matthew/sonic-buildimage
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

[dockers] Prevent apt-get from installing suggested and recommended packages by default (#1666)

Browse Source 
* [docker-base] Instruct apt-get to NOT install 'recommended' or 'suggested' packages

* Modify docker-fpm-quagga, docker-snmp-sv2 and docker-sonic-vs Dockerfile templates in order to properly install .deb dependencies

* REDIS_SERVER depends on REDIS_TOOLS; ensure REDIS_TOOLS is always installed before REDIS_SERVER
This commit is contained in:
Joe LeVeque 2018-05-02 11:46:21 -07:00 committed by GitHub
parent 9a23770173
commit 832be7b8f4
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
10 changed files with 115 additions and 89 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
dockers/docker-base/Dockerfile.j2
View File

@ -18,8 +18,9 @@ RUN rm -rf \
ENV DEBIAN_FRONTEND=noninteractive ENV DEBIAN_FRONTEND=noninteractive
# Configure data sources for apt/dpkg # Configure data sources for apt/dpkg
COPY ["sources.list", "/etc/apt/sources.list"]
COPY ["dpkg_01_drop", "/etc/dpkg/dpkg.cfg.d/01_drop"] COPY ["dpkg_01_drop", "/etc/dpkg/dpkg.cfg.d/01_drop"]
COPY ["sources.list", "/etc/apt/sources.list"]
COPY ["no_install_recommend_suggest", "/etc/apt/apt.conf.d"]
RUN apt-get update RUN apt-get update
# Pre-install fundamental packages # Pre-install fundamental packages

5
dockers/docker-base/no_install_recommend_suggest Normal file
View File

@ -0,0 +1,5 @@
# Instruct apt-get to NOT install "recommended" or "suggested" packages by
# default when installing a package.
APT::Install-Recommends "false";
APT::Install-Suggests "false";

34
dockers/docker-database/Dockerfile.j2
View File

@ -1,28 +1,28 @@
FROM docker-config-engine FROM docker-config-engine
## Make apt-get non-interactive # Make apt-get non-interactive
ENV DEBIAN_FRONTEND=noninteractive ENV DEBIAN_FRONTEND=noninteractive
# Update apt's cache of available packages
RUN apt-get update RUN apt-get update
COPY \ {% if docker_database_debs.strip() -%}
{% for deb in docker_database_debs.split(' ') -%} # Copy locally-built Debian package dependencies
debs/{{ deb }}{{' '}} {%- for deb in docker_database_debs.split(' ') %}
{%- endfor -%} COPY debs/{{ deb }} /debs/
debs/
## Install redis-tools dependencies
## TODO: implicitly install dependencies
RUN apt-get -y install libjemalloc1
RUN dpkg -i \
{% for deb in docker_database_debs.split(' ') -%}
debs/{{ deb }}{{' '}}
{%- endfor %} {%- endfor %}
## Clean up # Install locally-built Debian packages and implicitly install their dependencies
RUN apt-get clean -y; apt-get autoclean -y; apt-get autoremove -y {%- for deb in docker_database_debs.split(' ') %}
RUN rm -rf /debs RUN dpkg_apt() { [ -f $1 ] && { dpkg -i $1 || apt-get -y install -f; } || return 1; }; dpkg_apt /debs/{{ deb }}
{%- endfor %}
{%- endif %}
# Clean up
RUN apt-get clean -y
RUN apt-get autoclean -y
RUN apt-get autoremove -y
RUN rm -rf /debs ~/.cache
RUN sed -ri 's/^(save .*$)/# \1/g; \ RUN sed -ri 's/^(save .*$)/# \1/g; \
s/^daemonize yes$/daemonize no/; \ s/^daemonize yes$/daemonize no/; \

