2013-06-22 02:42:17 +00:00
# This file describes the standard way to build Docker, using docker
2013-09-07 02:58:05 +00:00
#
# Usage:
#
# # Assemble the full dev environment. This is slow the first time.
# docker build -t docker .
#
2013-09-07 03:16:13 +00:00
# # Mount your source in an interactive container for quick testing:
2014-07-24 22:19:50 +00:00
# docker run -v `pwd`:/go/src/github.com/docker/docker --privileged -i -t docker bash
2013-09-07 03:16:13 +00:00
#
2013-09-07 02:58:05 +00:00
# # Run the test suite:
2014-03-13 17:46:02 +00:00
# docker run --privileged docker hack/make.sh test
2013-09-07 02:58:05 +00:00
#
# # Publish a release:
2014-03-13 17:46:02 +00:00
# docker run --privileged \
2013-09-30 19:57:30 +00:00
# -e AWS_S3_BUCKET=baz \
# -e AWS_ACCESS_KEY=foo \
# -e AWS_SECRET_KEY=bar \
# -e GPG_PASSPHRASE=gloubiboulga \
# docker hack/release.sh
#
2015-06-13 16:21:50 +00:00
# Note: AppArmor used to mess with privileged mode, but this is no longer
2013-10-31 21:58:43 +00:00
# the case. Therefore, you don't have to disable it anymore.
#
2013-09-07 02:58:05 +00:00
2016-02-12 16:56:11 +00:00
FROM debian:jessie
2013-09-30 19:57:30 +00:00
2015-11-09 01:59:09 +00:00
# add zfs ppa
2016-02-12 16:48:42 +00:00
RUN apt-key adv --keyserver hkp://p80.pool.sks-keyservers.net:80 --recv-keys E871F18B51E0147C77796AC81196BA81F6B0FC61 \
|| apt-key adv --keyserver hkp://pgp.mit.edu:80 --recv-keys E871F18B51E0147C77796AC81196BA81F6B0FC61
2016-01-05 05:50:15 +00:00
RUN echo deb http://ppa.launchpad.net/zfs-native/stable/ubuntu trusty main > /etc/apt/sources.list.d/zfs.list
2014-09-03 14:26:19 +00:00
2015-11-09 01:59:09 +00:00
2016-03-28 20:47:28 +00:00
# allow replacing httpredir mirror
ARG APT_MIRROR=httpredir.debian.org
RUN sed -i s/httpredir.debian.org/$APT_MIRROR/g /etc/apt/sources.list
2013-12-25 03:40:41 +00:00
# Packaged dependencies
2014-12-24 07:12:27 +00:00
RUN apt-get update && apt-get install -y \
2015-01-10 02:22:19 +00:00
apparmor \
2016-03-25 14:54:36 +00:00
apt-utils \
2013-12-25 03:40:41 +00:00
aufs-tools \
2014-01-27 22:34:46 +00:00
automake \
2015-03-29 12:42:48 +00:00
bash-completion \
2016-04-23 22:11:08 +00:00
binutils-mingw-w64 \
2016-03-25 14:54:36 +00:00
bsdmainutils \
2014-02-02 04:40:51 +00:00
btrfs-tools \
2013-12-25 03:40:41 +00:00
build-essential \
2016-05-31 23:45:42 +00:00
clang \
2015-06-02 00:21:09 +00:00
createrepo \
2013-12-25 03:40:41 +00:00
curl \
dpkg-sig \
2015-08-10 19:51:54 +00:00
gcc-mingw-w64 \
2013-12-25 03:40:41 +00:00
git \
iptables \
2015-08-31 17:06:22 +00:00
jq \
2014-01-27 22:34:46 +00:00
libapparmor-dev \
libcap-dev \
2015-10-31 01:14:10 +00:00
libltdl-dev \
2013-12-25 03:40:41 +00:00
libsqlite3-dev \
Add log reading to the journald log driver
If a logdriver doesn't register a callback function to validate log
options, it won't be usable. Fix the journald driver by adding a dummy
validator.
Teach the client and the daemon's "logs" logic that the server can also
supply "logs" data via the "journald" driver. Update documentation and
tests that depend on error messages.
