-
Notifications
You must be signed in to change notification settings - Fork 115
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #15 from Megala21/master_new
Reduce the docker images size and change the way permission being handled
- Loading branch information
Showing
21 changed files
with
514 additions
and
314 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,19 +1,29 @@ | ||
# Building docker images | ||
|
||
##### 1. Build the docker image for IS: | ||
#### Prerequisites | ||
* [Docker](https://www.docker.com/get-docker) v17.09.0 or above | ||
|
||
###### Download files required | ||
>The local copy of the `dockerfiles/is` directory will be referred to as `IS_DOCKERFILE_HOME` from this point onwards. | ||
- wso2is-5.5.0.zip | ||
- jdk-8u*-linux-x64.tar.gz (Any JDK 8u* version) | ||
- dnsjava-2.1.8.jar (http://www.dnsjava.org/) | ||
- [`kubernetes-membership-scheme-1.0.1.jar`](https://github.com/wso2/kubernetes-common/releases/tag/v1.0.1) | ||
- mysql-connector-java-5*-bin.jar (Any mysql connector 5* version) | ||
#### Add JDK, WSO2 Identity Server distribution, MySQL connector, Kubernetes member scheme, DNS Java to `<IS_DOCKERFILE_HOME>/files` | ||
|
||
Tested against jdk-8u45-linux-x64.tar.gz and mysql-connector-java-5.1.46-bin.jar | ||
- Download [JDK 1.8](http://www.oracle.com/technetwork/java/javase/downloads/jdk8-downloads-2133151.html) | ||
and extract it to `<IS_DOCKERFILE_HOME>/files`. | ||
- Download the WSO2 Identity Server 5.5.0 distribution (https://wso2.com/identity-and-access-management) | ||
and extract it to `<IS_DOCKERFILE_HOME>/files`. <br> | ||
- Once both JDK and WSO2 Identity Server distributions are extracted it may look as follows: | ||
|
||
###### Add above files to is/files directory. | ||
###### Build the docker image from is/ directory. | ||
```bash | ||
<IS_DOCKERFILE_HOME>/files/jdk<version>/ | ||
<IS_DOCKERFILE_HOME>/files/wso2is-5.5.0/ | ||
``` | ||
- Download [MySQL Connector/J](https://dev.mysql.com/downloads/connector/j/) v5.1.* and then copy that to | ||
`<IS_DOCKERFILE_HOME>/files` folder | ||
- Download [`kubernetes-membership-scheme-1.0.1.jar`](https://github.com/wso2/kubernetes-common/releases/tag/v1.0.1) | ||
and then copy that to `<IS_DOCKERFILE_HOME>/files` | ||
- Download [`dnsjava-2.1.8.jar`](http://www.dnsjava.org/) and copy that to `<IS_DOCKERFILE_HOME>/files` | ||
|
||
#### Build the docker image from is/ directory. | ||
``` | ||
docker build -t docker.cloud.wso2.com/wso2is-kubernetes:5.5.0 . | ||
``` |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,6 +1,6 @@ | ||
# ------------------------------------------------------------------------ | ||
# | ||
# Copyright 2017 WSO2, Inc. (http://wso2.com) | ||
# Copyright 2018 WSO2, Inc. (http://wso2.com) | ||
# | ||
# Licensed under the Apache License, Version 2.0 (the "License"); | ||
# you may not use this file except in compliance with the License. | ||
|
@@ -16,87 +16,51 @@ | |
# | ||
# ------------------------------------------------------------------------ | ||
|
