From 78ba8bbfa182d305b3f34d7ecc2d05baa56c1c5b Mon Sep 17 00:00:00 2001 From: Daniel Hiltgen Date: Tue, 10 Jul 2018 17:04:55 -0700 Subject: [PATCH] Add support for image build This adds a new packaging variant for engine with an image Upstream-commit: 27766ed0f4576ced4026adc60359ad63a977008e Component: packaging --- components/packaging/Makefile | 12 +++++ components/packaging/image/Dockerfile | 64 +++++++++++++++++++++++++++ components/packaging/image/Makefile | 29 ++++++++++++ 3 files changed, 105 insertions(+) create mode 100644 components/packaging/image/Dockerfile create mode 100644 components/packaging/image/Makefile diff --git a/components/packaging/Makefile b/components/packaging/Makefile index 53e19bc831..ff8d0e876a 100644 --- a/components/packaging/Makefile +++ b/components/packaging/Makefile @@ -35,3 +35,15 @@ static: ## build static-compiled packages for p in $(DOCKER_BUILD_PKGS); do \ $(MAKE) -C $@ VERSION=$(VERSION) ENGINE_DIR=$(ENGINE_DIR) CLI_DIR=$(CLI_DIR) GO_VERSION=$(GO_VERSION) $${p}; \ done + +# TODO - figure out multi-arch +.PHONY: image +image: DOCKER_BUILD_PKGS:=image-linux +image: ## build static-compiled packages + for p in $(DOCKER_BUILD_PKGS); do \ + $(MAKE) -C $@ VERSION=$(VERSION) ENGINE_DIR=$(ENGINE_DIR) CLI_DIR=$(CLI_DIR) GO_VERSION=$(GO_VERSION) $${p}; \ + done + +.PHONY: release +release: + $(MAKE) -C image $@ diff --git a/components/packaging/image/Dockerfile b/components/packaging/image/Dockerfile new file mode 100644 index 0000000000..3c762ac86e --- /dev/null +++ b/components/packaging/image/Dockerfile @@ -0,0 +1,64 @@ +# Common builder +FROM golang:1.10-alpine3.7 as builder + +#COPY hack/dockerfile/binaries-commits / + +COPY hack/dockerfile/install/tini.installer / +COPY hack/dockerfile/install/proxy.installer / +RUN apk --update add bash btrfs-progs-dev gcc libc-dev linux-headers \ + git cmake make ca-certificates libltdl libtool libgcc && \ + grep "_COMMIT=" /*.installer |cut -f2- -d: > /binaries-commits + +# dockerd +FROM builder as dockerd-builder +WORKDIR /go/src/github.com/docker/docker +COPY . /go/src/github.com/docker/docker +ARG VERSION +ENV VERSION ${VERSION} +ARG DOCKER_GITCOMMIT +ENV DOCKER_GITCOMMIT ${DOCKER_GITCOMMIT} +# TODO The way we set the version could easily be simplified not to depend on hack/... +RUN bash ./hack/make/.go-autogen +RUN go build -o /sbin/dockerd \ + -tags 'autogen netgo static_build selinux journald' \ + -installsuffix netgo -a -buildmode=pie -ldflags '-w -extldflags "-static" ' \ + github.com/docker/docker/cmd/dockerd + +# docker-proxy +# TODO if libnetwork folds into the docker tree this can be combined above +FROM builder as proxy-builder +RUN git clone https://github.com/docker/libnetwork.git /go/src/github.com/docker/libnetwork +WORKDIR /go/src/github.com/docker/libnetwork +RUN source /binaries-commits && \ + git checkout -q "$LIBNETWORK_COMMIT" && \ + go build -buildmode=pie -ldflags="$PROXY_LDFLAGS" \ + -o /sbin/docker-proxy \ + github.com/docker/libnetwork/cmd/proxy + +# docker-init - TODO move this out, last time we bumped was 2016! +FROM builder as init-builder +RUN git clone https://github.com/krallin/tini.git /tini +WORKDIR /tini +RUN source /binaries-commits && \ + git checkout -q "$TINI_COMMIT" && \ + cmake . && make tini-static && \ + cp tini-static /sbin/docker-init + +# runc +FROM builder as runc-builder +RUN apk --update add libseccomp-dev +RUN git clone https://github.com/opencontainers/runc.git /go/src/github.com/opencontainers/runc +WORKDIR /go/src/github.com/opencontainers/runc +RUN source /binaries-commits && \ + git checkout -q "$RUNC_COMMIT" && \ + make BUILDTAGS='seccomp apparmor' && make install + +# Final docker image +FROM alpine:3.7 +RUN apk --update add ca-certificates iptables net-tools libseccomp git && \ + rm -rf /var/cache/apk/* +COPY --from=dockerd-builder /sbin/dockerd /usr/local/sbin/ +COPY --from=proxy-builder /sbin/docker-proxy /usr/local/sbin/ +COPY --from=init-builder /sbin/docker-init /usr/local/sbin/ +COPY --from=runc-builder /usr/local/sbin/runc /usr/local/sbin/ +ENTRYPOINT ["/usr/local/sbin/dockerd"] diff --git a/components/packaging/image/Makefile b/components/packaging/image/Makefile new file mode 100644 index 0000000000..2d25cfd9a5 --- /dev/null +++ b/components/packaging/image/Makefile @@ -0,0 +1,29 @@ +SHELL:=/bin/bash +ENGINE_DIR:=$(CURDIR)/../../engine +CLI_DIR:=$(CURDIR)/../../cli +VERSION?=0.0.0-dev +STATIC_VERSION=$(shell ../static/gen-static-ver $(ENGINE_DIR) $(VERSION)) +DOCKER_HUB_ORG?=docker +ENGINE_IMAGE?=ce-engine + +.PHONY: help +help: ## show make targets + @awk 'BEGIN {FS = ":.*?## "} /^[a-zA-Z_-]+:.*?## / {sub("\\\\n",sprintf("\n%22c"," "), $$2);printf " \033[36m%-20s\033[0m %s\n", $$1, $$2}' $(MAKEFILE_LIST) + +.PHONY: clean +clean: ## remove build artifacts + docker rmi $(DOCKER_HUB_ORG)/$(ENGINE_IMAGE):$(STATIC_VERSION) + +.PHONY: image +image: image-linux + +.PHONY: image-linux +image-linux: + docker build -t $(DOCKER_HUB_ORG)/$(ENGINE_IMAGE):$(STATIC_VERSION) \ + --build-arg VERSION=$(STATIC_VERSION) \ + --build-arg DOCKER_GITCOMMIT=$(cd $(ENGINE_DIR) && git rev-parse --short=7 HEAD) \ + --file ./Dockerfile $(ENGINE_DIR) + +.PHONY: release +release: + docker push $(DOCKER_HUB_ORG)/$(ENGINE_IMAGE):$(STATIC_VERSION)