-
Notifications
You must be signed in to change notification settings - Fork 2
Expand file tree
/
Copy pathtestenv.Containerfile
More file actions
199 lines (166 loc) · 7.12 KB
/
testenv.Containerfile
File metadata and controls
199 lines (166 loc) · 7.12 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
##
## Copyright (c) 2023 The Johns Hopkins University Applied Physics
## Laboratory LLC.
##
## This file is part of the Asynchronous Network Management System (ANMS).
##
## Licensed under the Apache License, Version 2.0 (the "License");
## you may not use this file except in compliance with the License.
## You may obtain a copy of the License at
## http://www.apache.org/licenses/LICENSE-2.0
## Unless required by applicable law or agreed to in writing, software
## distributed under the License is distributed on an "AS IS" BASIS,
## WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
## See the License for the specific language governing permissions and
## limitations under the License.
##
## This work was performed for the Jet Propulsion Laboratory, California
## Institute of Technology, sponsored by the United States Government under
## the prime contract 80NM0018D0004 between the Caltech and NASA under
## subcontract 1658085.
##
# Build on more permissive CentOS image
# Run on RHEL UBI image
FROM quay.io/centos/centos:stream9 AS reftools-buildenv-base
# Optional APL network configuration from
# https://aplprod.servicenowservices.com/sp?id=kb_article&sys_id=c0de6fe91b83d85071b143bae54bcb34
RUN ( \
curl -sL http://apllinuxdepot.jhuapl.edu/linux/APL-root-cert/JHUAPL-MS-Root-CA-05-21-2038-B64-text.cer -o /etc/pki/ca-trust/source/anchors/JHUAPL-MS-Root-CA-05-21-2038-B64-text.crt && \
update-ca-trust && \
echo "Root CA added" \
) || true
RUN dnf install -y epel-release && \
crb enable
RUN dnf install -y \
gcc g++ \
cmake ninja-build ruby pkg-config \
flex libfl-static bison pcre2-devel civetweb civetweb-devel openssl-devel cjson-devel libpq-devel systemd-devel && \
echo "/usr/local/lib64" >/etc/ld.so.conf.d/local.conf && \
ldconfig
COPY deps/dtnma-tools/deps/QCBOR /usr/local/src/nm/deps/QCBOR
RUN cd /usr/local/src/nm/deps/QCBOR && \
cmake -S . -B build \
-DCMAKE_BUILD_TYPE=Debug \
-DBUILD_SHARED_LIBS=YES && \
cmake --build build && \
cmake --install build && \
ldconfig && \
rm -rf build
COPY deps/dtnma-tools/deps/mlib /usr/local/src/nm/deps/mlib
RUN cd /usr/local/src/nm/deps/mlib && \
make -j$(nproc) && \
make install && \
ldconfig && \
make -j$(nproc) clean
COPY deps/dtnma-tools/deps/timespec /usr/local/src/nm/deps/timespec
COPY deps/dtnma-tools/deps/timespec-CMakeLists.txt /usr/local/src/nm/deps/timespec/CMakeLists.txt
