Skip to content
This repository was archived by the owner on Dec 13, 2018. It is now read-only.

Provide a smaller image (37 MB) based on Alpine Linux #13

Merged
merged 3 commits into from
Mar 17, 2016
Merged

Provide a smaller image (37 MB) based on Alpine Linux #13

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
a26fb7f
Merge branch 'staging'
tifayuki Mar 11, 2016
3b12995
Merge branch 'staging'
tifayuki Mar 15, 2016
7b397ae
Use alpine:edge as base image.
blueimp Mar 17, 2016
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
38 changes: 28 additions & 10 deletions Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,19 +1,36 @@
FROM ubuntu:trusty
FROM alpine:edge
MAINTAINER Feng Honglin <hfeng@tutum.co>

# Install pip and haproxy
RUN echo 'deb http://ppa.launchpad.net/vbernat/haproxy-1.5/ubuntu trusty main' >> /etc/apt/sources.list && \
echo 'deb-src http://ppa.launchpad.net/vbernat/haproxy-1.5/ubuntu trusty main' >> /etc/apt/sources.list && \
apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 505D97A41C61B9CD && \
apt-get update && \
apt-get install -y --no-install-recommends haproxy python-pip && \
apt-get clean && \
rm -rf /var/lib/apt/lists/*
# Install tini, haproxy, pip and the dockercloud-haproxy python package:
RUN apk --no-cache add \
tini \
haproxy \
py-pip \
&& apk --no-cache add --virtual deps git \
&& pip install --upgrade \
pip \
&& apk del deps \
# Clean up obsolete files:
&& rm -rf \
# Clean up any temporary files:
/tmp/* \
# Clean up the pip cache:
/root/.cache \
# Remove any compiled python files (compile on demand):
`find / -regex '.*\.py[co]'`

COPY reload.sh /reload.sh
COPY . haproxy-src/
RUN cd /haproxy-src/ && \
pip install .
pip install . \
# Clean up obsolete files:
&& rm -rf \
# Clean up any temporary files:
/tmp/* \
# Clean up the pip cache:
/root/.cache \
# Remove any compiled python files (compile on demand):
`find / -regex '.*\.py[co]'`

ENV RSYSLOG_DESTINATION=127.0.0.1 \
MODE=http \
Expand All @@ -28,4 +45,5 @@ ENV RSYSLOG_DESTINATION=127.0.0.1 \
HEALTH_CHECK="check"

EXPOSE 80 443 1936
ENTRYPOINT ["tini", "--"]
CMD ["dockercloud-haproxy"]
14 changes: 7 additions & 7 deletions tests/integration_test.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -350,17 +350,17 @@ curl -sSfL ${DOCKER_HOST_IP}:8011/abc.php/ 2>&1 | grep -iF 'My hostname is web-c
echo

echo "=> Test force_ssl with virtual host"
rm_container web-a web-b lb
rm_container web-a web-b lb
docker run -d --name web-a -e HOSTNAME="web-a" -e VIRTUAL_HOST="https://web-a.org, web-a.org" -e SSL_CERT="$(awk 1 ORS='\\n' cert1.pem)" tutum/hello-world
docker run -d --name web-b -e HOSTNAME="web-b" -e VIRTUAL_HOST="https://web-b.org, web-b.org" -e SSL_CERT="$(awk 1 ORS='\\n' cert2.pem)" -e FORCE_SSL=true tutum/hello-world
docker run -d --name lb --link web-a:web-a --link web-b:web-b -p 443:443 -p 80:80 haproxy
wait_for_startup http://${DOCKER_HOST_IP}:80
curl -sSfL --cacert ca1.pem --resolve web-a.org:443:127.0.0.1 https://web-a.org 2>&1 | grep -iF 'My hostname is web-a' > /dev/null
curl -sSfL --cacert ca2.pem --resolve web-b.org:443:127.0.0.1 https://web-b.org 2>&1 | grep -iF 'My hostname is web-b' > /dev/null
curl -sSfL --cacert ca1.pem --resolve web-a.org:443:127.0.0.1 --resolve web-a.org:80:127.0.0.1 http://web-a.org 2>&1 | grep -iF 'My hostname is web-a' > /dev/null
curl -sSfL --cacert ca2.pem --resolve web-b.org:443:127.0.0.1 --resolve web-b.org:80:127.0.0.1 http://web-b.org 2>&1 | grep -iF 'My hostname is web-b' > /dev/null
curl -sSIL --cacert ca1.pem --resolve web-a.org:443:127.0.0.1 --resolve web-a.org:80:127.0.0.1 http://web-a.org 2>&1 | grep -iF "http/1.1" | grep -v "301" > /dev/null
curl -sSIL --cacert ca2.pem --resolve web-b.org:443:127.0.0.1 --resolve web-b.org:80:127.0.0.1 http://web-b.org 2>&1 | grep -iF '301 Moved Permanently' > /dev/null
curl -sSfL --cacert ca1.pem --resolve web-a.org:443:${DOCKER_HOST_IP} https://web-a.org 2>&1 | grep -iF 'My hostname is web-a' > /dev/null
curl -sSfL --cacert ca2.pem --resolve web-b.org:443:${DOCKER_HOST_IP} https://web-b.org 2>&1 | grep -iF 'My hostname is web-b' > /dev/null
curl -sSfL --cacert ca1.pem --resolve web-a.org:443:${DOCKER_HOST_IP} --resolve web-a.org:80:${DOCKER_HOST_IP} http://web-a.org 2>&1 | grep -iF 'My hostname is web-a' > /dev/null
curl -sSfL --cacert ca2.pem --resolve web-b.org:443:${DOCKER_HOST_IP} --resolve web-b.org:80:${DOCKER_HOST_IP} http://web-b.org 2>&1 | grep -iF 'My hostname is web-b' > /dev/null
curl -sSIL --cacert ca1.pem --resolve web-a.org:443:${DOCKER_HOST_IP} --resolve web-a.org:80:${DOCKER_HOST_IP} http://web-a.org 2>&1 | grep -iF "http/1.1" | grep -v "301" > /dev/null
curl -sSIL --cacert ca2.pem --resolve web-b.org:443:${DOCKER_HOST_IP} --resolve web-b.org:80:${DOCKER_HOST_IP} http://web-b.org 2>&1 | grep -iF '301 Moved Permanently' > /dev/null
echo

echo "=> Testing force_ssl without virtual host"
Expand Down