Make multiarch clickhouse-server Dockerfiles

This commit is contained in:
Mikhail f. Shiryaev 2022-03-31 00:14:28 +02:00
parent 3e7c46075a
commit b950b53156
No known key found for this signature in database
GPG Key ID: 4B02ED204C7D93F4
2 changed files with 92 additions and 60 deletions

View File

@ -1,3 +1,14 @@
FROM ubuntu:20.04 AS glibc-donor
ARG TARGETARCH
RUN arch=${TARGETARCH:-amd64} \
&& case $arch in \
amd64) rarch=x86_64 ;; \
arm64) rarch=aarch64 ;; \
esac \
&& ln -s "${rarch}-linux-gnu" /lib/linux-gnu
FROM alpine FROM alpine
ENV LANG=en_US.UTF-8 \ ENV LANG=en_US.UTF-8 \
@ -6,15 +17,22 @@ ENV LANG=en_US.UTF-8 \
TZ=UTC \ TZ=UTC \
CLICKHOUSE_CONFIG=/etc/clickhouse-server/config.xml CLICKHOUSE_CONFIG=/etc/clickhouse-server/config.xml
COPY --from=ubuntu:20.04 /lib/x86_64-linux-gnu/libc.so.6 /lib/x86_64-linux-gnu/libdl.so.2 /lib/x86_64-linux-gnu/libm.so.6 /lib/x86_64-linux-gnu/libpthread.so.0 /lib/x86_64-linux-gnu/librt.so.1 /lib/x86_64-linux-gnu/libnss_dns.so.2 /lib/x86_64-linux-gnu/libnss_files.so.2 /lib/x86_64-linux-gnu/libresolv.so.2 /lib/ COPY --from=glibc-donor /lib/linux-gnu/libc.so.6 /lib/linux-gnu/libdl.so.2 /lib/linux-gnu/libm.so.6 /lib/linux-gnu/libpthread.so.0 /lib/linux-gnu/librt.so.1 /lib/linux-gnu/libnss_dns.so.2 /lib/linux-gnu/libnss_files.so.2 /lib/linux-gnu/libresolv.so.2 /lib/linux-gnu/ld-2.31.so /lib/
COPY --from=ubuntu:20.04 /lib64/ld-linux-x86-64.so.2 /lib64/ COPY --from=glibc-donor /etc/nsswitch.conf /etc/
COPY --from=ubuntu:20.04 /etc/nsswitch.conf /etc/
COPY docker_related_config.xml /etc/clickhouse-server/config.d/ COPY docker_related_config.xml /etc/clickhouse-server/config.d/
COPY entrypoint.sh /entrypoint.sh COPY entrypoint.sh /entrypoint.sh
ARG TARGETARCH
RUN arch=${TARGETARCH:-amd64} \
&& case $arch in \
amd64) mkdir -p /lib64 && ln -sf /lib/ld-2.31.so /lib64/ld-linux-x86-64.so.2 ;; \
arm64) ln -sf /lib/ld-2.31.so /lib/ld-linux-aarch64.so.1 ;; \
esac
# lts / testing / prestable / etc # lts / testing / prestable / etc
ARG REPO_CHANNEL="stable" ARG REPO_CHANNEL="stable"
ARG REPO_URL="https://packages.clickhouse.com/tgz/${REPO_CHANNEL}" ARG REPOSITORY="https://packages.clickhouse.com/tgz/${REPO_CHANNEL}"
ARG VERSION="20.9.3.45" ARG VERSION="20.9.3.45"
ARG PACKAGES="clickhouse-client clickhouse-server clickhouse-common-static" ARG PACKAGES="clickhouse-client clickhouse-server clickhouse-common-static"
@ -25,10 +43,18 @@ ARG PACKAGES="clickhouse-client clickhouse-server clickhouse-common-static"
# installed to prevent picking those uid / gid by some unrelated software. # installed to prevent picking those uid / gid by some unrelated software.
# The same uid / gid (101) is used both for alpine and ubuntu. # The same uid / gid (101) is used both for alpine and ubuntu.
RUN for package in ${PACKAGES}; do \ RUN arch=${TARGETARCH:-amd64} \
echo "${REPO_URL}/${package}-${VERSION}.tgz" \ && for package in ${PACKAGES}; do \
&& wget -c -q "${REPO_URL}/${package}-${VERSION}.tgz" -O "/tmp/${package}-${VERSION}.tgz" \ { \
&& tar xvzf "/tmp/${package}-${VERSION}.tgz" --strip-components=2 -C / || exit 1 \ { echo "Get ${REPOSITORY}/${package}-${VERSION}-${arch}.tgz" \
&& wget -c -q "${REPOSITORY}/${package}-${VERSION}-${arch}.tgz" -O "/tmp/${package}-${VERSION}-${arch}.tgz" \
&& tar xvzf "/tmp/${package}-${VERSION}-${arch}.tgz" --strip-components=1 -C / ; \
} || \
{ echo "Fallback to ${REPOSITORY}/${package}-${VERSION}.tgz" \
&& wget -c -q "${REPOSITORY}/${package}-${VERSION}.tgz" -O "/tmp/${package}-${VERSION}.tgz" \
&& tar xvzf "/tmp/${package}-${VERSION}.tgz" --strip-components=2 -C / ; \
} ; \
} || exit 1 \
; done \ ; done \
&& rm /tmp/*.tgz /install -r \ && rm /tmp/*.tgz /install -r \
&& addgroup -S -g 101 clickhouse \ && addgroup -S -g 101 clickhouse \