31
dockers/docker-fpm-quagga/Dockerfile.j2
View File

@ -1,26 +1,31 @@
FROM docker-config-engine FROM docker-config-engine
## Make apt-get non-interactive # Make apt-get non-interactive
ENV DEBIAN_FRONTEND=noninteractive ENV DEBIAN_FRONTEND=noninteractive
# Update apt's cache of available packages
RUN apt-get update RUN apt-get update
# Install required packages
RUN apt-get install -y libdbus-1-3 libdaemon0 libjansson4 RUN apt-get install -y libdbus-1-3 libdaemon0 libjansson4
COPY \ {% if docker_fpm_quagga_debs.strip() -%}
{% for deb in docker_fpm_quagga_debs.split(' ') -%} # Copy locally-built Debian package dependencies
debs/{{ deb }}{{' '}} {%- for deb in docker_fpm_quagga_debs.split(' ') %}
{%- endfor -%} COPY debs/{{ deb }} /debs/
debs/
RUN dpkg -i \
{% for deb in docker_fpm_quagga_debs.split(' ') -%}
debs/{{ deb }}{{' '}}
{%- endfor %} {%- endfor %}
## Clean up # Install locally-built Debian packages and implicitly install their dependencies
RUN apt-get clean -y; apt-get autoclean -y; apt-get autoremove -y {%- for deb in docker_fpm_quagga_debs.split(' ') %}
RUN rm -rf /debs RUN dpkg_apt() { [ -f $1 ] && { dpkg -i $1 || apt-get -y install -f; } || return 1; }; dpkg_apt /debs/{{ deb }}
{%- endfor %}
{%- endif %}
# Clean up
RUN apt-get clean -y
RUN apt-get autoclean -y
RUN apt-get autoremove -y
RUN rm -rf /debs ~/.cache
COPY ["bgpcfgd", "start.sh", "/usr/bin/"] COPY ["bgpcfgd", "start.sh", "/usr/bin/"]
COPY ["supervisord.conf", "/etc/supervisor/conf.d/"] COPY ["supervisord.conf", "/etc/supervisor/conf.d/"]

84
dockers/docker-snmp-sv2/Dockerfile.j2
View File

@ -1,44 +1,56 @@
FROM docker-config-engine FROM docker-config-engine
COPY [ \ # Enable -O for all Python calls
{% for deb in docker_snmp_sv2_debs.split(' ') -%}
"debs/{{ deb }}",
{%- endfor %} \
"/debs/"]
# Install Python SwSSSDK (SNMP subagent dependency)
COPY python-wheels/sonic_platform_common-*-py3-*.whl /python-wheels/
COPY python-wheels/swsssdk-*-py3-*.whl /python-wheels/
COPY python-wheels/asyncsnmp-*-py3-*.whl /python-wheels/
# enable -O for all Python calls
ENV PYTHONOPTIMIZE 1 ENV PYTHONOPTIMIZE 1
## Make apt-get non-interactive # Make apt-get non-interactive
ENV DEBIAN_FRONTEND=noninteractive ENV DEBIAN_FRONTEND=noninteractive
# install libsnmp30 dependencies # Update apt's cache of available packages
# install libpython3.6-dev dependencies RUN apt-get update
# install pip dependencies
# TODO: remove libpython3.6-dev, its and pip's dependencies if we can get pip3 directly # Install curl so we can download and install pip later
# install subagent # Also install major root CA certificates for curl to reference
# clean up RUN apt-get install -y curl ca-certificates
RUN apt-get update && apt-get install -y libperl5.20 libpci3 libwrap0 \
libexpat1-dev \ # Install gcc which is required for installing hiredis
curl gcc && \ RUN apt-get install -y gcc
dpkg -i \
{% for deb in docker_snmp_sv2_debs.split(' ') -%} {% if docker_snmp_sv2_debs.strip() -%}
debs/{{ deb }}{{' '}} # Copy locally-built Debian package dependencies
{%- endfor %} && \ {%- for deb in docker_snmp_sv2_debs.split(' ') %}
rm -rf /debs && \ COPY debs/{{ deb }} /debs/
curl https://bootstrap.pypa.io/get-pip.py | python3.6 && \ {%- endfor %}
python3.6 -m pip install --no-cache-dir /python-wheels/*py3*.whl hiredis && \
rm -rf /python-wheels && \ # Install locally-built Debian packages and implicitly install their dependencies
python3.6 -m sonic_ax_impl install && \ {%- for deb in docker_snmp_sv2_debs.split(' ') %}
apt-get -y purge libpython3.6-dev libexpat1-dev curl gcc && \ RUN dpkg_apt() { [ -f $1 ] && { dpkg -i $1 || apt-get -y install -f; } || return 1; }; dpkg_apt /debs/{{ deb }}
apt-get clean -y && apt-get autoclean -y && apt-get autoremove -y --purge && \ {%- endfor %}
find / | grep -E "__pycache__" | xargs rm -rf && \ {%- endif %}
rm -rf ~/.cache
# Install up-to-date version of pip
RUN curl https://bootstrap.pypa.io/get-pip.py | python3.6
RUN python3.6 -m pip install --no-cache-dir hiredis
{% if docker_snmp_sv2_whls.strip() -%}
# Copy locally-built Python wheel dependencies
{%- for whl in docker_snmp_sv2_whls.split(' ') %}
COPY python-wheels/{{ whl }} /python-wheels/
{%- endfor %}
# Install locally-built Python wheel dependencies
{%- for whl in docker_snmp_sv2_whls.split(' ') %}
RUN pip install /python-wheels/{{ whl }}
{%- endfor %}
{% endif %}
RUN python3.6 -m sonic_ax_impl install
# Clean up
RUN apt-get -y purge libpython3.6-dev curl gcc
RUN apt-get clean -y && apt-get autoclean -y && apt-get autoremove -y --purge
RUN find / | grep -E "__pycache__" | xargs rm -rf
RUN rm -rf /debs /python-wheels ~/.cache
COPY ["start.sh", "/usr/bin/"] COPY ["start.sh", "/usr/bin/"]
COPY ["supervisord.conf", "/etc/supervisor/conf.d/"] COPY ["supervisord.conf", "/etc/supervisor/conf.d/"]
@ -46,7 +58,7 @@ COPY ["*.j2", "/usr/share/sonic/templates/"]
COPY ["snmpd-config-updater", "/usr/bin/snmpd-config-updater"] COPY ["snmpd-config-updater", "/usr/bin/snmpd-config-updater"]
RUN chmod +x /usr/bin/snmpd-config-updater RUN chmod +x /usr/bin/snmpd-config-updater
## Although exposing ports is not needed for host net mode, keep it for possible bridge mode # Although exposing ports is not needed for host net mode, keep it for possible bridge mode
EXPOSE 161/udp 162/udp EXPOSE 161/udp 162/udp
ENTRYPOINT ["/usr/bin/supervisord"] ENTRYPOINT ["/usr/bin/supervisord"]

