From b82d77449620a310a5254df69a2aa05c3d56036b Mon Sep 17 00:00:00 2001 From: ZiyamSanthosh Date: Sun, 14 Jul 2024 14:18:39 +0530 Subject: [PATCH 1/3] Add rocky linux docker image for IS and IS analytics 5.8.0 --- .../rocky/is-analytics/dashboard/Dockerfile | 117 ++++++++++++++++ .../rocky/is-analytics/dashboard/README.md | 72 ++++++++++ .../dashboard/docker-entrypoint.sh | 36 +++++ .../rocky/is-analytics/worker/Dockerfile | 117 ++++++++++++++++ .../rocky/is-analytics/worker/README.md | 68 +++++++++ .../is-analytics/worker/docker-entrypoint.sh | 36 +++++ dockerfiles/rocky/is/Dockerfile | 130 ++++++++++++++++++ dockerfiles/rocky/is/README.md | 74 ++++++++++ dockerfiles/rocky/is/docker-entrypoint.sh | 36 +++++ 9 files changed, 686 insertions(+) create mode 100644 dockerfiles/rocky/is-analytics/dashboard/Dockerfile create mode 100644 dockerfiles/rocky/is-analytics/dashboard/README.md create mode 100755 dockerfiles/rocky/is-analytics/dashboard/docker-entrypoint.sh create mode 100644 dockerfiles/rocky/is-analytics/worker/Dockerfile create mode 100644 dockerfiles/rocky/is-analytics/worker/README.md create mode 100755 dockerfiles/rocky/is-analytics/worker/docker-entrypoint.sh create mode 100644 dockerfiles/rocky/is/Dockerfile create mode 100644 dockerfiles/rocky/is/README.md create mode 100755 dockerfiles/rocky/is/docker-entrypoint.sh diff --git a/dockerfiles/rocky/is-analytics/dashboard/Dockerfile b/dockerfiles/rocky/is-analytics/dashboard/Dockerfile new file mode 100644 index 00000000..a5822197 --- /dev/null +++ b/dockerfiles/rocky/is-analytics/dashboard/Dockerfile @@ -0,0 +1,117 @@ + # ------------------------------------------------------------------------ +# +# Copyright 2024 WSO2, LLC. (http://wso2.com) +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License +# +# ------------------------------------------------------------------------ + +# Set base Docker image to Rocky Linux Docker image. +FROM rockylinux:7 +LABEL maintainer="WSO2 Docker Maintainers " \ + com.wso2.docker.source="https://github.com/wso2/docker-is/releases/tag/v5.8.0.10" +ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' LC_ALL='en_US.UTF-8' + +# Install JDK Dependencies. +RUN yum install -y tzdata openssl ca-certificates fontconfig gzip tar nc unzip wget \ + && yum clean all + +ENV JAVA_VERSION jdk8u362-b09 + +# Install JDK8. +RUN set -eux; \ + ARCH="$(objdump="$(command -v objdump)" && objdump --file-headers "$objdump" | awk -F '[:,]+[[:space:]]+' '$1 == "architecture" { print $2 }')"; \ + case "${ARCH}" in \ + amd64|i386:x86-64) \ + ESUM='1486a792fb224611ce0cd0e83d4aacd3503b56698549f8e9a9f0a6ebb83bdba1'; \ + BINARY_URL='https://github.com/adoptium/temurin8-binaries/releases/download/jdk8u362-b09/OpenJDK8U-jdk_x64_linux_hotspot_8u362b09.tar.gz'; \ + ;; \ + arm64|aarch64) \ + ESUM='9290a8beefd7a94f0eb030f62d402411a852100482b9c5b63714bacc57002c2a'; \ + BINARY_URL='https://github.com/adoptium/temurin8-binaries/releases/download/jdk8u362-b09/OpenJDK8U-jdk_aarch64_linux_hotspot_8u362b09.tar.gz'; \ + ;; \ + *) \ + echo "Unsupported arch: ${ARCH}"; \ + exit 1; \ + ;; \ + esac; \ + curl -LfsSo /tmp/openjdk.tar.gz ${BINARY_URL}; \ + echo "${ESUM} */tmp/openjdk.tar.gz" | sha256sum -c -; \ + mkdir -p /opt/java/openjdk; \ + cd /opt/java/openjdk; \ + tar -xf /tmp/openjdk.tar.gz --strip-components=1; \ + rm -rf /tmp/openjdk.tar.gz; + +ENV JAVA_HOME=/opt/java/openjdk \ + PATH="/opt/java/openjdk/bin:$PATH" + +# set Docker image build arguments +# build arguments for user/group configurations +ARG USER=wso2carbon +ARG USER_ID=802 +ARG USER_GROUP=wso2 +ARG USER_GROUP_ID=802 +ARG USER_HOME=/home/${USER} +# build arguments for WSO2 product installation +ARG WSO2_SERVER_NAME=wso2is-analytics +ARG WSO2_SERVER_VERSION=5.8.0 +ARG WSO2_SERVER=${WSO2_SERVER_NAME}-${WSO2_SERVER_VERSION} +ARG WSO2_SERVER_HOME=${USER_HOME}/${WSO2_SERVER} +ARG WSO2_SERVER_DIST_URL=https://bintray.com/wso2/binaryGA/download_file?file_path=${WSO2_SERVER}.zip +# build argument for MOTD +ARG MOTD='printf "\n\ +Welcome to WSO2 Docker resources.