Add support for reading log data from the systemd journal to the
journald log driver. The internal logic uses a goroutine to scan the
journal for matching entries after any specified cutoff time, formats
the messages from those entries as JSONLog messages, and stuffs the
results down a pipe whose reading end we hand back to the caller.
If we are missing any of the 'linux', 'cgo', or 'journald' build tags,
however, we don't implement a reader, so the 'logs' endpoint will still
return an error.
Make the necessary changes to the build setup to ensure that support for
reading container logs from the systemd journal is built.
Rename the Jmap member of the journald logdriver's struct to "vars" to
make it non-public, and to make it easier to tell that it's just there
to hold additional variable values that we want journald to record along
with log data that we're sending to it.
In the client, don't assume that we know which logdrivers the server
implements, and remove the check that looks at the server. It's
redundant because the server already knows, and the check also makes
using older clients with newer servers (which may have new logdrivers in
them) unnecessarily hard.
When we try to "logs" and have to report that the container's logdriver
doesn't support reading, send the error message through the
might-be-a-multiplexer so that clients which are expecting multiplexed
data will be able to properly display the error, instead of tripping
over the data and printing a less helpful "Unrecognized input header"
error.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com> (github: nalind)
2015-07-23 15:02:56 +00:00
libsystemd-journal-dev \
2015-11-15 02:01:24 +00:00
libtool \
2013-12-25 03:40:41 +00:00
mercurial \
2016-02-12 16:56:11 +00:00
net-tools \
Add log reading to the journald log driver
If a logdriver doesn't register a callback function to validate log
options, it won't be usable. Fix the journald driver by adding a dummy
validator.
Teach the client and the daemon's "logs" logic that the server can also
supply "logs" data via the "journald" driver. Update documentation and
tests that depend on error messages.
Add support for reading log data from the systemd journal to the
journald log driver. The internal logic uses a goroutine to scan the
journal for matching entries after any specified cutoff time, formats
the messages from those entries as JSONLog messages, and stuffs the
results down a pipe whose reading end we hand back to the caller.
If we are missing any of the 'linux', 'cgo', or 'journald' build tags,
however, we don't implement a reader, so the 'logs' endpoint will still
return an error.
Make the necessary changes to the build setup to ensure that support for
reading container logs from the systemd journal is built.
Rename the Jmap member of the journald logdriver's struct to "vars" to
make it non-public, and to make it easier to tell that it's just there
to hold additional variable values that we want journald to record along
with log data that we're sending to it.
In the client, don't assume that we know which logdrivers the server
implements, and remove the check that looks at the server. It's
redundant because the server already knows, and the check also makes
using older clients with newer servers (which may have new logdrivers in
them) unnecessarily hard.
When we try to "logs" and have to report that the container's logdriver
doesn't support reading, send the error message through the
might-be-a-multiplexer so that clients which are expecting multiplexed
data will be able to properly display the error, instead of tripping
over the data and printing a less helpful "Unrecognized input header"
error.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com> (github: nalind)
2015-07-23 15:02:56 +00:00
pkg-config \
2015-11-22 10:32:10 +00:00
python-dev \
