart/src/main/docker/Dockerfile.native index fae3b8cbe4..8ee6fdfe10 100644 --- a/spring-security-quickstart/src/main/docker/Dockerfile.native +++ b/spring-security-quickstart/src/main/docker/Dockerfile.native @@ -1,5 +1,5 @@ #### -# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode. # # Before building the container image run: # @@ -7,14 +7,14 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native -t quarkus/spring-security . +# docker build -f src/main/docker/Dockerfile.native -t quarkus/spring-security-quickstart . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/spring-security +# docker run -i --rm -p 8080:8080 quarkus/spring-security-quickstart # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.6 WORKDIR /work/ RUN chown 1001 /work \ && chmod "g+rwX" /work \ diff --git a/spring-security-quickstart/src/main/docker/Dockerfile.native-micro b/spring-security-quickstart/src/main/docker/Dockerfile.native-micro index d847c9f6e3..b89c55f12d 100644 --- a/spring-security-quickstart/src/main/docker/Dockerfile.native-micro +++ b/spring-security-quickstart/src/main/docker/Dockerfile.native-micro @@ -1,5 +1,8 @@ #### -# This Dockerfile is used in order to build a distroless container that runs the Quarkus application in native (no JVM) mode +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode. +# It uses a micro base image, tuned for Quarkus native executables. +# It reduces the size of the resulting container image. +# Check https://quarkus.io/guides/quarkus-runtime-base-image for further information about this image. # # Before building the container image run: # @@ -7,15 +10,19 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native-micro -t quarkus/spring-security . +# docker build -f src/main/docker/Dockerfile.native-micro -t quarkus/spring-security-quickstart . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/spring-security +# docker run -i --rm -p 8080:8080 quarkus/spring-security-quickstart # ### -FROM quay.io/quarkus/quarkus-micro-image:1.0 -COPY target/*-runner /application +FROM quay.io/quarkus/quarkus-micro-image:2.0 +WORKDIR /work/ +RUN chown 1001 /work \ + && chmod "g+rwX" /work \ + && chown 1001:root /work +COPY --chown=1001:root target/*-runner /work/application EXPOSE 8080 USER 1001 diff --git a/spring-security-quickstart/src/main/resources/META-INF/resources/index.html b/spring-security-quickstart/src/main/resources/META-INF/resources/index.html index eacccb960a..88f8a3a52a 100644 --- a/spring-security-quickstart/src/main/resources/META-INF/resources/index.html +++ b/spring-security-quickstart/src/main/resources/META-INF/resources/index.html @@ -133,7 +133,7 @@

    Application

  • GroupId: org.acme
  • ArtifactId: secured-spring-web-quickstart
  • Version: 1.0.0-SNAPSHOT
  • -
  • Quarkus Version: 999-SNAPSHOT
  • +
  • Quarkus Version: 2.14.0.Final
  • diff --git a/spring-web-quickstart/pom.xml b/spring-web-quickstart/pom.xml index d6a2519eca..d6c75ef161 100644 --- a/spring-web-quickstart/pom.xml +++ b/spring-web-quickstart/pom.xml @@ -9,7 +9,7 @@ quarkus-bom io.quarkus - 999-SNAPSHOT + 2.14.0.Final 3.0.0-M7 UTF-8 11 diff --git a/spring-web-quickstart/src/main/docker/Dockerfile.jvm b/spring-web-quickstart/src/main/docker/Dockerfile.jvm index 593755547a..c1dc03e37d 100644 --- a/spring-web-quickstart/src/main/docker/Dockerfile.jvm +++ b/spring-web-quickstart/src/main/docker/Dockerfile.jvm @@ -7,48 +7,88 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/spring-web-jvm . +# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/spring-web-quickstart-jvm . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/spring-web-jvm +# docker run -i --rm -p 8080:8080 quarkus/spring-web-quickstart-jvm # # If you want to include the debug port into your docker image -# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5005 # # Then run the container using : # -# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/spring-web-jvm +# docker run -i --rm -p 8080:8080 quarkus/spring-web-quickstart-jvm +# +# This image uses the `run-java.sh` script to run the application. +# This scripts computes the command line to execute your Java application, and +# includes memory/GC tuning. +# You can configure the behavior using the following environment properties: +# - JAVA_OPTS: JVM options passed to the `java` command (example: "-verbose:class") +# - JAVA_OPTS_APPEND: User specified Java options to be appended to generated options +# in JAVA_OPTS (example: "-Dsome.property=foo") +# - JAVA_MAX_MEM_RATIO: Is used when no `-Xmx` option is given in JAVA_OPTS. This is +# used to calculate a default maximal heap memory based on a containers restriction. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xmx` is set to a ratio +# of the container available memory as set here. The default is `50` which means 50% +# of the available memory is used as an upper boundary. You can skip this mechanism by +# setting this value to `0` in which case no `-Xmx` option is added. +# - JAVA_INITIAL_MEM_RATIO: Is used when no `-Xms` option is given in JAVA_OPTS. This +# is used to calculate a default initial heap memory based on the maximum heap memory. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xms` is set to a ratio +# of the `-Xmx` memory as set here. The default is `25` which means 25% of the `-Xmx` +# is used as the initial heap size. You can skip this mechanism by setting this value +# to `0` in which case no `-Xms` option is added (example: "25") +# - JAVA_MAX_INITIAL_MEM: Is used when no `-Xms` option is given in JAVA_OPTS. +# This is used to calculate the maximum value of the initial heap memory. If used in +# a container without any memory constraints for the container then this option has +# no effect. If there is a memory constraint then `-Xms` is limited to the value set +# here. The default is 4096MB which means the calculated value of `-Xms` never will +# be greater than 4096MB. The value of this variable is expressed in MB (example: "4096") +# - JAVA_DIAGNOSTICS: Set this to get some diagnostics information to standard output +# when things are happening. This option, if set to true, will set +# `-XX:+UnlockDiagnosticVMOptions`. Disabled by default (example: "true"). +# - JAVA_DEBUG: If set remote debugging will be switched on. Disabled by default (example: +# true"). +# - JAVA_DEBUG_PORT: Port used for remote debugging. Defaults to 5005 (example: "8787"). +# - CONTAINER_CORE_LIMIT: A calculated core limit as described in +# https://www.kernel.org/doc/Documentation/scheduler/sched-bwc.txt. (example: "2") +# - CONTAINER_MAX_MEMORY: Memory limit given to the container (example: "1024"). +# - GC_MIN_HEAP_FREE_RATIO: Minimum percentage of heap free after GC to avoid expansion. +# (example: "20") +# - GC_MAX_HEAP_FREE_RATIO: Maximum percentage of heap free after GC to avoid shrinking. +# (example: "40") +# - GC_TIME_RATIO: Specifies the ratio of the time spent outside the garbage collection. +# (example: "4") +# - GC_ADAPTIVE_SIZE_POLICY_WEIGHT: The weighting given to the current GC time versus +# previous GC times. (example: "90") +# - GC_METASPACE_SIZE: The initial metaspace size. (example: "20") +# - GC_MAX_METASPACE_SIZE: The maximum metaspace size. (example: "100") +# - GC_CONTAINER_OPTIONS: Specify Java GC to use. The value of this variable should +# contain the necessary JRE command-line options to specify the required GC, which +# will override the default of `-XX:+UseParallelGC` (example: -XX:+UseG1GC). +# - HTTPS_PROXY: The location of the https proxy. (example: "myuser@127.0.0.1:8080") +# - HTTP_PROXY: The location of the http proxy. (example: "myuser@127.0.0.1:8080") +# - NO_PROXY: A comma separated lists of hosts, IP addresses or domains that can be +# accessed directly. (example: "foo.example.com,bar.example.com") # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/openjdk-11:1.14 + +ENV LANGUAGE='en_US:en' -ARG JAVA_PACKAGE=java-11-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.8 -ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' -# Install java and the run-java script -# Also set up permissions for user `1001` -RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ - && microdnf update \ - && microdnf clean all \ - && mkdir /deployments \ - && chown 1001 /deployments \ - && chmod "g+rwX" /deployments \ - && chown 1001:root /deployments \ - && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ - && chown 1001 /deployments/run-java.sh \ - && chmod 540 /deployments/run-java.sh \ - && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security -# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. -ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" # We make four distinct layers so if there are application changes the library layers can be re-used -COPY --chown=1001 target/quarkus-app/lib/ /deployments/lib/ -COPY --chown=1001 target/quarkus-app/*.jar /deployments/ -COPY --chown=1001 target/quarkus-app/app/ /deployments/app/ -COPY --chown=1001 target/quarkus-app/quarkus/ /deployments/quarkus/ +COPY --chown=185 target/quarkus-app/lib/ /deployments/lib/ +COPY --chown=185 target/quarkus-app/*.jar /deployments/ +COPY --chown=185 target/quarkus-app/app/ /deployments/app/ +COPY --chown=185 target/quarkus-app/quarkus/ /deployments/quarkus/ EXPOSE 8080 -USER 1001 +USER 185 +ENV AB_JOLOKIA_OFF="" +ENV JAVA_OPTS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +ENV JAVA_APP_JAR="/deployments/quarkus-run.jar" -ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/spring-web-quickstart/src/main/docker/Dockerfile.legacy-jar b/spring-web-quickstart/src/main/docker/Dockerfile.legacy-jar index 1f16e0a683..493eccd6b5 100644 --- a/spring-web-quickstart/src/main/docker/Dockerfile.legacy-jar +++ b/spring-web-quickstart/src/main/docker/Dockerfile.legacy-jar @@ -7,45 +7,84 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/spring-web-legacy-jar . +# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/spring-web-quickstart-legacy-jar . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/spring-web-legacy-jar +# docker run -i --rm -p 8080:8080 quarkus/spring-web-quickstart-legacy-jar # # If you want to include the debug port into your docker image -# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5005 # # Then run the container using : # -# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/spring-web-legacy-jar +# docker run -i --rm -p 8080:8080 quarkus/spring-web-quickstart-legacy-jar +# +# This image uses the `run-java.sh` script to run the application. +# This scripts computes the command line to execute your Java application, and +# includes memory/GC tuning. +# You can configure the behavior using the following environment properties: +# - JAVA_OPTS: JVM options passed to the `java` command (example: "-verbose:class") +# - JAVA_OPTS_APPEND: User specified Java options to be appended to generated options +# in JAVA_OPTS (example: "-Dsome.property=foo") +# - JAVA_MAX_MEM_RATIO: Is used when no `-Xmx` option is given in JAVA_OPTS. This is +# used to calculate a default maximal heap memory based on a containers restriction. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xmx` is set to a ratio +# of the container available memory as set here. The default is `50` which means 50% +# of the available memory is used as an upper boundary. You can skip this mechanism by +# setting this value to `0` in which case no `-Xmx` option is added. +# - JAVA_INITIAL_MEM_RATIO: Is used when no `-Xms` option is given in JAVA_OPTS. This +# is used to calculate a default initial heap memory based on the maximum heap memory. