X-Git-Url: https://gerrit.o-ran-sc.org/r/gitweb?a=blobdiff_plain;f=Dockerfile;h=8872e4e3e3665711893201dca49a8f2a3f156c57;hb=78ba273b279a7e7af6dba811a29746b881a53a8e;hp=2faaca51d9f00174d36c9bf748d9dda6449a1e7f;hpb=445221bb8e531d77aad987b936b30d385521134f;p=ric-plt%2Fa1.git diff --git a/Dockerfile b/Dockerfile index 2faaca5..8872e4e 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,6 +1,6 @@ # ================================================================================== -# Copyright (c) 2019 Nokia -# Copyright (c) 2018-2019 AT&T Intellectual Property. +# Copyright (c) 2019-2020 Nokia +# Copyright (c) 2018-2020 AT&T Intellectual Property. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -14,50 +14,45 @@ # See the License for the specific language governing permissions and # limitations under the License. # ================================================================================== -# install a well known working rmr -FROM python:3.7-alpine -RUN apk update && apk add autoconf automake build-base cmake libtool ninja pkgconfig git -RUN git clone --branch 1.10.2 https://gerrit.o-ran-sc.org/r/ric-plt/lib/rmr \ - && cd rmr \ - && mkdir build \ - && cd build \ - && cmake .. -DPACK_EXTERNALS=1 \ - && make install -# a1 stage 2 +# This container uses a 2 stage build! +# Tips and tricks were learned from: https://pythonspeed.com/articles/multi-stage-docker-python/ +FROM python:3.7-alpine AS compile-image +# Gevent needs gcc +RUN apk update && apk add gcc musl-dev +# do the install of a1 + +# Switch to a non-root user for security reasons +# This is only really needed in stage 2 however this makes the copying easier and straitforward! --user doesn't do the same thing if run as root! +RUN addgroup -S a1user && adduser -S -G a1user a1user +USER a1user + +# Speed hack; we install gevent FIRST because when building repeatedly (eg during dev) and only changing a1 code, we do not need to keep compiling gevent which takes forever +RUN pip install --upgrade pip && pip install --user gevent +COPY setup.py /home/a1user/ +COPY a1/ /home/a1user/a1 +RUN pip install --user /home/a1user + +########### +# 2nd stage FROM python:3.7-alpine - # dir that rmr routing file temp goes into RUN mkdir -p /opt/route/ - -# Gevent needs gcc -RUN apk update && apk add bash gcc musl-dev - -# Speed hack; we install gevent here because when building repeatedly (eg during dev) and only changing a1 code, -# we do not need to keep compiling gevent which takes forever -RUN pip install --upgrade pip && pip install gevent - -# copies -COPY --from=0 /usr/local/lib64/libnng.so /usr/local/lib64/libnng.so -COPY --from=0 /usr/local/lib64/librmr_nng.so /usr/local/lib64/librmr_nng.so -COPY a1/ /tmp/a1 -COPY setup.py tox.ini /tmp/ -WORKDIR /tmp - -# do the actual install; this writes into /usr/local, need root -RUN pip install . - -# Switch to a non-root user for security reasons. -# a1 does not currently write into any dirs so no chowns are needed at this time. -ENV A1USER a1user -RUN addgroup -S $A1USER && adduser -S -G $A1USER $A1USER -USER $A1USER - +# python copy; this basically makes the 2 stage python build work +COPY --from=compile-image /home/a1user/.local /home/a1user/.local +# copy rmr .sos from the builder image +COPY --from=nexus3.o-ran-sc.org:10004/bldr-alpine3-go:1-rmr1.13.1 /usr/local/lib64/libnng.so /usr/local/lib64/libnng.so +COPY --from=nexus3.o-ran-sc.org:10004/bldr-alpine3-go:1-rmr1.13.1 /usr/local/lib64/librmr_nng.so /usr/local/lib64/librmr_nng.so +# Switch to a non-root user for security reasons. a1 does not currently write into any dirs so no chowns are needed at this time. +RUN addgroup -S a1user && adduser -S -G a1user a1user +USER a1user # misc setups EXPOSE 10000 ENV LD_LIBRARY_PATH /usr/local/lib/:/usr/local/lib64 ENV RMR_SEED_RT /opt/route/local.rt -# dont buffer logging ENV PYTHONUNBUFFERED 1 +# This step is critical +ENV PATH=/home/a1user/.local/bin:$PATH +# Run! CMD run.py