2
platform/p4/docker-sonic-p4.mk
View File

@ -5,8 +5,8 @@ $(DOCKER_SONIC_P4)_PATH = $(PLATFORM_PATH)/docker-sonic-p4
$(DOCKER_SONIC_P4)_DEPENDS += $(SWSS) \ $(DOCKER_SONIC_P4)_DEPENDS += $(SWSS) \
$(SYNCD) \ $(SYNCD) \
$(P4_SWITCH) \ $(P4_SWITCH) \
$(REDIS_SERVER) \
$(REDIS_TOOLS) \ $(REDIS_TOOLS) \
$(REDIS_SERVER) \
$(PYTHON_SWSSCOMMON) \ $(PYTHON_SWSSCOMMON) \
$(LIBTEAMDCT) \ $(LIBTEAMDCT) \
$(LIBTEAM_UTILS) \ $(LIBTEAM_UTILS) \

2
platform/vs/docker-sonic-vs.mk
View File

@ -4,8 +4,8 @@ DOCKER_SONIC_VS = docker-sonic-vs.gz
$(DOCKER_SONIC_VS)_PATH = $(PLATFORM_PATH)/docker-sonic-vs $(DOCKER_SONIC_VS)_PATH = $(PLATFORM_PATH)/docker-sonic-vs
$(DOCKER_SONIC_VS)_DEPENDS += $(SWSS) \ $(DOCKER_SONIC_VS)_DEPENDS += $(SWSS) \
$(SYNCD_VS) \ $(SYNCD_VS) \
$(REDIS_SERVER) \
$(REDIS_TOOLS) \ $(REDIS_TOOLS) \
$(REDIS_SERVER) \
$(PYTHON_SWSSCOMMON) \ $(PYTHON_SWSSCOMMON) \
$(LIBTEAMDCT) \ $(LIBTEAMDCT) \
$(LIBTEAM_UTILS) \ $(LIBTEAM_UTILS) \