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xms` is set to a ratio +# of the `-Xmx` memory as set here. The default is `25` which means 25% of the `-Xmx` +# is used as the initial heap size. You can skip this mechanism by setting this value +# to `0` in which case no `-Xms` option is added (example: "25") +# - JAVA_MAX_INITIAL_MEM: Is used when no `-Xms` option is given in JAVA_OPTS. +# This is used to calculate the maximum value of the initial heap memory. If used in +# a container without any memory constraints for the container then this option has +# no effect. If there is a memory constraint then `-Xms` is limited to the value set +# here. The default is 4096MB which means the calculated value of `-Xms` never will +# be greater than 4096MB. The value of this variable is expressed in MB (example: "4096") +# - JAVA_DIAGNOSTICS: Set this to get some diagnostics information to standard output +# when things are happening. This option, if set to true, will set +# `-XX:+UnlockDiagnosticVMOptions`. Disabled by default (example: "true"). +# - JAVA_DEBUG: If set remote debugging will be switched on. Disabled by default (example: +# true"). +# - JAVA_DEBUG_PORT: Port used for remote debugging. Defaults to 5005 (example: "8787"). +# - CONTAINER_CORE_LIMIT: A calculated core limit as described in +# https://www.kernel.org/doc/Documentation/scheduler/sched-bwc.txt. (example: "2") +# - CONTAINER_MAX_MEMORY: Memory limit given to the container (example: "1024"). +# - GC_MIN_HEAP_FREE_RATIO: Minimum percentage of heap free after GC to avoid expansion. +# (example: "20") +# - GC_MAX_HEAP_FREE_RATIO: Maximum percentage of heap free after GC to avoid shrinking. +# (example: "40") +# - GC_TIME_RATIO: Specifies the ratio of the time spent outside the garbage collection. +# (example: "4") +# - GC_ADAPTIVE_SIZE_POLICY_WEIGHT: The weighting given to the current GC time versus +# previous GC times. (example: "90") +# - GC_METASPACE_SIZE: The initial metaspace size. (example: "20") +# - GC_MAX_METASPACE_SIZE: The maximum metaspace size. (example: "100") +# - GC_CONTAINER_OPTIONS: Specify Java GC to use. The value of this variable should +# contain the necessary JRE command-line options to specify the required GC, which +# will override the default of `-XX:+UseParallelGC` (example: -XX:+UseG1GC). +# - HTTPS_PROXY: The location of the https proxy. (example: "myuser@127.0.0.1:8080") +# - HTTP_PROXY: The location of the http proxy. (example: "myuser@127.0.0.1:8080") +# - NO_PROXY: A comma separated lists of hosts, IP addresses or domains that can be +# accessed directly. (example: "foo.example.com,bar.example.com") # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/openjdk-11:1.14 + +ENV LANGUAGE='en_US:en' -ARG JAVA_PACKAGE=java-11-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.8 -ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' -# Install java and the run-java script -# Also set up permissions for user `1001` -RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ - && microdnf update \ - && microdnf clean all \ - && mkdir /deployments \ - && chown 1001 /deployments \ - && chmod "g+rwX" /deployments \ - && chown 1001:root /deployments \ - && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ - && chown 1001 /deployments/run-java.sh \ - && chmod 540 /deployments/run-java.sh \ - && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security -# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. -ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" COPY target/lib/* /deployments/lib/ -COPY target/*-runner.jar /deployments/app.jar +COPY target/*-runner.jar /deployments/quarkus-run.jar EXPOSE 8080 -USER 1001 - -ENTRYPOINT [ "/deployments/run-java.sh" ] +USER 185 +ENV AB_JOLOKIA_OFF="" +ENV JAVA_OPTS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +ENV JAVA_APP_JAR="/deployments/quarkus-run.jar" diff --git a/spring-web-quickstart/src/main/docker/Dockerfile.native b/spring-web-quickstart/src/main/docker/Dockerfile.native index ce1106c739..96982a3d75 100644 --- a/spring-web-quickstart/src/main/docker/Dockerfile.native +++ b/spring-web-quickstart/src/main/docker/Dockerfile.native @@ -1,5 +1,5 @@ #### -# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode. # # Before building the container image run: # @@ -7,14 +7,14 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native -t quarkus/spring-web . +# docker build -f src/main/docker/Dockerfile.native -t quarkus/spring-web-quickstart . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/spring-web +# docker run -i --rm -p 8080:8080 quarkus/spring-web-quickstart # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.6 WORKDIR /work/ RUN chown 1001 /work \ && chmod "g+rwX" /work \ diff --git a/spring-web-quickstart/src/main/docker/Dockerfile.native-micro b/spring-web-quickstart/src/main/docker/Dockerfile.native-micro index e0efa6d8e1..5b1e12d731 100644 --- a/spring-web-quickstart/src/main/docker/Dockerfile.native-micro +++ b/spring-web-quickstart/src/main/docker/Dockerfile.native-micro @@ -1,5 +1,8 @@ #### -# This Dockerfile is used in order to build a distroless container that runs the Quarkus application in native (no JVM) mode +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode. +# It uses a micro base image, tuned for Quarkus native executables. +# It reduces the size of the resulting container image. +# Check https://quarkus.io/guides/quarkus-runtime-base-image for further information about this image. # # Before building the container image run: # @@ -7,15 +10,19 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native-micro -t quarkus/spring-web . +# docker build -f src/main/docker/Dockerfile.native-micro -t quarkus/spring-web-quickstart . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/spring-web +# docker run -i --rm -p 8080:8080 quarkus/spring-web-quickstart # ### -FROM quay.io/quarkus/quarkus-micro-image:1.0 -COPY target/*-runner /application +FROM quay.io/quarkus/quarkus-micro-image:2.0 +WORKDIR /work/ +RUN chown 1001 /work \ + && chmod "g+rwX" /work \ + && chown 1001:root /work +COPY --chown=1001:root target/*-runner /work/application EXPOSE 8080 USER 1001 diff --git a/stork-dns-quickstart/pom.xml b/stork-dns-quickstart/pom.xml index db13cec665..5da6a0a6e3 100644 --- a/stork-dns-quickstart/pom.xml +++ b/stork-dns-quickstart/pom.xml @@ -9,7 +9,7 @@ quarkus-bom io.quarkus - 999-SNAPSHOT + 2.14.0.Final 3.0.0-M7 UTF-8 11 diff --git a/stork-dns-quickstart/src/main/resources/META-INF/resources/index.html b/stork-dns-quickstart/src/main/resources/META-INF/resources/index.html index ed096af3fa..6784e5d588 100644 --- a/stork-dns-quickstart/src/main/resources/META-INF/resources/index.html +++ b/stork-dns-quickstart/src/main/resources/META-INF/resources/index.html @@ -146,7 +146,7 @@

    Application

  • GroupId: org.acme
  • ArtifactId: stork-getting-started
  • Version: 1.0.0-SNAPSHOT
  • -
  • Quarkus Version: 2.6.1.Final
  • +
  • Quarkus Version: 2.14.0.Final
  • diff --git a/stork-kubernetes-quickstart/pom.xml b/stork-kubernetes-quickstart/pom.xml index 1fcf0a5677..a7bd3c9297 100644 --- a/stork-kubernetes-quickstart/pom.xml +++ b/stork-kubernetes-quickstart/pom.xml @@ -9,7 +9,7 @@ quarkus-bom io.quarkus - 999-SNAPSHOT + 2.14.0.Final 3.0.0-M7 UTF-8 11 diff --git a/stork-kubernetes-quickstart/src/main/resources/META-INF/resources/index.html b/stork-kubernetes-quickstart/src/main/resources/META-INF/resources/index.html index ed096af3fa..6784e5d588 100644 --- a/stork-kubernetes-quickstart/src/main/resources/META-INF/resources/index.html +++ b/stork-kubernetes-quickstart/src/main/resources/META-INF/resources/index.html @@ -146,7 +146,7 @@

    Application

  • GroupId: org.acme
  • ArtifactId: stork-getting-started
  • Version: 1.0.0-SNAPSHOT
  • -
  • Quarkus Version: 2.6.1.Final
  • +
  • Quarkus Version: 2.14.0.Final
  • diff --git a/stork-quickstart/pom.xml b/stork-quickstart/pom.xml index db046507ef..09764bca31 100644 --- a/stork-quickstart/pom.xml +++ b/stork-quickstart/pom.xml @@ -9,7 +9,7 @@ quarkus-bom io.quarkus - 999-SNAPSHOT + 2.14.0.Final 3.0.0-M7 UTF-8 11 diff --git a/stork-quickstart/src/main/resources/META-INF/resources/index.html b/stork-quickstart/src/main/resources/META-INF/resources/index.html index ed096af3fa..6784e5d588 100644 --- a/stork-quickstart/src/main/resources/META-INF/resources/index.html +++ b/stork-quickstart/src/main/resources/META-INF/resources/index.html @@ -146,7 +146,7 @@

    Application

  • GroupId: org.acme
  • ArtifactId: stork-getting-started
  • Version: 1.0.0-SNAPSHOT
  • -
  • Quarkus Version: 2.6.1.Final
  • +
  • Quarkus Version: 2.14.0.Final
  • diff --git a/tests-with-coverage-quickstart/pom.xml b/tests-with-coverage-quickstart/pom.xml index 69e695d564..5898546265 100644 --- a/tests-with-coverage-quickstart/pom.xml +++ b/tests-with-coverage-quickstart/pom.xml @@ -9,7 +9,7 @@ quarkus-bom io.quarkus - 999-SNAPSHOT + 2.14.0.Final 3.0.0-M7 0.8.7 UTF-8 diff --git a/tests-with-coverage-quickstart/src/main/docker/Dockerfile.jvm b/tests-with-coverage-quickstart/src/main/docker/Dockerfile.jvm index 19904f8dfe..f518f28893 100644 --- a/tests-with-coverage-quickstart/src/main/docker/Dockerfile.jvm +++ b/tests-with-coverage-quickstart/src/main/docker/Dockerfile.jvm @@ -7,48 +7,88 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/tests-with-coverage-jvm . +# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/tests-with-coverage-quickstart-jvm . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/tests-with-coverage-jvm +# docker run -i --rm -p 8080:8080 quarkus/tests-with-coverage-quickstart-jvm # # If you want to include the debug port into your docker image -# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5005 # # Then run the container using : # -# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/tests-with-coverage-jvm +# docker run -i --rm -p 8080:8080 quarkus/tests-with-coverage-quickstart-jvm +# +# This image uses the `run-java.sh` script to run the application. +# This scripts computes the command line to execute your Java application, and +# includes memory/GC tuning. +# You can configure the behavior using the following environment properties: +# - JAVA_OPTS: JVM options passed to the `java` command (example: "-verbose:class") +# - JAVA_OPTS_APPEND: User specified Java options to be appended to generated options +# in JAVA_OPTS (example: "-Dsome.property=foo") +# - JAVA_MAX_MEM_RATIO: Is used when no `-Xmx` option is given in JAVA_OPTS. This is +# used to calculate a default maximal heap memory based on a containers restriction. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xmx` is set to a ratio +# of the container available memory as set here. The default is `50` which means 50% +# of the available memory is used as an upper boundary. You can skip this mechanism by +# setting this value to `0` in which case no `-Xmx` option is added. +# - JAVA_INITIAL_MEM_RATIO: Is used when no `-Xms` option is given in JAVA_OPTS. This +# is used to calculate a default initial heap memory based on the maximum heap memory. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xms` is set to a ratio +# of the `-Xmx` memory as set here. The default is `25` which means 25% of the `-Xmx` +# is used as the initial heap size. You can skip this mechanism by setting this value +# to `0` in which case no `-Xms` option is added (example: "25") +# - JAVA_MAX_INITIAL_MEM: Is used when no `-Xms` option is given in JAVA_OPTS. +# This is used to calculate the maximum value of the initial heap memory. If used in +# a container without any memory constraints for the container then this option has +# no effect. If there is a memory constraint then `-Xms` is limited to the value set +# here. The default is 4096MB which means the calculated value of `-Xms` never will +# be greater than 4096MB. The value of this variable is expressed in MB (example: "4096") +# - JAVA_DIAGNOSTICS: Set this to get some diagnostics information to standard output +# when things are happening. This option, if set to true, will set +# `-XX:+UnlockDiagnosticVMOptions`. Disabled by default (example: "true"). +# - JAVA_DEBUG: If set remote debugging will be switched on. Disabled by default (example: +# true"). +# - JAVA_DEBUG_PORT: Port used for remote debugging. Defaults to 5005 (example: "8787"). +# - CONTAINER_CORE_LIMIT: A calculated core limit as described in +# https://www.kernel.org/doc/Documentation/scheduler/sched-bwc.txt. (example: "2") +# - CONTAINER_MAX_MEMORY: Memory limit given to the container (example: "1024"). +# - GC_MIN_HEAP_FREE_RATIO: Minimum percentage of heap free after GC to avoid expansion. +# (example: "20") +# - GC_MAX_HEAP_FREE_RATIO: Maximum percentage of heap free after GC to avoid shrinking. +# (example: "40") +# - GC_TIME_RATIO: Specifies the ratio of the time spent outside the garbage collection. +# (example: "4") +# - GC_ADAPTIVE_SIZE_POLICY_WEIGHT: The weighting given to the current GC time versus +# previous GC times. (example: "90") +# - GC_METASPACE_SIZE: The initial metaspace size. (example: "20") +# - GC_MAX_METASPACE_SIZE: The maximum metaspace size. (example: "100") +# - GC_CONTAINER_OPTIONS: Specify Java GC to use. The value of this variable should +# contain the necessary JRE command-line options to specify the required GC, which +# will override the default of `-XX:+UseParallelGC` (example: -XX:+UseG1GC). +# - HTTPS_PROXY: The location of the https proxy. (example: "myuser@127.0.0.1:8080") +# - HTTP_PROXY: The location of the http proxy. (example: "myuser@127.0.0.1:8080") +# - NO_PROXY: A comma separated lists of hosts, IP addresses or domains that can be +# accessed directly. (example: "foo.example.com,bar.example.com") # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/openjdk-11:1.14 + +ENV LANGUAGE='en_US:en' -ARG JAVA_PACKAGE=java-11-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.8 -ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' -# Install java and the run-java script -# Also set up permissions for user `1001` -RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ - && microdnf update \ - && microdnf clean all \ - && mkdir /deployments \ - && chown 1001 /deployments \ - && chmod "g+rwX" /deployments \ - && chown 1001:root /deployments \ - && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ - && chown 1001 /deployments/run-java.sh \ - && chmod 540 /deployments/run-java.sh \ - && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security -# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. -ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" # We make four distinct layers so if there are application changes the library layers can be re-used -COPY --chown=1001 target/quarkus-app/lib/ /deployments/lib/ -COPY --chown=1001 target/quarkus-app/*.jar /deployments/ -COPY --chown=1001 target/quarkus-app/app/ /deployments/app/ -COPY --chown=1001 target/quarkus-app/quarkus/ /deployments/quarkus/ +COPY --chown=185 target/quarkus-app/lib/ /deployments/lib/ +COPY --chown=185 target/quarkus-app/*.jar /deployments/ +COPY --chown=185 target/quarkus-app/app/ /deployments/app/ +COPY --chown=185 target/quarkus-app/quarkus/ /deployments/quarkus/ EXPOSE 8080 -USER 1001 +USER 185 +ENV AB_JOLOKIA_OFF="" +ENV JAVA_OPTS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +ENV JAVA_APP_JAR="/deployments/quarkus-run.jar" -ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/tests-with-coverage-quickstart/src/main/docker/Dockerfile.legacy-jar b/tests-with-coverage-quickstart/src/main/docker/Dockerfile.legacy-jar index 68b56b9211..5bff0129c4 100644 --- a/tests-with-coverage-quickstart/src/main/docker/Dockerfile.legacy-jar +++ b/tests-with-coverage-quickstart/src/main/docker/Dockerfile.legacy-jar @@ -7,45 +7,84 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/tests-with-coverage-legacy-jar . +# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/tests-with-coverage-quickstart-legacy-jar . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/tests-with-coverage-legacy-jar +# docker run -i --rm -p 8080:8080 quarkus/tests-with-coverage-quickstart-legacy-jar # # If you want to include the debug port into your docker image -# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5005 # # Then run the container using : # -# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/tests-with-coverage-legacy-jar +# docker run -i --rm -p 8080:8080 quarkus/tests-with-coverage-quickstart-legacy-jar +# +# This image uses the `run-java.sh` script to run the application. +# This scripts computes the command line to execute your Java application, and +# includes memory/GC tuning. +# You can configure the behavior using the following environment properties: +# - JAVA_OPTS: JVM options passed to the `java` command (example: "-verbose:class") +# - JAVA_OPTS_APPEND: User specified Java options to be appended to generated options +# in JAVA_OPTS (example: "-Dsome.property=foo") +# - JAVA_MAX_MEM_RATIO: Is used when no `-Xmx` option is given in JAVA_OPTS. This is +# used to calculate a default maximal heap memory based on a containers restriction. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xmx` is set to a ratio +# of the container available memory as set here. The default is `50` which means 50% +# of the available memory is used as an upper boundary. You can skip this mechanism by +# setting this value to `0` in which case no `-Xmx` option is added. +# - JAVA_INITIAL_MEM_RATIO: Is used when no `-Xms` option is given in JAVA_OPTS. This +# is used to calculate a default initial heap memory based on the maximum heap memory. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xms` is set to a ratio +# of the `-Xmx` memory as set here. The default is `25` which means 25% of the `-Xmx` +# is used as the initial heap size. You can skip this mechanism by setting this value +# to `0` in which case no `-Xms` option is added (example: "25") +# - JAVA_MAX_INITIAL_MEM: Is used when no `-Xms` option is given in JAVA_OPTS. +# This is used to calculate the maximum value of the initial heap memory. If used in +# a container without any memory constraints for the container then this option has +# no effect. If there is a memory constraint then `-Xms` is limited to the value set +# here. The default is 4096MB which means the calculated value of `-Xms` never will +# be greater than 4096MB. The value of this variable is expressed in MB (example: "4096") +# - JAVA_DIAGNOSTICS: Set this to get some diagnostics information to standard output +# when things are happening. This option, if set to true, will set +# `-XX:+UnlockDiagnosticVMOptions`. Disabled by default (example: "true"). +# - JAVA_DEBUG: If set remote debugging will be switched on. Disabled by default (example: +# true"). +# - JAVA_DEBUG_PORT: Port used for remote debugging. Defaults to 5005 (example: "8787"). +# - CONTAINER_CORE_LIMIT: A calculated core limit as described in +# https://www.kernel.org/doc/Documentation/scheduler/sched-bwc.txt. (example: "2") +# - CONTAINER_MAX_MEMORY: Memory limit given to the container (example: "1024"). +# - GC_MIN_HEAP_FREE_RATIO: Minimum percentage of heap free after GC to avoid expansion. +# (example: "20") +# - GC_MAX_HEAP_FREE_RATIO: Maximum percentage of heap free after GC to avoid shrinking. +# (example: "40") +# - GC_TIME_RATIO: Specifies the ratio of the time spent outside the garbage collection. +# (example: "4") +# - GC_ADAPTIVE_SIZE_POLICY_WEIGHT: The weighting given to the current GC time versus +# previous GC times. (example: "90") +# - GC_METASPACE_SIZE: The initial metaspace size. (example: "20") +# - GC_MAX_METASPACE_SIZE: The maximum metaspace size. (example: "100") +# - GC_CONTAINER_OPTIONS: Specify Java GC to use. The value of this variable should +# contain the necessary JRE command-line options to specify the required GC, which +# will override the default of `-XX:+UseParallelGC` (example: -XX:+UseG1GC). +# - HTTPS_PROXY: The location of the https proxy. (example: "myuser@127.0.0.1:8080") +# - HTTP_PROXY: The location of the http proxy. (example: "myuser@127.0.0.1:8080") +# - NO_PROXY: A comma separated lists of hosts, IP addresses or domains that can be +# accessed directly. (example: "foo.example.com,bar.example.com") # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/openjdk-11:1.14 + +ENV LANGUAGE='en_US:en' -ARG JAVA_PACKAGE=java-11-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.8 -ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' -# Install java and the run-java script -# Also set up permissions for user `1001` -RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ - && microdnf update \ - && microdnf clean all \ - && mkdir /deployments \ - && chown 1001 /deployments \ - && chmod "g+rwX" /deployments \ - && chown 1001:root /deployments \ - && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ - && chown 1001 /deployments/run-java.sh \ - && chmod 540 /deployments/run-java.sh \ - && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security -# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. -ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" COPY target/lib/* /deployments/lib/ -COPY target/*-runner.jar /deployments/app.jar +COPY target/*-runner.jar /deployments/quarkus-run.jar EXPOSE 8080 -USER 1001 - -ENTRYPOINT [ "/deployments/run-java.sh" ] +USER 185 +ENV AB_JOLOKIA_OFF="" +ENV JAVA_OPTS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +ENV JAVA_APP_JAR="/deployments/quarkus-run.jar" diff --git a/tests-with-coverage-quickstart/src/main/docker/Dockerfile.native b/tests-with-coverage-quickstart/src/main/docker/Dockerfile.native index 5ffae4120f..d9f6d52f6a 100644 --- a/tests-with-coverage-quickstart/src/main/docker/Dockerfile.native +++ b/tests-with-coverage-quickstart/src/main/docker/Dockerfile.native @@ -1,5 +1,5 @@ #### -# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode. # # Before building the container image run: # @@ -7,14 +7,14 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native -t quarkus/tests-with-coverage . +# docker build -f src/main/docker/Dockerfile.native -t quarkus/tests-with-coverage-quickstart . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/tests-with-coverage +# docker run -i --rm -p 8080:8080 quarkus/tests-with-coverage-quickstart # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.6 WORKDIR /work/ RUN chown 1001 /work \ && chmod "g+rwX" /work \ diff --git a/tests-with-coverage-quickstart/src/main/docker/Dockerfile.native-micro b/tests-with-coverage-quickstart/src/main/docker/Dockerfile.native-micro index 869199f207..5cfa17beb3 100644 --- a/tests-with-coverage-quickstart/src/main/docker/Dockerfile.native-micro +++ b/tests-with-coverage-quickstart/src/main/docker/Dockerfile.native-micro @@ -1,5 +1,8 @@ #### -# This Dockerfile is used in order to build a distroless container that runs the Quarkus application in native (no JVM) mode +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode. +# It uses a micro base image, tuned for Quarkus native executables. +# It reduces the size of the resulting container image. +# Check https://quarkus.io/guides/quarkus-runtime-base-image for further information about this image. # # Before building the container image run: # @@ -7,15 +10,19 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native-micro -t quarkus/tests-with-coverage . +# docker build -f src/main/docker/Dockerfile.native-micro -t quarkus/tests-with-coverage-quickstart . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/tests-with-coverage +# docker run -i --rm -p 8080:8080 quarkus/tests-with-coverage-quickstart # ### -FROM quay.io/quarkus/quarkus-micro-image:1.0 -COPY target/*-runner /application +FROM quay.io/quarkus/quarkus-micro-image:2.0 +WORKDIR /work/ +RUN chown 1001 /work \ + && chmod "g+rwX" /work \ + && chown 1001:root /work +COPY --chown=1001:root target/*-runner /work/application EXPOSE 8080 USER 1001 diff --git a/tika-quickstart/pom.xml b/tika-quickstart/pom.xml index f0b03b149d..b272713004 100644 --- a/tika-quickstart/pom.xml +++ b/tika-quickstart/pom.xml @@ -13,7 +13,7 @@ 11 quarkus-bom io.quarkus - 999-SNAPSHOT + 2.14.0.Final UTF-8 UTF-8 diff --git a/tika-quickstart/src/main/docker/Dockerfile.jvm b/tika-quickstart/src/main/docker/Dockerfile.jvm index 89155c5990..56a7496a7e 100644 --- a/tika-quickstart/src/main/docker/Dockerfile.jvm +++ b/tika-quickstart/src/main/docker/Dockerfile.jvm @@ -7,48 +7,88 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/tika-jvm . +# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/tika-quickstart-jvm . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/tika-jvm +# docker run -i --rm -p 8080:8080 quarkus/tika-quickstart-jvm # # If you want to include the debug port into your docker image -# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5005 # # Then run the container using : # -# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/tika-jvm +# docker run -i --rm -p 8080:8080 quarkus/tika-quickstart-jvm +# +# This image uses the `run-java.sh` script to run the application. +# This scripts computes the command line to execute your Java application, and +# includes memory/GC tuning. +# You can configure the behavior using the following environment properties: +# - JAVA_OPTS: JVM options passed to the `java` command (example: "-verbose:class") +# - JAVA_OPTS_APPEND: User specified Java options to be appended to generated options +# in JAVA_OPTS (example: "-Dsome.property=foo") +# - JAVA_MAX_MEM_RATIO: Is used when no `-Xmx` option is given in JAVA_OPTS. This is +# used to calculate a default maximal heap memory based on a containers restriction. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xmx` is set to a ratio +# of the container available memory as set here. The default is `50` which means 50% +# of the available memory is used as an upper boundary. You can skip this mechanism by +# setting this value to `0` in which case no `-Xmx` option is added. +# - JAVA_INITIAL_MEM_RATIO: Is used when no `-Xms` option is given in JAVA_OPTS. This +# is used to calculate a default initial heap memory based on the maximum heap memory. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xms` is set to a ratio +# of the `-Xmx` memory as set here. The default is `25` which means 25% of the `-Xmx` +# is used as the initial heap size. You can skip this mechanism by setting this value +# to `0` in which case no `-Xms` option is added (example: "25") +# - JAVA_MAX_INITIAL_MEM: Is used when no `-Xms` option is given in JAVA_OPTS. +# This is used to calculate the maximum value of the initial heap memory. If used in +# a container without any memory constraints for the container then this option has +# no effect. If there is a memory constraint then `-Xms` is limited to the value set +# here. The default is 4096MB which means the calculated value of `-Xms` never will +# be greater than 4096MB. The value of this variable is expressed in MB (example: "4096") +# - JAVA_DIAGNOSTICS: Set this to get some diagnostics information to standard output +# when things are happening. This option, if set to true, will set +# `-XX:+UnlockDiagnosticVMOptions`. Disabled by default (example: "true"). +# - JAVA_DEBUG: If set remote debugging will be switched on. Disabled by default (example: +# true"). +# - JAVA_DEBUG_PORT: Port used for remote debugging. Defaults to 5005 (example: "8787"). +# - CONTAINER_CORE_LIMIT: A calculated core limit as described in +# https://www.kernel.org/doc/Documentation/scheduler/sched-bwc.txt. (example: "2") +# - CONTAINER_MAX_MEMORY: Memory limit given to the container (example: "1024"). +# - GC_MIN_HEAP_FREE_RATIO: Minimum percentage of heap free after GC to avoid expansion. +# (example: "20") +# - GC_MAX_HEAP_FREE_RATIO: Maximum percentage of heap free after GC to avoid shrinking. +# (example: "40") +# - GC_TIME_RATIO: Specifies the ratio of the time spent outside the garbage collection. +# (example: "4") +# - GC_ADAPTIVE_SIZE_POLICY_WEIGHT: The weighting given to the current GC time versus +# previous GC times. (example: "90") +# - GC_METASPACE_SIZE: The initial metaspace size. (example: "20") +# - GC_MAX_METASPACE_SIZE: The maximum metaspace size. (example: "100") +# - GC_CONTAINER_OPTIONS: Specify Java GC to use. The value of this variable should +# contain the necessary JRE command-line options to specify the required GC, which +# will override the default of `-XX:+UseParallelGC` (example: -XX:+UseG1GC). +# - HTTPS_PROXY: The location of the https proxy. (example: "myuser@127.0.0.1:8080") +# - HTTP_PROXY: The location of the http proxy. (example: "myuser@127.0.0.1:8080") +# - NO_PROXY: A comma separated lists of hosts, IP addresses or domains that can be +# accessed directly. (example: "foo.example.com,bar.example.com") # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/openjdk-11:1.14 + +ENV LANGUAGE='en_US:en' -ARG JAVA_PACKAGE=java-11-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.8 -ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' -# Install java and the run-java script -# Also set up permissions for user `1001` -RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ - && microdnf update \ - && microdnf clean all \ - && mkdir /deployments \ - && chown 1001 /deployments \ - && chmod "g+rwX" /deployments \ - && chown 1001:root /deployments \ - && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ - && chown 1001 /deployments/run-java.sh \ - && chmod 540 /deployments/run-java.sh \ - && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security -# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. -ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" # We make four distinct layers so if there are application changes the library layers can be re-used -COPY --chown=1001 target/quarkus-app/lib/ /deployments/lib/ -COPY --chown=1001 target/quarkus-app/*.jar /deployments/ -COPY --chown=1001 target/quarkus-app/app/ /deployments/app/ -COPY --chown=1001 target/quarkus-app/quarkus/ /deployments/quarkus/ +COPY --chown=185 target/quarkus-app/lib/ /deployments/lib/ +COPY --chown=185 target/quarkus-app/*.jar /deployments/ +COPY --chown=185 target/quarkus-app/app/ /deployments/app/ +COPY --chown=185 target/quarkus-app/quarkus/ /deployments/quarkus/ EXPOSE 8080 -USER 1001 +USER 185 +ENV AB_JOLOKIA_OFF="" +ENV JAVA_OPTS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +ENV JAVA_APP_JAR="/deployments/quarkus-run.jar" -ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/tika-quickstart/src/main/docker/Dockerfile.legacy-jar b/tika-quickstart/src/main/docker/Dockerfile.legacy-jar index e7c74bd5b6..29cdd34e51 100644 --- a/tika-quickstart/src/main/docker/Dockerfile.legacy-jar +++ b/tika-quickstart/src/main/docker/Dockerfile.legacy-jar @@ -7,45 +7,84 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/tika-legacy-jar . +# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/tika-quickstart-legacy-jar . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/tika-legacy-jar +# docker run -i --rm -p 8080:8080 quarkus/tika-quickstart-legacy-jar # # If you want to include the debug port into your docker image -# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5005 # # Then run the container using : # -# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/tika-legacy-jar +# docker run -i --rm -p 8080:8080 quarkus/tika-quickstart-legacy-jar +# +# This image uses the `run-java.sh` script to run the application. +# This scripts computes the command line to execute your Java application, and +# includes memory/GC tuning. +# You can configure the behavior using the following environment properties: +# - JAVA_OPTS: JVM options passed to the `java` command (example: "-verbose:class") +# - JAVA_OPTS_APPEND: User specified Java options to be appended to generated options +# in JAVA_OPTS (example: "-Dsome.property=foo") +# - JAVA_MAX_MEM_RATIO: Is used when no `-Xmx` option is given in JAVA_OPTS. This is +# used to calculate a default maximal heap memory based on a containers restriction. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xmx` is set to a ratio +# of the container available memory as set here. The default is `50` which means 50% +# of the available memory is used as an upper boundary. You can skip this mechanism by +# setting this value to `0` in which case no `-Xmx` option is added. +# - JAVA_INITIAL_MEM_RATIO: Is used when no `-Xms` option is given in JAVA_OPTS. This +# is used to calculate a default initial heap memory based on the maximum heap memory. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xms` is set to a ratio +# of the `-Xmx` memory as set here. The default is `25` which means 25% of the `-Xmx` +# is used as the initial heap size. You can skip this mechanism by setting this value +# to `0` in which case no `-Xms` option is added (example: "25") +# - JAVA_MAX_INITIAL_MEM: Is used when no `-Xms` option is given in JAVA_OPTS. +# This is used to calculate the maximum value of the initial heap memory. If used in +# a container without any memory constraints for the container then this option has +# no effect. If there is a memory constraint then `-Xms` is limited to the value set +# here. The default is 4096MB which means the calculated value of `-Xms` never will +# be greater than 4096MB. The value of this variable is expressed in MB (example: "4096") +# - JAVA_DIAGNOSTICS: Set this to get some diagnostics information to standard output +# when things are happening. This option, if set to true, will set +# `-XX:+UnlockDiagnosticVMOptions`. Disabled by default (example: "true"). +# - JAVA_DEBUG: If set remote debugging will be switched on. Disabled by default (example: +# true"). +# - JAVA_DEBUG_PORT: Port used for remote debugging. Defaults to 5005 (example: "8787"). +# - CONTAINER_CORE_LIMIT: A calculated core limit as described in +# https://www.kernel.org/doc/Documentation/scheduler/sched-bwc.txt. (example: "2") +# - CONTAINER_MAX_MEMORY: Memory limit given to the container (example: "1024"). +# - GC_MIN_HEAP_FREE_RATIO: Minimum percentage of heap free after GC to avoid expansion. +# (example: "20") +# - GC_MAX_HEAP_FREE_RATIO: Maximum percentage of heap free after GC to avoid shrinking. +# (example: "40") +# - GC_TIME_RATIO: Specifies the ratio of the time spent outside the garbage collection. +# (example: "4") +# - GC_ADAPTIVE_SIZE_POLICY_WEIGHT: The weighting given to the current GC time versus +# previous GC times. (example: "90") +# - GC_METASPACE_SIZE: The initial metaspace size. (example: "20") +# - GC_MAX_METASPACE_SIZE: The maximum metaspace size. (example: "100") +# - GC_CONTAINER_OPTIONS: Specify Java GC to use. The value of this variable should +# contain the necessary JRE command-line options to specify the required GC, which +# will override the default of `-XX:+UseParallelGC` (example: -XX:+UseG1GC). +# - HTTPS_PROXY: The location of the https proxy. (example: "myuser@127.0.0.1:8080") +# - HTTP_PROXY: The location of the http proxy. (example: "myuser@127.0.0.1:8080") +# - NO_PROXY: A comma separated lists of hosts, IP addresses or domains that can be +# accessed directly. (example: "foo.example.com,bar.example.com") # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/openjdk-11:1.14 + +ENV LANGUAGE='en_US:en' -ARG JAVA_PACKAGE=java-11-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.8 -ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' -# Install java and the run-java script -# Also set up permissions for user `1001` -RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ - && microdnf update \ - && microdnf clean all \ - && mkdir /deployments \ - && chown 1001 /deployments \ - && chmod "g+rwX" /deployments \ - && chown 1001:root /deployments \ - && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ - && chown 1001 /deployments/run-java.sh \ - && chmod 540 /deployments/run-java.sh \ - && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security -# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. -ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" COPY target/lib/* /deployments/lib/ -COPY target/*-runner.jar /deployments/app.jar +COPY target/*-runner.jar /deployments/quarkus-run.jar EXPOSE 8080 -USER 1001 - -ENTRYPOINT [ "/deployments/run-java.sh" ] +USER 185 +ENV AB_JOLOKIA_OFF="" +ENV JAVA_OPTS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +ENV JAVA_APP_JAR="/deployments/quarkus-run.jar" diff --git a/tika-quickstart/src/main/docker/Dockerfile.native b/tika-quickstart/src/main/docker/Dockerfile.native index b008f5f169..a16c4eb198 100644 --- a/tika-quickstart/src/main/docker/Dockerfile.native +++ b/tika-quickstart/src/main/docker/Dockerfile.native @@ -1,5 +1,5 @@ #### -# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode. # # Before building the container image run: # @@ -7,14 +7,14 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native -t quarkus/tika . +# docker build -f src/main/docker/Dockerfile.native -t quarkus/tika-quickstart . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/tika +# docker run -i --rm -p 8080:8080 quarkus/tika-quickstart # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.6 WORKDIR /work/ RUN chown 1001 /work \ && chmod "g+rwX" /work \ diff --git a/tika-quickstart/src/main/docker/Dockerfile.native-micro b/tika-quickstart/src/main/docker/Dockerfile.native-micro index cb3662d466..88e4fac091 100644 --- a/tika-quickstart/src/main/docker/Dockerfile.native-micro +++ b/tika-quickstart/src/main/docker/Dockerfile.native-micro @@ -1,5 +1,8 @@ #### -# This Dockerfile is used in order to build a distroless container that runs the Quarkus application in native (no JVM) mode +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode. +# It uses a micro base image, tuned for Quarkus native executables. +# It reduces the size of the resulting container image. +# Check https://quarkus.io/guides/quarkus-runtime-base-image for further information about this image. # # Before building the container image run: # @@ -7,15 +10,19 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native-micro -t quarkus/tika . +# docker build -f src/main/docker/Dockerfile.native-micro -t quarkus/tika-quickstart . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/tika +# docker run -i --rm -p 8080:8080 quarkus/tika-quickstart # ### -FROM quay.io/quarkus/quarkus-micro-image:1.0 -COPY target/*-runner /application +FROM quay.io/quarkus/quarkus-micro-image:2.0 +WORKDIR /work/ +RUN chown 1001 /work \ + && chmod "g+rwX" /work \ + && chown 1001:root /work +COPY --chown=1001:root target/*-runner /work/application EXPOSE 8080 USER 1001 diff --git a/validation-quickstart/pom.xml b/validation-quickstart/pom.xml index bc1e25157c..769dd581b1 100644 --- a/validation-quickstart/pom.xml +++ b/validation-quickstart/pom.xml @@ -9,7 +9,7 @@ quarkus-bom io.quarkus - 999-SNAPSHOT + 2.14.0.Final 3.8.1 3.0.0-M7 UTF-8 diff --git a/validation-quickstart/src/main/docker/Dockerfile.jvm b/validation-quickstart/src/main/docker/Dockerfile.jvm index c5c9164c76..1d6cab55de 100644 --- a/validation-quickstart/src/main/docker/Dockerfile.jvm +++ b/validation-quickstart/src/main/docker/Dockerfile.jvm @@ -7,48 +7,88 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/validation-jvm . +# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/validation-quickstart-jvm . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/validation-jvm +# docker run -i --rm -p 8080:8080 quarkus/validation-quickstart-jvm # # If you want to include the debug port into your docker image -# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5005 # # Then run the container using : # -# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/validation-jvm +# docker run -i --rm -p 8080:8080 quarkus/validation-quickstart-jvm +# +# This image uses the `run-java.sh` script to run the application. +# This scripts computes the command line to execute your Java application, and +# includes memory/GC tuning. +# You can configure the behavior using the following environment properties: +# - JAVA_OPTS: JVM options passed to the `java` command (example: "-verbose:class") +# - JAVA_OPTS_APPEND: User specified Java options to be appended to generated options +# in JAVA_OPTS (example: "-Dsome.property=foo") +# - JAVA_MAX_MEM_RATIO: Is used when no `-Xmx` option is given in JAVA_OPTS. This is +# used to calculate a default maximal heap memory based on a containers restriction. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xmx` is set to a ratio +# of the container available memory as set here. The default is `50` which means 50% +# of the available memory is used as an upper boundary. You can skip this mechanism by +# setting this value to `0` in which case no `-Xmx` option is added. +# - JAVA_INITIAL_MEM_RATIO: Is used when no `-Xms` option is given in JAVA_OPTS. This +# is used to calculate a default initial heap memory based on the maximum heap memory. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xms` is set to a ratio +# of the `-Xmx` memory as set here. The default is `25` which means 25% of the `-Xmx` +# is used as the initial heap size. You can skip this mechanism by setting this value +# to `0` in which case no `-Xms` option is added (example: "25") +# - JAVA_MAX_INITIAL_MEM: Is used when no `-Xms` option is given in JAVA_OPTS. +# This is used to calculate the maximum value of the initial heap memory. If used in +# a container without any memory constraints for the container then this option has +# no effect. If there is a memory constraint then `-Xms` is limited to the value set +# here. The default is 4096MB which means the calculated value of `-Xms` never will +# be greater than 4096MB. The value of this variable is expressed in MB (example: "4096") +# - JAVA_DIAGNOSTICS: Set this to get some diagnostics information to standard output +# when things are happening. This option, if set to true, will set +# `-XX:+UnlockDiagnosticVMOptions`. Disabled by default (example: "true"). +# - JAVA_DEBUG: If set remote debugging will be switched on. Disabled by default (example: +# true"). +# - JAVA_DEBUG_PORT: Port used for remote debugging. Defaults to 5005 (example: "8787"). +# - CONTAINER_CORE_LIMIT: A calculated core limit as described in +# https://www.kernel.org/doc/Documentation/scheduler/sched-bwc.txt. (example: "2") +# - CONTAINER_MAX_MEMORY: Memory limit given to the container (example: "1024"). +# - GC_MIN_HEAP_FREE_RATIO: Minimum percentage of heap free after GC to avoid expansion. +# (example: "20") +# - GC_MAX_HEAP_FREE_RATIO: Maximum percentage of heap free after GC to avoid shrinking. +# (example: "40") +# - GC_TIME_RATIO: Specifies the ratio of the time spent outside the garbage collection. +# (example: "4") +# - GC_ADAPTIVE_SIZE_POLICY_WEIGHT: The weighting given to the current GC time versus +# previous GC times. (example: "90") +# - GC_METASPACE_SIZE: The initial metaspace size. (example: "20") +# - GC_MAX_METASPACE_SIZE: The maximum metaspace size. (example: "100") +# - GC_CONTAINER_OPTIONS: Specify Java GC to use. The value of this variable should +# contain the necessary JRE command-line options to specify the required GC, which +# will override the default of `-XX:+UseParallelGC` (example: -XX:+UseG1GC). +# - HTTPS_PROXY: The location of the https proxy. (example: "myuser@127.0.0.1:8080") +# - HTTP_PROXY: The location of the http proxy. (example: "myuser@127.0.0.1:8080") +# - NO_PROXY: A comma separated lists of hosts, IP addresses or domains that can be +# accessed directly. (example: "foo.example.com,bar.example.com") # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/openjdk-11:1.14 + +ENV LANGUAGE='en_US:en' -ARG JAVA_PACKAGE=java-11-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.8 -ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' -# Install java and the run-java script -# Also set up permissions for user `1001` -RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ - && microdnf update \ - && microdnf clean all \ - && mkdir /deployments \ - && chown 1001 /deployments \ - && chmod "g+rwX" /deployments \ - && chown 1001:root /deployments \ - && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ - && chown 1001 /deployments/run-java.sh \ - && chmod 540 /deployments/run-java.sh \ - && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security -# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. -ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" # We make four distinct layers so if there are application changes the library layers can be re-used -COPY --chown=1001 target/quarkus-app/lib/ /deployments/lib/ -COPY --chown=1001 target/quarkus-app/*.jar /deployments/ -COPY --chown=1001 target/quarkus-app/app/ /deployments/app/ -COPY --chown=1001 target/quarkus-app/quarkus/ /deployments/quarkus/ +COPY --chown=185 target/quarkus-app/lib/ /deployments/lib/ +COPY --chown=185 target/quarkus-app/*.jar /deployments/ +COPY --chown=185 target/quarkus-app/app/ /deployments/app/ +COPY --chown=185 target/quarkus-app/quarkus/ /deployments/quarkus/ EXPOSE 8080 -USER 1001 +USER 185 +ENV AB_JOLOKIA_OFF="" +ENV JAVA_OPTS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +ENV JAVA_APP_JAR="/deployments/quarkus-run.jar" -ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/validation-quickstart/src/main/docker/Dockerfile.legacy-jar b/validation-quickstart/src/main/docker/Dockerfile.legacy-jar index 2140344cf2..61965c8090 100644 --- a/validation-quickstart/src/main/docker/Dockerfile.legacy-jar +++ b/validation-quickstart/src/main/docker/Dockerfile.legacy-jar @@ -7,45 +7,84 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/validation-legacy-jar . +# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/validation-quickstart-legacy-jar . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/validation-legacy-jar +# docker run -i --rm -p 8080:8080 quarkus/validation-quickstart-legacy-jar # # If you want to include the debug port into your docker image -# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5005 # # Then run the container using : # -# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/validation-legacy-jar +# docker run -i --rm -p 8080:8080 quarkus/validation-quickstart-legacy-jar +# +# This image uses the `run-java.sh` script to run the application. +# This scripts computes the command line to execute your Java application, and +# includes memory/GC tuning. +# You can configure the behavior using the following environment properties: +# - JAVA_OPTS: JVM options passed to the `java` command (example: "-verbose:class") +# - JAVA_OPTS_APPEND: User specified Java options to be appended to generated options +# in JAVA_OPTS (example: "-Dsome.property=foo") +# - JAVA_MAX_MEM_RATIO: Is used when no `-Xmx` option is given in JAVA_OPTS. This is +# used to calculate a default maximal heap memory based on a containers restriction. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xmx` is set to a ratio +# of the container available memory as set here. The default is `50` which means 50% +# of the available memory is used as an upper boundary. You can skip this mechanism by +# setting this value to `0` in which case no `-Xmx` option is added. +# - JAVA_INITIAL_MEM_RATIO: Is used when no `-Xms` option is given in JAVA_OPTS. This +# is used to calculate a default initial heap memory based on the maximum heap memory. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xms` is set to a ratio +# of the `-Xmx` memory as set here. The default is `25` which means 25% of the `-Xmx` +# is used as the initial heap size. You can skip this mechanism by setting this value +# to `0` in which case no `-Xms` option is added (example: "25") +# - JAVA_MAX_INITIAL_MEM: Is used when no `-Xms` option is given in JAVA_OPTS. +# This is used to calculate the maximum value of the initial heap memory. If used in +# a container without any memory constraints for the container then this option has +# no effect. If there is a memory constraint then `-Xms` is limited to the value set +# here. The default is 4096MB which means the calculated value of `-Xms` never will +# be greater than 4096MB. The value of this variable is expressed in MB (example: "4096") +# - JAVA_DIAGNOSTICS: Set this to get some diagnostics information to standard output +# when things are happening. This option, if set to true, will set +# `-XX:+UnlockDiagnosticVMOptions`. Disabled by default (example: "true"). +# - JAVA_DEBUG: If set remote debugging will be switched on. Disabled by default (example: +# true"). +# - JAVA_DEBUG_PORT: Port used for remote debugging. Defaults to 5005 (example: "8787"). +# - CONTAINER_CORE_LIMIT: A calculated core limit as described in +# https://www.kernel.org/doc/Documentation/scheduler/sched-bwc.txt. (example: "2") +# - CONTAINER_MAX_MEMORY: Memory limit given to the container (example: "1024"). +# - GC_MIN_HEAP_FREE_RATIO: Minimum percentage of heap free after GC to avoid expansion. +# (example: "20") +# - GC_MAX_HEAP_FREE_RATIO: Maximum percentage of heap free after GC to avoid shrinking. +# (example: "40") +# - GC_TIME_RATIO: Specifies the ratio of the time spent outside the garbage collection. +# (example: "4") +# - GC_ADAPTIVE_SIZE_POLICY_WEIGHT: The weighting given to the current GC time versus +# previous GC times. (example: "90") +# - GC_METASPACE_SIZE: The initial metaspace size. (example: "20") +# - GC_MAX_METASPACE_SIZE: The maximum metaspace size. (example: "100") +# - GC_CONTAINER_OPTIONS: Specify Java GC to use. The value of this variable should +# contain the necessary JRE command-line options to specify the required GC, which +# will override the default of `-XX:+UseParallelGC` (example: -XX:+UseG1GC). +# - HTTPS_PROXY: The location of the https proxy. (example: "myuser@127.0.0.1:8080") +# - HTTP_PROXY: The location of the http proxy. (example: "myuser@127.0.0.1:8080") +# - NO_PROXY: A comma separated lists of hosts, IP addresses or domains that can be +# accessed directly. (example: "foo.example.com,bar.example.com") # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/openjdk-11:1.14 + +ENV LANGUAGE='en_US:en' -ARG JAVA_PACKAGE=java-11-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.8 -ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' -# Install java and the run-java script -# Also set up permissions for user `1001` -RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ - && microdnf update \ - && microdnf clean all \ - && mkdir /deployments \ - && chown 1001 /deployments \ - && chmod "g+rwX" /deployments \ - && chown 1001:root /deployments \ - && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ - && chown 1001 /deployments/run-java.sh \ - && chmod 540 /deployments/run-java.sh \ - && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security -# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. -ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" COPY target/lib/* /deployments/lib/ -COPY target/*-runner.jar /deployments/app.jar +COPY target/*-runner.jar /deployments/quarkus-run.jar EXPOSE 8080 -USER 1001 - -ENTRYPOINT [ "/deployments/run-java.sh" ] +USER 185 +ENV AB_JOLOKIA_OFF="" +ENV JAVA_OPTS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +ENV JAVA_APP_JAR="/deployments/quarkus-run.jar" diff --git a/validation-quickstart/src/main/docker/Dockerfile.native b/validation-quickstart/src/main/docker/Dockerfile.native index 44841f57d0..a1f9e3f1ba 100644 --- a/validation-quickstart/src/main/docker/Dockerfile.native +++ b/validation-quickstart/src/main/docker/Dockerfile.native @@ -1,5 +1,5 @@ #### -# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode. # # Before building the container image run: # @@ -7,14 +7,14 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native -t quarkus/validation . +# docker build -f src/main/docker/Dockerfile.native -t quarkus/validation-quickstart . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/validation +# docker run -i --rm -p 8080:8080 quarkus/validation-quickstart # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.6 WORKDIR /work/ RUN chown 1001 /work \ && chmod "g+rwX" /work \ diff --git a/validation-quickstart/src/main/docker/Dockerfile.native-micro b/validation-quickstart/src/main/docker/Dockerfile.native-micro index a8dd724ef1..9b758231ed 100644 --- a/validation-quickstart/src/main/docker/Dockerfile.native-micro +++ b/validation-quickstart/src/main/docker/Dockerfile.native-micro @@ -1,5 +1,8 @@ #### -# This Dockerfile is used in order to build a distroless container that runs the Quarkus application in native (no JVM) mode +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode. +# It uses a micro base image, tuned for Quarkus native executables. +# It reduces the size of the resulting container image. +# Check https://quarkus.io/guides/quarkus-runtime-base-image for further information about this image. # # Before building the container image run: # @@ -7,15 +10,19 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native-micro -t quarkus/validation . +# docker build -f src/main/docker/Dockerfile.native-micro -t quarkus/validation-quickstart . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/validation +# docker run -i --rm -p 8080:8080 quarkus/validation-quickstart # ### -FROM quay.io/quarkus/quarkus-micro-image:1.0 -COPY target/*-runner /application +FROM quay.io/quarkus/quarkus-micro-image:2.0 +WORKDIR /work/ +RUN chown 1001 /work \ + && chmod "g+rwX" /work \ + && chown 1001:root /work +COPY --chown=1001:root target/*-runner /work/application EXPOSE 8080 USER 1001 diff --git a/vertx-quickstart/pom.xml b/vertx-quickstart/pom.xml index e51b3b5d48..267937c534 100644 --- a/vertx-quickstart/pom.xml +++ b/vertx-quickstart/pom.xml @@ -11,7 +11,7 @@ quarkus-bom io.quarkus - 999-SNAPSHOT + 2.14.0.Final 3.8.1 3.0.0-M7 11 diff --git a/vertx-quickstart/src/main/docker/Dockerfile.jvm b/vertx-quickstart/src/main/docker/Dockerfile.jvm index c8cb834d81..28ae364f33 100644 --- a/vertx-quickstart/src/main/docker/Dockerfile.jvm +++ b/vertx-quickstart/src/main/docker/Dockerfile.jvm @@ -7,48 +7,88 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/vertx-jvm . +# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/vertx-quickstart-jvm . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/vertx-jvm +# docker run -i --rm -p 8080:8080 quarkus/vertx-quickstart-jvm # # If you want to include the debug port into your docker image -# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5005 # # Then run the container using : # -# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/vertx-jvm +# docker run -i --rm -p 8080:8080 quarkus/vertx-quickstart-jvm +# +# This image uses the `run-java.sh` script to run the application. +# This scripts computes the command line to execute your Java application, and +# includes memory/GC tuning. +# You can configure the behavior using the following environment properties: +# - JAVA_OPTS: JVM options passed to the `java` command (example: "-verbose:class") +# - JAVA_OPTS_APPEND: User specified Java options to be appended to generated options +# in JAVA_OPTS (example: "-Dsome.property=foo") +# - JAVA_MAX_MEM_RATIO: Is used when no `-Xmx` option is given in JAVA_OPTS. This is +# used to calculate a default maximal heap memory based on a containers restriction. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xmx` is set to a ratio +# of the container available memory as set here. The default is `50` which means 50% +# of the available memory is used as an upper boundary. You can skip this mechanism by +# setting this value to `0` in which case no `-Xmx` option is added. +# - JAVA_INITIAL_MEM_RATIO: Is used when no `-Xms` option is given in JAVA_OPTS. This +# is used to calculate a default initial heap memory based on the maximum heap memory. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xms` is set to a ratio +# of the `-Xmx` memory as set here. The default is `25` which means 25% of the `-Xmx` +# is used as the initial heap size. You can skip this mechanism by setting this value +# to `0` in which case no `-Xms` option is added (example: "25") +# - JAVA_MAX_INITIAL_MEM: Is used when no `-Xms` option is given in JAVA_OPTS. +# This is used to calculate the maximum value of the initial heap memory. If used in +# a container without any memory constraints for the container then this option has +# no effect. If there is a memory constraint then `-Xms` is limited to the value set +# here. The default is 4096MB which means the calculated value of `-Xms` never will +# be greater than 4096MB. The value of this variable is expressed in MB (example: "4096") +# - JAVA_DIAGNOSTICS: Set this to get some diagnostics information to standard output +# when things are happening. This option, if set to true, will set +# `-XX:+UnlockDiagnosticVMOptions`. Disabled by default (example: "true"). +# - JAVA_DEBUG: If set remote debugging will be switched on. Disabled by default (example: +# true"). +# - JAVA_DEBUG_PORT: Port used for remote debugging. Defaults to 5005 (example: "8787"). +# - CONTAINER_CORE_LIMIT: A calculated core limit as described in +# https://www.kernel.org/doc/Documentation/scheduler/sched-bwc.txt. (example: "2") +# - CONTAINER_MAX_MEMORY: Memory limit given to the container (example: "1024"). +# - GC_MIN_HEAP_FREE_RATIO: Minimum percentage of heap free after GC to avoid expansion. +# (example: "20") +# - GC_MAX_HEAP_FREE_RATIO: Maximum percentage of heap free after GC to avoid shrinking. +# (example: "40") +# - GC_TIME_RATIO: Specifies the ratio of the time spent outside the garbage collection. +# (example: "4") +# - GC_ADAPTIVE_SIZE_POLICY_WEIGHT: The weighting given to the current GC time versus +# previous GC times. (example: "90") +# - GC_METASPACE_SIZE: The initial metaspace size. (example: "20") +# - GC_MAX_METASPACE_SIZE: The maximum metaspace size. (example: "100") +# - GC_CONTAINER_OPTIONS: Specify Java GC to use. The value of this variable should +# contain the necessary JRE command-line options to specify the required GC, which +# will override the default of `-XX:+UseParallelGC` (example: -XX:+UseG1GC). +# - HTTPS_PROXY: The location of the https proxy. (example: "myuser@127.0.0.1:8080") +# - HTTP_PROXY: The location of the http proxy. (example: "myuser@127.0.0.1:8080") +# - NO_PROXY: A comma separated lists of hosts, IP addresses or domains that can be +# accessed directly. (example: "foo.example.com,bar.example.com") # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/openjdk-11:1.14 + +ENV LANGUAGE='en_US:en' -ARG JAVA_PACKAGE=java-11-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.8 -ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' -# Install java and the run-java script -# Also set up permissions for user `1001` -RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ - && microdnf update \ - && microdnf clean all \ - && mkdir /deployments \ - && chown 1001 /deployments \ - && chmod "g+rwX" /deployments \ - && chown 1001:root /deployments \ - && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ - && chown 1001 /deployments/run-java.sh \ - && chmod 540 /deployments/run-java.sh \ - && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security -# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. -ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" # We make four distinct layers so if there are application changes the library layers can be re-used -COPY --chown=1001 target/quarkus-app/lib/ /deployments/lib/ -COPY --chown=1001 target/quarkus-app/*.jar /deployments/ -COPY --chown=1001 target/quarkus-app/app/ /deployments/app/ -COPY --chown=1001 target/quarkus-app/quarkus/ /deployments/quarkus/ +COPY --chown=185 target/quarkus-app/lib/ /deployments/lib/ +COPY --chown=185 target/quarkus-app/*.jar /deployments/ +COPY --chown=185 target/quarkus-app/app/ /deployments/app/ +COPY --chown=185 target/quarkus-app/quarkus/ /deployments/quarkus/ EXPOSE 8080 -USER 1001 +USER 185 +ENV AB_JOLOKIA_OFF="" +ENV JAVA_OPTS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +ENV JAVA_APP_JAR="/deployments/quarkus-run.jar" -ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/vertx-quickstart/src/main/docker/Dockerfile.legacy-jar b/vertx-quickstart/src/main/docker/Dockerfile.legacy-jar index f98b83cead..6277a9e125 100644 --- a/vertx-quickstart/src/main/docker/Dockerfile.legacy-jar +++ b/vertx-quickstart/src/main/docker/Dockerfile.legacy-jar @@ -7,45 +7,84 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/vertx-legacy-jar . +# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/vertx-quickstart-legacy-jar . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/vertx-legacy-jar +# docker run -i --rm -p 8080:8080 quarkus/vertx-quickstart-legacy-jar # # If you want to include the debug port into your docker image -# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5005 # # Then run the container using : # -# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/vertx-legacy-jar +# docker run -i --rm -p 8080:8080 quarkus/vertx-quickstart-legacy-jar +# +# This image uses the `run-java.sh` script to run the application. +# This scripts computes the command line to execute your Java application, and +# includes memory/GC tuning. +# You can configure the behavior using the following environment properties: +# - JAVA_OPTS: JVM options passed to the `java` command (example: "-verbose:class") +# - JAVA_OPTS_APPEND: User specified Java options to be appended to generated options +# in JAVA_OPTS (example: "-Dsome.property=foo") +# - JAVA_MAX_MEM_RATIO: Is used when no `-Xmx` option is given in JAVA_OPTS. This is +# used to calculate a default maximal heap memory based on a containers restriction. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xmx` is set to a ratio +# of the container available memory as set here. The default is `50` which means 50% +# of the available memory is used as an upper boundary. You can skip this mechanism by +# setting this value to `0` in which case no `-Xmx` option is added. +# - JAVA_INITIAL_MEM_RATIO: Is used when no `-Xms` option is given in JAVA_OPTS. This +# is used to calculate a default initial heap memory based on the maximum heap memory. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xms` is set to a ratio +# of the `-Xmx` memory as set here. The default is `25` which means 25% of the `-Xmx` +# is used as the initial heap size. You can skip this mechanism by setting this value +# to `0` in which case no `-Xms` option is added (example: "25") +# - JAVA_MAX_INITIAL_MEM: Is used when no `-Xms` option is given in JAVA_OPTS. +# This is used to calculate the maximum value of the initial heap memory. If used in +# a container without any memory constraints for the container then this option has +# no effect. If there is a memory constraint then `-Xms` is limited to the value set +# here. The default is 4096MB which means the calculated value of `-Xms` never will +# be greater than 4096MB. The value of this variable is expressed in MB (example: "4096") +# - JAVA_DIAGNOSTICS: Set this to get some diagnostics information to standard output +# when things are happening. This option, if set to true, will set +# `-XX:+UnlockDiagnosticVMOptions`. Disabled by default (example: "true"). +# - JAVA_DEBUG: If set remote debugging will be switched on. Disabled by default (example: +# true"). +# - JAVA_DEBUG_PORT: Port used for remote debugging. Defaults to 5005 (example: "8787"). +# - CONTAINER_CORE_LIMIT: A calculated core limit as described in +# https://www.kernel.org/doc/Documentation/scheduler/sched-bwc.txt. (example: "2") +# - CONTAINER_MAX_MEMORY: Memory limit given to the container (example: "1024"). +# - GC_MIN_HEAP_FREE_RATIO: Minimum percentage of heap free after GC to avoid expansion. +# (example: "20") +# - GC_MAX_HEAP_FREE_RATIO: Maximum percentage of heap free after GC to avoid shrinking. +# (example: "40") +# - GC_TIME_RATIO: Specifies the ratio of the time spent outside the garbage collection. +# (example: "4") +# - GC_ADAPTIVE_SIZE_POLICY_WEIGHT: The weighting given to the current GC time versus +# previous GC times. (example: "90") +# - GC_METASPACE_SIZE: The initial metaspace size. (example: "20") +# - GC_MAX_METASPACE_SIZE: The maximum metaspace size. (example: "100") +# - GC_CONTAINER_OPTIONS: Specify Java GC to use. The value of this variable should +# contain the necessary JRE command-line options to specify the required GC, which +# will override the default of `-XX:+UseParallelGC` (example: -XX:+UseG1GC). +# - HTTPS_PROXY: The location of the https proxy. (example: "myuser@127.0.0.1:8080") +# - HTTP_PROXY: The location of the http proxy. (example: "myuser@127.0.0.1:8080") +# - NO_PROXY: A comma separated lists of hosts, IP addresses or domains that can be +# accessed directly. (example: "foo.example.com,bar.example.com") # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/openjdk-11:1.14 + +ENV LANGUAGE='en_US:en' -ARG JAVA_PACKAGE=java-11-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.8 -ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' -# Install java and the run-java script -# Also set up permissions for user `1001` -RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ - && microdnf update \ - && microdnf clean all \ - && mkdir /deployments \ - && chown 1001 /deployments \ - && chmod "g+rwX" /deployments \ - && chown 1001:root /deployments \ - && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ - && chown 1001 /deployments/run-java.sh \ - && chmod 540 /deployments/run-java.sh \ - && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security -# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. -ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" COPY target/lib/* /deployments/lib/ -COPY target/*-runner.jar /deployments/app.jar +COPY target/*-runner.jar /deployments/quarkus-run.jar EXPOSE 8080 -USER 1001 - -ENTRYPOINT [ "/deployments/run-java.sh" ] +USER 185 +ENV AB_JOLOKIA_OFF="" +ENV JAVA_OPTS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +ENV JAVA_APP_JAR="/deployments/quarkus-run.jar" diff --git a/vertx-quickstart/src/main/docker/Dockerfile.native b/vertx-quickstart/src/main/docker/Dockerfile.native index c74e4bf165..b1b569416d 100644 --- a/vertx-quickstart/src/main/docker/Dockerfile.native +++ b/vertx-quickstart/src/main/docker/Dockerfile.native @@ -1,5 +1,5 @@ #### -# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode. # # Before building the container image run: # @@ -7,14 +7,14 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native -t quarkus/vertx . +# docker build -f src/main/docker/Dockerfile.native -t quarkus/vertx-quickstart . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/vertx +# docker run -i --rm -p 8080:8080 quarkus/vertx-quickstart # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.6 WORKDIR /work/ RUN chown 1001 /work \ && chmod "g+rwX" /work \ diff --git a/vertx-quickstart/src/main/docker/Dockerfile.native-micro b/vertx-quickstart/src/main/docker/Dockerfile.native-micro index 28c6fb1e3b..0a01510c9e 100644 --- a/vertx-quickstart/src/main/docker/Dockerfile.native-micro +++ b/vertx-quickstart/src/main/docker/Dockerfile.native-micro @@ -1,5 +1,8 @@ #### -# This Dockerfile is used in order to build a distroless container that runs the Quarkus application in native (no JVM) mode +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode. +# It uses a micro base image, tuned for Quarkus native executables. +# It reduces the size of the resulting container image. +# Check https://quarkus.io/guides/quarkus-runtime-base-image for further information about this image. # # Before building the container image run: # @@ -7,15 +10,19 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native-micro -t quarkus/vertx . +# docker build -f src/main/docker/Dockerfile.native-micro -t quarkus/vertx-quickstart . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/vertx +# docker run -i --rm -p 8080:8080 quarkus/vertx-quickstart # ### -FROM quay.io/quarkus/quarkus-micro-image:1.0 -COPY target/*-runner /application +FROM quay.io/quarkus/quarkus-micro-image:2.0 +WORKDIR /work/ +RUN chown 1001 /work \ + && chmod "g+rwX" /work \ + && chown 1001:root /work +COPY --chown=1001:root target/*-runner /work/application EXPOSE 8080 USER 1001 diff --git a/websockets-quickstart/pom.xml b/websockets-quickstart/pom.xml index 2d7a55bd43..51b97be055 100644 --- a/websockets-quickstart/pom.xml +++ b/websockets-quickstart/pom.xml @@ -8,7 +8,7 @@ quarkus-bom io.quarkus - 999-SNAPSHOT + 2.14.0.Final 3.0.0-M7 UTF-8 11 diff --git a/websockets-quickstart/src/main/docker/Dockerfile.jvm b/websockets-quickstart/src/main/docker/Dockerfile.jvm index 5b97e0a5a5..50a8ce246c 100644 --- a/websockets-quickstart/src/main/docker/Dockerfile.jvm +++ b/websockets-quickstart/src/main/docker/Dockerfile.jvm @@ -7,48 +7,88 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/websockets-jvm . +# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/websockets-quickstart-jvm . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/websockets-jvm +# docker run -i --rm -p 8080:8080 quarkus/websockets-quickstart-jvm # # If you want to include the debug port into your docker image -# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5005 # # Then run the container using : # -# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/websockets-jvm +# docker run -i --rm -p 8080:8080 quarkus/websockets-quickstart-jvm +# +# This image uses the `run-java.sh` script to run the application. +# This scripts computes the command line to execute your Java application, and +# includes memory/GC tuning. +# You can configure the behavior using the following environment properties: +# - JAVA_OPTS: JVM options passed to the `java` command (example: "-verbose:class") +# - JAVA_OPTS_APPEND: User specified Java options to be appended to generated options +# in JAVA_OPTS (example: "-Dsome.property=foo") +# - JAVA_MAX_MEM_RATIO: Is used when no `-Xmx` option is given in JAVA_OPTS. This is +# used to calculate a default maximal heap memory based on a containers restriction. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xmx` is set to a ratio +# of the container available memory as set here. The default is `50` which means 50% +# of the available memory is used as an upper boundary. You can skip this mechanism by +# setting this value to `0` in which case no `-Xmx` option is added. +# - JAVA_INITIAL_MEM_RATIO: Is used when no `-Xms` option is given in JAVA_OPTS. This +# is used to calculate a default initial heap memory based on the maximum heap memory. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xms` is set to a ratio +# of the `-Xmx` memory as set here. The default is `25` which means 25% of the `-Xmx` +# is used as the initial heap size. You can skip this mechanism by setting this value +# to `0` in which case no `-Xms` option is added (example: "25") +# - JAVA_MAX_INITIAL_MEM: Is used when no `-Xms` option is given in JAVA_OPTS. +# This is used to calculate the maximum value of the initial heap memory. If used in +# a container without any memory constraints for the container then this option has +# no effect. If there is a memory constraint then `-Xms` is limited to the value set +# here. The default is 4096MB which means the calculated value of `-Xms` never will +# be greater than 4096MB. The value of this variable is expressed in MB (example: "4096") +# - JAVA_DIAGNOSTICS: Set this to get some diagnostics information to standard output +# when things are happening. This option, if set to true, will set +# `-XX:+UnlockDiagnosticVMOptions`. Disabled by default (example: "true"). +# - JAVA_DEBUG: If set remote debugging will be switched on. Disabled by default (example: +# true"). +# - JAVA_DEBUG_PORT: Port used for remote debugging. Defaults to 5005 (example: "8787"). +# - CONTAINER_CORE_LIMIT: A calculated core limit as described in +# https://www.kernel.org/doc/Documentation/scheduler/sched-bwc.txt. (example: "2") +# - CONTAINER_MAX_MEMORY: Memory limit given to the container (example: "1024"). +# - GC_MIN_HEAP_FREE_RATIO: Minimum percentage of heap free after GC to avoid expansion. +# (example: "20") +# - GC_MAX_HEAP_FREE_RATIO: Maximum percentage of heap free after GC to avoid shrinking. +# (example: "40") +# - GC_TIME_RATIO: Specifies the ratio of the time spent outside the garbage collection. +# (example: "4") +# - GC_ADAPTIVE_SIZE_POLICY_WEIGHT: The weighting given to the current GC time versus +# previous GC times. (example: "90") +# - GC_METASPACE_SIZE: The initial metaspace size. (example: "20") +# - GC_MAX_METASPACE_SIZE: The maximum metaspace size. (example: "100") +# - GC_CONTAINER_OPTIONS: Specify Java GC to use. The value of this variable should +# contain the necessary JRE command-line options to specify the required GC, which +# will override the default of `-XX:+UseParallelGC` (example: -XX:+UseG1GC). +# - HTTPS_PROXY: The location of the https proxy. (example: "myuser@127.0.0.1:8080") +# - HTTP_PROXY: The location of the http proxy. (example: "myuser@127.0.0.1:8080") +# - NO_PROXY: A comma separated lists of hosts, IP addresses or domains that can be +# accessed directly. (example: "foo.example.com,bar.example.com") # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/openjdk-11:1.14 + +ENV LANGUAGE='en_US:en' -ARG JAVA_PACKAGE=java-11-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.8 -ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' -# Install java and the run-java script -# Also set up permissions for user `1001` -RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ - && microdnf update \ - && microdnf clean all \ - && mkdir /deployments \ - && chown 1001 /deployments \ - && chmod "g+rwX" /deployments \ - && chown 1001:root /deployments \ - && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ - && chown 1001 /deployments/run-java.sh \ - && chmod 540 /deployments/run-java.sh \ - && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security -# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. -ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" # We make four distinct layers so if there are application changes the library layers can be re-used -COPY --chown=1001 target/quarkus-app/lib/ /deployments/lib/ -COPY --chown=1001 target/quarkus-app/*.jar /deployments/ -COPY --chown=1001 target/quarkus-app/app/ /deployments/app/ -COPY --chown=1001 target/quarkus-app/quarkus/ /deployments/quarkus/ +COPY --chown=185 target/quarkus-app/lib/ /deployments/lib/ +COPY --chown=185 target/quarkus-app/*.jar /deployments/ +COPY --chown=185 target/quarkus-app/app/ /deployments/app/ +COPY --chown=185 target/quarkus-app/quarkus/ /deployments/quarkus/ EXPOSE 8080 -USER 1001 +USER 185 +ENV AB_JOLOKIA_OFF="" +ENV JAVA_OPTS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +ENV JAVA_APP_JAR="/deployments/quarkus-run.jar" -ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/websockets-quickstart/src/main/docker/Dockerfile.legacy-jar b/websockets-quickstart/src/main/docker/Dockerfile.legacy-jar index 1491a9083e..5918a5c53a 100644 --- a/websockets-quickstart/src/main/docker/Dockerfile.legacy-jar +++ b/websockets-quickstart/src/main/docker/Dockerfile.legacy-jar @@ -7,45 +7,84 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/websockets-legacy-jar . +# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/websockets-quickstart-legacy-jar . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/websockets-legacy-jar +# docker run -i --rm -p 8080:8080 quarkus/websockets-quickstart-legacy-jar # # If you want to include the debug port into your docker image -# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5005 # # Then run the container using : # -# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/websockets-legacy-jar +# docker run -i --rm -p 8080:8080 quarkus/websockets-quickstart-legacy-jar +# +# This image uses the `run-java.sh` script to run the application. +# This scripts computes the command line to execute your Java application, and +# includes memory/GC tuning. +# You can configure the behavior using the following environment properties: +# - JAVA_OPTS: JVM options passed to the `java` command (example: "-verbose:class") +# - JAVA_OPTS_APPEND: User specified Java options to be appended to generated options +# in JAVA_OPTS (example: "-Dsome.property=foo") +# - JAVA_MAX_MEM_RATIO: Is used when no `-Xmx` option is given in JAVA_OPTS. This is +# used to calculate a default maximal heap memory based on a containers restriction. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xmx` is set to a ratio +# of the container available memory as set here. The default is `50` which means 50% +# of the available memory is used as an upper boundary. You can skip this mechanism by +# setting this value to `0` in which case no `-Xmx` option is added. +# - JAVA_INITIAL_MEM_RATIO: Is used when no `-Xms` option is given in JAVA_OPTS. This +# is used to calculate a default initial heap memory based on the maximum heap memory. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xms` is set to a ratio +# of the `-Xmx` memory as set here. The default is `25` which means 25% of the `-Xmx` +# is used as the initial heap size. You can skip this mechanism by setting this value +# to `0` in which case no `-Xms` option is added (example: "25") +# - JAVA_MAX_INITIAL_MEM: Is used when no `-Xms` option is given in JAVA_OPTS. +# This is used to calculate the maximum value of the initial heap memory. If used in +# a container without any memory constraints for the container then this option has +# no effect. If there is a memory constraint then `-Xms` is limited to the value set +# here. The default is 4096MB which means the calculated value of `-Xms` never will +# be greater than 4096MB. The value of this variable is expressed in MB (example: "4096") +# - JAVA_DIAGNOSTICS: Set this to get some diagnostics information to standard output +# when things are happening. This option, if set to true, will set +# `-XX:+UnlockDiagnosticVMOptions`. Disabled by default (example: "true"). +# - JAVA_DEBUG: If set remote debugging will be switched on. Disabled by default (example: +# true"). +# - JAVA_DEBUG_PORT: Port used for remote debugging. Defaults to 5005 (example: "8787"). +# - CONTAINER_CORE_LIMIT: A calculated core limit as described in +# https://www.kernel.org/doc/Documentation/scheduler/sched-bwc.txt. (example: "2") +# - CONTAINER_MAX_MEMORY: Memory limit given to the container (example: "1024"). +# - GC_MIN_HEAP_FREE_RATIO: Minimum percentage of heap free after GC to avoid expansion. +# (example: "20") +# - GC_MAX_HEAP_FREE_RATIO: Maximum percentage of heap free after GC to avoid shrinking. +# (example: "40") +# - GC_TIME_RATIO: Specifies the ratio of the time spent outside the garbage collection. +# (example: "4") +# - GC_ADAPTIVE_SIZE_POLICY_WEIGHT: The weighting given to the current GC time versus +# previous GC times. (example: "90") +# - GC_METASPACE_SIZE: The initial metaspace size. (example: "20") +# - GC_MAX_METASPACE_SIZE: The maximum metaspace size. (example: "100") +# - GC_CONTAINER_OPTIONS: Specify Java GC to use. The value of this variable should +# contain the necessary JRE command-line options to specify the required GC, which +# will override the default of `-XX:+UseParallelGC` (example: -XX:+UseG1GC). +# - HTTPS_PROXY: The location of the https proxy. (example: "myuser@127.0.0.1:8080") +# - HTTP_PROXY: The location of the http proxy. (example: "myuser@127.0.0.1:8080") +# - NO_PROXY: A comma separated lists of hosts, IP addresses or domains that can be +# accessed directly. (example: "foo.example.com,bar.example.com") # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/openjdk-11:1.14 + +ENV LANGUAGE='en_US:en' -ARG JAVA_PACKAGE=java-11-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.8 -ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' -# Install java and the run-java script -# Also set up permissions for user `1001` -RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ - && microdnf update \ - && microdnf clean all \ - && mkdir /deployments \ - && chown 1001 /deployments \ - && chmod "g+rwX" /deployments \ - && chown 1001:root /deployments \ - && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ - && chown 1001 /deployments/run-java.sh \ - && chmod 540 /deployments/run-java.sh \ - && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security -# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. -ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" COPY target/lib/* /deployments/lib/ -COPY target/*-runner.jar /deployments/app.jar +COPY target/*-runner.jar /deployments/quarkus-run.jar EXPOSE 8080 -USER 1001 - -ENTRYPOINT [ "/deployments/run-java.sh" ] +USER 185 +ENV AB_JOLOKIA_OFF="" +ENV JAVA_OPTS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +ENV JAVA_APP_JAR="/deployments/quarkus-run.jar" diff --git a/websockets-quickstart/src/main/docker/Dockerfile.native b/websockets-quickstart/src/main/docker/Dockerfile.native index a3058af99e..9c438bcb65 100644 --- a/websockets-quickstart/src/main/docker/Dockerfile.native +++ b/websockets-quickstart/src/main/docker/Dockerfile.native @@ -1,5 +1,5 @@ #### -# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode. # # Before building the container image run: # @@ -7,14 +7,14 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native -t quarkus/websockets . +# docker build -f src/main/docker/Dockerfile.native -t quarkus/websockets-quickstart . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/websockets +# docker run -i --rm -p 8080:8080 quarkus/websockets-quickstart # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.6 WORKDIR /work/ RUN chown 1001 /work \ && chmod "g+rwX" /work \ diff --git a/websockets-quickstart/src/main/docker/Dockerfile.native-micro b/websockets-quickstart/src/main/docker/Dockerfile.native-micro index 20b17c0a2f..142068049b 100644 --- a/websockets-quickstart/src/main/docker/Dockerfile.native-micro +++ b/websockets-quickstart/src/main/docker/Dockerfile.native-micro @@ -1,5 +1,8 @@ #### -# This Dockerfile is used in order to build a distroless container that runs the Quarkus application in native (no JVM) mode +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode. +# It uses a micro base image, tuned for Quarkus native executables. +# It reduces the size of the resulting container image. +# Check https://quarkus.io/guides/quarkus-runtime-base-image for further information about this image. # # Before building the container image run: # @@ -7,15 +10,19 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native-micro -t quarkus/websockets . +# docker build -f src/main/docker/Dockerfile.native-micro -t quarkus/websockets-quickstart . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/websockets +# docker run -i --rm -p 8080:8080 quarkus/websockets-quickstart # ### -FROM quay.io/quarkus/quarkus-micro-image:1.0 -COPY target/*-runner /application +FROM quay.io/quarkus/quarkus-micro-image:2.0 +WORKDIR /work/ +RUN chown 1001 /work \ + && chmod "g+rwX" /work \ + && chown 1001:root /work +COPY --chown=1001:root target/*-runner /work/application EXPOSE 8080 USER 1001