forked from gatsby-inc/firecracker
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Dockerfile.x86_64
148 lines (135 loc) · 4.65 KB
/
Dockerfile.x86_64
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
FROM ubuntu:18.04
# TODO: use a multi-stage build to reduce the download size when updating this container.
# The Rust toolchain layer will get updated most frequently, but we could keep the system
# dependencies layer intact for much longer.
ARG RUST_TOOLCHAIN="1.64.0"
ARG TINI_VERSION_TAG="v0.18.0"
ARG TMP_BUILD_DIR=/tmp/build
ARG TMP_POETRY_DIR
ARG FIRECRACKER_SRC_DIR="/firecracker"
ARG FIRECRACKER_BUILD_DIR="$FIRECRACKER_SRC_DIR/build"
ARG CARGO_REGISTRY_DIR="$FIRECRACKER_BUILD_DIR/cargo_registry"
ARG CARGO_GIT_REGISTRY_DIR="$FIRECRACKER_BUILD_DIR/cargo_git_registry"
ARG DEBIAN_FRONTEND=noninteractive
# By default we don't provide a poetry.lock file
ARG POETRY_LOCK_PATH="/dev/null/*"
ENV CARGO_HOME=/usr/local/rust
ENV RUSTUP_HOME=/usr/local/rust
ENV PATH="$PATH:$CARGO_HOME/bin"
ENV LC_ALL=C.UTF-8
# Install system dependencies
#
RUN apt-get update \
&& apt-get -y install --no-install-recommends \
binutils-dev \
# Needed in order to be able to compile `userfaultfd-sys`.
clang \
cmake \
build-essential \
zlib1g-dev \
libncurses5-dev \
libgdbm-dev \
libnss3-dev \
libreadline-dev \
libffi-dev \
libsqlite3-dev \
wget \
libbz2-dev \
curl \
file \
g++ \
gcc \
gcc-aarch64-linux-gnu \
git \
iperf3 \
iproute2 \
jq \
libdw-dev \
libiberty-dev \
libssl-dev \
libcurl4-openssl-dev \
lsof \
make \
musl-tools \
net-tools \
openssh-client \
pkgconf \
python \
python3 \
python3-dev \
python3-pip \
python3-venv \
ruby-dev \
zlib1g-dev \
screen \
tzdata \
xz-utils \
bc \
flex \
bison \
&& python3 -m pip install \
setuptools \
wheel \
&& python3 -m pip install --upgrade pip \
&& gem install chef-utils:16.6.14 mdl
# Update Python to 3.10
# This method isn't ideal, compiling from source can be dropped
# once the container definition is based on ubuntu:22.04
RUN wget https://www.python.org/ftp/python/3.10.4/Python-3.10.4.tgz \
&& tar -xf Python-3.10.4.tgz \
&& cd ./Python-3.10.4 \
&& ./configure --enable-optimizations \
&& make -j 8 \
&& make install
RUN python3 -m pip install poetry
RUN mkdir "$TMP_POETRY_DIR"
COPY tools/devctr/pyproject.toml $POETRY_LOCK_PATH "$TMP_POETRY_DIR/"
RUN cd "$TMP_POETRY_DIR" \
&& poetry config virtualenvs.create false \
&& poetry install --no-dev --no-interaction
# We need to install node and npm from source because of this issue with the
# ubuntu repository:
# https://bugs.launchpad.net/ubuntu/+source/nodejs/+bug/1794589
RUN (curl -sL https://deb.nodesource.com/setup_14.x | bash) \
&& apt-get install -y nodejs \
&& npm install -g @apidevtools/swagger-cli \
&& rm -rf /var/lib/apt/lists/*
# Install the Rust toolchain
#
RUN mkdir "$TMP_BUILD_DIR" \
&& curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain "$RUST_TOOLCHAIN" \
&& rustup target add x86_64-unknown-linux-musl \
&& rustup component add rustfmt clippy clippy-preview \
&& rustup install --profile minimal "stable" \
&& cd "$TMP_BUILD_DIR" \
&& cargo install cargo-kcov \
&& cargo +"stable" install cargo-audit \
# Fix a version that does not require cargo edition 2021.
&& cargo install --locked cargo-deny --version '^0.9.1' \
&& cargo kcov --print-install-kcov-sh | sh \
&& rm -rf "$CARGO_HOME/registry" \
&& ln -s "$CARGO_REGISTRY_DIR" "$CARGO_HOME/registry" \
&& rm -rf "$CARGO_HOME/git" \
&& ln -s "$CARGO_GIT_REGISTRY_DIR" "$CARGO_HOME/git" \
&& cd / \
&& rm -rf "$TMP_BUILD_DIR"
# help musl-gcc find linux headers
RUN cd /usr/include/x86_64-linux-musl \
&& ln -s ../x86_64-linux-gnu/asm asm \
&& ln -s ../linux linux \
&& ln -s ../asm-generic asm-generic
# Build iperf3-vsock
RUN mkdir "$TMP_BUILD_DIR" && cd "$TMP_BUILD_DIR" \
&& git clone https://github.com/stefano-garzarella/iperf-vsock \
&& cd iperf-vsock && git checkout 9245f9a \
&& mkdir build && cd build \
&& ../configure "LDFLAGS=--static" --disable-shared && make \
&& cp src/iperf3 /usr/local/bin/iperf3-vsock \
&& cd / \
&& rm -rf "$TMP_BUILD_DIR"
# Add the tini init binary.
ADD https://github.com/krallin/tini/releases/download/${TINI_VERSION_TAG}/tini-static-amd64 /sbin/tini
RUN chmod +x /sbin/tini
ADD tools/devctr/ctr_gitconfig /root/.gitconfig
WORKDIR "$FIRECRACKER_SRC_DIR"
ENTRYPOINT ["/sbin/tini", "--"]