Commit Graph

28 Commits

Author SHA1 Message Date
Niels de Vos
0d66c35a5b build: create /etc/selinux/config in case it is missing
Sometimes the Ceph container images seem to have a broken scriptlet
while installing/updating Ceph packages. It is relatively common for
them to fail when `/etc/selinux/config` does not exist. By ensuring the
file directory and file exist (even if empty), the package installation
or upgrades succeed.

Signed-off-by: Niels de Vos <ndevos@ibm.com>
(cherry picked from commit 24d6b5fe3f)
2023-12-19 15:04:00 +00:00
Riya Singhal
5e80c6aee0 rebase: install libcephfs-devel
Signed-off-by: Riya Singhal <rsinghal@redhat.com>
2023-11-23 00:55:17 +00:00
Niels de Vos
d753eaa016 build: make sure nfs-utils is installed
Ceph is minimizing their container-images, which can cause the
`nfs-utils` package to be dropped. As Ceph-CSI supports mounting NFS, it
needs the `/sbin/mount.nfs` executable, so install the package (or a
no-op if it is installed already).

See-also: https://rook-io.slack.com/archives/C46Q5UC05/p1699188662893109
Signed-off-by: Niels de Vos <ndevos@ibm.com>
2023-11-09 12:00:40 +00:00
Madhu Rajanna
d45bb12cc1 build: disable ganesha package in Dockerfile
disable ganesha as dnf update is
failing on Reef ceph version.

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2023-08-25 17:50:40 +00:00
Niels de Vos
16e5de5e1d build: use lower version for dependencies if repositories are broken
Some packages have dependencies on other repositories. On occasion these
repositories seem to be out-of-sync. In that case, install updates with
an older version, instead of erroring out.

Signed-off-by: Niels de Vos <ndevos@ibm.com>
2023-08-25 11:43:03 +00:00
Niels de Vos
0efe8e4711 build: disable ceph-iscsi repository
The ceph-iscsi repository seems to provide broken metadata or packages.
Ceph-CSI does not need to install them, so disable the repository for
now.

It seems that other repositories gave issues before too, but these
repositories were disabled after installing all available updates. For
ceph-iscsi updating fails already, so disable the repositories before
updating.

Updates: #2034
Signed-off-by: Niels de Vos <ndevos@ibm.com>
2023-07-03 12:10:49 +00:00
Gert van den Berg
c3d5b78276 build: Update packages in release image
This will get updates released after the base image was built. This adds a layer
and increase the image size, but significantly reduce the number of CVEs in the
resultant image.

Signed-off-by: Gert van den Berg <github@mohag.net>
2023-02-01 15:47:31 +00:00
Humble Chirammal
ff18fb1def build: add dnf update and add switch --nodocs to install command
this commit update the packages and then do installation of the
packages in docker build process.

Signed-off-by: Humble Chirammal <hchiramm@redhat.com>
2022-11-15 15:32:57 +00:00
Rakshith R
5ed305850f build: resolve a fixme and disable tcmu repo
Cmd to disable apache arrow repo is removed, since
it is no longer needed.
Cmd to disable tcmu repo is added to make build pass.

refer: https://github.com/ceph/ceph-container/issues/2034

Signed-off-by: Rakshith R <rar@redhat.com>
2022-07-20 09:29:35 +00:00
Humble Chirammal
16abbbc846 build: remove cache while building container image
Reduce size of the container image by removing the cache in deploy
and devel container.

Signed-off-by: Humble Chirammal <hchiramm@redhat.com>
2022-03-28 06:09:27 +00:00
Niels de Vos
cbec296543 build: disable removed Apache Arrow repository
The CentOS 8 repository for Apache Arrow has been removed. This causes
container-image builds fail with the following error:

    Errors during downloading metadata for repository 'apache-arrow-centos':
      - Status code: 404 for https://apache.jfrog.io/artifactory/arrow/centos/8/x86_64/repodata/repomd.xml (IP: 54.190.66.70)
    Error: Failed to download metadata for repo 'apache-arrow-centos': Cannot download repomd.xml: Cannot download repodata/repomd.xml: All mirrors were tried

The Ceph base image has `arrow/centos/8` configured, maybe Apache Arrow
offers a CentOS Stream 8 repository now? Once the Ceph container-image
has been updated, the repository can be enabled again.

Ceph-CSI does not depend on Apache Arrow, so there is no functional
change by disabling the repository.

Signed-off-by: Niels de Vos <ndevos@redhat.com>
2022-02-04 10:23:58 +00:00
Niels de Vos
06d5d8f23a build: libcephfs-devel is not needed
go-ceph does not  use CephFS development headers, so there is no need to
install libcephfs-devel.

