summaryrefslogtreecommitdiffstats
path: root/build/docker
diff options
context:
space:
mode:
Diffstat (limited to 'build/docker')
-rw-r--r--build/docker/Dockerfile37
-rw-r--r--build/docker/Makefile33
-rw-r--r--build/docker/README25
-rwxr-xr-xbuild/docker/runcontext124
-rw-r--r--build/docker/ubuntu-builder/enable_dockerx220
-rwxr-xr-xbuild/docker/ubuntu-builder/setcontext20
6 files changed, 259 insertions, 0 deletions
diff --git a/build/docker/Dockerfile b/build/docker/Dockerfile
new file mode 100644
index 000000000..f3d122db9
--- /dev/null
+++ b/build/docker/Dockerfile
@@ -0,0 +1,37 @@
+#!/bin/bash
+##############################################################################
+# Copyright (c) 2015 Ericsson AB and others.
+# stefan.k.berg@ericsson.com
+# jonas.bjurel@ericsson.com
+# All rights reserved. This program and the accompanying materials
+# are made available under the terms of the Apache License, Version 2.0
+# which accompanies this distribution, and is available at
+# http://www.apache.org/licenses/LICENSE-2.0
+##############################################################################
+
+FROM ubuntu:14.04
+ENV http_proxy INSERT_HTTP_PROXY
+ENV https_proxy INSERT_HTTPS_PROXY
+ENV no_proxy INSERT_NO_PROXY
+
+RUN apt-get update
+RUN apt-get install -y software-properties-common python-software-properties \
+ make python-setuptools python-all dpkg-dev debhelper \
+ fuseiso git genisoimage bind9-host wget curl lintian tmux lxc iptables \
+ ca-certificates sudo apt-utils lsb-release dosfstools debmirror
+
+RUN echo "ALL ALL=NOPASSWD: ALL" > /etc/sudoers.d/open-sudo
+RUN echo "Defaults env_keep += \"ftp_proxy http_proxy https_proxy no_proxy RSYNC_PROXY RSYNC_CONNECT_PROG npm_config_registry\"" > /etc/sudoers.d/keep-proxies
+# Keeping PWD is needed to build as root
+RUN echo "Defaults env_keep += \"PWD\"" > /etc/sudoers.d/keep-pwd
+RUN chmod 0440 /etc/sudoers.d/open-sudo
+RUN chmod 0440 /etc/sudoers.d/keep-proxies
+RUN chmod 0440 /etc/sudoers.d/keep-pwd
+RUN chmod 4755 /bin/fusermount
+
+ADD ./setcontext /root/setcontext
+RUN chmod +x /root/setcontext
+ADD ./enable_dockerx2 /root/enable_dockerx2
+RUN chmod +x /root/enable_dockerx2
+
+VOLUME /var/lib/docker
diff --git a/build/docker/Makefile b/build/docker/Makefile
new file mode 100644
index 000000000..a2434447a
--- /dev/null
+++ b/build/docker/Makefile
@@ -0,0 +1,33 @@
+##############################################################################
+# Copyright (c) 2015 Ericsson AB and others.
+# stefan.k.berg@ericsson.com
+# jonas.bjurel@ericsson.com
+# All rights reserved. This program and the accompanying materials
+# are made available under the terms of the Apache License, Version 2.0
+# which accompanies this distribution, and is available at
+# http://www.apache.org/licenses/LICENSE-2.0
+##############################################################################
+
+SHELL = /bin/bash
+FILES = $(wildcard ubuntu-builder/*) runcontext
+
+.PHONY: all
+all: .docker
+
+.docker: $(FILES)
+ cp Dockerfile ubuntu-builder/Dockerfile
+ # Only add proxy ENVs where set in host - needed to pull the base Ubuntu image
+ test -n "${http_proxy}" && sed -i "s;INSERT_HTTP_PROXY;${http_proxy};" ubuntu-builder/Dockerfile || exit 0
+ test -n "${https_proxy}" && sed -i "s;INSERT_HTTPS_PROXY;${https_proxy};" ubuntu-builder/Dockerfile || exit 0
+ test -n "${no_proxy}" && sed -i "s;INSERT_NO_PROXY;${no_proxy};" ubuntu-builder/Dockerfile || exit 0
+ test -n "${HTTP_PROXY}" && sed -i "s;INSERT_HTTP_PROXY;${HTTP_PROXY};" ubuntu-builder/Dockerfile || exit 0
+ test -n "${HTTPS_PROXY}" && sed -i "s;INSERT_HTTPS_PROXY;${HTTPS_PROXY};" ubuntu-builder/Dockerfile || exit 0
+ test -n "${NO_PROXY}" && sed -i "s;INSERT_NO_PROXY;${NO_PROXY};" ubuntu-builder/Dockerfile || exit 0
+ sed -i '/INSERT_/d' ubuntu-builder/Dockerfile
+ /usr/bin/docker build --rm=true --no-cache=true -t opnfv.org/ubuntu-builder:14.04 ubuntu-builder
+ /usr/bin/docker tag -f opnfv.org/ubuntu-builder:14.04 opnfv.org/ubuntu-builder
+ touch .docker
+
+.PHONY: clean
+clean:
+ rm -f .docker ubuntu-builder/Dockerfile
diff --git a/build/docker/README b/build/docker/README
new file mode 100644
index 000000000..e5ccdfab6
--- /dev/null
+++ b/build/docker/README
@@ -0,0 +1,25 @@
+##############################################################################
+# Copyright (c) 2015 Ericsson AB and others.