2014-12-15 19:44:15 +00:00
python-mock \
python-pip \
2014-12-19 07:20:59 +00:00
python-websocket \
2014-09-03 14:26:19 +00:00
ubuntu-zfs \
2015-11-11 22:29:02 +00:00
xfsprogs \
2014-09-03 14:26:19 +00:00
libzfs-dev \
2015-12-01 18:39:34 +00:00
tar \
2016-03-31 16:27:50 +00:00
zip \
2015-11-09 01:59:09 +00:00
--no-install-recommends \
2016-05-31 23:45:42 +00:00
&& pip install awscli==1.10.15
2013-12-25 03:40:41 +00:00
# Get lvm2 source for compiling statically
2016-01-05 05:50:15 +00:00
ENV LVM2_VERSION 2.02.103
RUN mkdir -p /usr/local/lvm2 \
&& curl -fsSL "https://mirrors.kernel.org/sourceware/lvm2/LVM2.${LVM2_VERSION}.tgz" \
| tar -xzC /usr/local/lvm2 --strip-components=1
2013-12-25 03:40:41 +00:00
# see https://git.fedorahosted.org/cgit/lvm2.git/refs/tags for release tags
# Compile and install lvm2
2014-12-24 07:12:27 +00:00
RUN cd /usr/local/lvm2 \
2016-01-05 05:50:15 +00:00
&& ./configure \
--build="$(gcc -print-multiarch)" \
--enable-static_link \
2014-12-24 07:12:27 +00:00
&& make device-mapper \
&& make install_device-mapper
2013-12-25 03:40:41 +00:00
# see https://git.fedorahosted.org/cgit/lvm2.git/tree/INSTALL
2013-09-30 19:57:30 +00:00
2016-01-20 06:42:05 +00:00
# Configure the container for OSX cross compilation
ENV OSX_SDK MacOSX10.11.sdk
2016-02-27 20:00:12 +00:00
ENV OSX_CROSS_COMMIT 8aa9b71a394905e6c5f4b59e2b97b87a004658a4
2016-01-20 06:42:05 +00:00
RUN set -x \
&& export OSXCROSS_PATH="/osxcross" \
2016-02-27 20:00:12 +00:00
&& git clone https://github.com/tpoechtrager/osxcross.git $OSXCROSS_PATH \
&& ( cd $OSXCROSS_PATH && git checkout -q $OSX_CROSS_COMMIT) \
2016-03-28 18:36:20 +00:00
&& curl -sSL https://s3.dockerproject.org/darwin/v2/${OSX_SDK}.tar.xz -o "${OSXCROSS_PATH}/tarballs/${OSX_SDK}.tar.xz" \
2016-01-20 06:42:05 +00:00
&& UNATTENDED=yes OSX_VERSION_MIN=10.6 ${OSXCROSS_PATH}/build.sh
ENV PATH /osxcross/target/bin:$PATH
2016-02-02 17:56:29 +00:00
# install seccomp: the version shipped in trusty is too old
2016-05-24 20:39:52 +00:00
ENV SECCOMP_VERSION 2.3.1
2016-01-20 06:42:05 +00:00
RUN set -x \
&& export SECCOMP_PATH="$(mktemp -d)" \
&& curl -fsSL "https://github.com/seccomp/libseccomp/releases/download/v${SECCOMP_VERSION}/libseccomp-${SECCOMP_VERSION}.tar.gz" \
| tar -xzC "$SECCOMP_PATH" --strip-components=1 \
&& ( \
cd "$SECCOMP_PATH" \
&& ./configure --prefix=/usr/local \
&& make \
&& make install \
&& ldconfig \
) \
&& rm -rf "$SECCOMP_PATH"
2013-10-05 02:25:15 +00:00
# Install Go
2016-01-14 20:20:19 +00:00
# IMPORTANT: If the version of Go is updated, the Windows to Linux CI machines
2016-01-20 11:53:54 +00:00
# will need updating, to avoid errors. Ping #docker-maintainers on IRC
2016-01-14 20:20:19 +00:00
# with a heads-up.
2016-07-18 09:52:27 +00:00
ENV GO_VERSION 1.6.3
2013-12-19 06:06:14 +00:00
2013-12-25 03:40:41 +00:00
# Compile Go for cross compilation
2014-12-24 07:12:27 +00:00
ENV DOCKER_CROSSPLATFORMS \
2014-04-08 15:42:47 +00:00
linux/386 linux/arm \
2015-12-21 23:08:18 +00:00
darwin/amd64 \
2015-02-09 22:19:08 +00:00
freebsd/amd64 freebsd/386 freebsd/arm \
windows/amd64 windows/386
2014-11-26 18:46:00 +00:00
2016-09-23 22:24:20 +00:00
RUN curl -fsSL "https://storage.googleapis.com/golang/go1.4.3.linux-amd64.tar.gz" \
| tar -xzC /root && \
mv /root/go /root/go1.4 && \
cd /usr/local && \
curl -fsSL "https://storage.googleapis.com/golang/go$GO_VERSION.src.tar.gz" \
| tar -xzC /usr/local && \
cd go && \
printf 'diff --git a/src/runtime/sys_darwin_amd64.s b/src/runtime/sys_darwin_amd64.s\nindex e09b906..fa8ff2f 100644\n--- a/src/runtime/sys_darwin_amd64.s\n+++ b/src/runtime/sys_darwin_amd64.s\n@@ -157,6 +157,7 @@ systime:\n\t// Fall back to system call (usually first call in this thread).\n\tMOVQ\tSP, DI\n\tMOVQ\t$0, SI\n+\tMOVQ\t$0, DX // required as of Sierra; Issue 16570\n\tMOVL\t$(0x2000000+116), AX\n\tSYSCALL\n\tCMPQ\tAX, $0\n' | patch -p1 && \
