Skip to content

Commit f526101

Browse files
kalavtkalavt
committed
dockerfiles: fix duplicate binary path in ENTRYPOINT and CMD
Signed-off-by: Arbin <arbin.cheng@coins.ph>
1 parent 2e58015 commit f526101

File tree

1 file changed

+318
-0
lines changed

1 file changed

+318
-0
lines changed

dockerfiles/Dockerfile.full

Lines changed: 318 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,318 @@
1+
# syntax=docker/dockerfile:1
2+
# check=skip=InvalidBaseImagePlatform
3+
4+
# To use this container you may need to do the following:
5+
# https://askubuntu.com/a/1369504
6+
# sudo add-apt-repository ppa:jacob/virtualisation #(for Ubuntu 20.04)
7+
# sudo apt-get update && sudo apt-get install qemu qemu-user qemu-user-static
8+
# https://stackoverflow.com/a/60667468
9+
# docker run --rm --privileged multiarch/qemu-user-static --reset -p yes
10+
# docker buildx rm builder
11+
# docker buildx create --name builder --use
12+
# docker buildx inspect --bootstrap
13+
# docker buildx build --platform "linux/amd64,linux/arm64,linux/arm/v7,linux/s390x" -f ./dockerfiles/Dockerfile.multiarch --build-arg FLB_TARBALL=https://github.com/fluent/fluent-bit/archive/v1.8.11.tar.gz ./dockerfiles/
14+
15+
# Set this to the current release version: it gets done so as part of the release.
16+
ARG RELEASE_VERSION=4.2.2
17+
18+
# For multi-arch builds - assumption is running on an AMD64 host
19+
FROM multiarch/qemu-user-static:x86_64-arm AS qemu-arm32
20+
FROM multiarch/qemu-user-static:x86_64-aarch64 AS qemu-arm64
21+
22+
FROM debian:trixie-slim AS builder-base
23+
24+
COPY --from=qemu-arm32 /usr/bin/qemu-arm-static /usr/bin/
25+
COPY --from=qemu-arm64 /usr/bin/qemu-aarch64-static /usr/bin/
26+
27+
ARG FLB_NIGHTLY_BUILD
28+
ENV FLB_NIGHTLY_BUILD=$FLB_NIGHTLY_BUILD
29+
30+
ARG FLB_CHUNK_TRACE=On
31+
ENV FLB_CHUNK_TRACE=${FLB_CHUNK_TRACE}
32+
33+
RUN mkdir -p /fluent-bit/bin /fluent-bit/etc /fluent-bit/log
34+
35+
ENV DEBIAN_FRONTEND=noninteractive
36+
37+
# hadolint ignore=DL3008
38+
RUN apt-get update && \
39+
apt-get install -y --no-install-recommends \
40+
build-essential \
41+
curl \
42+
ca-certificates \
43+
git \
44+
make \
45+
tar \
46+
libssl-dev \
47+
libcurl4-openssl-dev \
48+
libsasl2-dev \
49+
pkg-config \
50+
libsystemd-dev \
51+
zlib1g-dev \
52+
libpq-dev \
53+
postgresql-server-dev-all \
54+
flex \
55+
bison \
56+
libyaml-dev \
57+
wget \
58+
lsb-release \
59+
gnupg \
60+
&& apt-get satisfy -y cmake "cmake (<< 4.0)" \
61+
&& apt-get clean \
62+
&& rm -rf /var/lib/apt/lists/*
63+
64+
RUN wget -O apache-arrow.deb https://apache.jfrog.io/artifactory/arrow/$(lsb_release --id --short | tr 'A-Z' 'a-z')/apache-arrow-apt-source-latest-$(lsb_release --codename --short).deb && \
65+
apt-get install -y --no-install-recommends ./apache-arrow.deb && \
66+
apt-get update && \
67+
apt-get install -y --no-install-recommends \
68+
libarrow-glib-dev \
69+
libparquet-glib-dev \
70+
&& rm -f apache-arrow.deb && \
