Build the os-images and os-engines in this repo too

Signed-off-by: Sven Dowideit <[email protected]>

Dockerfile.dapper

@@ -0,0 +1,78 @@
+FROM ubuntu:16.04
+# FROM arm64=aarch64/ubuntu:16.04 arm=armhf/ubuntu:16.04
+
+RUN apt-get update && \
+    apt-get install -y curl git
+
+ENV DAPPER_ENV VERSION DEV_BUILD
+ENV DAPPER_DOCKER_SOCKET true
+ENV DAPPER_SOURCE /go/src/github.com/rancher/os-images
+ENV DAPPER_OUTPUT ./dist
+ENV DAPPER_RUN_ARGS --privileged
+ENV SHELL /bin/bash
+WORKDIR ${DAPPER_SOURCE}
+
+########## General Configuration #####################
+ARG DAPPER_HOST_ARCH=amd64
+ARG HOST_ARCH=${DAPPER_HOST_ARCH}
+ARG ARCH=${HOST_ARCH}
+
+ARG OS_REPO=rancher
+ARG DOCKER_VERSION=1.10.3
+ARG DOCKER_PATCH_VERSION=v${DOCKER_VERSION}-ros1
+
+ARG DOCKER_URL_amd64=https://get.docker.com/builds/Linux/x86_64/docker-${DOCKER_VERSION}
+ARG DOCKER_URL_arm=https://github.com/rancher/docker/releases/download/${DOCKER_PATCH_VERSION}/docker-${DOCKER_VERSION}_arm
+ARG DOCKER_URL_arm64=https://github.com/rancher/docker/releases/download/${DOCKER_PATCH_VERSION}/docker-${DOCKER_VERSION}_arm64
+
+######################################################
+
+# Set up environment
+ENV DOCKER_URL DOCKER_URL_${ARCH}
+
+# Export all ARGS as ENV
+ENV ARCH=${ARCH} 
+ENV DISTRIB_ID=${DISTRIB_ID}
+ENV DOCKER_PATCH_VERSION=${DOCKER_PATCH_VERSION}
+ENV DOCKER_URL=${DOCKER_URL}
+ENV DOCKER_URL_amd64=${DOCKER_URL_amd64}
+ENV DOCKER_URL_arm64=${DOCKER_URL_arm64}
+ENV DOCKER_URL_arm=${DOCKER_URL_arm}
+ENV DOCKER_VERSION=${DOCKER_VERSION}
+ENV HOST_ARCH=${HOST_ARCH}
+ENV OS_REPO=${OS_REPO}
+
+RUN rm /bin/sh && \
+    ln -s /bin/bash /bin/sh
+
+# Install Docker
+RUN curl -fL ${!DOCKER_URL} > /usr/bin/docker && \
+    chmod +x /usr/bin/docker
+
+# Install dapper
+RUN curl -sL https://releases.rancher.com/dapper/latest/dapper-`uname -s`-`uname -m | sed 's/arm.*/arm/'` > /usr/bin/dapper && \
+    chmod +x /usr/bin/dapper
+
+ENTRYPOINT ["./scripts/entry"]
+CMD ["ci"]
+
+# Download Docker engines
+RUN mkdir -p /assets/docker-1.10.3 && \
+    curl -sL https://get.docker.com/builds/Linux/x86_64/docker-1.10.3 > /assets/docker-1.10.3/docker && \
+    chmod +x /assets/docker-1.10.3/docker
+RUN mkdir -p /assets/docker-1.10.3_arm && \
+    curl -sL https://github.com/rancher/docker/releases/download/v1.10.3-arm/docker-1.10.3_arm > /assets/docker-1.10.3_arm/docker && \
+    chmod +x /assets/docker-1.10.3_arm/docker
+RUN mkdir -p /assets/docker-1.10.3_arm64 && \
+    curl -sL https://github.com/rancher/docker/releases/download/v1.10.3-arm64/docker-1.10.3_arm64 > /assets/docker-1.10.3_arm64/docker && \
+    chmod +x /assets/docker-1.10.3_arm/docker
+RUN curl -sfL https://get.docker.com/builds/Linux/x86_64/docker-1.11.2.tgz | tar xzf - -C /assets && \
+    mv /assets/docker /assets/docker-1.11.2
+RUN curl -sfL https://github.com/rancher/docker/releases/download/v1.11.2-ros1/docker-1.11.2_arm.tgz | tar xzf - -C /assets && \
+    mv /assets/docker /assets/docker-1.11.2_arm
+RUN curl -sfL https://github.com/rancher/docker/releases/download/v1.11.2-ros1/docker-1.11.2_arm64.tgz | tar xzf - -C /assets && \
+    mv /assets/docker /assets/docker-1.11.2_arm64
+RUN curl -sfL https://get.docker.com/builds/Linux/x86_64/docker-1.12.1.tgz | tar xzf - -C /assets && \
+    mv /assets/docker /assets/docker-1.12.1
+RUN curl -sfL https://get.docker.com/builds/Linux/x86_64/docker-1.12.3.tgz | tar xzf - -C /assets && \
+    mv /assets/docker /assets/docker-1.12.3

