2013-06-21 22:42:17 -04:00
|
|
|
# This file describes the standard way to build Docker, using docker
|
2013-09-06 22:58:05 -04:00
|
|
|
#
|
|
|
|
# Usage:
|
|
|
|
#
|
|
|
|
# # Assemble the full dev environment. This is slow the first time.
|
|
|
|
# docker build -t docker .
|
|
|
|
#
|
2013-09-06 23:16:13 -04:00
|
|
|
# # Mount your source in an interactive container for quick testing:
|
2014-07-24 18:19:50 -04:00
|
|
|
# docker run -v `pwd`:/go/src/github.com/docker/docker --privileged -i -t docker bash
|
2013-09-06 23:16:13 -04:00
|
|
|
#
|
2013-09-06 22:58:05 -04:00
|
|
|
# # Run the test suite:
|
2014-03-13 13:46:02 -04:00
|
|
|
# docker run --privileged docker hack/make.sh test
|
2013-09-06 22:58:05 -04:00
|
|
|
#
|
|
|
|
# # Publish a release:
|
2014-03-13 13:46:02 -04:00
|
|
|
# docker run --privileged \
|
2013-09-30 15:57:30 -04:00
|
|
|
# -e AWS_S3_BUCKET=baz \
|
|
|
|
# -e AWS_ACCESS_KEY=foo \
|
|
|
|
# -e AWS_SECRET_KEY=bar \
|
|
|
|
# -e GPG_PASSPHRASE=gloubiboulga \
|
|
|
|
# docker hack/release.sh
|
|
|
|
#
|
2015-06-13 12:21:50 -04:00
|
|
|
# Note: AppArmor used to mess with privileged mode, but this is no longer
|
2013-10-31 17:58:43 -04:00
|
|
|
# the case. Therefore, you don't have to disable it anymore.
|
|
|
|
#
|
2013-09-06 22:58:05 -04:00
|
|
|
|
2014-12-24 02:12:27 -05:00
|
|
|
FROM ubuntu:14.04
|
|
|
|
MAINTAINER Tianon Gravi <admwiggin@gmail.com> (@tianon)
|
2013-09-30 15:57:30 -04:00
|
|
|
|
2015-11-08 20:59:09 -05:00
|
|
|
# add zfs ppa
|
2015-05-28 10:43:36 -04:00
|
|
|
RUN apt-key adv --keyserver hkp://p80.pool.sks-keyservers.net:80 --recv-keys E871F18B51E0147C77796AC81196BA81F6B0FC61
|
2014-09-03 10:26:19 -04:00
|
|
|
RUN echo deb http://ppa.launchpad.net/zfs-native/stable/ubuntu trusty main > /etc/apt/sources.list.d/zfs.list
|
|
|
|
|
2015-11-08 20:59:09 -05:00
|
|
|
# add llvm repo
|
|
|
|
RUN apt-key adv --keyserver hkp://p80.pool.sks-keyservers.net:80 --recv-keys 15CF4D18AF4F7421
|
|
|
|
RUN echo deb http://llvm.org/apt/trusty/ llvm-toolchain-trusty main > /etc/apt/sources.list.d/llvm.list
|
|
|
|
|
2013-12-24 22:40:41 -05:00
|
|
|
# Packaged dependencies
|
2014-12-24 02:12:27 -05:00
|
|
|
RUN apt-get update && apt-get install -y \
|
2015-01-09 21:22:19 -05:00
|
|
|
apparmor \
|
2013-12-24 22:40:41 -05:00
|
|
|
aufs-tools \
|
2014-01-27 17:34:46 -05:00
|
|
|
automake \
|
2015-03-29 08:42:48 -04:00
|
|
|
bash-completion \
|
2014-02-01 23:40:51 -05:00
|
|
|
btrfs-tools \
|
2013-12-24 22:40:41 -05:00
|
|
|
build-essential \
|
2015-11-08 20:59:09 -05:00
|
|
|
clang-3.8 \
|
2015-06-01 20:21:09 -04:00
|
|
|
createrepo \
|
2013-12-24 22:40:41 -05:00
|
|
|
curl \
|
|
|
|
dpkg-sig \
|
2015-08-10 15:51:54 -04:00
|
|
|
gcc-mingw-w64 \
|
2013-12-24 22:40:41 -05:00
|
|
|
git \
|
|
|
|
iptables \
|
2015-08-31 13:06:22 -04:00
|
|
|
jq \
|
2014-01-27 17:34:46 -05:00
|
|
|
libapparmor-dev \
|
|
|
|
libcap-dev \
|
2015-10-30 21:14:10 -04:00
|
|
|
libltdl-dev \
|
2013-12-24 22:40:41 -05:00
|
|
|
libsqlite3-dev \
|
Add log reading to the journald log driver
If a logdriver doesn't register a callback function to validate log
options, it won't be usable. Fix the journald driver by adding a dummy
validator.