+# stefan.k.berg@ericsson.com
+# jonas.bjurel@ericsson.com
+# All rights reserved. This program and the accompanying materials
+# are made available under the terms of the Apache License, Version 2.0
+# which accompanies this distribution, and is available at
+# http://www.apache.org/licenses/LICENSE-2.0
+##############################################################################
+
+The makefile on this level is used for *creating* the Docker image
+used for building in Ubuntu 12.04 context.
+
+There are two requirements before running make on this level:
+
+1. You need to have Docker installed on your system
+
+2. If in a corporate network, make sure to have a valid DNS config in
+ your /etc/default/docker, e.g:
+
+ DOCKER_OPTS=" --dns=8.8.8.8 --dns=8.8.8.4"
+
+The top level makefile will refer to the "runcontext" file in order to
+run the build process as the current user with the current working
+directory available to the container.
diff --git a/build/docker/runcontext b/build/docker/runcontext
new file mode 100755
index 000000000..f9065a01f
--- /dev/null
+++ b/build/docker/runcontext
@@ -0,0 +1,124 @@
+#!/bin/bash
+set -e
+##############################################################################
+# Copyright (c) 2015 Ericsson AB and others.
+# stefan.k.berg@ericsson.com
+# jonas.bjurel@ericsson.com
+# All rights reserved. This program and the accompanying materials
+# are made available under the terms of the Apache License, Version 2.0
+# which accompanies this distribution, and is available at
+# http://www.apache.org/licenses/LICENSE-2.0
+##############################################################################
+#
+
+############################################################################
+# BEGIN of Exit handlers
+#
+
+do_exit () {
+ CID=`cat $CID_FILE </dev/null`
+ rm -f $CID_FILE
+ rm -rf $CONTEXT_DIR
+ set +e
+ docker kill $CID > /dev/null 2>&1
+ docker rm -f $CID > /dev/null 2>&1
+ docker rmi -f $IID > /dev/null 2>&1
+ set -e
+}
+
+#
+# End of Exit handlers
+############################################################################
+
+trap do_exit SIGINT SIGTERM EXIT
+
+context=$1
+shift
+USER_ID=`id -u`
+USER=`whoami`
+GROUP_ID=`id -g`
+
+GITROOT=`git rev-parse --show-toplevel`
+CID_FILE=`mktemp -u -t runcontext.XXXXXXXXXX`
+CONTEXT_DIR=`mktemp -d ${GITROOT}/.docker_contextXXXXXX`
+
+# If RSYNC_CONNECT_PROG is used, we need to copy all of
+# the SSH structure, should one of the keys need to be
+# used.
+if [ -n "$RSYNC_CONNECT_PROG" -a -x $HOME/.ssh ]; then
+ cp -rp $HOME/.ssh $CONTEXT_DIR
+ rm -f $CONTEXT_DIR/.ssh/known_hosts
+else
+ mkdir $CONTEXT_DIR/.ssh
+fi
+
+# Disable verification of unknown keys
+cat >> $CONTEXT_DIR/.ssh/config <<EOF
+StrictHostKeyChecking=no
+EOF
+
+cat > $CONTEXT_DIR/Dockerfile <<EOF
+FROM $context
+$(env | egrep -i 'proxy|rsync' | sed 's/^/ENV /' | sed 's/=/ /')
+RUN date || date
+COPY .ssh $HOME/.ssh
+RUN chown -R $USER_ID:$GROUP_ID $HOME/.ssh
+RUN chown -R $USER_ID:$GROUP_ID $HOME
+RUN chmod 700 $HOME/.ssh
+RUN /root/setcontext $USER $USER_ID $GROUP_ID $HOME
+EOF
+
+res=`docker build -q --force-rm $CONTEXT_DIR`
+IID=`echo $res | sed 's/.* //'`
+
+# Handle proxy settings passed to the context
+if env | grep -iq .*proxy; then
+ envfile="$(readlink -f $(dirname $0)/..)/environment.mk"
+
+ test -n "$HTTP_PROXY" && my_http_proxy=$HTTP_PROXY
+ test -n "$http_proxy" && my_http_proxy=$http_proxy
+
+ test -n "$HTTPS_PROXY" && my_https_proxy=$HTTPS_PROXY
+ test -n "$https_proxy" && my_https_proxy=$https_proxy
+
+ test -n "$NO_PROXY" && my_no_proxy=$NO_PROXY
+ test -n "$no_proxy" && my_no_proxy=$no_proxy
+
+ # Make sure to add the Docker socket in no_proxy