71+
apt-get clean && \
72+
rm -rf /var/lib/apt/lists/*
73+
74+
# Must be run from root of repo
75+
WORKDIR /src/fluent-bit/
76+
COPY . ./
77+
78+
# We split the builder setup out so people can target it or use as a base image without doing a full build.
79+
FROM builder-base AS builder
80+
WORKDIR /src/fluent-bit/build/
81+
82+
# Required to be set to ARMV7 for that target
83+
ARG WAMR_BUILD_TARGET
84+
ARG EXTRA_CMAKE_FLAGS
85+
ENV EXTRA_CMAKE_FLAGS=${EXTRA_CMAKE_FLAGS}
86+
87+
# Optional: jemalloc configure flags (e.g., page size). Leave unset to keep defaults.
88+
ARG FLB_JEMALLOC_OPTIONS
89+
ENV FLB_JEMALLOC_OPTIONS=${FLB_JEMALLOC_OPTIONS}
90+
91+
# We do not want word splitting for EXTRA_CMAKE_FLAGS in case multiple are defined
92+
# hadolint ignore=SC2086
93+
RUN [ -n "${WAMR_BUILD_TARGET:-}" ] && EXTRA_CMAKE_FLAGS="$EXTRA_CMAKE_FLAGS -DWAMR_BUILD_TARGET=$WAMR_BUILD_TARGET"; \
94+
cmake -DFLB_SIMD=On \
95+
-DFLB_RELEASE=On \
96+
-DFLB_JEMALLOC=On \
97+
-DFLB_TLS=On \
98+
-DFLB_SHARED_LIB=Off \
99+
-DFLB_EXAMPLES=Off \
100+
-DFLB_HTTP_SERVER=On \
101+
-DFLB_IN_EXEC=Off \
102+
-DFLB_IN_SYSTEMD=On \
103+
-DFLB_OUT_KAFKA=On \
104+
-DFLB_OUT_PGSQL=On \
105+
-DFLB_ARROW=On \
106+
-DFLB_NIGHTLY_BUILD="$FLB_NIGHTLY_BUILD" \
107+
-DFLB_LOG_NO_CONTROL_CHARS=On \
108+
-DFLB_CHUNK_TRACE="$FLB_CHUNK_TRACE" \
109+
-DFLB_JEMALLOC_OPTIONS="$FLB_JEMALLOC_OPTIONS" \
110+
$EXTRA_CMAKE_FLAGS \
111+
..
112+
113+
ARG CFLAGS="-v"
114+
ENV CFLAGS=${CFLAGS}
115+
116+
RUN make -j "$(getconf _NPROCESSORS_ONLN)"
117+
RUN install bin/fluent-bit /fluent-bit/bin/
118+
119+
# Configuration files
120+
COPY conf/fluent-bit.conf \
121+
conf/parsers.conf \
122+
conf/parsers_ambassador.conf \
123+
conf/parsers_java.conf \
124+
conf/parsers_extra.conf \
125+
conf/parsers_openstack.conf \
126+
conf/parsers_cinder.conf \
127+
conf/plugins.conf \
128+
/fluent-bit/etc/
129+
130+
# Generate schema and include as part of the container image
131+
RUN /fluent-bit/bin/fluent-bit -J > /fluent-bit/etc/schema.json
132+
133+
# Simple example of how to properly extract packages for reuse in distroless
134+
# Taken from: https://github.com/GoogleContainerTools/distroless/issues/863
135+
FROM debian:trixie-slim AS deb-extractor
136+
COPY --from=qemu-arm32 /usr/bin/qemu-arm-static /usr/bin/
137+
COPY --from=qemu-arm64 /usr/bin/qemu-aarch64-static /usr/bin/
138+
139+
ENV DEBIAN_FRONTEND=noninteractive
140+
141+
# Install ca-certificates first to enable HTTPS apt sources
142+
RUN apt-get update && \
143+
apt-get install -y --no-install-recommends ca-certificates && \
144+
apt-get clean && \
145+
rm -rf /var/lib/apt/lists/*
146+
147+
# Now copy Arrow apt source configuration
148+
COPY --from=builder-base /etc/apt/sources.list.d/ /etc/apt/sources.list.d/
149+
COPY --from=builder-base /etc/apt/trusted.gpg.d/ /etc/apt/trusted.gpg.d/
150+
COPY --from=builder-base /usr/share/keyrings/apache-arrow-apt-source.asc /usr/share/keyrings/
151+
152+