LICENSE

@@ -1,3 +1,4 @@
+
                                  Apache License
                            Version 2.0, January 2004
                         http://www.apache.org/licenses/
@@ -174,29 +175,3 @@
       of your accepting any such warranty or additional liability.
 
    END OF TERMS AND CONDITIONS
-
-   APPENDIX: How to apply the Apache License to your work.
-
-      To apply the Apache License to your work, attach the following
-      boilerplate notice, with the fields enclosed by brackets "{}"
-      replaced with your own identifying information. (Don't include
-      the brackets!)  The text should be enclosed in the appropriate
-      comment syntax for the file format. We also recommend that a
-      file or class name and description of purpose be included on the
-      same "printed page" as the copyright notice for easier
-      identification within third-party archives.
-
-   Copyright {yyyy} {name of copyright owner}
-
-   Licensed under the Apache License, Version 2.0 (the "License");
-   you may not use this file except in compliance with the License.
-   You may obtain a copy of the License at
-
-       http://www.apache.org/licenses/LICENSE-2.0
-
-   Unless required by applicable law or agreed to in writing, software
-   distributed under the License is distributed on an "AS IS" BASIS,
-   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-   See the License for the specific language governing permissions and
-   limitations under the License.
-

Makefile

@@ -0,0 +1,21 @@
+TARGETS := $(shell ls scripts | grep -vE 'clean|run|help')
+
+.dapper:
+	@echo Downloading dapper
+	@curl -sL https://releases.rancher.com/dapper/latest/dapper-`uname -s`-`uname -m|sed 's/v7l//'` > .dapper.tmp
+	@@chmod +x .dapper.tmp
+	@./.dapper.tmp -v
+	@mv .dapper.tmp .dapper
+
+$(TARGETS): .dapper
+	./.dapper $@
+
+shell-bind:
+	dapper -m bind -s
+
+clean:
+	@./scripts/clean
+
+.DEFAULT_GOAL := ci
+
+.PHONY: $(TARGETS)

README.md

@@ -0,0 +1,43 @@
+# os-images
+Docker Images for RancherOS
+
+## Building
+
+Run `make`
+
+## Details
+
+### Multi-arch Dockerfiles
+
+As a pre-cursor to native multi-arch support, we leverage some features of
+[dapper](https://github.com/rancher/dapper).
+
+In the Dockerfiles, you'll see lines like:
+
+```
+FROM rancher/os-centosconsole-base
+# FROM amd64=centos:7 arm64=skip arm=skip
+```
+
+The `rancher/os-centosconsole-base` does not actually exist. Dapper will download the
+arch specific image listed in the commented out `# FROM` line, and tag that, so the
+build can occur.
+
+## Special Entrypoint and CMD
+
+Console images also use special ENTRYPOINT and CMD settings, which are bind mounted
+into the container at run time:
+
+```
+ENTRYPOINT ["/usr/bin/ros", "entrypoint"]
+```
+
+## Misc details
+
+The sshd is configured to accept logins from users in the `docker` group, and `root` is denied.
+
+## Contact
+For bugs, questions, comments, corrections, suggestions, etc., open an issue in
+ [rancher/os](//github.com/rancher/os/issues) with a title starting with `[os-images] `.
+
+Or just [click here](//github.com/rancher/os/issues/new?title=%5Bos-images%5D%20) to create a new issue.