+ if [ -n "$my_no_proxy" ]; then
+ my_no_proxy+=",/var/run/docker.sock"
+ else
+ my_no_proxy="/var/run/docker.sock"
+ fi
+
+ echo "Creating $envfile"
+ echo "# This file is automatically generated by runcontext, do not edit!" > $envfile
+ test -n "$my_http_proxy" && echo "export http_proxy=$my_http_proxy" >> $envfile
+ test -n "$my_https_proxy" && echo "export https_proxy=$my_https_proxy" >> $envfile
+ test -n "$my_no_proxy" && echo "export no_proxy=$my_no_proxy" >> $envfile
+ test -n "$RSYNC_PROXY" && echo "export RSYNC_PROXY=$RSYNC_PROXY" >> $envfile
+ test -n "$RSYNC_CONNECT_PROG" && echo "export RSYNC_CONNECT_PROG=$RSYNC_CONNECT_PROG" >> $envfile
+ echo "export npm_config_registry=http://registry.npmjs.org/" >> $envfile
+else
+ echo "No need to generate environment.mk"
+ rm -f $envfile
+fi
+
+# Evaluate the need for bind mounting the cache directory
+if [ -n "$CACHEBASE" ]; then
+ if echo $CACHEBASE | grep -q '^file://'; then
+ CACHEMOUNT="-v $(echo $CACHEBASE | sed 's;file://;;'):$(echo $CACHEBASE | sed 's;file://;;')"
+ fi
+fi
+
+RUN_CONTEXT_OPT="--cidfile $CID_FILE --privileged=true --rm -e HOME=$HOME -e CACHEDEBUG -e CACHETRANSPORT -e CACHEMAXAGE -e CACHEBASE -u $USER_ID:$GROUP_ID -w $PWD -v $GITROOT:$GITROOT $CACHEMOUNT"
+
+# Passing "debug" puts up an interactive bash shell
+if [ "$1" == "debug" ]; then
+ echo command: docker run ${RUN_CONTEXT_OPT} $IID bash
+ docker run -i -t ${RUN_CONTEXT_OPT} $IID bash
+else
+ echo command: docker run ${RUN_CONTEXT_OPT} $IID $@
+ docker run -t ${RUN_CONTEXT_OPT} $IID $@
+fi
+
diff --git a/build/docker/ubuntu-builder/enable_dockerx2 b/build/docker/ubuntu-builder/enable_dockerx2
new file mode 100644
index 000000000..1511c70ea
--- /dev/null
+++ b/build/docker/ubuntu-builder/enable_dockerx2
@@ -0,0 +1,20 @@
+#!/bin/sh
+##############################################################################
+# Copyright (c) 2015 Ericsson AB and others.
+# stefan.k.berg@ericsson.com
+# jonas.bjurel@ericsson.com
+# All rights reserved. This program and the accompanying materials
+# are made available under the terms of the Apache License, Version 2.0
+# which accompanies this distribution, and is available at
+# http://www.apache.org/licenses/LICENSE-2.0
+##############################################################################
+#
+# Needed to expose underlying cgroups to container
+echo "running x2" > /x2
+mount -n -t tmpfs -o uid=0,gid=0,mode=0755 cgroup /sys/fs/cgroup
+mount -t securityfs none /sys/kernel/security
+
+for mnt in $(cut -d: -f2 /proc/1/cgroup); do
+ mkdir /sys/fs/cgroup/$mnt
+ mount -n -t cgroup -o $mnt cgroup /sys/fs/cgroup/$mnt
+done
diff --git a/build/docker/ubuntu-builder/setcontext b/build/docker/ubuntu-builder/setcontext
new file mode 100755
index 000000000..bc28994a9
--- /dev/null
+++ b/build/docker/ubuntu-builder/setcontext
@@ -0,0 +1,20 @@
+#!/bin/bash
+##############################################################################
+# Copyright (c) 2015 Ericsson AB and others.
+# stefan.k.berg@ericsson.com
+# jonas.bjurel@ericsson.com
+# All rights reserved. This program and the accompanying materials
+# are made available under the terms of the Apache License, Version 2.0
+# which accompanies this distribution, and is available at
+# http://www.apache.org/licenses/LICENSE-2.0
+##############################################################################
+#
+SETUSER=$1
+SETUID=$2
+SETGID=$3
+SETHOME=$4
+
+getent group $SETUSER || /usr/sbin/groupadd --gid $SETGID $SETUSER
+getent passwd $SETUSER || /usr/sbin/adduser --system --uid=$SETUID --gid=$SETGID --home $SETHOME --shell /bin/bash $SETUSER
+/usr/sbin/usermod -a -G fuse $SETUSER
+exit 0