RUN cd /usr/local/src/nm/deps/timespec && \
cmake -S . -B build \
-DCMAKE_BUILD_TYPE=Debug && \
cmake --build build && \
cmake --install build && \
ldconfig && \
rm -rf build
# ION and REFDA images
FROM reftools-buildenv-base AS reftools-buildenv-ion
RUN dnf install -y \
patch autoconf libtool
COPY deps/dtnma-tools/deps/ion /usr/local/src/nm/deps/ion
COPY deps/dtnma-tools/deps/ion*.patch /usr/local/src/nm/deps/
RUN cd /usr/local/src/nm/deps/ion && \
patch -p1 <../ion-4.1.2-remove-nm.patch && \
patch -p1 <../ion-4.1.2-local-deliver.patch && \
patch -p1 <../ion-4.1.2-private-headers.patch && \
autoreconf -vif && \
export CFLAGS="-std=gnu99" && \
./configure && \
make -j$(nproc) && \
make install && \
make -j$(nproc) clean
# Install under /usr/local and keep build artifacts for debuginfo
COPY deps/dtnma-tools/deps /usr/local/src/nm/deps
COPY deps/dtnma-tools/cmake /usr/local/src/nm/cmake
COPY deps/dtnma-tools/src /usr/local/src/nm/src
COPY deps/dtnma-tools/CMakeLists.txt /usr/local/src/nm/
RUN cd /usr/local/src/nm && \
cmake -S . -B build/default \
-DCMAKE_BUILD_TYPE=Debug \
-DBUILD_MANAGER=OFF \
-DBUILD_ION_PROXY=ON \
-DTRANSPORT_UNIX_SOCKET=OFF \
-DTRANSPORT_PROXY_SOCKET=ON \
-DTRANSPORT_ION_BP=ON \
-DBUILD_UNITTEST=OFF \
-DBUILD_DOCS_API=OFF -DBUILD_DOCS_MAN=OFF \
-G Ninja && \
cmake --build build/default && \
cmake --install build/default && \
ldconfig
# This image uses systemd init process to manage local services.
# Derived image targets choose which servies are enabled.
#
FROM registry.access.redhat.com/ubi9/ubi-init:9.2 AS testenv-init
# Optional APL network configuration from
# https://aplprod.servicenowservices.com/sp?id=kb_article&sys_id=c0de6fe91b83d85071b143bae54bcb34
RUN ( \
curl -sL http://apllinuxdepot.jhuapl.edu/linux/APL-root-cert/JHUAPL-MS-Root-CA-05-21-2038-B64-text.cer -o /etc/pki/ca-trust/source/anchors/JHUAPL-MS-Root-CA-05-21-2038-B64-text.crt && \
update-ca-trust && \
echo "Root CA added" \
) || true
ENV PIP_CERT=/etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem
ENV PIP_DEFAULT_TIMEOUT=300
RUN dnf -y install container-tools
# Container service config
RUN systemctl disable dnf-makecache.timer
COPY --chmod=755 deps/dtnma-tools/systemd/service_is_running.sh /usr/local/bin/service_is_running
# Image for the test environment manager transport with ION node and the
# ion-app-proxy daemon
#
FROM testenv-init AS ion-manager
COPY --from=reftools-buildenv-ion /usr/local /usr/local
RUN echo "/usr/local/lib64" >>/etc/ld.so.conf.d/local.conf && \
echo "/usr/local/lib" >>/etc/ld.so.conf.d/local.conf && \
ldconfig
# Systemd services
COPY deps/dtnma-tools/integration-test-ion/tmpfiles.conf /etc/tmpfiles.d/ion.conf
COPY --chmod=644 deps/dtnma-tools/systemd/ion.service deps/dtnma-tools/systemd/ion-app-proxy.service deps/dtnma-tools/systemd/bpecho@.service \
/usr/local/lib/systemd/system/
RUN systemctl enable ion bpecho@4 ion-app-proxy && \
mkdir -p /var/run/ion
# Runtime config for this container
COPY deps/test-ion-configs/mgr.rc etc/ion/node-1.rc
# CMD is systemd init
EXPOSE 1113/udp
EXPOSE 4556/udp
HEALTHCHECK --start-period=10s --interval=30s --timeout=5s --retries=5 \
CMD ["service_is_running", "ion", "ion-app-proxy"]
# Image for the test environment Agents with ION node and REFDA
#
FROM testenv-init AS ion-agent
COPY --from=reftools-buildenv-ion /usr/local /usr/local
RUN echo "/usr/local/lib64" >>/etc/ld.so.conf.d/local.conf && \
echo "/usr/local/lib" >>/etc/ld.so.conf.d/local.conf && \
ldconfig
# Systemd services
COPY deps/dtnma-tools/integration-test-ion/tmpfiles.conf /etc/tmpfiles.d/ion.conf
COPY --chmod=644 deps/dtnma-tools/systemd/ion.service deps/dtnma-tools/systemd/refda-ion.service deps/dtnma-tools/systemd/bpecho@.service \
/usr/local/lib/systemd/system/
RUN systemctl enable ion bpecho@4 refda-ion && \
mkdir -p /var/run/ion
# Runtime config for this container
COPY deps/test-ion-configs/agent-2.rc /etc/ion/node-2.rc
COPY deps/test-ion-configs/agent-3.rc /etc/ion/node-3.rc
# CMD is systemd init
EXPOSE 1113/udp
EXPOSE 4556/udp
HEALTHCHECK --start-period=10s --interval=30s --timeout=5s --retries=5 \
CMD ["service_is_running", "ion", "refda-ion"]
# This image provides a very simple socat-baseed transport proxy.
#
FROM registry.access.redhat.com/ubi9/ubi:9.2 AS socat-transport
RUN --mount=type=cache,target=/var/cache/yum \
dnf install -y https://download.fedoraproject.org/pub/epel/epel-release-latest-9.noarch.rpm && \
crb enable && \
dnf install -y \
socat
CMD ["socat", "-x", "stdio", "UNIX-LISTEN:/var/tmp/anms/proxy.sock,socktype=5,forever"]