images/02-console/rancheros-install

@@ -0,0 +1,9 @@
+#!/bin/bash
+set -e
+
+cat <<EOF
+As of RancherOS v0.4.0 'rancheros-install' is obsolete.
+Please use 'ros install' instead.
+EOF
+
+exit 1

images/02-console/update-ssh-keys

@@ -0,0 +1,20 @@
+#!/bin/bash
+
+USERNAME=$1
+HOME_DIR=$(grep ^$USERNAME /etc/passwd | cut -f6 -d:)
+
+if [ ! -d $HOME_DIR/.ssh ]; then
+	mkdir -p $HOME_DIR/.ssh
+    chmod 0700 $HOME_DIR/.ssh
+fi
+
+if [ ! -e $HOME_DIR/.ssh/authorized_keys ]; then
+    touch $HOME_DIR/.ssh/authorized_keys
+    chmod 0600 $HOME_DIR/.ssh/authorized_keys
+fi
+
+if ! grep -q "$2" $HOME_DIR/.ssh/authorized_keys; then
+    echo "$2" >> $HOME_DIR/.ssh/authorized_keys
+fi
+
+chown -R $USERNAME $HOME_DIR/.ssh

images/10-alpineconsole/Dockerfile

@@ -0,0 +1,21 @@
+FROM rancher/os-alpineconsole-base
+# FROM amd64=alpine:3.4 arm64=aarch64/alpine:edge arm=armhf/alpine:3.4
+RUN apk --no-cache add bash openssh iptables rsync sudo vim less curl ca-certificates htop kmod iproute2 util-linux
+# missing packages at 2016-Nov: locales psmisc
+RUN rm -rf /etc/ssh/*key*
+#RUN ln -s /sbin/getty /sbin/agetty
+#RUN locale-gen en_US.UTF-8
+RUN addgroup -g 1100 rancher && \
+    addgroup -g 1101 docker && \
+    addgroup -S sudo && \
+    adduser -D -u 1100 -g rancher -G sudo -s /bin/bash rancher && \
+    adduser rancher docker && \
+    adduser -D -u 1101 -g docker -G sudo -s /bin/bash docker && \
+    adduser docker docker && \
+    echo ClientAliveInterval 180 >> /etc/ssh/sshd_config && \
+    echo '## allow password less for rancher user' >> /etc/sudoers && \
+    echo 'rancher ALL=(ALL) NOPASSWD: ALL' >> /etc/sudoers && \
+    echo '## allow password less for docker user' >> /etc/sudoers && \
+    echo 'docker ALL=(ALL) NOPASSWD: ALL' >> /etc/sudoers && \
+    echo 'ssh-keygen -A' >> /usr/sbin/update-ssh-keys
+ENTRYPOINT ["/usr/bin/ros", "entrypoint"]

images/10-centosconsole/Dockerfile

@@ -0,0 +1,17 @@
+FROM rancher/os-centosconsole-base
+# FROM amd64=centos:7 arm64=skip arm=skip
+RUN yum install -y iptables openssh-server rsync sudo vim less ca-certificates psmisc htop procps-ng \
+    && rm -rf /etc/ssh/*key* \
+    && ln -s /sbin/agetty /sbin/getty
+RUN localedef -c -f UTF-8 -i en_US en_US.UTF-8 \
+    && groupadd --gid 1100 rancher \
+    && groupadd --gid 1101 docker \
+    && useradd -u 1100 -g rancher -G docker,wheel -m -s /bin/bash rancher \
+    && useradd -u 1101 -g docker -G docker,wheel -m -s /bin/bash docker \
+    && echo ClientAliveInterval 180 >> /etc/ssh/sshd_config \
+    && echo '## allow password less for rancher user' >> /etc/sudoers \
+    && echo 'rancher ALL=(ALL) NOPASSWD: ALL' >> /etc/sudoers \
+    && echo '## allow password less for docker user' >> /etc/sudoers \
+    && echo 'docker ALL=(ALL) NOPASSWD: ALL' >> /etc/sudoers
+COPY prompt.sh /etc/profile.d/
+ENTRYPOINT ["/usr/bin/ros", "entrypoint"]