\n\ +------------------------------------ \n\ +This Docker container comprises of a WSO2 product, running with its latest GA release \n\ +which is under the Apache License, Version 2.0. \n\ +Read more about Apache License, Version 2.0 here @ http://www.apache.org/licenses/LICENSE-2.0.\n\n"' + +# create the non-root user and group and set MOTD login message +RUN \ + groupadd --system -g ${USER_GROUP_ID} ${USER_GROUP} \ + && useradd --system --create-home --home-dir ${USER_HOME} --no-log-init -g ${USER_GROUP_ID} -u ${USER_ID} ${USER} \ + && echo ${MOTD} > /etc/profile.d/motd.sh + +# copy init script to user home +COPY --chown=wso2carbon:wso2 docker-entrypoint.sh ${USER_HOME}/ + +# install required packages +RUN \ + yum -y update \ + && yum install -y \ + nc \ + unzip \ + wget \ + && rm -rf /var/cache/yum/* + +# add the WSO2 product distribution to user's home directory +RUN \ + wget -O ${WSO2_SERVER}.zip "${WSO2_SERVER_DIST_URL}" \ + && unzip -d ${USER_HOME} ${WSO2_SERVER}.zip \ + && chown wso2carbon:wso2 -R ${WSO2_SERVER_HOME} \ + && rm -f ${WSO2_SERVER}.zip + +# set the user and work directory +USER ${USER_ID} +WORKDIR ${USER_HOME} + +# set environment variables +ENV JAVA_OPTS="-Djava.util.prefs.systemRoot=${USER_HOME}/.java -Djava.util.prefs.userRoot=${USER_HOME}/.java/.userPrefs" \ + WORKING_DIRECTORY=${USER_HOME} \ + WSO2_SERVER_HOME=${WSO2_SERVER_HOME} + +# expose ports +EXPOSE 9643 + +# initiate container and start WSO2 Carbon server +ENTRYPOINT ["/home/wso2carbon/docker-entrypoint.sh"] diff --git a/dockerfiles/rocky/is-analytics/dashboard/README.md b/dockerfiles/rocky/is-analytics/dashboard/README.md new file mode 100644 index 00000000..362ddab8 --- /dev/null +++ b/dockerfiles/rocky/is-analytics/dashboard/README.md @@ -0,0 +1,72 @@ +# Dockerfile for Dashboard Profile of WSO2 Identity Server Analytics # + +This section defines the step-by-step instructions to build [Rocky Linux](https://hub.docker.com/_/rockylinux/) Linux based Docker image for Dashboard profile of +WSO2 Identity Server Analytics 5.8.0. + +## Prerequisites + +* [Docker](https://www.docker.com/get-docker) v17.09.0 or above +* [Git](https://git-scm.com/book/en/v2/Getting-Started-Installing-Git) client + +## How to build an image and run + +##### 1. Checkout this repository into your local machine using the following Git client command. + +``` +git clone https://github.com/wso2/docker-is.git +``` + +> The local copy of the `dockerfile/rocky/is-analytics/dasboard` directory will be referred to as `ANALYTICS_DOCKERFILE_HOME` from this point onwards. + +##### 2. Build the Docker image. + +- Navigate to `` directory.
+ Execute `docker build` command as shown below. + + `docker build -t wso2is-analytics-dashboard:5.8.0-rocky .` + +> By default, the Docker image will prepackage the General Availability (GA) release version of the relevant WSO2 product. + +##### 3. Running Docker images specific to each profile. + +- `docker run -p 9643:9643 wso2is-analytics-dashboard:5.8.0-rocky` + +##### 4. Accessing the Dashboard portal. + +- For dashboard, + + `https::9643/portal` + +> In here, refers to hostname or IP of the host machine on top of which containers are spawned. + +## How to update configurations + +Configurations would lie on the Docker host machine and they can be volume mounted to the container.