Teach the client and the daemon's "logs" logic that the server can also
supply "logs" data via the "journald" driver. Update documentation and
tests that depend on error messages.
Add support for reading log data from the systemd journal to the
journald log driver. The internal logic uses a goroutine to scan the
journal for matching entries after any specified cutoff time, formats
the messages from those entries as JSONLog messages, and stuffs the
results down a pipe whose reading end we hand back to the caller.
If we are missing any of the 'linux', 'cgo', or 'journald' build tags,
however, we don't implement a reader, so the 'logs' endpoint will still
return an error.
Make the necessary changes to the build setup to ensure that support for
reading container logs from the systemd journal is built.
Rename the Jmap member of the journald logdriver's struct to "vars" to
make it non-public, and to make it easier to tell that it's just there
to hold additional variable values that we want journald to record along
with log data that we're sending to it.
In the client, don't assume that we know which logdrivers the server
implements, and remove the check that looks at the server. It's
redundant because the server already knows, and the check also makes
using older clients with newer servers (which may have new logdrivers in
them) unnecessarily hard.
When we try to "logs" and have to report that the container's logdriver
doesn't support reading, send the error message through the
might-be-a-multiplexer so that clients which are expecting multiplexed
data will be able to properly display the error, instead of tripping
over the data and printing a less helpful "Unrecognized input header"
error.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com> (github: nalind)
2015-07-23 11:02:56 -04:00
|
|
|
libsystemd-journal-dev \
|
2015-11-14 21:01:24 -05:00
|
|
|
libtool \
|
2013-12-24 22:40:41 -05:00
|
|
|
mercurial \
|
2014-07-09 17:21:39 -04:00
|
|
|
parallel \
|
Add log reading to the journald log driver
If a logdriver doesn't register a callback function to validate log
options, it won't be usable. Fix the journald driver by adding a dummy
validator.
Teach the client and the daemon's "logs" logic that the server can also
supply "logs" data via the "journald" driver. Update documentation and
tests that depend on error messages.
Add support for reading log data from the systemd journal to the
journald log driver. The internal logic uses a goroutine to scan the
journal for matching entries after any specified cutoff time, formats
the messages from those entries as JSONLog messages, and stuffs the
results down a pipe whose reading end we hand back to the caller.
If we are missing any of the 'linux', 'cgo', or 'journald' build tags,
however, we don't implement a reader, so the 'logs' endpoint will still
return an error.
Make the necessary changes to the build setup to ensure that support for
reading container logs from the systemd journal is built.
Rename the Jmap member of the journald logdriver's struct to "vars" to
make it non-public, and to make it easier to tell that it's just there
to hold additional variable values that we want journald to record along
with log data that we're sending to it.
In the client, don't assume that we know which logdrivers the server
implements, and remove the check that looks at the server. It's
redundant because the server already knows, and the check also makes
using older clients with newer servers (which may have new logdrivers in
them) unnecessarily hard.
