forked from rancher/os-services
/
Dockerfile
116 lines (97 loc) · 3.88 KB
/
Dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
## Build stage
# Borrowed from https://github.com/boot2docker/boot2docker/blob/17.03.x/Dockerfile#L222-L255
FROM debian:buster-slim as build
RUN set -eux; \
apt-get update; \
apt-get -y install \
automake \
make \
build-essential \
curl \
gcc \
unzip \
; \
rm -rf /var/lib/apt/lists/*
ENV ROOTFS /rootfs
RUN mkdir -p $ROOTFS
# Install build dependencies for VMware Tools
RUN apt-get update && apt-get install -y \
autoconf \
libdumbnet-dev \
libdumbnet1 \
libfuse-dev \
libfuse2 \
libglib2.0-0 \
libglib2.0-dev \
libmspack-dev \
libssl-dev \
libtirpc-dev \
libtirpc3 \
libtool \
&& rm -rf /var/lib/apt/lists/*
# Build VMware Tools
ENV OVT_VERSION stable-12.2.5
RUN curl --retry 10 -fsSL "https://github.com/vmware/open-vm-tools/archive/${OVT_VERSION}.tar.gz" | tar -xz --strip-components=1 -C /
# Compile user space components, we're no longer building kernel module as we're
# now bundling FUSE shared folders support.
RUN cd /open-vm-tools && \
autoreconf -i && \
./configure --disable-multimon --disable-docs --disable-tests --with-gnu-ld \
--without-kernel-modules --without-procps --without-gtk2 \
--without-gtkmm --without-pam --without-x --without-icu \
--without-xerces --without-xmlsecurity --without-ssl && \
make LIBS="-ltirpc" CFLAGS="-Wno-implicit-function-declaration" && \
make DESTDIR=$ROOTFS install &&\
/open-vm-tools/libtool --finish $ROOTFS/usr/local/lib
# Building the Libdnet library for VMware Tools.
ENV LIBDNET libdnet-1.14
RUN curl -fL -o /tmp/${LIBDNET}.zip https://github.com/dugsong/libdnet/archive/${LIBDNET}.zip && \
unzip /tmp/${LIBDNET}.zip -d /vmtoolsd && \
cd /vmtoolsd/libdnet-${LIBDNET} && ./configure --build=i486-pc-linux-gnu && \
make && \
make install && make DESTDIR=$ROOTFS install
# Horrible hack again
RUN ln -sT libdnet.1 "$ROOTFS/usr/local/lib/libdumbnet.so.1" \
&& readlink -f "$ROOTFS/usr/local/lib/libdumbnet.so.1"
# TCL 7 doesn't ship with libtirpc.so.1 Dummy it up so the VMware tools work again, taken from:
# https://github.com/boot2docker/boot2docker/issues/1157#issuecomment-211647607
RUN ln -sT libtirpc.so "$ROOTFS/usr/local/lib/libtirpc.so.1" \
&& readlink -f "$ROOTFS/usr/local/lib/libtirpc.so.1"
# verify that all the above actually worked (at least producing a valid binary, so we don't repeat issue #1157)
RUN LD_LIBRARY_PATH='/lib:/usr/local/lib:/rootfs/usr/local/lib'
## Final stage
FROM debian:buster-slim as final
# FROM arm=skip arm64=skip
# net-tools for ifconfig, iproute for ip
RUN apt-get update && apt-get install -y \
net-tools \
iproute2 \
sudo \
fuse \
libtirpc-common \
libtirpc3 \
libdumbnet1 \
libfuse2 \
libffi6 \
libglib2.0-0 \
&& apt-get clean \
&& rm -rf /var/lib/apt/*
COPY --from=build /rootfs/ /
RUN mkdir -p /mnt/hgfs \
&& ln -s /usr/local/bin/* /usr/bin/ \
&& ldconfig
ENV LD_LIBRARY_PATH /lib:/usr/local/lib
ENV LIBRARY_PATH /lib:/usr/local/lib
ENTRYPOINT ["/usr/bin/ros", "entrypoint"]
RUN addgroup --gid 1100 rancher && \
addgroup --gid 1101 docker && \
adduser -q -u 1100 --gid 1100 --disabled-password --gecos "" --shell /bin/bash rancher && \
adduser -q -u 1101 --gid 1101 --disabled-password --gecos "" --shell /bin/bash docker && \
adduser docker sudo && \
sed -i 's/rancher:!/rancher:*/g' /etc/shadow && \
sed -i 's/docker:!/docker:*/g' /etc/shadow && \
echo '## allow password less for rancher user' >> /etc/sudoers && \
echo 'rancher ALL=(ALL) NOPASSWD: ALL' >> /etc/sudoers && \
echo '## allow password less for docker user' >> /etc/sudoers && \
echo 'docker ALL=(ALL) NOPASSWD: ALL' >> /etc/sudoers && \
echo "docker:tcuser" | chpasswd