| Tommy Carpenter | 5ad8f03 | 2019-05-30 14:33:21 -0400 | [diff] [blame] | 1 | # ================================================================================== |
| Tommy Carpenter | 78ba273 | 2020-02-07 14:06:20 -0500 | [diff] [blame] | 2 | # Copyright (c) 2019-2020 Nokia |
| 3 | # Copyright (c) 2018-2020 AT&T Intellectual Property. |
| Tommy Carpenter | 5ad8f03 | 2019-05-30 14:33:21 -0400 | [diff] [blame] | 4 | # |
| 5 | # Licensed under the Apache License, Version 2.0 (the "License"); |
| 6 | # you may not use this file except in compliance with the License. |
| 7 | # You may obtain a copy of the License at |
| 8 | # |
| 9 | # http://www.apache.org/licenses/LICENSE-2.0 |
| 10 | # |
| 11 | # Unless required by applicable law or agreed to in writing, software |
| 12 | # distributed under the License is distributed on an "AS IS" BASIS, |
| 13 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| 14 | # See the License for the specific language governing permissions and |
| 15 | # limitations under the License. |
| 16 | # ================================================================================== |
| Tommy Carpenter | 40caa31 | 2019-09-12 16:24:10 -0400 | [diff] [blame] | 17 | |
| Tommy Carpenter | 78ba273 | 2020-02-07 14:06:20 -0500 | [diff] [blame] | 18 | # This container uses a 2 stage build! |
| 19 | # Tips and tricks were learned from: https://pythonspeed.com/articles/multi-stage-docker-python/ |
| Tommy Carpenter | 102b895 | 2020-03-20 10:02:46 -0400 | [diff] [blame] | 20 | FROM python:3.8-alpine AS compile-image |
| Lott, Christopher (cl778h) | fe30c17 | 2020-04-29 15:23:28 -0400 | [diff] [blame^] | 21 | # upgrade pip as root |
| 22 | RUN pip install --upgrade pip |
| Lott, Christopher (cl778h) | e4bbf86 | 2020-04-18 08:40:00 -0400 | [diff] [blame] | 23 | # Gevent needs gcc, make, file, ffi |
| 24 | RUN apk update && apk add gcc musl-dev make file libffi-dev |
| Lott, Christopher (cl778h) | fe30c17 | 2020-04-29 15:23:28 -0400 | [diff] [blame^] | 25 | # create a non-root user. Only really needed in stage 2, |
| 26 | # however this makes the copying easier and straighttforward; |
| 27 | # pip option --user doesn't do the same thing if run as root |
| Tommy Carpenter | 78ba273 | 2020-02-07 14:06:20 -0500 | [diff] [blame] | 28 | RUN addgroup -S a1user && adduser -S -G a1user a1user |
| Lott, Christopher (cl778h) | fe30c17 | 2020-04-29 15:23:28 -0400 | [diff] [blame^] | 29 | # switch to the non-root user for installing site packages |
| Tommy Carpenter | 78ba273 | 2020-02-07 14:06:20 -0500 | [diff] [blame] | 30 | USER a1user |
| Lott, Christopher (cl778h) | fe30c17 | 2020-04-29 15:23:28 -0400 | [diff] [blame^] | 31 | # Speed hack; we install gevent before a1 because when building repeatedly (eg during dev) |
| 32 | # and only changing a1 code, we do not need to keep compiling gevent which takes forever |
| 33 | RUN pip install --user gevent |
| Tommy Carpenter | 78ba273 | 2020-02-07 14:06:20 -0500 | [diff] [blame] | 34 | COPY setup.py /home/a1user/ |
| 35 | COPY a1/ /home/a1user/a1 |
| 36 | RUN pip install --user /home/a1user |
| 37 | |
| 38 | ########### |
| 39 | # 2nd stage |
| Tommy Carpenter | 102b895 | 2020-03-20 10:02:46 -0400 | [diff] [blame] | 40 | FROM python:3.8-alpine |
| Lott, Christopher (cl778h) | d26734f | 2020-04-27 17:25:05 -0400 | [diff] [blame] | 41 | |
| 42 | # copy rmr libraries from builder image in lieu of an Alpine package |
| 43 | COPY --from=nexus3.o-ran-sc.org:10002/o-ran-sc/bldr-alpine3-rmr:4.0.2 /usr/local/lib64/librmr* /usr/local/lib64/ |
| 44 | |
| Lott, Christopher (cl778h) | fe30c17 | 2020-04-29 15:23:28 -0400 | [diff] [blame^] | 45 | # copy python modules; this makes the 2 stage python build work |
| Tommy Carpenter | 78ba273 | 2020-02-07 14:06:20 -0500 | [diff] [blame] | 46 | COPY --from=compile-image /home/a1user/.local /home/a1user/.local |
| Lott, Christopher (cl778h) | fe30c17 | 2020-04-29 15:23:28 -0400 | [diff] [blame^] | 47 | # create mount point for dir with rmr routing file as named below |
| 48 | RUN mkdir -p /opt/route/ |
| 49 | # create a non-root user |
| Tommy Carpenter | 78ba273 | 2020-02-07 14:06:20 -0500 | [diff] [blame] | 50 | RUN addgroup -S a1user && adduser -S -G a1user a1user |
| Lott, Christopher (cl778h) | fe30c17 | 2020-04-29 15:23:28 -0400 | [diff] [blame^] | 51 | # ensure the non-root user can read python files |
| 52 | RUN chown -R a1user:a1user /home/a1user/.local |
| 53 | # switch to the non-root user for security reasons |
| Tommy Carpenter | 78ba273 | 2020-02-07 14:06:20 -0500 | [diff] [blame] | 54 | USER a1user |
| Tommy Carpenter | 9407e11 | 2019-06-24 14:27:35 -0400 | [diff] [blame] | 55 | # misc setups |
| 56 | EXPOSE 10000 |
| Tommy Carpenter | 296f8de | 2019-08-07 11:38:44 -0400 | [diff] [blame] | 57 | ENV LD_LIBRARY_PATH /usr/local/lib/:/usr/local/lib64 |
| Tommy Carpenter | 5ad8f03 | 2019-05-30 14:33:21 -0400 | [diff] [blame] | 58 | ENV RMR_SEED_RT /opt/route/local.rt |
| Tommy Carpenter | 40caa31 | 2019-09-12 16:24:10 -0400 | [diff] [blame] | 59 | ENV PYTHONUNBUFFERED 1 |
| Lott, Christopher (cl778h) | fe30c17 | 2020-04-29 15:23:28 -0400 | [diff] [blame^] | 60 | # pip installs console script to ~/.local/bin so PATH is critical |
| Tommy Carpenter | 78ba273 | 2020-02-07 14:06:20 -0500 | [diff] [blame] | 61 | ENV PATH=/home/a1user/.local/bin:$PATH |
| Tommy Carpenter | 40caa31 | 2019-09-12 16:24:10 -0400 | [diff] [blame] | 62 | |
| Tommy Carpenter | 78ba273 | 2020-02-07 14:06:20 -0500 | [diff] [blame] | 63 | # Run! |
| Lott, Christopher (cl778h) | fe30c17 | 2020-04-29 15:23:28 -0400 | [diff] [blame^] | 64 | CMD run-a1 |