cd src && \
./make.bash
ENV PATH /go/bin:/usr/local/go/bin:$PATH
ENV GOPATH /go:/go/src/github.com/docker/docker/vendor
2015-04-20 20:06:17 +00:00
# This has been commented out and kept as reference because we don't support compiling with older Go anymore.
# ENV GOFMT_VERSION 1.3.3
# RUN curl -sSL https://storage.googleapis.com/golang/go${GOFMT_VERSION}.$(go env GOOS)-$(go env GOARCH).tar.gz | tar -C /go/bin -xz --strip-components=2 go/bin/gofmt
2015-01-09 06:09:06 +00:00
2015-11-02 16:32:49 +00:00
ENV GO_TOOLS_COMMIT 823804e1ae08dbb14eb807afc7db9993bc9e3cc3
2013-12-09 03:20:55 +00:00
# Grab Go's cover tool for dead-simple code coverage testing
2015-04-01 04:48:03 +00:00
# Grab Go's vet tool for examining go code to find suspicious constructs
# and help prevent errors that the compiler might not catch
2015-04-14 02:26:04 +00:00
RUN git clone https://github.com/golang/tools.git /go/src/golang.org/x/tools \
&& (cd /go/src/golang.org/x/tools && git checkout -q $GO_TOOLS_COMMIT) \
&& go install -v golang.org/x/tools/cmd/cover \
&& go install -v golang.org/x/tools/cmd/vet
2015-07-21 01:32:55 +00:00
# Grab Go's lint tool
2015-11-02 16:32:49 +00:00
ENV GO_LINT_COMMIT 32a87160691b3c96046c0c678fe57c5bef761456
2015-07-21 01:32:55 +00:00
RUN git clone https://github.com/golang/lint.git /go/src/github.com/golang/lint \
&& (cd /go/src/github.com/golang/lint && git checkout -q $GO_LINT_COMMIT) \
&& go install -v github.com/golang/lint/golint
2015-04-01 04:48:03 +00:00
2015-12-18 23:06:23 +00:00
# Install two versions of the registry. The first is an older version that
# only supports schema1 manifests. The second is a newer version that supports
# both. This allows integration-cli tests to cover push/pull with both schema1
# and schema2 manifests.
ENV REGISTRY_COMMIT_SCHEMA1 ec87e9b6971d831f0eff752ddb54fb64693e51cd
2016-01-19 21:28:51 +00:00
ENV REGISTRY_COMMIT 47a064d4195a9b56133891bbb13620c3ac83a827
2015-01-21 03:40:19 +00:00
RUN set -x \
2015-06-05 22:20:04 +00:00
&& export GOPATH="$(mktemp -d)" \
&& git clone https://github.com/docker/distribution.git "$GOPATH/src/github.com/docker/distribution" \
&& (cd "$GOPATH/src/github.com/docker/distribution" && git checkout -q "$REGISTRY_COMMIT") \
&& GOPATH="$GOPATH/src/github.com/docker/distribution/Godeps/_workspace:$GOPATH" \
go build -o /usr/local/bin/registry-v2 github.com/docker/distribution/cmd/registry \
2015-12-18 23:06:23 +00:00
&& (cd "$GOPATH/src/github.com/docker/distribution" && git checkout -q "$REGISTRY_COMMIT_SCHEMA1") \
&& GOPATH="$GOPATH/src/github.com/docker/distribution/Godeps/_workspace:$GOPATH" \
go build -o /usr/local/bin/registry-v2-schema1 github.com/docker/distribution/cmd/registry \
2015-06-05 22:20:04 +00:00
&& rm -rf "$GOPATH"
2015-01-21 03:40:19 +00:00
2016-04-29 08:59:19 +00:00
# Install notary and notary-server
2016-05-11 22:25:05 +00:00
ENV NOTARY_VERSION v0.3.0
2015-07-20 05:56:10 +00:00
RUN set -x \
&& export GOPATH="$(mktemp -d)" \
&& git clone https://github.com/docker/notary.git "$GOPATH/src/github.com/docker/notary" \
2016-01-08 02:43:01 +00:00
&& (cd "$GOPATH/src/github.com/docker/notary" && git checkout -q "$NOTARY_VERSION") \
2016-03-24 22:41:34 +00:00
&& GOPATH="$GOPATH/src/github.com/docker/notary/vendor:$GOPATH" \
2015-07-20 05:56:10 +00:00
go build -o /usr/local/bin/notary-server github.com/docker/notary/cmd/notary-server \
2016-03-24 22:41:34 +00:00
&& GOPATH="$GOPATH/src/github.com/docker/notary/vendor:$GOPATH" \
2015-12-24 00:34:46 +00:00
go build -o /usr/local/bin/notary github.com/docker/notary/cmd/notary \
2015-07-20 05:56:10 +00:00
&& rm -rf "$GOPATH"
2014-12-19 07:20:59 +00:00
# Get the "docker-py" source so we can run their integration tests
2016-03-15 03:12:09 +00:00
ENV DOCKER_PY_COMMIT 7befe694bd21e3c54bb1d7825270ea4bd6864c13
2015-01-13 19:34:55 +00:00
RUN git clone https://github.com/docker/docker-py.git /docker-py \
&& cd /docker-py \
2015-10-28 16:56:50 +00:00
&& git checkout -q $DOCKER_PY_COMMIT \
&& pip install -r test-requirements.txt
2014-12-19 07:20:59 +00:00
2014-01-29 20:13:32 +00:00
# Set user.email so crosbymichael's in-container merge commits go smoothly
2014-12-24 07:12:27 +00:00
RUN git config --global user.email 'docker-dummy@example.com'
2014-01-29 20:13:32 +00:00
2014-05-19 20:55:28 +00:00
# Add an unprivileged user to be used for tests which need it
2014-05-23 20:29:31 +00:00
RUN groupadd -r docker
RUN useradd --create-home --gid docker unprivilegeduser
2014-05-19 20:55:28 +00:00
2014-12-24 07:12:27 +00:00
VOLUME /var/lib/docker
WORKDIR /go/src/github.com/docker/docker
2016-03-28 18:36:20 +00:00
ENV DOCKER_BUILDTAGS apparmor pkcs11 seccomp selinux
2014-12-24 07:12:27 +00:00
2015-03-02 17:33:26 +00:00
# Let us use a .bashrc file
RUN ln -sfv $PWD/.bashrc ~/.bashrc
2015-03-29 12:42:48 +00:00
# Register Docker's bash completion.
RUN ln -sv $PWD/contrib/completion/bash/docker /etc/bash_completion.d/docker
2015-03-07 01:12:41 +00:00
# Get useful and necessary Hub images so we can "docker load" locally instead of pulling
2015-08-31 17:06:22 +00:00
COPY contrib/download-frozen-image-v2.sh /go/src/github.com/docker/docker/contrib/
RUN ./contrib/download-frozen-image-v2.sh /docker-frozen-images \
2016-01-14 21:51:30 +00:00
buildpack-deps:jessie@sha256:25785f89240fbcdd8a74bdaf30dd5599a9523882c6dfc567f2e9ef7cf6f79db6 \
2016-01-05 05:50:15 +00:00
busybox:latest@sha256:e4f93f6ed15a0cdd342f5aae387886fba0ab98af0a102da6276eaf24d6e6ade0 \
2016-01-14 21:51:30 +00:00
debian:jessie@sha256:f968f10b4b523737e253a97eac59b0d1420b5c19b69928d35801a6373ffe330e \
2015-12-30 17:49:10 +00:00
hello-world:latest@sha256:8be990ef2aeb16dbcb9271ddfe2610fa6658d13f6dfb8bc72074cc1ca36966a7
2015-03-07 01:12:41 +00:00
# see also "hack/make/.ensure-frozen-images" (which needs to be updated any time this list is)
2015-02-28 05:53:36 +00:00