images/10-centosconsole/prebuild.sh

@@ -0,0 +1,9 @@
+#!/bin/bash
+set -e
+
+cd $(dirname $0)
+
+rm -rf ./build
+mkdir -p ./build
+cp ./../02-console/update-ssh-keys ./build/
+cp ./../02-console/rancheros-install ./build/

images/10-centosconsole/prompt.sh

@@ -0,0 +1 @@
+export PS1='[\u@\h \W]\$ '

images/10-debianconsole/Dockerfile

@@ -0,0 +1,17 @@
+FROM rancher/os-debianconsole-base
+# FROM amd64=debian:jessie arm64=aarch64/debian:jessie arm=armhf/debian:jessie
+RUN apt-get update \
+    && apt-get install -y --no-install-recommends iptables openssh-server rsync locales sudo vim less curl ca-certificates psmisc htop kmod iproute2 \
+    && rm -rf /var/lib/apt/lists/* \
+    && rm -rf /etc/ssh/*key*
+RUN locale-gen en_US.UTF-8 \
+    && addgroup --gid 1100 rancher \
+    && addgroup --gid 1101 docker \
+    && useradd -u 1100 -g rancher -G docker,sudo -m -s /bin/bash rancher \
+    && useradd -u 1101 -g docker -G docker,sudo -m -s /bin/bash docker \
+    && echo ClientAliveInterval 180 >> /etc/ssh/sshd_config \
+    && echo '## allow password less for rancher user' >> /etc/sudoers \
+    && echo 'rancher ALL=(ALL) NOPASSWD: ALL' >> /etc/sudoers \
+    && echo '## allow password less for docker user' >> /etc/sudoers \
+    && echo 'docker ALL=(ALL) NOPASSWD: ALL' >> /etc/sudoers
+ENTRYPOINT ["/usr/bin/ros", "entrypoint"]

images/10-debianconsole/prebuild.sh

@@ -0,0 +1,9 @@
+#!/bin/bash
+set -e
+
+cd $(dirname $0)
+
+rm -rf ./build
+mkdir -p ./build
+cp ./../02-console/update-ssh-keys ./build/
+cp ./../02-console/rancheros-install ./build/

images/10-docker-1.10.3/Dockerfile

@@ -0,0 +1,2 @@
+FROM scratch
+COPY engine /engine

images/10-docker-1.10.3/prebuild.sh

@@ -0,0 +1,4 @@
+#!/bin/bash
+set -e
+
+cp -r /assets/docker-1.10.3 ./images/10-docker-1.10.3/engine

images/10-docker-1.10.3_arm/Dockerfile

@@ -0,0 +1,2 @@
+FROM scratch
+COPY engine /engine

images/10-docker-1.10.3_arm/prebuild.sh

@@ -0,0 +1,4 @@
+#!/bin/bash
+set -e
+
+cp -r /assets/docker-1.10.3_arm ./images/10-docker-1.10.3_arm/engine

images/10-docker-1.10.3_arm64/Dockerfile

@@ -0,0 +1,2 @@
+FROM scratch
+COPY engine /engine

images/10-docker-1.10.3_arm64/prebuild.sh

@@ -0,0 +1,4 @@
+#!/bin/bash
+set -e
+
+cp -r /assets/docker-1.10.3_arm64 ./images/10-docker-1.10.3_arm64/engine