+As an example, steps required to change the port offset using `deployment.yaml` is as follows: + +##### 1. Stop the Identity Server Analytics container if it's already running. + +In WSO2 Identity Server Analytics 5.8.0 product distribution, `deployment.yaml` configuration file
+can be found at `/conf/worker`. Copy the file to some suitable location of the host machine,
+referred to as `/deployment.yaml` and change the offset value under ports to 2. + +##### 2. Grant read permission to `other` users for `/deployment.yaml`. + +``` +chmod o+r /deployment.yaml +``` + +##### 3. Run the image by mounting the file to container as follows: + +``` +docker run +-p 7713:7713 +--volume /deployment.yaml:/deployment.yaml +wso2is-analytics-worker:5.8.0-rocky +``` + +> In here, refers to /home/wso2carbon/wso2is-analytics-5.8.0/conf/worker folder of the container. + +## Docker command usage references + +* [Docker build command reference](https://docs.docker.com/engine/reference/commandline/build/) +* [Docker run command reference](https://docs.docker.com/engine/reference/run/) +* [Dockerfile reference](https://docs.docker.com/engine/reference/builder/) diff --git a/dockerfiles/rocky/is-analytics/dashboard/docker-entrypoint.sh b/dockerfiles/rocky/is-analytics/dashboard/docker-entrypoint.sh new file mode 100755 index 00000000..e8afa8e6 --- /dev/null +++ b/dockerfiles/rocky/is-analytics/dashboard/docker-entrypoint.sh @@ -0,0 +1,36 @@ +#!/bin/sh +# ------------------------------------------------------------------------ +# Copyright 2024 WSO2, LLC. (http://wso2.com) +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License +# ------------------------------------------------------------------------ + +set -e + +# volume mounts +config_volume=${WORKING_DIRECTORY}/wso2-config-volume +artifact_volume=${WORKING_DIRECTORY}/wso2-artifact-volume + +# check if the WSO2 non-root user home exists +test ! -d ${WORKING_DIRECTORY} && echo "WSO2 Docker non-root user home does not exist" && exit 1 + +# check if the WSO2 product home exists +test ! -d ${WSO2_SERVER_HOME} && echo "WSO2 Docker product home does not exist" && exit 1 + +# copy any configuration changes mounted to config_volume +test -d ${config_volume} && [ "$(ls -A ${config_volume})" ] && cp -RL ${config_volume}/* ${WSO2_SERVER_HOME}/ +# copy any artifact changes mounted to artifact_volume +test -d ${artifact_volume} && [ "$(ls -A ${artifact_volume})" ] && cp -RL ${artifact_volume}/* ${WSO2_SERVER_HOME}/ + +# start WSO2 Carbon server +sh ${WSO2_SERVER_HOME}/bin/dashboard.sh "$@" diff --git a/dockerfiles/rocky/is-analytics/worker/Dockerfile b/dockerfiles/rocky/is-analytics/worker/Dockerfile new file mode 100644 index 00000000..b3edebde --- /dev/null +++ b/dockerfiles/rocky/is-analytics/worker/Dockerfile @@ -0,0 +1,117 @@ +# ------------------------------------------------------------------------ +# +# Copyright 2024 WSO2, LLC. (http://wso2.com) +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License +# +# ------------------------------------------------------------------------ + +# Set base Docker image to Rocky Linux Docker image. +FROM rockylinux:9.3 +LABEL maintainer="WSO2 Docker Maintainers " \ + com.wso2.docker.source="https://github.com/wso2/docker-is/releases/tag/v5.8.0.10" +ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' LC_ALL='en_US.UTF-8' + +# Install JDK Dependencies. +RUN yum install -y tzdata openssl ca-certificates fontconfig gzip tar nc unzip wget \ + && yum clean all + +ENV JAVA_VERSION jdk8u362-b09 + +# Install JDK8. +RUN set -eux; \ + ARCH="$(objdump="$(command -v objdump)" && objdump --file-headers "$objdump" | awk -F '[:,]+[[:space:]]+' '$1 == "architecture" { print $2 }')"; \ + case "${ARCH}" in \ + amd64|i386:x86-64) \ + ESUM='1486a792fb224611ce0cd0e83d4aacd3503b56698549f8e9a9f0a6ebb83bdba1'; \ + BINARY_URL='https://github.com/adoptium/temurin8-binaries/releases/download/jdk8u362-b09/OpenJDK8U-jdk_x64_linux_hotspot_8u362b09.tar.gz'; \ + ;; \ + arm64|aarch64) \ + ESUM='9290a8beefd7a94f0eb030f62d402411a852100482b9c5b63714bacc57002c2a'; \ + BINARY_URL='https://github.com/adoptium/temurin8-binaries/releases/download/jdk8u362-b09/OpenJDK8U-jdk_aarch64_linux_hotspot_8u362b09.tar.gz'; \ + ;; \ + *) \ + echo "Unsupported arch: ${ARCH}"; \ + exit 1; \ + ;; \ + esac; \ + curl -LfsSo /tmp/openjdk.tar.gz ${BINARY_URL}; \ + echo "${ESUM} */tmp/openjdk.tar.gz" | sha256sum -c -; \ + mkdir -p /opt/java/openjdk; \ + cd /opt/java/openjdk; \ + tar -xf /tmp/openjdk.tar.gz --strip-components=1; \ + rm -rf /tmp/openjdk.tar.gz; + +ENV JAVA_HOME=/opt/java/openjdk \ + PATH="/opt/java/openjdk/bin:$PATH" + +# set Docker image build arguments +# build arguments for user/group configurations +ARG USER=wso2carbon +ARG USER_ID=802 +ARG USER_GROUP=wso2 +ARG USER_GROUP_ID=802 +ARG USER_HOME=/home/${USER} +# build arguments for WSO2 product installation +ARG WSO2_SERVER_NAME=wso2is-analytics +ARG WSO2_SERVER_VERSION=5.8.0 +ARG WSO2_SERVER=${WSO2_SERVER_NAME}-${WSO2_SERVER_VERSION} +ARG WSO2_SERVER_HOME=${USER_HOME}/${WSO2_SERVER} +ARG WSO2_SERVER_DIST_URL=https://bintray.com/wso2/binaryGA/download_file?file_path=${WSO2_SERVER}.zip +# build argument for MOTD +ARG MOTD='printf "\n\ +Welcome to WSO2 Docker resources.\n\ +------------------------------------ \n\ +This Docker container comprises of a WSO2 product, running with its latest GA release \n\ +which is under the Apache License, Version 2.0. \n\ +Read more about Apache License, Version 2.0 here @ http://www.apache.org/licenses/LICENSE-2.0.\n\n"' + +# create the non-root user and group and set MOTD login message +RUN \ + groupadd --system -g ${USER_GROUP_ID} ${USER_GROUP} \ + && useradd --system --create-home --home-dir ${USER_HOME} --no-log-init -g ${USER_GROUP_ID} -u ${USER_ID} ${USER} \ + && echo ${MOTD} > /etc/profile.d/motd.sh + +# copy init script to user home +COPY --chown=wso2carbon:wso2 docker-entrypoint.sh ${USER_HOME}/ + +# install required packages +RUN \ + yum -y update \ + && yum install -y \ + nc \ + unzip \ + wget \ + && rm -rf /var/cache/yum/* + +# add the WSO2 product distribution to user's home directory +RUN \ + wget -O ${WSO2_SERVER}.zip "${WSO2_SERVER_DIST_URL}" \ + && unzip -d ${USER_HOME} ${WSO2_SERVER}.zip \ + && chown wso2carbon:wso2 -R ${WSO2_SERVER_HOME} \ + && rm -f ${WSO2_SERVER}.zip + +# set the user and work directory +USER ${USER_ID} +WORKDIR ${USER_HOME} + +# set environment variables +ENV JAVA_OPTS="-Djava.util.prefs.systemRoot=${USER_HOME}/.java -Djava.util.prefs.userRoot=${USER_HOME}/.java/.userPrefs" \ + WORKING_DIRECTORY=${USER_HOME} \ + WSO2_SERVER_HOME=${WSO2_SERVER_HOME} + +# expose ports +EXPOSE 9090 9091 9443 7712 7612 9612 9712 + +# initiate container and start WSO2 Carbon server +ENTRYPOINT ["/home/wso2carbon/docker-entrypoint.sh"] diff --git a/dockerfiles/rocky/is-analytics/worker/README.md b/dockerfiles/rocky/is-analytics/worker/README.md new file mode 100644 index 00000000..50aca863 --- /dev/null +++ b/dockerfiles/rocky/is-analytics/worker/README.md @@ -0,0 +1,68 @@ +# Dockerfile for Worker Profile of WSO2 Identity Server Analytics # + +This section defines the step-by-step instructions to build [Rocky Linux](https://hub.docker.com/_/rockylinux/) Linux based Docker image for Worker profile of +WSO2 Identity Server Analytics 5.8.0. + +## Prerequisites + +* [Docker](https://www.docker.com/get-docker) v17.09.0 or above +* [Git](https://git-scm.com/book/en/v2/Getting-Started-Installing-Git) client + +## How to build an image and run + +##### 1. Checkout this repository into your local machine using the following Git client command. + +``` +git clone https://github.com/wso2/docker-is.git +``` + +> The local copy of the `dockerfile/rocky/is-analytics/worker` directory will be referred to as `ANALYTICS_DOCKERFILE_HOME` from this point onwards. + +##### 2. Build the Docker image. + +- Navigate to `` directory.
+ Execute `docker build` command as shown below. + + `docker build -t wso2is-analytics-worker:5.8.0-rocky .` + +> By default, the Docker image will prepackage the General Availability (GA) release version of the relevant WSO2 product. + +##### 3. Running Docker images specific to each profile. + +- `docker run -p 9090:9090 -p 9091:9091 wso2is-analytics-worker:5.8.0-rocky` + +>Here, only port 9090 and 9091 have been mapped to Docker host ports. +You may map other container service ports, which have been exposed to Docker host ports, as desired. + +## How to update configurations + +Configurations would lie on the Docker host machine and they can be volume mounted to the container.
+As an example, steps required to change the port offset using `deployment.yaml` is as follows: + +##### 1. Stop the Identity Server Analytics container if it's already running. + +In WSO2 Identity Server Analytics 5.8.0 product distribution, `deployment.yaml` configuration file
+can be found at `/conf/worker`. Copy the file to some suitable location of the host machine,
+referred to as `/deployment.yaml` and change the offset value under ports to 2. + +##### 2. Grant read permission to `other` users for `/deployment.yaml`. + +``` +chmod o+r /deployment.yaml +``` + +##### 3. Run the image by mounting the file to container as follows: + +``` +docker run +-p 7713:7713 +--volume /deployment.yaml:/deployment.yaml +wso2is-analytics-worker:5.8.0-rocky +``` + +> In here, refers to /home/wso2carbon/wso2is-analytics-5.8.0/conf/worker folder of the container. + +## Docker command usage references + +* [Docker build command reference](https://docs.docker.com/engine/reference/commandline/build/) +* [Docker run command reference](https://docs.docker.com/engine/reference/run/) +* [Dockerfile reference](https://docs.docker.com/engine/reference/builder/) diff --git a/dockerfiles/rocky/is-analytics/worker/docker-entrypoint.sh b/dockerfiles/rocky/is-analytics/worker/docker-entrypoint.sh new file mode 100755 index 00000000..9e1c1d24 --- /dev/null +++ b/dockerfiles/rocky/is-analytics/worker/docker-entrypoint.sh @@ -0,0 +1,36 @@ +#!/bin/sh +# ------------------------------------------------------------------------ +# Copyright 2024 WSO2, LLC. (http://wso2.com) +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License +# ------------------------------------------------------------------------ + +set -e + +# volume mounts +config_volume=${WORKING_DIRECTORY}/wso2-config-volume +artifact_volume=${WORKING_DIRECTORY}/wso2-artifact-volume + +# check if the WSO2 non-root user home exists +test ! -d ${WORKING_DIRECTORY} && echo "WSO2 Docker non-root user home does not exist" && exit 1 + +# check if the WSO2 product home exists +test ! -d ${WSO2_SERVER_HOME} && echo "WSO2 Docker product home does not exist" && exit 1 + +# copy any configuration changes mounted to config_volume +test -d ${config_volume} && [ "$(ls -A ${config_volume})" ] && cp -RL ${config_volume}/* ${WSO2_SERVER_HOME}/ +# copy any artifact changes mounted to artifact_volume +test -d ${artifact_volume} && [ "$(ls -A ${artifact_volume})" ] && cp -RL ${artifact_volume}/* ${WSO2_SERVER_HOME}/ + +# start WSO2 Carbon server +sh ${WSO2_SERVER_HOME}/bin/worker.sh "$@" diff --git a/dockerfiles/rocky/is/Dockerfile b/dockerfiles/rocky/is/Dockerfile new file mode 100644 index 00000000..9232e44a --- /dev/null +++ b/dockerfiles/rocky/is/Dockerfile @@ -0,0 +1,130 @@ +# ------------------------------------------------------------------------ +# +# Copyright 2024 WSO2, LLC. (http://wso2.com) +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License +# +# ------------------------------------------------------------------------ + +# Set base Docker image to Rocky Linux Docker image. +FROM rockylinux:9.3 +LABEL maintainer="WSO2 Docker Maintainers " \ + com.wso2.docker.source="https://github.com/wso2/docker-is/releases/tag/v5.8.0.10" +ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' LC_ALL='en_US.UTF-8' + +# Install JDK Dependencies. +RUN yum install -y tzdata openssl ca-certificates fontconfig gzip tar nc unzip wget \ + && yum clean all + +ENV JAVA_VERSION jdk8u362-b09 + +# Install JDK8. +RUN set -eux; \ + ARCH="$(objdump="$(command -v objdump)" && objdump --file-headers "$objdump" | awk -F '[:,]+[[:space:]]+' '$1 == "architecture" { print $2 }')"; \ + case "${ARCH}" in \ + amd64|i386:x86-64) \ + ESUM='1486a792fb224611ce0cd0e83d4aacd3503b56698549f8e9a9f0a6ebb83bdba1'; \ + BINARY_URL='https://github.com/adoptium/temurin8-binaries/releases/download/jdk8u362-b09/OpenJDK8U-jdk_x64_linux_hotspot_8u362b09.tar.gz'; \ + ;; \ + arm64|aarch64) \ + ESUM='9290a8beefd7a94f0eb030f62d402411a852100482b9c5b63714bacc57002c2a'; \ + BINARY_URL='https://github.com/adoptium/temurin8-binaries/releases/download/jdk8u362-b09/OpenJDK8U-jdk_aarch64_linux_hotspot_8u362b09.tar.gz'; \ + ;; \ + *) \ + echo "Unsupported arch: ${ARCH}"; \ + exit 1; \ + ;; \ + esac; \ + curl -LfsSo /tmp/openjdk.tar.gz ${BINARY_URL}; \ + echo "${ESUM} */tmp/openjdk.tar.gz" | sha256sum -c -; \ + mkdir -p /opt/java/openjdk; \ + cd /opt/java/openjdk; \ + tar -xf /tmp/openjdk.tar.gz --strip-components=1; \ + rm -rf /tmp/openjdk.tar.gz; + +ENV JAVA_HOME=/opt/java/openjdk \ + PATH="/opt/java/openjdk/bin:$PATH" + +# set Docker image build arguments +# build arguments for user/group configurations +ARG USER=wso2carbon +ARG USER_ID=802 +ARG USER_GROUP=wso2 +ARG USER_GROUP_ID=802 +ARG USER_HOME=/home/${USER} +# build arguments for WSO2 product installation +ARG WSO2_SERVER_NAME=wso2is +ARG WSO2_SERVER_VERSION=5.8.0 +ARG WSO2_SERVER_REPOSITORY=product-is +ARG WSO2_SERVER=${WSO2_SERVER_NAME}-${WSO2_SERVER_VERSION} +ARG WSO2_SERVER_HOME=${USER_HOME}/${WSO2_SERVER} +ARG WSO2_SERVER_DIST_URL=https://bintray.com/wso2/binaryGA/download_file?file_path=${WSO2_SERVER}.zip +# build arguments for external artifacts +ARG DNS_JAVA_VERSION=2.1.8 +ARG K8S_MEMBERSHIP_SCHEME_VERSION=1.0.7 +# build argument for MOTD +ARG MOTD='printf "\n\ +Welcome to WSO2 Docker resources.\n\ +------------------------------------ \n\ +This Docker container comprises of a WSO2 product, running with its latest GA release \n\ +which is under the Apache License, Version 2.0. \n\ +Read more about Apache License, Version 2.0 here @ http://www.apache.org/licenses/LICENSE-2.0.\n\n"' + +# create the non-root user and group and set MOTD login message +RUN \ + groupadd --system -g ${USER_GROUP_ID} ${USER_GROUP} \ + && useradd --system --create-home --home-dir ${USER_HOME} --no-log-init -g ${USER_GROUP_ID} -u ${USER_ID} ${USER} \ + && echo ${MOTD} > /etc/profile.d/motd.sh +# create Java prefs dir +# this is to avoid warning logs printed by FileSystemPreferences class +RUN \ + mkdir -p ${USER_HOME}/.java/.systemPrefs \ + && mkdir -p ${USER_HOME}/.java/.userPrefs \ + && chmod -R 755 ${USER_HOME}/.java \ + && chown -R ${USER}:${USER_GROUP} ${USER_HOME}/.java +# copy init script to user home +COPY --chown=wso2carbon:wso2 docker-entrypoint.sh ${USER_HOME}/ + +# install required packages +RUN \ + yum -y update \ + && yum install -y \ + nc \ + unzip \ + wget \ + && rm -rf /var/cache/yum/* + +# add the WSO2 product distribution to user's home directory +RUN \ + wget -O ${WSO2_SERVER}.zip "${WSO2_SERVER_DIST_URL}" \ + && unzip -d ${USER_HOME} ${WSO2_SERVER}.zip \ + && chown wso2carbon:wso2 -R ${WSO2_SERVER_HOME} \ + && rm -f ${WSO2_SERVER}.zip +# add libraries for Kubernetes membership scheme based clustering +ADD --chown=wso2carbon:wso2 https://repo1.maven.org/maven2/dnsjava/dnsjava/${DNS_JAVA_VERSION}/dnsjava-${DNS_JAVA_VERSION}.jar ${WSO2_SERVER_HOME}/repository/components/lib +ADD --chown=wso2carbon:wso2 http://maven.wso2.org/nexus/content/repositories/releases/org/wso2/carbon/kubernetes/artifacts/kubernetes-membership-scheme/${K8S_MEMBERSHIP_SCHEME_VERSION}/kubernetes-membership-scheme-${K8S_MEMBERSHIP_SCHEME_VERSION}.jar ${WSO2_SERVER_HOME}/repository/components/dropins/ + +# set the user and work directory +USER ${USER_ID} +WORKDIR ${USER_HOME} + +# set environment variables +ENV JAVA_OPTS="-Djava.util.prefs.systemRoot=${USER_HOME}/.java -Djava.util.prefs.userRoot=${USER_HOME}/.java/.userPrefs" \ + WORKING_DIRECTORY=${USER_HOME} \ + WSO2_SERVER_HOME=${WSO2_SERVER_HOME} + +# expose ports +EXPOSE 4000 9763 9443 + +# initiate container and start WSO2 Carbon server +ENTRYPOINT ["/home/wso2carbon/docker-entrypoint.sh"] diff --git a/dockerfiles/rocky/is/README.md b/dockerfiles/rocky/is/README.md new file mode 100644 index 00000000..b1600b39 --- /dev/null +++ b/dockerfiles/rocky/is/README.md @@ -0,0 +1,74 @@ +# Dockerfile for WSO2 Identity Server # + +This section defines the step-by-step instructions to build an [Rocky Linux](https://hub.docker.com/_/rockylinux/) Linux based Docker image for WSO2 Identity Server 5.8.0. + +## Prerequisites + +* [Docker](https://www.docker.com/get-docker) v17.09.0 or above +* [Git](https://git-scm.com/book/en/v2/Getting-Started-Installing-Git) client + +## How to build an image and run + +##### 1. Checkout this repository into your local machine using the following Git client command. + +``` +git clone https://github.com/wso2/docker-is.git +``` + +>The local copy of the `dockerfiles/rocky/is` directory will be referred to as `IS_DOCKERFILE_HOME` from this point onwards. + +##### 2. Build the Docker image. + +- Navigate to `` directory.
+ Execute `docker build` command as shown below. + + `docker build -t wso2is:5.8.0-rocky .` + +> By default, the Docker image will prepackage the General Availability (GA) release version of the relevant WSO2 product. + +##### 3. Running the Docker image. + +- `docker run -it -p 9443:9443 wso2is:5.8.0-rocky` + +>Here, only port 9443 (HTTPS servlet transport) has been mapped to a Docker host port. +You may map other container service ports, which have been exposed to Docker host ports, as desired. + +##### 4. Accessing management console. + +- To access the management console, use the docker host IP and port 9443. + + `https://:9443/carbon` + +>In here, refers to hostname or IP of the host machine on top of which containers are spawned. + +## How to update configurations + +Configurations would lie on the Docker host machine and they can be volume mounted to the container.
+As an example, steps required to change the port offset using `carbon.xml` is as follows: + +##### 1. Stop the Identity Server container if it's already running. + +In WSO2 Identity Server 5.8.0 product distribution, `carbon.xml` configuration file
+can be found at `/repository/conf`. Copy the file to some suitable location of the host machine,
+referred to as `/carbon.xml` and change the offset value under ports to 1. + +##### 2. Grant read permission to `other` users for `/carbon.xml`. + +``` +chmod o+r /carbon.xml +``` + +##### 3. Run the image by mounting the file to container as follows: + +``` +docker run \ +-p 9444:9444 \ +--volume /carbon.xml:/carbon.xml \ +wso2is:5.8.0-rocky +``` + +>In here, refers to /home/wso2carbon/wso2is-5.8.0/repository/conf folder of the container. + +## Docker command usage references + +* [Docker build command reference](https://docs.docker.com/engine/reference/commandline/build/) +* [Docker run command reference](https://docs.docker.com/engine/reference/run/) +* [Dockerfile reference](https://docs.docker.com/engine/reference/builder/) diff --git a/dockerfiles/rocky/is/docker-entrypoint.sh b/dockerfiles/rocky/is/docker-entrypoint.sh new file mode 100755 index 00000000..47c26446 --- /dev/null +++ b/dockerfiles/rocky/is/docker-entrypoint.sh @@ -0,0 +1,36 @@ +#!/bin/sh +# ------------------------------------------------------------------------ +# Copyright 2024 WSO2, LLC. (http://wso2.com) +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License +# ------------------------------------------------------------------------ + +set -e + +# volume mounts +config_volume=${WORKING_DIRECTORY}/wso2-config-volume +artifact_volume=${WORKING_DIRECTORY}/wso2-artifact-volume + +# check if the WSO2 non-root user home exists +test ! -d ${WORKING_DIRECTORY} && echo "WSO2 Docker non-root user home does not exist" && exit 1 + +# check if the WSO2 product home exists +test ! -d ${WSO2_SERVER_HOME} && echo "WSO2 Docker product home does not exist" && exit 1 + +# copy any configuration changes mounted to config_volume +test -d ${config_volume} && [ "$(ls -A ${config_volume})" ] && cp -RL ${config_volume}/* ${WSO2_SERVER_HOME}/ +# copy any artifact changes mounted to artifact_volume +test -d ${artifact_volume} && [ "$(ls -A ${artifact_volume})" ] && cp -RL ${artifact_volume}/* ${WSO2_SERVER_HOME}/ + +# start WSO2 Carbon server +sh ${WSO2_SERVER_HOME}/bin/wso2server.sh "$@" From 8dcd5208ac4b2fe78f9635597da4d18d19dda289 Mon Sep 17 00:00:00 2001 From: ZiyamSanthosh Date: Thu, 18 Jul 2024 14:17:11 +0530 Subject: [PATCH 2/3] Add snippet to download necessary locale packages --- dockerfiles/rocky/is-analytics/dashboard/Dockerfile | 8 +++++++- dockerfiles/rocky/is-analytics/worker/Dockerfile | 6 ++++++ dockerfiles/rocky/is/Dockerfile | 6 ++++++ 3 files changed, 19 insertions(+), 1 deletion(-) diff --git a/dockerfiles/rocky/is-analytics/dashboard/Dockerfile b/dockerfiles/rocky/is-analytics/dashboard/Dockerfile index a5822197..ff600899 100644 --- a/dockerfiles/rocky/is-analytics/dashboard/Dockerfile +++ b/dockerfiles/rocky/is-analytics/dashboard/Dockerfile @@ -17,9 +17,15 @@ # ------------------------------------------------------------------------ # Set base Docker image to Rocky Linux Docker image. -FROM rockylinux:7 +FROM rockylinux:9.3 LABEL maintainer="WSO2 Docker Maintainers " \ com.wso2.docker.source="https://github.com/wso2/docker-is/releases/tag/v5.8.0.10" + +# Install necessary locale packages +RUN yum install -y