X-Git-Url: https://gerrit.o-ran-sc.org/r/gitweb?a=blobdiff_plain;f=Dockerfile;h=9b6ede71b2f6f9f894a7590a5a69ff34d187cc33;hb=537c1824e3aa365bac4e8c306f44240e802d022c;hp=6d1f78a414958bc1a38968ab2ba4dd709c997ebb;hpb=296f8de21e17880d0a12f9a964b14712f14d871a;p=ric-plt%2Fa1.git diff --git a/Dockerfile b/Dockerfile index 6d1f78a..9b6ede7 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,6 +1,6 @@ # ================================================================================== -# Copyright (c) 2019 Nokia -# Copyright (c) 2018-2019 AT&T Intellectual Property. +# Copyright (c) 2019-2020 Nokia +# Copyright (c) 2018-2020 AT&T Intellectual Property. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -14,35 +14,118 @@ # See the License for the specific language governing permissions and # limitations under the License. # ================================================================================== -FROM python:3.7-alpine -# copy NNG and rmr out of the CI builder nng -COPY --from=nexus3.o-ran-sc.org:10004/bldr-alpine3:3-a3.9 /usr/local/lib64/libnng.so /usr/local/lib64/libnng.so -COPY --from=nexus3.o-ran-sc.org:10004/bldr-alpine3:3-a3.9 /usr/local/lib64/librmr_nng.so /usr/local/lib64/librmr_nng.so +# This builds an image for A1 based on ubuntu. The build takes between three and four +# minutes depending on what was previously cached, and results in an image that is +# roughly 260 MiB in size (as of May 2021) +# + +FROM python:3.8 as build + +# upgrade pip as root +RUN pip install --upgrade pip + +# pick up things for gevent build +# +RUN apt-get update +RUN apt-get install -y gcc musl-dev make file libffi-dev g++ + +# --- all root operations must be above this line ------------------------------------ + + +# create a simple user. This is only really needed in stage 2, +# however this makes the copying easier and straighttforward; +# the 'pip option --user' command doesn't do the same thing when +# run as root. +# +RUN addgroup a1user && adduser --ingroup a1user a1user + +# switch to the non-root user for installing python things +USER a1user + +# Speed hack; we install gevent before anything because when building repeatedly (eg during dev) +# and only changing a1 code, we do not need to keep compiling gevent which takes forever +RUN pip install --user gevent +RUN pip install --user requests + +COPY setup.py /home/a1user/ +COPY a1/ /home/a1user/a1 +RUN pip install --user /home/a1user + + + +# ----- stage 2 --------------------------------------------------------------------------------- + +# It might be tempting to use python:3.8, but that image is more than +# 800 GiB to start, and the final image size if it is used is over +# 1 GiB!! Using the plain ubuntu image, then installing py3, and taking +# things built in the first stage, the final image size isn't tiny, but should +# be well under the 800GiB start for the python image. +# +FROM ubuntu:20.04 + +# pick up reference to python so that we can get 3.8 and not the really old default -COPY a1/ /tmp/a1 -COPY tests/ /tmp/tests -COPY setup.py tox.ini /tmp/ -WORKDIR /tmp +RUN apt-get update \ + && apt install -y software-properties-common \ + && add-apt-repository ppa:deadsnakes/ppa \ + && apt-get install -y python3.8 python3-pip wget \ + && apt-get clean -# dir that rmr routing file temp goes into +# fetch and install RMR and any other needed libraries +# +ARG RMR_VER=4.7.4 +ARG RMR_PKG_URL=https://packagecloud.io/o-ran-sc/release/packages/debian/stretch/ + +RUN wget -nv --content-disposition ${RMR_PKG_URL}/rmr_${RMR_VER}_amd64.deb/download.deb +RUN wget -nv --content-disposition ${RMR_PKG_URL}/rmr-dev_${RMR_VER}_amd64.deb/download.deb +RUN dpkg -i rmr_${RMR_VER}_amd64.deb \ + && dpkg -i rmr-dev_${RMR_VER}_amd64.deb \ + && ldconfig + +# copy python modules; this makes the 2 stage python build work +# +COPY --from=build /home/a1user/.local /home/a1user/.local + +# create mount point for dir with rmr routing file as named below +# RUN mkdir -p /opt/route/ -# Gevent needs gcc; TODO: this will get fixed -RUN apk add gcc musl-dev +# create a non-root user, ensure it can access what it needs, and switch to it +# +RUN addgroup a1user \ + && adduser --disabled-password --disabled-login --gecos "image-user" --no-create-home --ingroup a1user a1user \ + && chown -R a1user:a1user /home/a1user/.local \ + && chown a1user:a1user /home/a1user + -# do the actual install; this writes into /usr/local, need root -RUN pip install . +# ------------------ no root commands after this point ------------------------------------- +USER a1user -# Switch to a non-root user for security reasons. -# a1 does not currently write into any dirs so no chowns are needed at this time. -ENV A1USER a1user -RUN addgroup -S $A1USER && adduser -S -G $A1USER $A1USER -USER $A1USER +# the maddening onsey-twosey install of pything crud... +# +RUN pip3 install --user connexion -# misc setups +# misc +# EXPOSE 10000 ENV LD_LIBRARY_PATH /usr/local/lib/:/usr/local/lib64 ENV RMR_SEED_RT /opt/route/local.rt -CMD run.py +# Set "fake" to True to run standalone +# +ENV USE_FAKE_SDL False +ENV PYTHONUNBUFFERED 1 + +# pip installs executable script to $HOME/.local/bin so PATH vars are critical +# +ENV PATH /home/a1user/.local/bin:$PATH +ENV PYTHONPATH /home/a1user/.local/lib/python3.8/site-packages + +# prometheus client gathers data here +# +ENV prometheus_multiproc_dir /tmp + +# by defalt start the application +# +CMD [ "/usr/bin/python3.8", "/home/a1user/.local/bin/run-a1" ]