When we try to "logs" and have to report that the container's logdriver
doesn't support reading, send the error message through the
might-be-a-multiplexer so that clients which are expecting multiplexed
data will be able to properly display the error, instead of tripping
over the data and printing a less helpful "Unrecognized input header"
error.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com> (github: nalind)
2015-07-23 11:02:56 -04:00
|
|
|
pkg-config \
|
2015-11-22 05:32:10 -05:00
|
|
|
python-dev \
|
2014-12-15 14:44:15 -05:00
|
|
|
python-mock \
|
|
|
|
python-pip \
|
2014-12-19 02:20:59 -05:00
|
|
|
python-websocket \
|
2013-12-24 22:40:41 -05:00
|
|
|
s3cmd=1.1.0* \
|
2014-09-03 10:26:19 -04:00
|
|
|
ubuntu-zfs \
|
2015-11-11 17:29:02 -05:00
|
|
|
xfsprogs \
|
2014-09-03 10:26:19 -04:00
|
|
|
libzfs-dev \
|
2015-12-01 13:39:34 -05:00
|
|
|
tar \
|
2015-11-08 20:59:09 -05:00
|
|
|
--no-install-recommends \
|
|
|
|
&& ln -snf /usr/bin/clang-3.8 /usr/local/bin/clang \
|
|
|
|
&& ln -snf /usr/bin/clang++-3.8 /usr/local/bin/clang++
|
2013-12-24 22:40:41 -05:00
|
|
|
|
|
|
|
# Get lvm2 source for compiling statically
|
2014-12-24 02:12:27 -05:00
|
|
|
RUN git clone -b v2_02_103 https://git.fedorahosted.org/git/lvm2.git /usr/local/lvm2
|
2013-12-24 22:40:41 -05:00
|
|
|
# see https://git.fedorahosted.org/cgit/lvm2.git/refs/tags for release tags
|
|
|
|
|
|
|
|
# Compile and install lvm2
|
2014-12-24 02:12:27 -05:00
|
|
|
RUN cd /usr/local/lvm2 \
|
|
|
|
&& ./configure --enable-static_link \
|
|
|
|
&& make device-mapper \
|
|
|
|
&& make install_device-mapper
|
2013-12-24 22:40:41 -05:00
|
|
|
# see https://git.fedorahosted.org/cgit/lvm2.git/tree/INSTALL
|
2013-09-30 15:57:30 -04:00
|
|
|
|
2013-10-04 22:25:15 -04:00
|
|
|
# Install Go
|
2015-12-03 19:37:13 -05:00
|
|
|
ENV GO_VERSION 1.5.2
|
2015-10-27 15:56:57 -04:00
|
|
|
RUN curl -sSL "https://storage.googleapis.com/golang/go${GO_VERSION}.linux-amd64.tar.gz" | tar -v -C /usr/local -xz
