ARM container image possible? #65
Comments
|
ARM is possible of course. As far as I know, ClamAV supports armhf from arm/v7 and probably arm64/v8. I'm pretty busy and I have no testing devices at the moment. There is a guide at ARM on how to create multiarch images: It seems that it is not yet possible to have it built automatically in docker hub. It has to be built locally and pushed to registry from my machine. I will give buildx a try if I have time. |
|
If I understood https://www.trion.de/news/2019/10/14/docker-multi-arch-dockerhub.html correctly, dockerhub should be able to run mutliarch builds. never tried it myself. Just built your compose on my pi and uploaded to dockerhub. So building on ClamAV on arm works :) |
|
This seems possible to me - but it seems to be some work as well. I do not have the time now. But you could provide manifests and I will try it (: |
|
Just seen there might be an easy way -> https://www.docker.com/blog/multi-arch-build-and-images-the-simple-way/ |
|
So was unable to setuo buildx on my machine... so I sticked with qemu. I sticked to https://www.trion.de/news/2019/10/14/docker-multi-arch-dockerhub.html.
#!/bin/bash
docker run --rm --privileged multiarch/qemu-user-static:register --resetthis will make sure the #!/bin/bash
curl -Lo manifest-tool https://github.com/estesp/manifest-tool/releases/download/v0.9.0/manifest-tool-linux-amd64
chmod +x manifest-tool
./manifest-tool push from-spec multi-arch-manifest.yamlhere the docker files and manifest
FROM alpine AS qemu
#QEMU Download
ENV QEMU_URL https://github.com/balena-io/qemu/releases/download/v3.0.0%2Bresin/qemu-3.0.0+resin-arm.tar.gz
RUN apk add curl && curl -L ${QEMU_URL} | tar zxvf - -C . --strip-components 1
FROM arm32v7/debian:buster-slim as release
# copy qmeu
COPY --from=qemu qemu-arm-static /usr/bin
LABEL maintainer="Markus Kosmal <code@m-ko.de>"
# Debian Base to use
ENV DEBIAN_VERSION buster
# initial install of av daemon
RUN echo "deb http://http.debian.net/debian/ $DEBIAN_VERSION main contrib non-free" > /etc/apt/sources.list && \
echo "deb http://http.debian.net/debian/ $DEBIAN_VERSION-updates main contrib non-free" >> /etc/apt/sources.list && \
echo "deb http://security.debian.org/ $DEBIAN_VERSION/updates main contrib non-free" >> /etc/apt/sources.list && \
apt-get update && \
DEBIAN_FRONTEND=noninteractive apt-get install --no-install-recommends -y -qq \
clamav-daemon \
clamav-freshclam \
libclamunrar9 \
ca-certificates \
netcat-openbsd \
wget && \
apt-get clean && \
rm -rf /var/lib/apt/lists/*
# initial update of av databases
RUN wget -O /var/lib/clamav/main.cvd http://database.clamav.net/main.cvd && \
wget -O /var/lib/clamav/daily.cvd http://database.clamav.net/daily.cvd && \
wget -O /var/lib/clamav/bytecode.cvd http://database.clamav.net/bytecode.cvd && \
chown clamav:clamav /var/lib/clamav/*.cvd
# permission juggling
RUN mkdir /var/run/clamav && \
chown clamav:clamav /var/run/clamav && \
chmod 750 /var/run/clamav
# av configuration update
RUN sed -i 's/^Foreground .*$/Foreground true/g' /etc/clamav/clamd.conf && \
echo "TCPSocket 3310" >> /etc/clamav/clamd.conf && \
if [ -n "$HTTPProxyServer" ]; then echo "HTTPProxyServer $HTTPProxyServer" >> /etc/clamav/freshclam.conf; fi && \
if [ -n "$HTTPProxyPort" ]; then echo "HTTPProxyPort $HTTPProxyPort" >> /etc/clamav/freshclam.conf; fi && \
sed -i 's/^Foreground .*$/Foreground true/g' /etc/clamav/freshclam.conf
# env based configs - will be called by bootstrap.sh
COPY envconfig.sh /
COPY check.sh /
# volume provision
VOLUME ["/var/lib/clamav"]
