c988632091
Change-Id: I216d16de1f4fb1438534c9362b57499ec3d6725b
119 lines
4.1 KiB
Docker
119 lines
4.1 KiB
Docker
# Licensed under the Apache License, Version 2.0 (the "License");
|
|
# you may not use this file except in compliance with the License.
|
|
# You may obtain a copy of the License at
|
|
#
|
|
# http://www.apache.org/licenses/LICENSE-2.0
|
|
#
|
|
# Unless required by applicable law or agreed to in writing, software
|
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
# See the License for the specific language governing permissions and
|
|
# limitations under the License.
|
|
|
|
FROM docker.io/ubuntu:bionic
|
|
MAINTAINER pete.birley@att.com
|
|
|
|
ARG UBUNTU_URL=http://archive.ubuntu.com/ubuntu/
|
|
ARG ALLOW_UNAUTHENTICATED=false
|
|
ARG PIP_INDEX_URL=https://pypi.python.org/simple/
|
|
ARG PIP_TRUSTED_HOST=pypi.python.org
|
|
ENV PIP_INDEX_URL=${PIP_INDEX_URL}
|
|
ENV PIP_TRUSTED_HOST=${PIP_TRUSTED_HOST}
|
|
|
|
COPY ./tools/images/kubeadm-aio/sources.list /etc/apt/
|
|
RUN sed -i \
|
|
-e "s|%%UBUNTU_URL%%|${UBUNTU_URL}|g" \
|
|
/etc/apt/sources.list ;\
|
|
echo "APT::Get::AllowUnauthenticated \"${ALLOW_UNAUTHENTICATED}\";\n\
|
|
Acquire::AllowInsecureRepositories \"${ALLOW_UNAUTHENTICATED}\";\n\
|
|
Acquire::AllowDowngradeToInsecureRepositories \"${ALLOW_UNAUTHENTICATED}\";" \
|
|
>> /etc/apt/apt.conf.d/allow-unathenticated
|
|
|
|
ARG GOOGLE_KUBERNETES_REPO_URL=https://storage.googleapis.com/kubernetes-release/release/${KUBE_VERSION}/bin/linux/amd64
|
|
ENV GOOGLE_KUBERNETES_REPO_URL ${GOOGLE_KUBERNETES_REPO_URL}
|
|
|
|
ARG GOOGLE_HELM_REPO_URL=https://storage.googleapis.com/kubernetes-helm
|
|
ENV GOOGLE_HELM_REPO_URL ${GOOGLE_HELM_REPO_URL}
|
|
|
|
ARG KUBE_VERSION="v1.18.9"
|
|
ENV KUBE_VERSION ${KUBE_VERSION}
|
|
|
|
ARG CNI_VERSION="v0.6.0"
|
|
ENV CNI_VERSION ${CNI_VERSION}
|
|
|
|
ARG CNI_REPO_URL=https://github.com/containernetworking/plugins/releases/download/$CNI_VERSION
|
|
ENV CNI_REPO_URL ${CNI_REPO_URL}
|
|
|
|
ARG HELM_VERSION="v2.16.9"
|
|
ENV HELM_VERSION ${HELM_VERSION}
|
|
|
|
ARG CHARTS="calico,flannel,tiller,kube-dns,kubernetes-keystone-webhook"
|
|
ENV CHARTS ${CHARTS}
|
|
|
|
ARG HTTP_PROXY=""
|
|
ENV HTTP_PROXY ${HTTP_PROXY}
|
|
ENV http_proxy ${HTTP_PROXY}
|
|
|
|
ARG HTTPS_PROXY=""
|
|
ENV HTTPS_PROXY ${HTTPS_PROXY}
|
|
ENV https_proxy ${HTTPS_PROXY}
|
|
|
|
ARG NO_PROXY="127.0.0.1,localhost,.svc.cluster.local"
|
|
ENV NO_PROXY ${NO_PROXY}
|
|
ENV no_proxy ${NO_PROXY}
|
|
|
|
ENV container="docker" \
|
|
DEBIAN_FRONTEND="noninteractive" \
|
|
CNI_BIN_DIR="/opt/cni/bin"
|
|
|
|
RUN set -ex ;\
|
|
apt-get update ;\
|
|
apt-get upgrade -y ;\
|
|
apt-get install -y --no-install-recommends \
|
|
bash \
|
|
ca-certificates \
|
|
curl \
|
|
jq \
|
|
python3-pip \
|
|
gawk ;\
|
|
pip3 --no-cache-dir install --upgrade pip==18.1 ;\
|
|
hash -r ;\
|
|
pip3 --no-cache-dir install --upgrade setuptools ;\
|
|
# NOTE(srwilkers): Pinning ansible to 2.5.5, as pip installs 2.6 by default.
|
|
# 2.6 introduces a new command flag (init) for the docker_container module
|
|
# that is incompatible with what we have currently. 2.5.5 ensures we match
|
|
# what's deployed in the gates
|
|
pip3 --no-cache-dir install --upgrade \
|
|
requests \
|
|
kubernetes \
|
|
"ansible==2.5.5" ;\
|
|
for BINARY in kubectl kubeadm; do \
|
|
curl -sSL -o /usr/bin/${BINARY} \
|
|
${GOOGLE_KUBERNETES_REPO_URL}/${BINARY} ;\
|
|
chmod +x /usr/bin/${BINARY} ;\
|
|
done ;\
|
|
mkdir -p /opt/assets/usr/bin ;\
|
|
curl -sSL -o /opt/assets/usr/bin/kubelet \
|
|
${GOOGLE_KUBERNETES_REPO_URL}/kubelet ;\
|
|
chmod +x /opt/assets/usr/bin/kubelet ;\
|
|
mkdir -p /opt/assets${CNI_BIN_DIR} ;\
|
|
curl -sSL ${CNI_REPO_URL}/cni-plugins-amd64-$CNI_VERSION.tgz | \
|
|
tar -zxv --strip-components=1 -C /opt/assets${CNI_BIN_DIR} ;\
|
|
TMP_DIR=$(mktemp -d) ;\
|
|
curl -sSL ${GOOGLE_HELM_REPO_URL}/helm-${HELM_VERSION}-linux-amd64.tar.gz | tar -zxv --strip-components=1 -C ${TMP_DIR} ;\
|
|
mv ${TMP_DIR}/helm /usr/bin/helm ;\
|
|
rm -rf ${TMP_DIR} ;\
|
|
apt-get purge -y --auto-remove \
|
|
curl ;\
|
|
rm -rf /var/lib/apt/lists/* /tmp/* /root/.cache
|
|
|
|
COPY ./ /tmp/source
|
|
RUN set -ex ;\
|
|
cp -rfav /tmp/source/tools/images/kubeadm-aio/assets/* / ;\
|
|
IFS=','; for CHART in $CHARTS; do \
|
|
mv -v /tmp/source/${CHART} /opt/charts/; \
|
|
done ;\
|
|
rm -rf /tmp/source
|
|
|
|
ENTRYPOINT ["/entrypoint.sh"]
|