|
2015-01-09 01:07:15 -05:00
|
|
|
ENV PATH /go/bin:/usr/local/go/bin:$PATH
|
2014-12-24 02:12:27 -05:00
|
|
|
ENV GOPATH /go:/go/src/github.com/docker/docker/vendor
|
2013-12-19 01:06:14 -05:00
|
|
|
|
2013-12-24 22:40:41 -05:00
|
|
|
# Compile Go for cross compilation
|
2014-12-24 02:12:27 -05:00
|
|
|
ENV DOCKER_CROSSPLATFORMS \
|
2014-04-08 11:42:47 -04:00
|
|
|
linux/386 linux/arm \
|
|
|
|
darwin/amd64 darwin/386 \
|
2015-02-09 17:19:08 -05:00
|
|
|
freebsd/amd64 freebsd/386 freebsd/arm \
|
|
|
|
windows/amd64 windows/386
|
2014-11-26 13:46:00 -05:00
|
|
|
|
2014-01-31 05:16:42 -05:00
|
|
|
# (set an explicit GOARM of 5 for maximum compatibility)
|
2014-12-24 02:12:27 -05:00
|
|
|
ENV GOARM 5
|
2013-09-30 15:57:30 -04:00
|
|
|
|
2015-04-20 16:06:17 -04:00
|
|
|
# This has been commented out and kept as reference because we don't support compiling with older Go anymore.
|
|
|
|
# ENV GOFMT_VERSION 1.3.3
|
|
|
|
# RUN curl -sSL https://storage.googleapis.com/golang/go${GOFMT_VERSION}.$(go env GOOS)-$(go env GOARCH).tar.gz | tar -C /go/bin -xz --strip-components=2 go/bin/gofmt
|
2015-01-09 01:09:06 -05:00
|
|
|
|
2015-11-02 11:32:49 -05:00
|
|
|
ENV GO_TOOLS_COMMIT 823804e1ae08dbb14eb807afc7db9993bc9e3cc3
|
2013-12-08 22:20:55 -05:00
|
|
|
# Grab Go's cover tool for dead-simple code coverage testing
|
2015-04-01 00:48:03 -04:00
|
|
|
# Grab Go's vet tool for examining go code to find suspicious constructs
|
|
|
|
# and help prevent errors that the compiler might not catch
|
2015-04-13 22:26:04 -04:00
|
|
|
RUN git clone https://github.com/golang/tools.git /go/src/golang.org/x/tools \
|
|
|
|
&& (cd /go/src/golang.org/x/tools && git checkout -q $GO_TOOLS_COMMIT) \
|
|
|
|
&& go install -v golang.org/x/tools/cmd/cover \
|
|
|
|
&& go install -v golang.org/x/tools/cmd/vet
|
2015-07-20 21:32:55 -04:00
|
|
|
# Grab Go's lint tool
|
2015-11-02 11:32:49 -05:00
|
|
|
ENV GO_LINT_COMMIT 32a87160691b3c96046c0c678fe57c5bef761456
|
2015-07-20 21:32:55 -04:00
|
|
|
RUN git clone https://github.com/golang/lint.git /go/src/github.com/golang/lint \
|
|
|
|
&& (cd /go/src/github.com/golang/lint && git checkout -q $GO_LINT_COMMIT) \
|
|
|
|
&& go install -v github.com/golang/lint/golint
|
2015-04-01 00:48:03 -04:00
|
|
|
|
2015-11-08 20:59:09 -05:00
|
|
|
# Configure the container for OSX cross compilation
|
|
|
|
ENV OSX_SDK MacOSX10.11.sdk
|
|
|
|
RUN set -x \
|
|
|
|
&& export OSXCROSS_PATH="/osxcross" \
|
|
|
|
&& git clone --depth 1 https://github.com/tpoechtrager/osxcross.git $OSXCROSS_PATH \
|
|
|
|
&& curl -sSL https://s3.dockerproject.org/darwin/${OSX_SDK}.tar.xz -o "${OSXCROSS_PATH}/tarballs/${OSX_SDK}.tar.xz" \
|
|
|
|
&& UNATTENDED=yes OSX_VERSION_MIN=10.6 ${OSXCROSS_PATH}/build.sh
|
|
|
|
ENV PATH /osxcross/target/bin:$PATH
|
|
|
|
|
2015-11-14 21:01:24 -05:00
|
|
|
# install seccomp
|
|
|
|
# this can be changed to the ubuntu package libseccomp-dev if dockerinit is removed,
|