27
platform/vs/docker-sonic-vs/Dockerfile.j2
View File

@ -43,20 +43,23 @@ RUN apt-get install -y net-tools \
RUN pip install setuptools RUN pip install setuptools
RUN pip install py2_ipaddress RUN pip install py2_ipaddress
COPY \ {% if docker_sonic_vs_debs.strip() -%}
{% for deb in docker_sonic_vs_debs.split(' ') -%} # Copy locally-built Debian package dependencies
debs/{{ deb }}{{' '}} {%- for deb in docker_sonic_vs_debs.split(' ') %}
{%- endfor -%} COPY debs/{{ deb }} /debs/
debs/
RUN dpkg -i \
{% for deb in docker_sonic_vs_debs.split(' ') -%}
debs/{{ deb }}{{' '}}
{%- endfor %} {%- endfor %}
## Clean up # Install locally-built Debian packages and implicitly install their dependencies
RUN apt-get clean -y; apt-get autoclean -y; apt-get autoremove -y {%- for deb in docker_sonic_vs_debs.split(' ') %}
RUN rm -rf /debs RUN dpkg_apt() { [ -f $1 ] && { dpkg -i $1 || apt-get -y install -f; } || return 1; }; dpkg_apt /debs/{{ deb }}
{%- endfor %}
{%- endif %}
# Clean up
RUN apt-get clean -y
RUN apt-get autoclean -y
RUN apt-get autoremove -y
RUN rm -rf /debs ~/.cache
RUN sed -ri 's/^(save .*$)/# \1/g; \ RUN sed -ri 's/^(save .*$)/# \1/g; \
s/^daemonize yes$/daemonize no/; \ s/^daemonize yes$/daemonize no/; \

2
rules/docker-database.mk
View File

@ -2,7 +2,7 @@
DOCKER_DATABASE = docker-database.gz DOCKER_DATABASE = docker-database.gz
$(DOCKER_DATABASE)_PATH = $(DOCKERS_PATH)/docker-database $(DOCKER_DATABASE)_PATH = $(DOCKERS_PATH)/docker-database
$(DOCKER_DATABASE)_DEPENDS += $(REDIS_SERVER) $(REDIS_TOOLS) $(DOCKER_DATABASE)_DEPENDS += $(REDIS_TOOLS) $(REDIS_SERVER)
$(DOCKER_DATABASE)_LOAD_DOCKERS += $(DOCKER_CONFIG_ENGINE) $(DOCKER_DATABASE)_LOAD_DOCKERS += $(DOCKER_CONFIG_ENGINE)
SONIC_DOCKER_IMAGES += $(DOCKER_DATABASE) SONIC_DOCKER_IMAGES += $(DOCKER_DATABASE)
SONIC_INSTALL_DOCKER_IMAGES += $(DOCKER_DATABASE) SONIC_INSTALL_DOCKER_IMAGES += $(DOCKER_DATABASE)

2
rules/docker-snmp-sv2.mk
View File

@ -4,7 +4,7 @@ DOCKER_SNMP_SV2 = docker-snmp-sv2.gz
$(DOCKER_SNMP_SV2)_PATH = $(DOCKERS_PATH)/docker-snmp-sv2 $(DOCKER_SNMP_SV2)_PATH = $(DOCKERS_PATH)/docker-snmp-sv2
## TODO: remove LIBPY3_DEV if we can get pip3 directly ## TODO: remove LIBPY3_DEV if we can get pip3 directly
$(DOCKER_SNMP_SV2)_DEPENDS += $(SNMP) $(SNMPD) $(PY3) $(LIBPY3_DEV) $(DOCKER_SNMP_SV2)_DEPENDS += $(SNMP) $(SNMPD) $(PY3) $(LIBPY3_DEV)
$(DOCKER_SNMP_SV2)_PYTHON_WHEELS += $(ASYNCSNMP_PY3) $(DOCKER_SNMP_SV2)_PYTHON_WHEELS += $(SONIC_PLATFORM_COMMON_PY3) $(SWSSSDK_PY3) $(ASYNCSNMP_PY3)
$(DOCKER_SNMP_SV2)_LOAD_DOCKERS += $(DOCKER_CONFIG_ENGINE) $(DOCKER_SNMP_SV2)_LOAD_DOCKERS += $(DOCKER_CONFIG_ENGINE)
SONIC_DOCKER_IMAGES += $(DOCKER_SNMP_SV2) SONIC_DOCKER_IMAGES += $(DOCKER_SNMP_SV2)
SONIC_INSTALL_DOCKER_IMAGES += $(DOCKER_SNMP_SV2) SONIC_INSTALL_DOCKER_IMAGES += $(DOCKER_SNMP_SV2)