Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #717 from noironetworks/aci-cni-image-base
ACI CNI base images
- Loading branch information
Showing
11 changed files
with
92 additions
and
61 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,3 @@ | ||
FROM registry.access.redhat.com/ubi8/ubi:latest | ||
RUN yum --disablerepo=\*ubi\* install -y curl | ||
CMD ["/usr/bin/sh"] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,7 @@ | ||
ARG basetag=latest | ||
ARG baserepo=quay.io/noirolabs | ||
FROM ${baserepo}/aci-containers-base:${basetag} | ||
RUN yum --disablerepo=\*ubi\* install -y wget ca-certificates tar gzip \ | ||
&& yum clean all \ | ||
&& mkdir -p /opt/cni/bin && wget -O- https://github.com/containernetworking/plugins/releases/download/v0.8.7/cni-plugins-linux-amd64-v0.8.7.tgz | tar xz -C /opt/cni/bin | ||
CMD ["/usr/bin/sh"] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,9 @@ | ||
ARG basetag=latest | ||
ARG baserepo=quay.io/noirolabs | ||
FROM ${baserepo}/aci-containers-base:${basetag} | ||
RUN curl -LO https://storage.googleapis.com/kubernetes-release/release/`curl -s https://storage.googleapis.com/kubernetes-release/release/stable.txt`/bin/linux/amd64/kubectl \ | ||
&& chmod u+x kubectl && mv kubectl /usr/local/bin/kubectl \ | ||
&& curl -sL "https://github.com/istio/istio/releases/download/1.6.5/istioctl-1.6.5-linux-amd64.tar.gz" | tar xz \ | ||
&& chmod u+x istioctl && mv istioctl /usr/local/bin/istioctl \ | ||
&& mkdir -p /usr/local/var/lib/aci-cni | ||
CMD ["/usr/bin/sh"] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,41 @@ | ||
ARG basetag=latest | ||
ARG baserepo=quay.io/noirolabs | ||
FROM ${baserepo}/aci-containers-base:${basetag} | ||
RUN yum --disablerepo=\*ubi\* --enablerepo=openstack-15-for-rhel-8-x86_64-rpms \ | ||
--enablerepo=fast-datapath-for-rhel-8-x86_64-rpms --enablerepo codeready-builder-for-rhel-8-x86_64-rpms install -y iproute nftables openvswitch libnetfilter_conntrack-devel \ | ||
&& yum clean all | ||
COPY dist-static/iptables-libs.tar.gz dist-static/iptables-bin.tar.gz dist-static/iptables-wrapper-installer.sh /tmp/ | ||
RUN tar -zxf /tmp/iptables-bin.tar.gz -C /usr/sbin \ | ||
&& tar -zxf /tmp/iptables-libs.tar.gz -C /lib64 | ||
RUN for i in iptables-legacy iptables-legacy-restore iptables-legacy-save iptables iptables-restore iptables-save; \ | ||
do \ | ||
ln -s -f xtables-legacy-multi "/sbin/$i"; \ | ||
done; | ||
RUN for i in ip6tables-legacy ip6tables-legacy-restore ip6tables-legacy-save ip6tables ip6tables-restore ip6tables-save; \ | ||
do \ | ||
ln -s -f xtables-legacy-multi "/sbin/$i"; \ | ||
done; | ||
RUN for i in iptables-nft iptables-nft-restore iptables-nft-save ip6tables-nft ip6tables-nft-restore ip6tables-nft-save \ | ||
iptables-translate ip6tables-translate iptables-restore-translate ip6tables-restore-translate \ | ||
arptables-nft arptables arptables-nft-restore arptables-restore arptables-nft-save arptables-save \ | ||
ebtables-nft ebtables ebtables-nft-restore ebtables-restore ebtables-nft-save ebtables-save xtables-monitor; \ | ||
do \ | ||
ln -s -f xtables-nft-multi "/sbin/$i"; \ | ||
done; | ||
# Add iptables alternatives at lowst priority before running wrappers | ||
RUN alternatives --install /usr/sbin/iptables iptables /usr/sbin/iptables-legacy 1 \ | ||
--slave /usr/sbin/iptables-restore iptables-restore /usr/sbin/iptables-legacy-restore \ | ||
--slave /usr/sbin/iptables-save iptables-save /usr/sbin/iptables-legacy-save \ | ||
--slave /usr/sbin/ip6tables ip6tables /usr/sbin/ip6tables-legacy \ | ||
--slave /usr/sbin/ip6tables-restore ip6tables-restore /usr/sbin/ip6tables-legacy-restore \ | ||
--slave /usr/sbin/ip6tables-save ip6tables-save /usr/sbin/ip6tables-legacy-save \ | ||
&& alternatives --install /usr/sbin/iptables iptables /usr/sbin/iptables-nft 1 \ | ||
--slave /usr/sbin/iptables-restore iptables-restore /usr/sbin/iptables-nft-restore \ | ||
--slave /usr/sbin/iptables-save iptables-save /usr/sbin/iptables-nft-save \ | ||
--slave /usr/sbin/ip6tables ip6tables /usr/sbin/ip6tables-nft \ | ||
--slave /usr/sbin/ip6tables-restore ip6tables-restore /usr/sbin/ip6tables-nft-restore \ | ||
--slave /usr/sbin/ip6tables-save ip6tables-save /usr/sbin/ip6tables-nft-save | ||
# Add iptables-wrapper alternative at prio 100 that would | ||
# at run time use one of the above alternatives installed | ||
RUN /tmp/iptables-wrapper-installer.sh | ||
CMD ["/usr/bin/sh"] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,7 @@ | ||
ARG basetag=latest | ||
ARG baserepo=quay.io/noirolabs | ||
FROM ${baserepo}/aci-containers-base:${basetag} | ||
RUN yum install -y --enablerepo=openstack-15-for-rhel-8-x86_64-rpms \ | ||
--enablerepo=fast-datapath-for-rhel-8-x86_64-rpms openvswitch2.13 logrotate conntrack-tools \ | ||
tcpdump curl strace ltrace iptables net-tools && yum clean all | ||
CMD ["/usr/bin/sh"] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,8 @@ | ||
ARG basetag=latest | ||
ARG baserepo=quay.io/noirolabs | ||
FROM ${baserepo}/aci-containers-base:${basetag} | ||
RUN yum --disablerepo=\*ubi\* install -y curl git \ | ||
&& yum clean all \ | ||
&& curl -LO https://storage.googleapis.com/kubernetes-release/release/v1.14.6/bin/linux/amd64/kubectl \ | ||
&& chmod u+x kubectl && mv kubectl /usr/local/bin/kubectl | ||
CMD ["/usr/bin/sh"] |