View File

@ -1,11 +1,36 @@
FROM ubuntu:20.04 FROM ubuntu:20.04
# see https://github.com/moby/moby/issues/4032#issuecomment-192327844
ARG DEBIAN_FRONTEND=noninteractive
COPY su-exec.c /su-exec.c
# ARG for quick switch to a given ubuntu mirror # ARG for quick switch to a given ubuntu mirror
ARG apt_archive="http://archive.ubuntu.com" ARG apt_archive="http://archive.ubuntu.com"
RUN sed -i "s|http://archive.ubuntu.com|$apt_archive|g" /etc/apt/sources.list RUN sed -i "s|http://archive.ubuntu.com|${apt_archive}|g" /etc/apt/sources.list \
&& groupadd -r clickhouse --gid=101 \
&& useradd -r -g clickhouse --uid=101 --home-dir=/var/lib/clickhouse --shell=/bin/bash clickhouse \
&& apt-get update \
&& apt-get install --yes --no-install-recommends \
apt-transport-https \
ca-certificates \
dirmngr \
gnupg \
locales \
wget \
tzdata \
&& apt-get install -y --no-install-recommends tcc libc-dev && \
tcc /su-exec.c -o /bin/su-exec && \
chown root:root /bin/su-exec && \
chmod 0755 /bin/su-exec && \
rm /su-exec.c && \
apt-get purge -y --auto-remove tcc libc-dev libc-dev-bin libc6-dev linux-libc-dev \
&& apt-get clean
ARG repository="deb https://packages.clickhouse.com/deb stable main" ARG REPO_CHANNEL="stable"
ARG version=22.1.1.* ARG REPOSITORY="deb https://packages.clickhouse.com/deb ${REPO_CHANNEL} main"
ARG VERSION=22.1.1.*
ARG PACKAGES="clickhouse-client clickhouse-server clickhouse-common-static"
# set non-empty deb_location_url url to create a docker image # set non-empty deb_location_url url to create a docker image
# from debs created by CI build, for example: # from debs created by CI build, for example:
@ -19,9 +44,6 @@ ARG deb_location_url=""
# note: clickhouse-odbc-bridge is not supported there. # note: clickhouse-odbc-bridge is not supported there.
ARG single_binary_location_url="" ARG single_binary_location_url=""
# see https://github.com/moby/moby/issues/4032#issuecomment-192327844
ARG DEBIAN_FRONTEND=noninteractive
# user/group precreated explicitly with fixed uid/gid on purpose. # user/group precreated explicitly with fixed uid/gid on purpose.
# It is especially important for rootless containers: in that case entrypoint # It is especially important for rootless containers: in that case entrypoint
# can't do chown and owners of mounted volumes should be configured externally. # can't do chown and owners of mounted volumes should be configured externally.
@ -44,58 +66,42 @@ ARG DEBIAN_FRONTEND=noninteractive
# 1. Dependency on some foreign code in yet another programming language - does not sound alright. # 1. Dependency on some foreign code in yet another programming language - does not sound alright.
# 2. Anselmo D. Adams suggested not to use it due to false positive alarms in some undisclosed security scanners. # 2. Anselmo D. Adams suggested not to use it due to false positive alarms in some undisclosed security scanners.
COPY su-exec.c /su-exec.c ARG TARGETARCH
RUN groupadd -r clickhouse --gid=101 \ RUN arch=${TARGETARCH:-amd64} \
&& useradd -r -g clickhouse --uid=101 --home-dir=/var/lib/clickhouse --shell=/bin/bash clickhouse \ && if [ -n "${deb_location_url}" ]; then \
&& apt-get update \ echo "installing from custom url with deb packages: ${deb_location_url}" \
&& apt-get install --yes --no-install-recommends \ rm -rf /tmp/clickhouse_debs \
apt-transport-https \ && mkdir -p /tmp/clickhouse_debs \
ca-certificates \ && for package in ${PACKAGES}; do \
dirmngr \ { wget --progress=bar:force:noscroll "${deb_location_url}/${package}_${VERSION}_${arch}.deb" -P /tmp/clickhouse_debs || \
gnupg \ wget --progress=bar:force:noscroll "${deb_location_url}/${package}_${VERSION}_all.deb" -P /tmp/clickhouse_debs ; } \