# port provision
EXPOSE 3310
# av daemon bootstrapping
COPY bootstrap.sh /
CMD ["/bootstrap.sh"]
HEALTHCHECK --start-period=500s CMD /check.sh`
FROM alpine AS qemu
#QEMU Download
ENV QEMU_URL https://github.com/balena-io/qemu/releases/download/v3.0.0%2Bresin/qemu-3.0.0+resin-aarch64.tar.gz
RUN apk add curl && curl -L ${QEMU_URL} | tar zxvf - -C . --strip-components 1
FROM arm64v8/debian:buster-slim as release
# copy qmeu
COPY --from=qemu qemu-aarch64-static /usr/bin
LABEL maintainer="Markus Kosmal <code@m-ko.de>"
# Debian Base to use
ENV DEBIAN_VERSION buster
# initial install of av daemon
RUN echo "deb http://http.debian.net/debian/ $DEBIAN_VERSION main contrib non-free" > /etc/apt/sources.list && \
echo "deb http://http.debian.net/debian/ $DEBIAN_VERSION-updates main contrib non-free" >> /etc/apt/sources.list && \
echo "deb http://security.debian.org/ $DEBIAN_VERSION/updates main contrib non-free" >> /etc/apt/sources.list && \
apt-get update && \
DEBIAN_FRONTEND=noninteractive apt-get install --no-install-recommends -y -qq \
clamav-daemon \
clamav-freshclam \
libclamunrar9 \
ca-certificates \
netcat-openbsd \
wget && \
apt-get clean && \
rm -rf /var/lib/apt/lists/*
# initial update of av databases
RUN wget -O /var/lib/clamav/main.cvd http://database.clamav.net/main.cvd && \
wget -O /var/lib/clamav/daily.cvd http://database.clamav.net/daily.cvd && \
wget -O /var/lib/clamav/bytecode.cvd http://database.clamav.net/bytecode.cvd && \
chown clamav:clamav /var/lib/clamav/*.cvd
# permission juggling
RUN mkdir /var/run/clamav && \
chown clamav:clamav /var/run/clamav && \
chmod 750 /var/run/clamav
# av configuration update
RUN sed -i 's/^Foreground .*$/Foreground true/g' /etc/clamav/clamd.conf && \
echo "TCPSocket 3310" >> /etc/clamav/clamd.conf && \
if [ -n "$HTTPProxyServer" ]; then echo "HTTPProxyServer $HTTPProxyServer" >> /etc/clamav/freshclam.conf; fi && \
if [ -n "$HTTPProxyPort" ]; then echo "HTTPProxyPort $HTTPProxyPort" >> /etc/clamav/freshclam.conf; fi && \
sed -i 's/^Foreground .*$/Foreground true/g' /etc/clamav/freshclam.conf
# env based configs - will be called by bootstrap.sh
COPY envconfig.sh /
COPY check.sh /
# volume provision
VOLUME ["/var/lib/clamav"]
# port provision
EXPOSE 3310
# av daemon bootstrapping
COPY bootstrap.sh /
CMD ["/bootstrap.sh"]
HEALTHCHECK --start-period=500s CMD /check.sh
you migh need to extend this for the alpine images (which you could put the the master, just as Dockerfile.alpineXYZ) |
|
Thank you very much for your work. I will integrate that in my next spare time. It's not that simple with putting all Dockerfiles to master because there are different types of configuration necessary. |
|
If you want I can give it a shot and reorganize it a bit. From what I see it can be put all to master. Would open a new issue for that and could also start a PR or fork so you can have a look |
|
I really appreciate your help and if you would be able to reorganize it, so this image would support multiple architectures out of the box, I would be very happy (: 👍 I will help you where necessary and merge it then. PR would be great as it makes the integration easier. |
|
If you open a new issue, you could probably close this one by reference. |
|
kk will do so. might take a couple of days till I start and then I will create a new issue and close this one |
|
close in favour of #67 |
Wanted to use it in my RasPi cluster and figured there is only arm
linux/amd64. Any chance to get a arm (32 & 64) version?The text was updated successfully, but these errors were encountered: