From d6135a000cf111fa60332ff0db90d7a5e72c2f77 Mon Sep 17 00:00:00 2001 From: astebenkova Date: Thu, 8 Aug 2024 12:49:27 +0300 Subject: [PATCH] [images] Optimize docker recipes * remove deprecated 'apt-key add' * use a more reliable method for updating pip to the latest version * remove 'apt clean' step since it's included in official Ubuntu images + upgrade K8s to v1.29.7 + align etcdctl with cluster's version Change-Id: Ic166b8432b3ff529e0281f8af26b680dc614caeb --- .../calicoctl-utility/Dockerfile.ubuntu_jammy | 6 ++--- .../Dockerfile_calicoq_calicoctl.ubuntu_jammy | 22 ++++++++-------- images/ceph-utility/Dockerfile.ubuntu_jammy | 25 +++++++++---------- .../compute-utility/Dockerfile.ubuntu_jammy | 7 +++--- .../etcdctl-utility/Dockerfile.ubuntu_jammy | 16 ++++++------ .../Dockerfile.ubuntu_jammy | 19 ++++++++------ .../openstack-utility/Dockerfile.ubuntu_jammy | 4 +-- .../Dockerfile.ubuntu_jammy | 17 +++++++------ 8 files changed, 60 insertions(+), 56 deletions(-) diff --git a/images/calicoctl-utility/Dockerfile.ubuntu_jammy b/images/calicoctl-utility/Dockerfile.ubuntu_jammy index b6841e64..125b9ab5 100644 --- a/images/calicoctl-utility/Dockerfile.ubuntu_jammy +++ b/images/calicoctl-utility/Dockerfile.ubuntu_jammy @@ -24,16 +24,16 @@ RUN set -xe \ && apt-get update && apt-get upgrade -y \ && apt-get install -y --no-install-recommends \ bash \ + curl \ locales \ moreutils \ sudo \ socat \ python3.10 \ python3-pip \ - && pip3 install --no-cache-dir --upgrade pip \ + && curl -s https://bootstrap.pypa.io/get-pip.py | python3 \ && pip3 install --no-cache-dir \ - oslo.rootwrap==7.0.1 \ - && apt-get clean -y \ + oslo.rootwrap==7.0.1 \ && rm -rf /var/lib/apt/lists/* RUN PYTHON_LOCATION=$(pip3 show oslo.rootwrap|grep Location|awk '{print $2}') \ diff --git a/images/calicoctl-utility/Dockerfile_calicoq_calicoctl.ubuntu_jammy b/images/calicoctl-utility/Dockerfile_calicoq_calicoctl.ubuntu_jammy index 1ddb5dae..fe8bb595 100644 --- a/images/calicoctl-utility/Dockerfile_calicoq_calicoctl.ubuntu_jammy +++ b/images/calicoctl-utility/Dockerfile_calicoq_calicoctl.ubuntu_jammy @@ -29,17 +29,17 @@ RUN set -xe \ && echo "nobody:x:65534:65534:nobody:/nonexistent:/bin/bash" >> /etc/passwd \ && apt-get update && apt-get -y upgrade \ && apt-get install -y --no-install-recommends \ - bash \ - locales \ - moreutils \ - sudo \ - socat \ - python3.10 \ - python3-pip \ - && pip3 install --upgrade pip \ - && pip3 install \ - oslo.rootwrap==7.0.1 \ - && apt-get clean -y \ + bash \ + curl \ + locales \ + moreutils \ + sudo \ + socat \ + python3.10 \ + python3-pip \ + && curl -s https://bootstrap.pypa.io/get-pip.py | python3 \ + && pip3 install --no-cache-dir \ + oslo.rootwrap==7.0.1 \ && rm -rf /var/lib/apt/lists/* RUN PYTHON_LOCATION=$(pip3 show oslo.rootwrap|grep Location|awk '{print $2}') \ diff --git a/images/ceph-utility/Dockerfile.ubuntu_jammy b/images/ceph-utility/Dockerfile.ubuntu_jammy index f8c8c2d2..1d35079a 100644 --- a/images/ceph-utility/Dockerfile.ubuntu_jammy +++ b/images/ceph-utility/Dockerfile.ubuntu_jammy @@ -8,24 +8,26 @@ LABEL org.opencontainers.image.authors='airship-discuss@lists.airshipit.org, irc org.opencontainers.image.vendor='The Airship Authors' \ org.opencontainers.image.licenses='Apache-2.0' -# Reef 18.2.1 +# Reef 18.2.2 ARG CEPH_RELEASE=reef ARG CEPH_RELEASE_TAG=18.2.2-1~jammy -ARG KUBE_VERSION=1.29.5 +ARG KUBE_VERSION=1.29.7 ARG CEPH_REPO=https://mirror.mirantis.com/acicd/ceph/debian-18.2.2.patch1/jammy/ ARG CEPH_KEY=https://mirror.mirantis.com/acicd/ceph/debian-18.2.2.patch1/jammy/release.asc -ADD ${CEPH_KEY} /etc/apt/ceph-${CEPH_RELEASE}.key +ARG DEBIAN_FRONTEND=noninteractive + RUN set -xe \ - && export DEBIAN_FRONTEND=noninteractive \ && sed -i '/nobody/d' /etc/passwd \ && echo "nobody:x:65534:65534:nobody:/nonexistent:/bin/bash" >> /etc/passwd \ && apt-get update && apt-get upgrade -y \ - && apt-get install -y --no-install-recommends curl apt-transport-https ca-certificates gnupg \ - && apt-key add /etc/apt/ceph-${CEPH_RELEASE}.key \ - && rm -f /etc/apt/ceph-${CEPH_RELEASE}.key \ - && echo "deb ${CEPH_REPO} jammy main" | tee /etc/apt/sources.list.d/ceph.list \ + && apt-get install -y --no-install-recommends \ + ca-certificates \ + gnupg \ + curl \ + && curl -fsSL ${CEPH_KEY} | gpg --dearmor -o /etc/apt/keyrings/ceph.acs \ + && echo "deb [signed-by=/etc/apt/keyrings/ceph.acs] ${CEPH_REPO} jammy main" | tee /etc/apt/sources.list.d/ceph.list \ && apt-get update \ && apt-get install -y --no-install-recommends \ bash \ @@ -47,15 +49,12 @@ RUN set -xe \ python3.10 \ python3-pip \ orphan-sysvinit-scripts \ - && pip3 install --no-cache-dir --upgrade pip \ + && curl -s https://bootstrap.pypa.io/get-pip.py | python3 \ && pip3 install --no-cache-dir \ oslo.rootwrap==7.0.1 \ && curl --silent -L https://dl.k8s.io/v${KUBE_VERSION}/kubernetes-client-linux-amd64.tar.gz \ | tar -zC /usr/bin --strip-components=3 --wildcards -x "*/*/*/kubectl" \ - && apt-get purge --autoremove -y apt-transport-https \ - && apt-get clean \ - && rm -rf \ - /var/lib/apt/lists/* + && rm -rf /var/lib/apt/lists/* RUN PYTHON_LOCATION=$(pip3 show oslo.rootwrap|grep Location|awk '{print $2}') \ && sed -i "/rootwrap_logger.setLevel/s/.*/#&/" $PYTHON_LOCATION/oslo_rootwrap/wrapper.py \ diff --git a/images/compute-utility/Dockerfile.ubuntu_jammy b/images/compute-utility/Dockerfile.ubuntu_jammy index 2b195af7..04834b3c 100644 --- a/images/compute-utility/Dockerfile.ubuntu_jammy +++ b/images/compute-utility/Dockerfile.ubuntu_jammy @@ -8,7 +8,7 @@ LABEL org.opencontainers.image.authors='airship-discuss@lists.airshipit.org, irc org.opencontainers.image.vendor='The Airship Authors' \ org.opencontainers.image.licenses='Apache-2.0' -ARG KUBE_VERSION=1.29.5 +ARG KUBE_VERSION=1.29.7 ARG DEBIAN_FRONTEND=noninteractive @@ -36,12 +36,11 @@ RUN set -xe \ python3.10 \ python3-pip \ orphan-sysvinit-scripts \ - && pip3 install --no-cache-dir --upgrade pip \ + && curl -s https://bootstrap.pypa.io/get-pip.py | python3 \ && pip3 install --no-cache-dir \ - oslo.rootwrap==7.0.1 \ + oslo.rootwrap==7.0.1 \ && curl --silent -L https://dl.k8s.io/v${KUBE_VERSION}/kubernetes-client-linux-amd64.tar.gz \ | tar -zC /usr/bin --strip-components=3 --wildcards -x "*/*/*/kubectl" \ - && apt-get clean \ && rm -rf /var/lib/apt/lists/* RUN PYTHON_LOCATION=$(pip3 show oslo.rootwrap|grep Location|awk '{print $2}') \ diff --git a/images/etcdctl-utility/Dockerfile.ubuntu_jammy b/images/etcdctl-utility/Dockerfile.ubuntu_jammy index 8d125ce0..1313e520 100644 --- a/images/etcdctl-utility/Dockerfile.ubuntu_jammy +++ b/images/etcdctl-utility/Dockerfile.ubuntu_jammy @@ -8,15 +8,16 @@ LABEL org.opencontainers.image.authors='airship-discuss@lists.airshipit.org, irc org.opencontainers.image.vendor='The Airship Authors' \ org.opencontainers.image.licenses='Apache-2.0' -ARG ETCDCTL_VERSION=v3.5.13 -ARG KUBE_VERSION=1.29.5 +ARG ETCDCTL_VERSION=3.5.12 +ARG KUBE_VERSION=1.29.7 ENV GOOGLE_URL=https://storage.googleapis.com/etcd ENV GITHUB_URL=https://github.com/etcd-io/etcd/releases/download ENV DOWNLOAD_URL=${GITHUB_URL} +ARG DEBIAN_FRONTEND=noninteractive + RUN set -xe \ - && export DEBIAN_FRONTEND=noninteractive \ && sed -i '/nobody/d' /etc/passwd \ && echo "nobody:x:65534:65534:nobody:/nonexistent:/bin/bash" >> /etc/passwd \ && apt-get update && apt-get upgrade -y \ @@ -34,22 +35,21 @@ RUN set -xe \ python3-pip \ python3-netifaces \ orphan-sysvinit-scripts \ - && pip3 install --no-cache-dir --upgrade pip \ + && curl -s https://bootstrap.pypa.io/get-pip.py | python3 \ && pip3 install --no-cache-dir \ munch \ oslo.rootwrap==7.0.1 \ python-openstackclient==6.2.0 \ python-swiftclient==4.2.0 \ - && curl --silent -L "${DOWNLOAD_URL}/${ETCDCTL_VERSION}/etcd-${ETCDCTL_VERSION}-linux-amd64.tar.gz" \ + && curl --silent -L "${DOWNLOAD_URL}/v${ETCDCTL_VERSION}/etcd-v${ETCDCTL_VERSION}-linux-amd64.tar.gz" \ | tar -zC /usr/local/bin --strip-components=1 --wildcards -x "*/etcdctl" \ && curl --silent -L https://dl.k8s.io/v${KUBE_VERSION}/kubernetes-client-linux-amd64.tar.gz \ | tar -zC /usr/bin --strip-components=3 --wildcards -x "*/*/*/kubectl" \ && curl -o /tmp/rclone.deb https://downloads.rclone.org/rclone-current-linux-amd64.deb \ && apt-get install -y --no-install-recommends /tmp/rclone.deb \ - && apt-get clean -y \ && rm -rf \ - /tmp/* \ - /var/lib/apt/lists/* + /tmp/* \ + /var/lib/apt/lists/* RUN PYTHON_LOCATION=$(pip3 show oslo.rootwrap|grep Location|awk '{print $2}') \ && sed -i "/rootwrap_logger.setLevel/s/.*/#&/" $PYTHON_LOCATION/oslo_rootwrap/wrapper.py \ diff --git a/images/mysqlclient-utility/Dockerfile.ubuntu_jammy b/images/mysqlclient-utility/Dockerfile.ubuntu_jammy index 0b8b69fd..3462501f 100644 --- a/images/mysqlclient-utility/Dockerfile.ubuntu_jammy +++ b/images/mysqlclient-utility/Dockerfile.ubuntu_jammy @@ -8,25 +8,29 @@ LABEL org.opencontainers.image.authors='airship-discuss@lists.airshipit.org, irc org.opencontainers.image.vendor='The Airship Authors' \ org.opencontainers.image.licenses='Apache-2.0' -ARG KUBE_VERSION=1.29.5 +ARG KUBE_VERSION=1.29.7 ARG MARIADB_VERSION=10.6 ARG PERCONA_TOOLKIT_VERSION=3.5.7 +ARG DEBIAN_FRONTEND=noninteractive + RUN set -xe \ - && export DEBIAN_FRONTEND=noninteractive \ && sed -i '/nobody/d' /etc/passwd \ && echo "nobody:x:65534:65534:nobody:/nonexistent:/bin/bash" >> /etc/passwd \ - && apt-get update \ - && apt-get install -y --no-install-recommends curl apt-transport-https ca-certificates gnupg \ + && apt-get update && apt-get upgrade -y \ + && apt-get install -y --no-install-recommends \ + apt-transport-https \ + ca-certificates \ + gnupg \ + curl \ && curl -LsS -O https://downloads.mariadb.com/MariaDB/mariadb_repo_setup \ && bash mariadb_repo_setup --mariadb-server-version=${MARIADB_VERSION} \ - && apt-get update && apt-get upgrade -y \ + && apt-get update \ && apt-get install -y --no-install-recommends \ bash \ sudo \ rsyslog \ pwgen \ - curl \ jq \ libdbi-perl \ libdbd-mysql-perl \ @@ -37,7 +41,7 @@ RUN set -xe \ python3-pip \ python3-netifaces \ orphan-sysvinit-scripts \ - && pip3 install --no-cache-dir --upgrade pip \ + && curl -s https://bootstrap.pypa.io/get-pip.py | python3 \ && pip3 install --no-cache-dir \ munch \ oslo.rootwrap==7.0.1 \ @@ -51,7 +55,6 @@ RUN set -xe \ && curl -o /tmp/rclone.deb https://downloads.rclone.org/rclone-current-linux-amd64.deb \ && apt-get install -y --no-install-recommends /tmp/rclone.deb \ && apt-get purge --autoremove -y apt-transport-https \ - && apt-get clean -y \ && rm -rf \ /tmp/* \ /var/cache/debconf/* \ diff --git a/images/openstack-utility/Dockerfile.ubuntu_jammy b/images/openstack-utility/Dockerfile.ubuntu_jammy index f309f9d2..1825411c 100644 --- a/images/openstack-utility/Dockerfile.ubuntu_jammy +++ b/images/openstack-utility/Dockerfile.ubuntu_jammy @@ -16,13 +16,14 @@ RUN set -xe \ && apt-get update && apt-get upgrade -y \ && apt-get install --no-install-recommends -y \ bash \ + curl \ sudo \ rsyslog \ python3.10 \ python3-pip \ python3-netifaces \ orphan-sysvinit-scripts \ - && pip3 install --no-cache-dir --upgrade pip \ + && curl -s https://bootstrap.pypa.io/get-pip.py | python3 \ && pip3 install --no-cache-dir \ munch \ oslo.rootwrap==7.0.1 \ @@ -33,7 +34,6 @@ RUN set -xe \ python-cinderclient==9.3.0 \ python-heatclient==3.2.0 \ osc-placement \ - && apt-get clean -y \ && rm -rf /var/lib/apt/lists/* RUN PYTHON_LOCATION=$(pip3 show oslo.rootwrap|grep Location|awk '{print $2}') \ diff --git a/images/postgresql-utility/Dockerfile.ubuntu_jammy b/images/postgresql-utility/Dockerfile.ubuntu_jammy index 721c3d62..a44264ad 100644 --- a/images/postgresql-utility/Dockerfile.ubuntu_jammy +++ b/images/postgresql-utility/Dockerfile.ubuntu_jammy @@ -8,16 +8,20 @@ LABEL org.opencontainers.image.authors='airship-discuss@lists.airshipit.org, irc org.opencontainers.image.vendor='The Airship Authors' \ org.opencontainers.image.licenses='Apache-2.0' -ARG KUBE_VERSION=1.29.5 +ARG KUBE_VERSION=1.29.7 + +ARG DEBIAN_FRONTEND=noninteractive RUN set -xe \ - && export DEBIAN_FRONTEND=noninteractive \ && sed -i '/nobody/d' /etc/passwd \ && echo "nobody:x:65534:65534:nobody:/nonexistent:/bin/bash" >> /etc/passwd \ && apt-get update && apt-get upgrade -y \ - && apt-get install --no-install-recommends -y curl ca-certificates gnupg \ - && echo "deb https://apt.postgresql.org/pub/repos/apt jammy-pgdg main" > /etc/apt/sources.list.d/pgdg.list \ - && curl -o /etc/apt/trusted.gpg.d/postgresql_release_signing_key.asc 'https://www.postgresql.org/media/keys/ACCC4CF8.asc' \ + && apt-get install --no-install-recommends -y \ + ca-certificates \ + gnupg \ + curl \ + && curl -fsSL https://www.postgresql.org/media/keys/ACCC4CF8.asc | gpg --dearmor -o /etc/apt/keyrings/pgdg.acs \ + && echo "deb [signed-by=/etc/apt/keyrings/pgdg.acs] https://apt.postgresql.org/pub/repos/apt jammy-pgdg main" > /etc/apt/sources.list.d/pgdg.list \ && apt-get update \ && apt-get install --no-install-recommends -y \ bash \ @@ -32,7 +36,7 @@ RUN set -xe \ python3-pip \ python3-netifaces \ orphan-sysvinit-scripts \ - && pip3 install --no-cache-dir --upgrade pip \ + && curl -s https://bootstrap.pypa.io/get-pip.py | python3 \ && pip3 install --no-cache-dir \ munch \ oslo.rootwrap==7.0.1 \ @@ -42,7 +46,6 @@ RUN set -xe \ | tar -zC /usr/bin --strip-components=3 --wildcards -x "*/*/*/kubectl" \ && curl -o /tmp/rclone.deb https://downloads.rclone.org/rclone-current-linux-amd64.deb \ && apt-get install -y --no-install-recommends /tmp/rclone.deb \ - && apt-get clean -y \ && rm -rf \ /tmp/* \ /var/cache/debconf/* \