|
|
|
# we need libseccomp.a (which the package does not provide) for dockerinit
|
|
|
|
ENV SECCOMP_VERSION v2.2.3
|
|
|
|
RUN set -x \
|
|
|
|
&& export SECCOMP_PATH=$(mktemp -d) \
|
|
|
|
&& git clone https://github.com/seccomp/libseccomp.git "$SECCOMP_PATH" \
|
|
|
|
&& ( \
|
|
|
|
cd "$SECCOMP_PATH" \
|
|
|
|
&& git checkout "$SECCOMP_VERSION" \
|
|
|
|
&& ./autogen.sh \
|
|
|
|
&& ./configure --prefix=/usr \
|
|
|
|
&& make \
|
|
|
|
&& make install \
|
|
|
|
) \
|
|
|
|
&& rm -rf "$SECCOMP_PATH"
|
|
|
|
|
2015-01-20 22:40:19 -05:00
|
|
|
# Install registry
|
2015-08-28 17:35:06 -04:00
|
|
|
ENV REGISTRY_COMMIT ec87e9b6971d831f0eff752ddb54fb64693e51cd
|
2015-01-20 22:40:19 -05:00
|
|
|
RUN set -x \
|
2015-06-05 18:20:04 -04:00
|
|
|
&& export GOPATH="$(mktemp -d)" \
|
|
|
|
&& git clone https://github.com/docker/distribution.git "$GOPATH/src/github.com/docker/distribution" \
|
|
|
|
&& (cd "$GOPATH/src/github.com/docker/distribution" && git checkout -q "$REGISTRY_COMMIT") \
|
|
|
|
&& GOPATH="$GOPATH/src/github.com/docker/distribution/Godeps/_workspace:$GOPATH" \
|
|
|
|
go build -o /usr/local/bin/registry-v2 github.com/docker/distribution/cmd/registry \
|
|
|
|
&& rm -rf "$GOPATH"
|
2015-01-20 22:40:19 -05:00
|
|
|
|
2015-07-20 01:56:10 -04:00
|
|
|
# Install notary server
|
2015-07-31 17:54:55 -04:00
|
|
|
ENV NOTARY_COMMIT 8e8122eb5528f621afcd4e2854c47302f17392f7
|
2015-07-20 01:56:10 -04:00
|
|
|
RUN set -x \
|
|
|
|
&& export GOPATH="$(mktemp -d)" \
|
|
|
|
&& git clone https://github.com/docker/notary.git "$GOPATH/src/github.com/docker/notary" \
|
|
|
|
&& (cd "$GOPATH/src/github.com/docker/notary" && git checkout -q "$NOTARY_COMMIT") \
|
|
|
|
&& GOPATH="$GOPATH/src/github.com/docker/notary/Godeps/_workspace:$GOPATH" \
|
|
|
|
go build -o /usr/local/bin/notary-server github.com/docker/notary/cmd/notary-server \
|
|
|
|
&& rm -rf "$GOPATH"
|
|
|
|
|
2014-12-19 02:20:59 -05:00
|
|
|
# Get the "docker-py" source so we can run their integration tests
|
2015-10-28 12:56:50 -04:00
|
|
|
ENV DOCKER_PY_COMMIT 47ab89ec2bd3bddf1221b856ffbaff333edeabb4
|
2015-01-13 14:34:55 -05:00
|
|
|
RUN git clone https://github.com/docker/docker-py.git /docker-py \
|
|
|
|
&& cd /docker-py \
|
2015-10-28 12:56:50 -04:00
|
|
|
&& git checkout -q $DOCKER_PY_COMMIT \
|
|
|
|
&& pip install -r test-requirements.txt
|
2014-12-19 02:20:59 -05:00
|
|
|
|
2013-12-24 22:40:41 -05:00
|
|
|
# Setup s3cmd config
|
2014-12-24 02:12:27 -05:00
|
|
|
RUN { \
|
|
|
|
echo '[default]'; \
|
|
|
|
echo 'access_key=$AWS_ACCESS_KEY'; \
|
|
|
|
echo 'secret_key=$AWS_SECRET_KEY'; \
|
|
|
|
} > ~/.s3cfg
|
2013-12-24 22:40:41 -05:00
|
|
|
|
2014-01-29 15:13:32 -05:00
|
|
|
# Set user.email so crosbymichael's in-container merge commits go smoothly
|
2014-12-24 02:12:27 -05:00
|
|
|
RUN git config --global user.email 'docker-dummy@example.com'