2015-04-21 09:33:52 +00:00
# Download man page generator
2014-12-24 07:12:27 +00:00
RUN set -x \
2015-06-05 22:20:04 +00:00
&& export GOPATH="$(mktemp -d)" \
2016-06-23 01:57:00 +00:00
&& git clone --depth 1 -b v1.0.5 https://github.com/cpuguy83/go-md2man.git "$GOPATH/src/github.com/cpuguy83/go-md2man" \
2016-01-05 05:50:15 +00:00
&& git clone --depth 1 -b v1.4 https://github.com/russross/blackfriday.git "$GOPATH/src/github.com/russross/blackfriday" \
2015-06-05 22:20:04 +00:00
&& go get -v -d github.com/cpuguy83/go-md2man \
&& go build -v -o /usr/local/bin/go-md2man github.com/cpuguy83/go-md2man \
&& rm -rf "$GOPATH"
2013-09-30 19:57:30 +00:00
2015-04-21 09:33:52 +00:00
# Download toml validator
2015-02-18 07:57:44 +00:00
ENV TOMLV_COMMIT 9baf8a8a9f2ed20a8e54160840c492f937eeaf9a
RUN set -x \
2015-06-05 22:20:04 +00:00
&& export GOPATH="$(mktemp -d)" \
&& git clone https://github.com/BurntSushi/toml.git "$GOPATH/src/github.com/BurntSushi/toml" \
&& (cd "$GOPATH/src/github.com/BurntSushi/toml" && git checkout -q "$TOMLV_COMMIT") \
&& go build -v -o /usr/local/bin/tomlv github.com/BurntSushi/toml/cmd/tomlv \
&& rm -rf "$GOPATH"
2015-01-30 19:45:02 +00:00
2016-03-18 18:50:19 +00:00
# Install runc
2016-10-06 16:28:08 +00:00
ENV RUNC_COMMIT 02f8fa7863dd3f82909a73e2061897828460d52f
2016-03-18 18:50:19 +00:00
RUN set -x \
&& export GOPATH="$(mktemp -d)" \
2016-06-15 21:57:34 +00:00
&& git clone https://github.com/opencontainers/runc.git "$GOPATH/src/github.com/opencontainers/runc" \
2016-03-18 18:50:19 +00:00
&& cd "$GOPATH/src/github.com/opencontainers/runc" \
&& git checkout -q "$RUNC_COMMIT" \
2016-03-23 00:55:47 +00:00
&& make static BUILDTAGS="seccomp apparmor selinux" \
2016-04-15 04:45:35 +00:00
&& cp runc /usr/local/bin/docker-runc \
&& rm -rf "$GOPATH"
2016-03-18 18:50:19 +00:00
# Install containerd
2016-10-06 16:28:08 +00:00
ENV CONTAINERD_COMMIT 0366d7e9693c930cf18c0f50cc16acec064e96c5
2016-03-18 18:50:19 +00:00
RUN set -x \
&& export GOPATH="$(mktemp -d)" \
2016-03-29 07:35:42 +00:00
&& git clone https://github.com/docker/containerd.git "$GOPATH/src/github.com/docker/containerd" \
2016-03-18 18:50:19 +00:00
&& cd "$GOPATH/src/github.com/docker/containerd" \
&& git checkout -q "$CONTAINERD_COMMIT" \
2016-03-23 00:55:47 +00:00
&& make static \
&& cp bin/containerd /usr/local/bin/docker-containerd \
&& cp bin/containerd-shim /usr/local/bin/docker-containerd-shim \
2016-04-15 04:45:35 +00:00
&& cp bin/ctr /usr/local/bin/docker-containerd-ctr \
&& rm -rf "$GOPATH"
2016-03-18 18:50:19 +00:00
2013-09-07 02:19:03 +00:00
# Wrap all commands in the "docker-in-docker" script to allow nested containers
2014-12-24 07:12:27 +00:00
ENTRYPOINT ["hack/dind"]
2013-09-30 19:57:30 +00:00
2013-09-07 03:14:03 +00:00
# Upload docker source
2014-12-24 07:12:27 +00:00
COPY . /go/src/github.com/docker/docker