locales \ || exit 1 \
wget \ ; done \
tzdata \ && dpkg -i /tmp/clickhouse_debs/*.deb ; \
&& mkdir -p /etc/apt/sources.list.d \ elif [ -n "${single_binary_location_url}" ]; then \
&& apt-key adv --keyserver keyserver.ubuntu.com --recv 8919F6BD2B48D754 \ echo "installing from single binary url: ${single_binary_location_url}" \
&& echo $repository > /etc/apt/sources.list.d/clickhouse.list \ && rm -rf /tmp/clickhouse_binary \
&& if [ -n "$deb_location_url" ]; then \ && mkdir -p /tmp/clickhouse_binary \
echo "installing from custom url with deb packages: $deb_location_url" \ && wget --progress=bar:force:noscroll "${single_binary_location_url}" -O /tmp/clickhouse_binary/clickhouse \
rm -rf /tmp/clickhouse_debs \ && chmod +x /tmp/clickhouse_binary/clickhouse \
&& mkdir -p /tmp/clickhouse_debs \ && /tmp/clickhouse_binary/clickhouse install --user "clickhouse" --group "clickhouse" ; \
&& wget --progress=bar:force:noscroll "${deb_location_url}/clickhouse-common-static_${version}_amd64.deb" -P /tmp/clickhouse_debs \ else \
&& wget --progress=bar:force:noscroll "${deb_location_url}/clickhouse-client_${version}_all.deb" -P /tmp/clickhouse_debs \ mkdir -p /etc/apt/sources.list.d \
&& wget --progress=bar:force:noscroll "${deb_location_url}/clickhouse-server_${version}_all.deb" -P /tmp/clickhouse_debs \ && apt-key adv --keyserver keyserver.ubuntu.com --recv 8919F6BD2B48D754 \
&& dpkg -i /tmp/clickhouse_debs/*.deb ; \ && echo ${REPOSITORY} > /etc/apt/sources.list.d/clickhouse.list \
elif [ -n "$single_binary_location_url" ]; then \ && echo "installing from repository: ${REPOSITORY}" \
echo "installing from single binary url: $single_binary_location_url" \ && apt-get update \
&& rm -rf /tmp/clickhouse_binary \ && apt-get --yes -o "Dpkg::Options::=--force-confdef" -o "Dpkg::Options::=--force-confold" upgrade \
&& mkdir -p /tmp/clickhouse_binary \ && for package in ${PACKAGES}; do \
&& wget --progress=bar:force:noscroll "$single_binary_location_url" -O /tmp/clickhouse_binary/clickhouse \ apt-get install --allow-unauthenticated --yes --no-install-recommends "${package}=${VERSION}" || exit 1 \
&& chmod +x /tmp/clickhouse_binary/clickhouse \ ; done \
&& /tmp/clickhouse_binary/clickhouse install --user "clickhouse" --group "clickhouse" ; \ ; fi \
else \
echo "installing from repository: $repository" \
&& apt-get update \
&& apt-get --yes -o "Dpkg::Options::=--force-confdef" -o "Dpkg::Options::=--force-confold" upgrade \
&& apt-get install --allow-unauthenticated --yes --no-install-recommends \
clickhouse-common-static=$version \
clickhouse-client=$version \
clickhouse-server=$version ; \
fi \
&& apt-get install -y --no-install-recommends tcc libc-dev && \
tcc /su-exec.c -o /bin/su-exec && \
chown root:root /bin/su-exec && \
chmod 0755 /bin/su-exec && \
rm /su-exec.c && \
apt-get purge -y --auto-remove tcc libc-dev libc-dev-bin libc6-dev linux-libc-dev \
&& clickhouse-local -q 'SELECT * FROM system.build_options' \ && clickhouse-local -q 'SELECT * FROM system.build_options' \
&& rm -rf \ && rm -rf \
/var/lib/apt/lists/* \ /var/lib/apt/lists/* \
/var/cache/debconf \ /var/cache/debconf \
/tmp/* \ /tmp/* \
&& apt-get clean \
&& mkdir -p /var/lib/clickhouse /var/log/clickhouse-server /etc/clickhouse-server /etc/clickhouse-client \ && mkdir -p /var/lib/clickhouse /var/log/clickhouse-server /etc/clickhouse-server /etc/clickhouse-client \
&& chmod ugo+Xrw -R /var/lib/clickhouse /var/log/clickhouse-server /etc/clickhouse-server /etc/clickhouse-client && chmod ugo+Xrw -R /var/lib/clickhouse /var/log/clickhouse-server /etc/clickhouse-server /etc/clickhouse-client