|
2014-01-29 15:13:32 -05:00
|
|
|
|
2014-05-19 16:55:28 -04:00
|
|
|
# Add an unprivileged user to be used for tests which need it
|
2014-05-23 16:29:31 -04:00
|
|
|
RUN groupadd -r docker
|
|
|
|
RUN useradd --create-home --gid docker unprivilegeduser
|
2014-05-19 16:55:28 -04:00
|
|
|
|
2014-12-24 02:12:27 -05:00
|
|
|
VOLUME /var/lib/docker
|
|
|
|
WORKDIR /go/src/github.com/docker/docker
|
2015-11-14 21:01:24 -05:00
|
|
|
ENV DOCKER_BUILDTAGS apparmor seccomp selinux
|
2014-12-24 02:12:27 -05:00
|
|
|
|
2015-03-02 12:33:26 -05:00
|
|
|
# Let us use a .bashrc file
|
|
|
|
RUN ln -sfv $PWD/.bashrc ~/.bashrc
|
|
|
|
|
2015-03-29 08:42:48 -04:00
|
|
|
# Register Docker's bash completion.
|
|
|
|
RUN ln -sv $PWD/contrib/completion/bash/docker /etc/bash_completion.d/docker
|
|
|
|
|
2015-03-06 20:12:41 -05:00
|
|
|
# Get useful and necessary Hub images so we can "docker load" locally instead of pulling
|
2015-08-31 13:06:22 -04:00
|
|
|
COPY contrib/download-frozen-image-v2.sh /go/src/github.com/docker/docker/contrib/
|
|
|
|
RUN ./contrib/download-frozen-image-v2.sh /docker-frozen-images \
|
|
|
|
busybox:latest@sha256:eb3c0d4680f9213ee5f348ea6d39489a1f85a318a2ae09e012c426f78252a6d2 \
|
|
|
|
hello-world:latest@sha256:8be990ef2aeb16dbcb9271ddfe2610fa6658d13f6dfb8bc72074cc1ca36966a7 \
|
|
|
|
jess/unshare:latest@sha256:2e3a8c0591c4690b82d4eba7e5ef8f49f2ddfe9f867f3e865198db9bd1436c5b
|
2015-03-06 20:12:41 -05:00
|
|
|
# see also "hack/make/.ensure-frozen-images" (which needs to be updated any time this list is)
|
2015-02-28 00:53:36 -05:00
|
|
|
|
2015-04-21 05:33:52 -04:00
|
|
|
# Download man page generator
|
2014-12-24 02:12:27 -05:00
|
|
|
RUN set -x \
|
2015-06-05 18:20:04 -04:00
|
|
|
&& export GOPATH="$(mktemp -d)" \
|
2015-12-01 18:23:33 -05:00
|
|
|
&& git clone -b v1.0.4 https://github.com/cpuguy83/go-md2man.git "$GOPATH/src/github.com/cpuguy83/go-md2man" \
|
|
|
|
&& git clone -b v1.4 https://github.com/russross/blackfriday.git "$GOPATH/src/github.com/russross/blackfriday" \
|
2015-06-05 18:20:04 -04:00
|
|
|
&& go get -v -d github.com/cpuguy83/go-md2man \
|
|
|
|
&& go build -v -o /usr/local/bin/go-md2man github.com/cpuguy83/go-md2man \
|
|
|
|
&& rm -rf "$GOPATH"
|
2013-09-30 15:57:30 -04:00
|
|
|
|
2015-04-21 05:33:52 -04:00
|
|
|
# Download toml validator
|
2015-02-18 02:57:44 -05:00
|
|
|
ENV TOMLV_COMMIT 9baf8a8a9f2ed20a8e54160840c492f937eeaf9a
|
|
|
|
RUN set -x \
|
2015-06-05 18:20:04 -04:00
|
|
|
&& export GOPATH="$(mktemp -d)" \
|
|
|
|
&& git clone https://github.com/BurntSushi/toml.git "$GOPATH/src/github.com/BurntSushi/toml" \
|
|
|
|
&& (cd "$GOPATH/src/github.com/BurntSushi/toml" && git checkout -q "$TOMLV_COMMIT") \
|
|
|
|
&& go build -v -o /usr/local/bin/tomlv github.com/BurntSushi/toml/cmd/tomlv \
|
|
|
|
&& rm -rf "$GOPATH"
|
2015-01-30 14:45:02 -05:00
|
|
|
|
2015-05-06 11:41:17 -04:00
|
|
|
# Build/install the tool for embedding resources in Windows binaries
|
|
|
|
ENV RSRC_COMMIT e48dbf1b7fc464a9e85fcec450dddf80816b76e0
|
|
|
|
RUN set -x \
|
|
|
|
&& git clone https://github.com/akavel/rsrc.git /go/src/github.com/akavel/rsrc \
|
|
|
|
&& cd /go/src/github.com/akavel/rsrc \
|
|
|
|
&& git checkout -q $RSRC_COMMIT \
|
|
|
|
&& go install -v
|
|
|
|
|
2013-09-06 22:19:03 -04:00
|
|
|
# Wrap all commands in the "docker-in-docker" script to allow nested containers
|
2014-12-24 02:12:27 -05:00
|
|
|
ENTRYPOINT ["hack/dind"]
|
2013-09-30 15:57:30 -04:00
|
|
|
|
2013-09-06 23:14:03 -04:00
|
|
|
# Upload docker source
|
2014-12-24 02:12:27 -05:00
|
|
|
COPY . /go/src/github.com/docker/docker
|