images/10-docker-1.11.2/Dockerfile

@@ -0,0 +1,2 @@
+FROM scratch
+COPY engine /engine

images/10-docker-1.11.2/prebuild.sh

@@ -0,0 +1,4 @@
+#!/bin/bash
+set -e
+
+cp -r /assets/docker-1.11.2 ./images/10-docker-1.11.2/engine

images/10-docker-1.11.2_arm/Dockerfile

@@ -0,0 +1,2 @@
+FROM scratch
+COPY engine /engine

images/10-docker-1.11.2_arm/prebuild.sh

@@ -0,0 +1,4 @@
+#!/bin/bash
+set -e
+
+cp -r /assets/docker-1.11.2_arm ./images/10-docker-1.11.2_arm/engine

images/10-docker-1.11.2_arm64/Dockerfile

@@ -0,0 +1,2 @@
+FROM scratch
+COPY engine /engine

images/10-docker-1.11.2_arm64/prebuild.sh

@@ -0,0 +1,4 @@
+#!/bin/bash
+set -e
+
+cp -r /assets/docker-1.11.2_arm64 ./images/10-docker-1.11.2_arm64/engine

images/10-docker-1.12.1/Dockerfile

@@ -0,0 +1,2 @@
+FROM scratch
+COPY engine /engine

images/10-docker-1.12.1/prebuild.sh

@@ -0,0 +1,4 @@
+#!/bin/bash
+set -e
+
+cp -r /assets/docker-1.12.1 ./images/10-docker-1.12.1/engine

images/10-docker-1.12.3/Dockerfile

@@ -0,0 +1,2 @@
+FROM scratch
+COPY engine /engine

images/10-docker-1.12.3/prebuild.sh

@@ -0,0 +1,4 @@
+#!/bin/bash
+set -e
+
+cp -r /assets/docker-1.12.3 ./images/10-docker-1.12.3/engine

images/10-fedoraconsole/Dockerfile

@@ -0,0 +1,17 @@
+FROM rancher/os-fedoraconsole-base
+# FROM amd64=fedora:24 arm64=skip arm=skip
+RUN dnf install -y iptables openssh-server rsync sudo vim less ca-certificates psmisc htop procps-ng \
+    && rm -rf /etc/ssh/*key* \
+    && ln -s /sbin/agetty /sbin/getty
+RUN localedef -c -f UTF-8 -i en_US en_US.UTF-8 \
+    && groupadd --gid 1100 rancher \
+    && groupadd --gid 1101 docker \
+    && useradd -u 1100 -g rancher -G docker,wheel -m -s /bin/bash rancher \
+    && useradd -u 1101 -g docker -G docker,wheel -m -s /bin/bash docker \
+    && echo ClientAliveInterval 180 >> /etc/ssh/sshd_config \
+    && echo '## allow password less for rancher user' >> /etc/sudoers \
+    && echo 'rancher ALL=(ALL) NOPASSWD: ALL' >> /etc/sudoers \
+    && echo '## allow password less for docker user' >> /etc/sudoers \
+    && echo 'docker ALL=(ALL) NOPASSWD: ALL' >> /etc/sudoers
+COPY prompt.sh /etc/profile.d/
+ENTRYPOINT ["/usr/bin/ros", "entrypoint"]

images/10-fedoraconsole/prebuild.sh

@@ -0,0 +1,9 @@
+#!/bin/bash
+set -e
+
+cd $(dirname $0)
+
+rm -rf ./build
+mkdir -p ./build
+cp ./../02-console/update-ssh-keys ./build/
+cp ./../02-console/rancheros-install ./build/

images/10-fedoraconsole/prompt.sh

@@ -0,0 +1 @@
+export PS1='[\u@\h \W]\$ '

images/10-openvmtools/Dockerfile

@@ -0,0 +1,5 @@
+FROM ubuntu:16.10
+# FROM arm=skip arm64=skip
+RUN apt-get update \
+    && apt-get install -y open-vm-tools \
+    && rm -rf /var/lib/apt/*