||
# set to latest Ubuntu LTS | ||
FROM ubuntu:16.04 | ||
MAINTAINER WSO2 Docker Maintainers "[email protected]" | ||
ENV DEBIAN_FRONTEND noninteractive | ||
|
||
# set user information | ||
# set user configurations | ||
ARG USER=wso2user | ||
ARG USER_GROUP=wso2 | ||
ARG USER_ID=1000000000 | ||
ARG USER_GROUP=wso2 | ||
ARG USER_GROUP_ID=1000000000 | ||
ARG USER_HOME=/home/${USER} | ||
|
||
# Set startup script | ||
ARG STARTUP_SCRIPT=init_carbon.sh | ||
|
||
# set local files directory | ||
# set dependant files directory | ||
ARG FILES=./files | ||
|
||
# set jdk information | ||
ARG JDK_ARCHIVE=jdk-8u*-linux-x64.tar.gz | ||
# set jdk configurations | ||
ARG JDK=jdk1.8.0* | ||
ARG JAVA_HOME=${USER_HOME}/java | ||
|
||
# set wso2 product information | ||
# set wso2 product configurations | ||
ARG WSO2_SERVER=wso2is | ||
ARG WSO2_SERVER_VERSION=5.5.0 | ||
ARG WSO2_SERVER_PACK=${WSO2_SERVER}-${WSO2_SERVER_VERSION}.zip | ||
ARG WSO2_SERVER_PACK=${WSO2_SERVER}-${WSO2_SERVER_VERSION} | ||
ARG WSO2_SERVER_HOME=${USER_HOME}/${WSO2_SERVER}-${WSO2_SERVER_VERSION} | ||
|
||
# set jdbc driver information | ||
ARG JDBC_DRIVER=mysql-connector-java-5*-bin.jar | ||
|
||
# set kubernetes dependency bundle information | ||
ARG KUBERNETES_MEMBERSHIP_SCHEME_LIB=kubernetes-membership-scheme-1.0.*.jar | ||
ARG DNS_JAVA_LIB=dnsjava-2.1.*.jar | ||
|
||
# install required packages | ||
RUN apt-get update \ | ||
&& apt-get install -y --no-install-recommends --no-install-suggests \ | ||
zip \ | ||
unzip \ | ||
telnet \ | ||
iproute2 \ | ||
sudo && rm -rf /var/lib/apt/lists/* | ||
RUN apt-get update && \ | ||
DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends \ | ||
curl && \ | ||
rm -rf /var/lib/apt/lists/* | ||
|
||
# create user group and user | ||
RUN useradd --system --uid ${USER_ID} --gid 0 --create-home --home-dir ${USER_HOME} \ | ||
--no-log-init ${USER} | ||
# create a user group and a user | ||
RUN groupadd --system -g ${USER_GROUP_ID} ${USER_GROUP} && \ | ||
useradd --system --create-home --home-dir ${USER_HOME} --no-log-init -g ${USER_GROUP_ID} -u ${USER_ID} ${USER} | ||
|
||
# copy jdk, wso2 product distribution, jdbc driver and kubernetes dependency libraries to user's home directory | ||
COPY ${FILES}/${JDK_ARCHIVE} ${STARTUP_SCRIPT} ${FILES}/${WSO2_SERVER_PACK} ${FILES}/${JDBC_DRIVER} \ | ||
${FILES}/${DNS_JAVA_LIB} ${FILES}/${KUBERNETES_MEMBERSHIP_SCHEME_LIB} sudoers change_ownership.sh ${USER_HOME}/ | ||
|
||
# install jdk, wso2 server, remove distributions and set folder permissions | ||
RUN unzip -q ${USER_HOME}/${WSO2_SERVER_PACK} -d ${USER_HOME}/ \ | ||
&& mkdir -p ${USER_HOME}/tmp \ | ||
&& cp -r ${USER_HOME}/${WSO2_SERVER}-${WSO2_SERVER_VERSION}/repository/deployment/server ${USER_HOME}/tmp/ \ | ||
&& mkdir -p ${JAVA_HOME} \ | ||
&& mkdir -p ${USER_HOME}/${WSO2_SERVER}-${WSO2_SERVER_VERSION}-lib \ | ||
&& mkdir -p ${USER_HOME}/${WSO2_SERVER}-${WSO2_SERVER_VERSION}-dropins \ | ||
&& tar -xf ${USER_HOME}/${JDK_ARCHIVE} -C ${JAVA_HOME} --strip-components=1 \ | ||