glibc-langpack-en && \ + yum install -y langpacks-en glibc-locale-source && \ + localedef -c -f UTF-8 -i en_US en_US.UTF-8 + ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' LC_ALL='en_US.UTF-8' # Install JDK Dependencies. diff --git a/dockerfiles/rocky/is-analytics/worker/Dockerfile b/dockerfiles/rocky/is-analytics/worker/Dockerfile index b3edebde..45d9b044 100644 --- a/dockerfiles/rocky/is-analytics/worker/Dockerfile +++ b/dockerfiles/rocky/is-analytics/worker/Dockerfile @@ -20,6 +20,12 @@ FROM rockylinux:9.3 LABEL maintainer="WSO2 Docker Maintainers " \ com.wso2.docker.source="https://github.com/wso2/docker-is/releases/tag/v5.8.0.10" + +# Install necessary locale packages +RUN yum install -y glibc-langpack-en && \ + yum install -y langpacks-en glibc-locale-source && \ + localedef -c -f UTF-8 -i en_US en_US.UTF-8 + ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' LC_ALL='en_US.UTF-8' # Install JDK Dependencies. diff --git a/dockerfiles/rocky/is/Dockerfile b/dockerfiles/rocky/is/Dockerfile index 9232e44a..7b222c58 100644 --- a/dockerfiles/rocky/is/Dockerfile +++ b/dockerfiles/rocky/is/Dockerfile @@ -20,6 +20,12 @@ FROM rockylinux:9.3 LABEL maintainer="WSO2 Docker Maintainers " \ com.wso2.docker.source="https://github.com/wso2/docker-is/releases/tag/v5.8.0.10" + +# Install necessary locale packages +RUN yum install -y glibc-langpack-en && \ + yum install -y langpacks-en glibc-locale-source && \ + localedef -c -f UTF-8 -i en_US en_US.UTF-8 + ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' LC_ALL='en_US.UTF-8' # Install JDK Dependencies. From 0f53f5adf602438a69b3def408ab4438181287d8 Mon Sep 17 00:00:00 2001 From: ZiyamSanthosh Date: Wed, 31 Jul 2024 17:44:11 +0530 Subject: [PATCH 3/3] Change Rocky Linux version to 8.10 --- dockerfiles/rocky/is-analytics/dashboard/Dockerfile | 7 ++++++- dockerfiles/rocky/is-analytics/worker/Dockerfile | 7 ++++++- dockerfiles/rocky/is/Dockerfile | 7 ++++++- 3 files changed, 18 insertions(+), 3 deletions(-) diff --git a/dockerfiles/rocky/is-analytics/dashboard/Dockerfile b/dockerfiles/rocky/is-analytics/dashboard/Dockerfile index ff600899..9876e84a 100644 --- a/dockerfiles/rocky/is-analytics/dashboard/Dockerfile +++ b/dockerfiles/rocky/is-analytics/dashboard/Dockerfile @@ -17,10 +17,15 @@ # ------------------------------------------------------------------------ # Set base Docker image to Rocky Linux Docker image. -FROM rockylinux:9.3 +FROM rockylinux:8 LABEL maintainer="WSO2 Docker Maintainers " \ com.wso2.docker.source="https://github.com/wso2/docker-is/releases/tag/v5.8.0.10" +# Update the system to the specific 8.10 version +RUN dnf -y update && \ + dnf -y distro-sync && \ + dnf clean all + # Install necessary locale packages RUN yum install -y glibc-langpack-en && \ yum install -y langpacks-en glibc-locale-source && \ diff --git a/dockerfiles/rocky/is-analytics/worker/Dockerfile b/dockerfiles/rocky/is-analytics/worker/Dockerfile index 45d9b044..b7636842 100644 --- a/dockerfiles/rocky/is-analytics/worker/Dockerfile +++ b/dockerfiles/rocky/is-analytics/worker/Dockerfile @@ -17,10 +17,15 @@ # ------------------------------------------------------------------------ # Set base Docker image to Rocky Linux Docker image. -FROM rockylinux:9.3 +FROM rockylinux:8 LABEL maintainer="WSO2 Docker Maintainers " \ com.wso2.docker.source="https://github.com/wso2/docker-is/releases/tag/v5.8.0.10" +# Update the system to the specific 8.10 version +RUN dnf -y update && \ + dnf -y distro-sync && \ + dnf clean all + # Install necessary locale packages RUN yum install -y glibc-langpack-en && \ yum install -y langpacks-en glibc-locale-source && \ diff --git a/dockerfiles/rocky/is/Dockerfile b/dockerfiles/rocky/is/Dockerfile index 7b222c58..11b089c4 100644 --- a/dockerfiles/rocky/is/Dockerfile +++ b/dockerfiles/rocky/is/Dockerfile @@ -17,10 +17,15 @@ # ------------------------------------------------------------------------ # Set base Docker image to Rocky Linux Docker image. -FROM rockylinux:9.3 +FROM rockylinux:8 LABEL maintainer="WSO2 Docker Maintainers " \ com.wso2.docker.source="https://github.com/wso2/docker-is/releases/tag/v5.8.0.10" +# Update the system to the specific 8.10 version +RUN dnf -y update && \ + dnf -y distro-sync && \ + dnf clean all + # Install necessary locale packages RUN yum install -y glibc-langpack-en && \ yum install -y langpacks-en glibc-locale-source && \