# We download all debs locally then extract them into a directory we can use as the root for distroless.
153+
# We also include some extra handling for the status files that some tooling uses for scanning, etc.
154+
WORKDIR /tmp
155+
SHELL ["/bin/bash", "-o", "pipefail", "-c"]
156+
RUN apt-get update && \
157+
apt-get download \
158+
libssl3t64 \
159+
libcurl4t64 \
160+
libnghttp2-14 \
161+
libnghttp3-9 \
162+
librtmp1 \
163+
libssh2-1t64 \
164+
libpsl5t64 \
165+
libbrotli1 \
166+
libsasl2-2 \
167+
pkg-config \
168+
libpq5 \
169+
libsystemd0 \
170+
zlib1g \
171+
ca-certificates \
172+
libatomic1 \
173+
libgcrypt20 \
174+
libzstd1 \
175+
liblz4-1 \
176+
libgssapi-krb5-2 \
177+
libldap-2.5 \
178+
libgpg-error0 \
179+
libkrb5-3 \
180+
libk5crypto3 \
181+
libcom-err2 \
182+
libkrb5support0 \
183+
libgnutls30t64 \
184+
libkeyutils1 \
185+
libp11-kit0 \
186+
libidn2-0 \
187+
libunistring5 \
188+
libtasn1-6 \
189+
libnettle8t64 \
190+
libhogweed6t64 \
191+
libgmp10 \
192+
libffi8 \
193+
liblzma5 \
194+
libyaml-0-2 \
195+
libcap2 \
196+
libldap2 \
197+
libglib2.0-0t64 \
198+
libarrow2200 \
199+
libarrow-acero2200 \
200+
libarrow-dataset2200 \
201+
libarrow-glib2200 \
202+
libparquet2200 \
203+
libparquet-glib2200 && \
204+
mkdir -p /dpkg/var/lib/dpkg/status.d/ && \
205+
for deb in *.deb; do \
206+
package_name=$(dpkg-deb -I "${deb}" | awk '/^ Package: .*$/ {print $2}'); \
207+
echo "Processing: ${package_name}"; \
208+
dpkg --ctrl-tarfile "$deb" | tar -Oxf - ./control > "/dpkg/var/lib/dpkg/status.d/${package_name}"; \
209+
dpkg --extract "$deb" /dpkg || exit 10; \
210+
done
211+
212+
# Remove unnecessary files extracted from deb packages like man pages and docs etc.
213+
RUN find /dpkg/ -type d -empty -delete && \
214+
rm -r /dpkg/usr/share/doc/
215+
216+
# We want latest at time of build
217+
# hadolint ignore=DL3006
218+
FROM gcr.io/distroless/cc-debian13 AS production
219+
ARG RELEASE_VERSION
220+
ENV FLUENT_BIT_VERSION=${RELEASE_VERSION}
221+
LABEL description="Fluent Bit multi-architecture container image" \
222+
vendor="Fluent Organization" \
223+
version="${RELEASE_VERSION}" \
224+
author="Eduardo Silva <eduardo.silva@chronosphere.io>" \
225+
org.opencontainers.image.description="Fluent Bit container image" \
226+
org.opencontainers.image.title="Fluent Bit" \
227+
org.opencontainers.image.licenses="Apache-2.0" \
228+
org.opencontainers.image.vendor="Fluent Organization" \
229+
org.opencontainers.image.version="${RELEASE_VERSION}" \
230+
org.opencontainers.image.source="https://github.com/fluent/fluent-bit" \
231+
org.opencontainers.image.documentation="https://docs.fluentbit.io/" \
232+
org.opencontainers.image.authors="Eduardo Silva <eduardo.silva@chronosphere.io>"
233+
234+
# Copy the libraries from the extractor stage into root
235+
COPY --from=deb-extractor /dpkg /
236+
237+
# Copy certificates
238+
COPY --from=builder /etc/ssl/certs /etc/ssl/certs
239+
240+