Signed-off-by: Niels de Vos <ndevos@redhat.com>
2021-03-10 09:26:00 +00:00
Niels de Vos
b26d33b7c1 build: install git as when building from Dockerfile
When running a simple build with only the required arguments, the
following warning are reported:

    $ buildah bud --build-arg=BASE_IMAGE=ceph/ceph:v15 --build-arg=GO_ARCH=amd64 -f ./deploy/cephcsi/image/Dockerfile .
    ...
    STEP 15: COPY . ${SRC_DIR}
    STEP 16: RUN make cephcsi
    cephcsi image settings: quay.io/cephcsi/cephcsi version canary
    make: git: Command not found
    make: git: Command not found
    if [ ! -d ./vendor ]; then (go mod tidy && go mod vendor); fi
    make: git: Command not found
    ...
    STEP 23: COMMIT
    Getting image source signatures
    ...
    Writing manifest to image destination
    Storing signatures
    --> 239b19c4049

git is used to detect the current commit, and store it in the binary
that is built. Without the commit, the "Git Commit:" in the output is
empty, making it impossible to get the exact version:

    $ podman run --rm 239b19c4049 --version
    Cephcsi Version: canary
    Git Commit:
    Go Version: go1.15
    Compiler: gc
    Platform: linux/amd64
    Kernel: 5.8.4-200.fc32.x86_64

Signed-off-by: Niels de Vos <ndevos@redhat.com>
2020-10-27 21:46:38 +00:00
Prasanna Kumar Kalever
404ee73dcd cleanup: fix cmd in container img building errmsg
Signed-off-by: Prasanna Kumar Kalever <prasanna.kalever@redhat.com>
2020-08-19 07:06:28 +00:00
Niels de Vos
7affb9289d ci: display a warning when GO_ARCH is not set for image-cephcsi
`make image-cephcsi` will fail when Golang is not installed. There is no
strict requirement for Golang to be available, it is only used to gather
the architecture of the OS where the image is built. It is possible to
build the image successfully with `make image-cephcsi GOARCH=amd64`.

In case Golang is not installed, GOARCH can not be detected
automatically. This will cause a failure while installing Golang in the
container image. Because the failure is not very clear, display a
warning in the case the GO_ARCH (from ${GOARCH} in the Makefile) is not
set.

Signed-off-by: Niels de Vos <ndevos@redhat.com>
2020-07-06 06:20:53 +00:00
Niels de Vos
2055d79165 build: check if installed Golang has a compatible architecture
For building a arm64 container image on amd64, it is needed to configure
the system specifically for that. In order to prevent including a amd64
executable in a arm64 image, a check has been added.

When running an arm64 executable on a amd64 system, an error should
occur when cross architecture containers are not supported. This can be
triggered when running `make image-cephcsi GO_ARCH=arm64` on a amd64
system.

Signed-off-by: Niels de Vos <ndevos@redhat.com>
2020-06-28 17:46:37 +00:00
Niels de Vos
4fd973b924 build: use BASE_IMAGE from build.env
Signed-off-by: Niels de Vos <ndevos@redhat.com>
2020-06-28 17:46:37 +00:00
Niels de Vos
f83a065c8a build: move GOLANG_VERSION to build.env
Signed-off-by: Niels de Vos <ndevos@redhat.com>
2020-06-28 17:46:37 +00:00
Niels de Vos
2ad58f152b build: verify that all dynamically linked libraries are available
When building with go-ceph, there are several dynamically linked
libraries used directly (libcephfs, librados and librbd), and many more
indirectly.

By adding an additional RUN statement to check if all libraries are
available in the final image, problems related to missing libraries
should be caught before publishing/consuming the image.

Signed-off-by: Niels de Vos <ndevos@redhat.com>
2020-05-27 09:03:42 +00:00
Madhu Rajanna
bfa6064b4d Read baseimage from the dockerfile
Updated deploy.sh and build scripts
to read base image from the dockerfile

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2020-04-22 15:41:40 +00:00
Madhu Rajanna
697ed32778 Add script to build and push multi arch images
with the help of qemu-user-static we can run
different architecute contains.

more info at https://github.com/multiarch/qemu-user-static

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2020-04-22 15:41:40 +00:00
Madhu Rajanna
32e2a713e6 Fix multi architecture dockerfile
Add support for multi architecture build
for cephcsi. with multistage docker build
we we build cephcsi binary for both arm64
and amd64 architecture.

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2020-04-22 15:41:40 +00:00
Madhu Rajanna
c629c3bf52 update base image in Dockerfile
As we have the octopus as the latest
release base image,this PR updates the
base image in Dockerfile

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2020-04-01 10:35:23 +00:00
Yibo Cai
4b8b52e0de Support Arm64 image
Update CI merge job to build and push Arm64 image to
quay.io/cephcsi/cephcsi:version-arm64.

Add CI PR job running on Travis Arm64 nodes to make sure cephcsi
compiles successfully on Arm64.

No CI test job is availabe for Arm64 now due to below issues
- k8s-csi sidecar images for Arm64 are not available
- Travis Arm64 CI job runs inside unprivileged LXD which blocks
  launching minikube test environment

Signed-off-by: Yibo Cai <yibo.cai@arm.com>
2020-01-09 09:53:50 +00:00
Madhu Rajanna
d6f1c938d8 comment yum update from dockerfile
currently we are facing issue in  building
docker image,commenting yum update it fix it

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2019-09-04 11:12:07 +00:00
Humble Chirammal
6950ad468f Fix the vulnarabilities in the image.
Signed-off-by: Humble Chirammal <hchiramm@redhat.com>
2019-08-14 17:37:33 +05:30
Madhu Rajanna
2d560ba087 update ceph-csi to build and use a single docker image
currently, we have 3 docker files(cephcsi,rbd,cephfs) in the ceph-csi repo.
[commit ](85e121ebfe)
added by John to build a single image which can act as rbd or
cephfs based on the input configuration.

This PR updates the makefile and kubernetes templates to use
the unified image and also its deletes the other two dockerfiles.

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2019-05-28 18:10:22 +00:00
John Mulligan
a44714fdfb deploy: create a new Dockerfile for unified cephcsi image
Signed-off-by: John Mulligan <jmulligan@redhat.com>
2019-04-10 20:36:51 +00:00