&& cp ${USER_HOME}/${JDBC_DRIVER} ${USER_HOME}/${DNS_JAVA_LIB} ${WSO2_SERVER_HOME}/repository/components/lib/ \ | ||
&& cp ${USER_HOME}/${KUBERNETES_MEMBERSHIP_SCHEME_LIB} ${WSO2_SERVER_HOME}/repository/components/dropins/ \ | ||
&& mkdir -p ${USER_HOME}/scripts/ \ | ||
&& cat ${USER_HOME}/${STARTUP_SCRIPT} > ${USER_HOME}/scripts/${STARTUP_SCRIPT} \ | ||
&& rm ${USER_HOME}/${STARTUP_SCRIPT} \ | ||
&& rm ${USER_HOME}/${WSO2_SERVER_PACK} \ | ||
&& rm ${USER_HOME}/${JDK_ARCHIVE} \ | ||
&& rm ${USER_HOME}/${JDBC_DRIVER} \ | ||
&& rm ${USER_HOME}/${DNS_JAVA_LIB} \ | ||
&& rm ${USER_HOME}/${KUBERNETES_MEMBERSHIP_SCHEME_LIB} \ | ||
&& chgrp -R 0 ${USER_HOME} \ | ||
&& chmod -R g=u ${USER_HOME} \ | ||
&& chown -R ${USER_ID} ${USER_HOME} \ | ||
&& chmod -R 0774 ${USER_HOME} \ | ||
&& cat ${USER_HOME}/sudoers > /etc/sudoers \ | ||
&& rm ${USER_HOME}/sudoers \ | ||
&& cat ${USER_HOME}/change_ownership.sh > /bin/change_ownership.sh \ | ||
&& chmod 0755 /bin/change_ownership.sh \ | ||
&& rm ${USER_HOME}/change_ownership.sh \ | ||
&& chgrp -R 0 ${USER_HOME} \ | ||
&& chmod -R g=u ${USER_HOME} \ | ||
&& chown -R ${USER_ID} ${USER_HOME} \ | ||
&& chmod -R 0774 ${USER_HOME} | ||
# copy the jdk and wso2 product distributions to user's home directory and copy the mysql connector jar to server distribution | ||
WORKDIR ${USER_HOME} | ||
COPY --chown=wso2user:wso2 ${FILES}/${JDK} java | ||
COPY --chown=wso2user:wso2 ${FILES}/${WSO2_SERVER_PACK}/ ${WSO2_SERVER_PACK}/ | ||
COPY --chown=wso2user:wso2 ${FILES}/mysql-connector-java-*-bin.jar ${FILES}/${DNS_JAVA_LIB} ${WSO2_SERVER_PACK}/repository/components/lib/ | ||
COPY --chown=wso2user:wso2 ${FILES}/${KUBERNETES_MEMBERSHIP_SCHEME_LIB} ${WSO2_SERVER_PACK}/repository/components/dropins/ | ||
COPY --chown=wso2user:wso2 ${FILES}/${WSO2_SERVER_PACK}/repository/deployment/server tmp/server | ||
RUN mkdir ${WSO2_SERVER_PACK}-lib && chown wso2user:wso2 ${WSO2_SERVER_PACK}-lib && \ | ||
mkdir ${WSO2_SERVER_PACK}-dropins && chown wso2user:wso2 ${WSO2_SERVER_PACK}-dropins && \ | ||
mkdir ${WSO2_SERVER_PACK}-security && chown wso2user:wso2 ${WSO2_SERVER_PACK}-security && mkdir scripts && \ | ||
chown wso2user:wso2 scripts | ||
COPY --chown=wso2user:wso2 init_carbon.sh scripts/ | ||
|
||
# set the user and work directory | ||
USER ${USER_ID} | ||
|
@@ -105,13 +69,10 @@ WORKDIR ${USER_HOME} | |
# set environment variables | ||
ENV JAVA_HOME=${JAVA_HOME} \ | ||
PATH=$JAVA_HOME/bin:$PATH \ | ||
USER_HOME=${USER_HOME} \ | ||
WSO2_SERVER=${WSO2_SERVER} \ | ||
WSO2_SERVER_VERSION=${WSO2_SERVER_VERSION} \ | ||
WSO2_SERVER_HOME=${WSO2_SERVER_HOME} \ | ||
USER=${USER} | ||
WORKING_DIRECTORY=${USER_HOME} | ||
|
||
# expose ports | ||
EXPOSE 9763 9443 | ||
EXPOSE 4000 9763 9443 | ||
|
||
ENTRYPOINT exec ${USER_HOME}/scripts/init_carbon.sh | ||
ENTRYPOINT ${WORKING_DIRECTORY}/scripts/init_carbon.sh |
This file was deleted.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file was deleted.
Oops, something went wrong.
Oops, something went wrong.