# Finally the binaries as most likely to change
241+
COPY --from=builder /fluent-bit /fluent-bit
242+
243+
EXPOSE 2020
244+
245+
# Entry point
246+
ENTRYPOINT [ "/fluent-bit/bin/fluent-bit" ]
247+
CMD ["-c", "/fluent-bit/etc/fluent-bit.conf"]
248+
249+
FROM debian:trixie-slim AS debug
250+
ARG RELEASE_VERSION
251+
ENV FLUENT_BIT_VERSION=${RELEASE_VERSION}
252+
LABEL description="Fluent Bit multi-architecture debug container image" \
253+
vendor="Fluent Organization" \
254+
version="${RELEASE_VERSION}-debug" \
255+
author="Eduardo Silva <eduardo.silva@chronosphere.io>" \
256+
org.opencontainers.image.description="Fluent Bit debug container image" \
257+
org.opencontainers.image.title="Fluent Bit Debug" \
258+
org.opencontainers.image.licenses="Apache-2.0" \
259+
org.opencontainers.image.vendor="Fluent Organization" \
260+
org.opencontainers.image.version="${RELEASE_VERSION}-debug" \
261+
org.opencontainers.image.source="https://github.com/fluent/fluent-bit" \
262+
org.opencontainers.image.documentation="https://docs.fluentbit.io/" \
263+
org.opencontainers.image.authors="Eduardo Silva <eduardo.silva@chronosphere.io>"
264+
265+
COPY --from=qemu-arm32 /usr/bin/qemu-arm-static /usr/bin/
266+
COPY --from=qemu-arm64 /usr/bin/qemu-aarch64-static /usr/bin/
267+
COPY --from=builder-base /etc/apt/sources.list.d/ /etc/apt/sources.list.d/
268+
COPY --from=builder-base /etc/apt/trusted.gpg.d/ /etc/apt/trusted.gpg.d/
269+
ENV DEBIAN_FRONTEND=noninteractive
270+
271+
# hadolint ignore=DL3008
272+
RUN apt-get update && \
273+
apt-get install -y --no-install-recommends \
274+
libssl3t64 \
275+
libcurl4t64 \
276+
libnghttp2-14 \
277+
libnghttp3-9 \
278+
librtmp1 \
279+
libssh2-1t64 \
280+
libpsl5t64 \
281+
libbrotli1 \
282+
libsasl2-2 \
283+
pkg-config \
284+
libpq5 \
285+
libsystemd0 \
286+
zlib1g \
287+
ca-certificates \
288+
libatomic1 \
289+
libgcrypt20 \
290+
libyaml-0-2 \
291+
libldap2 \
292+
libglib2.0-0t64 \
293+
libarrow2200 \
294+
libarrow-acero2200 \
295+
libarrow-dataset2200 \
296+
libarrow-glib2200 \
297+
libparquet2200 \
298+
libparquet-glib2200 \
299+
bash gdb valgrind build-essential \
300+
git bash-completion vim tmux jq \
301+
dnsutils iputils-ping iputils-arping iputils-tracepath iputils-clockdiff \
302+
tcpdump curl nmap tcpflow iftop \
303+
net-tools mtr netcat-openbsd bridge-utils iperf ngrep \
304+
openssl \
305+
htop atop strace iotop sysstat ncdu logrotate hdparm pciutils psmisc tree pv \
306+
make tar flex bison \
307+
libssl-dev libsasl2-dev libsystemd-dev zlib1g-dev libpq-dev libyaml-dev postgresql-server-dev-all \
308+
&& apt-get satisfy -y cmake "cmake (<< 4.0)" \
309+
&& apt-get clean \
310+
&& rm -rf /var/lib/apt/lists/*
311+
312+
RUN rm -f /usr/bin/qemu-*-static
313+
COPY --from=builder /fluent-bit /fluent-bit
314+
315+
EXPOSE 2020
316+
317+
# No entry point so we can just shell in
318+
CMD ["/fluent-bit/bin/fluent-bit", "-c", "/fluent-bit/etc/fluent-bit.conf"]

0 commit comments

Comments
 (0)