This is an automated email from the ASF dual-hosted git repository.
eolivelli pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/bookkeeper.git
The following commit(s) were added to refs/heads/master by this push:
new be499be2a2 fix: permission denied in the docker image (#4464)
be499be2a2 is described below
commit be499be2a274b08a19dea47acfa4fa587aa232bb
Author: Zixuan Liu <[email protected]>
AuthorDate: Wed Nov 13 16:13:51 2024 +0800
fix: permission denied in the docker image (#4464)
---
docker/Dockerfile | 67 +++++++++++++++++++++++++++++++------------
docker/scripts/common.sh | 2 ++
docker/scripts/init_bookie.sh | 14 +++++----
3 files changed, 59 insertions(+), 24 deletions(-)
diff --git a/docker/Dockerfile b/docker/Dockerfile
index a58d0da0c4..091151b12a 100644
--- a/docker/Dockerfile
+++ b/docker/Dockerfile
@@ -17,6 +17,39 @@
# under the License.
#
+FROM alpine:3.20 as bk-dist
+
+ARG BK_VERSION=4.17.1
+ARG DISTRO_NAME=bookkeeper-server-${BK_VERSION}-bin
+ARG
DISTRO_URL=https://archive.apache.org/dist/bookkeeper/bookkeeper-${BK_VERSION}/${DISTRO_NAME}.tar.gz
+
+RUN apk update && apk add gpg gpg-agent wget \
+ && cd /opt \
+ && wget -q "${DISTRO_URL}" \
+ && wget -q "${DISTRO_URL}.asc" \
+ && wget -q "${DISTRO_URL}.sha512" \
+ && sha512sum -c ${DISTRO_NAME}.tar.gz.sha512 \
+ && wget -q https://dist.apache.org/repos/dist/release/bookkeeper/KEYS \
+ && gpg --import KEYS \
+ && gpg --batch --verify "$DISTRO_NAME.tar.gz.asc"
"$DISTRO_NAME.tar.gz" \
+ && tar -xzf "$DISTRO_NAME.tar.gz" \
+ && mv bookkeeper-server-${BK_VERSION}/ /opt/bookkeeper/ \
+ && rm -rf "$DISTRO_NAME.tar.gz" "$DISTRO_NAME.tar.gz.asc"
"$DISTRO_NAME.tar.gz.sha512";
+
+COPY scripts /opt/bookkeeper/scripts
+
+RUN for SUBDIRECTORY in conf logs data; do \
+ mkdir -p /opt/bookkeeper/$SUBDIRECTORY; \
+ chmod -R ug+rwx /opt/bookkeeper/$SUBDIRECTORY; \
+ chown -R 10000:0 /opt/bookkeeper/$SUBDIRECTORY; \
+ done
+
+RUN for SUBDIRECTORY in scripts bin; do \
+ chmod -R g+rx /opt/bookkeeper/$SUBDIRECTORY; \
+ done
+
+RUN chmod -R o+rx /opt/bookkeeper
+
FROM eclipse-temurin:17 as jre-build
# Create a custom Java runtime
@@ -48,43 +81,39 @@ ENV DEBIAN_FRONTEND=noninteractive
ARG UBUNTU_MIRROR=http://archive.ubuntu.com/ubuntu/
ARG UBUNTU_SECURITY_MIRROR=http://security.ubuntu.com/ubuntu/
-# Download Apache Bookkeeper, untar and clean up
RUN set -x \
&& sed -i -e
"s|http://archive\.ubuntu\.com/ubuntu/|${UBUNTU_MIRROR:-http://archive.ubuntu.com/ubuntu/}|g"
\
-e
"s|http://security\.ubuntu\.com/ubuntu/|${UBUNTU_SECURITY_MIRROR:-http://security.ubuntu.com/ubuntu/}|g"
/etc/apt/sources.list \
&& echo 'Acquire::http::Timeout
"30";\nAcquire::http::ConnectionAttemptDelayMsec
"2000";\nAcquire::https::Timeout
"30";\nAcquire::https::ConnectionAttemptDelayMsec
"2000";\nAcquire::ftp::Timeout "30";\nAcquire::ftp::ConnectionAttemptDelayMsec
"2000";\nAcquire::Retries "15";' > /etc/apt/apt.conf.d/99timeout_and_retries \
- && adduser "${BK_USER}" \
&& apt-get update \
&& apt-get install -y ca-certificates apt-transport-https \
&& apt-get install -y --no-install-recommends python3 pip \
&& ln -s /usr/bin/python3 /usr/bin/python \
- && apt-get install -y --no-install-recommends gpg gpg-agent wget sudo \
+ && apt-get install -y --no-install-recommends wget sudo \
&& apt-get -y --purge autoremove \
&& apt-get autoclean \
&& apt-get clean \
&& rm -rf /var/lib/apt/lists/* \
- && mkdir -pv /opt \
- && cd /opt \
- && wget -q "${DISTRO_URL}" \
- && wget -q "${DISTRO_URL}.asc" \
- && wget -q "${DISTRO_URL}.sha512" \
- && sha512sum -c ${DISTRO_NAME}.tar.gz.sha512 \
- && wget https://dist.apache.org/repos/dist/release/bookkeeper/KEYS \
- && gpg --import KEYS \
- && gpg --batch --verify "$DISTRO_NAME.tar.gz.asc" "$DISTRO_NAME.tar.gz" \
- && tar -xzf "$DISTRO_NAME.tar.gz" \
- && mv bookkeeper-server-${BK_VERSION}/ /opt/bookkeeper/ \
- && rm -rf "$DISTRO_NAME.tar.gz" "$DISTRO_NAME.tar.gz.asc"
"$DISTRO_NAME.tar.gz.sha512" \
&& pip install zk-shell
-WORKDIR /opt/bookkeeper
-
+# JDK
ENV JAVA_HOME=/opt/java/openjdk
ENV PATH="$PATH:$JAVA_HOME/bin"
COPY --from=jre-build /javaruntime $JAVA_HOME
-COPY scripts /opt/bookkeeper/scripts
-RUN chmod +x -R /opt/bookkeeper/scripts/
+# BK
+ENV ZK_dataDir=${BK_HOME}/data/zookeeper/data
+ENV ZK_dataLogDir=${BK_HOME}/data/zookeeper/txlog
+ENV BK_DATA_DIR=${BK_HOME}/data
+ENV BK_journalDirectory=${BK_HOME}/data/journal
+ENV BK_ledgerDirectories=${BK_HOME}/data/ledgers
+ENV ZK_SHELL_HOME=${BK_HOME}/data
+COPY --from=bk-dist /opt/bookkeeper ${BK_HOME}
+
+WORKDIR ${BK_HOME}
+
+RUN adduser "${BK_USER}" -u 10000 --gid 0 --home ${BK_HOME} --no-create-home
--disabled-password
+USER 10000
ENTRYPOINT [ "/bin/bash", "/opt/bookkeeper/scripts/entrypoint.sh" ]
CMD ["bookie"]
diff --git a/docker/scripts/common.sh b/docker/scripts/common.sh
index 0f745db4b4..e113e17b8e 100755
--- a/docker/scripts/common.sh
+++ b/docker/scripts/common.sh
@@ -44,6 +44,8 @@ export
BK_dlogRootPath=${BK_dlogRootPath:-"${BK_CLUSTER_ROOT_PATH}/distributedlo
# stream storage
export BK_NUM_STORAGE_CONTAINERS=${BK_NUM_STORAGE_CONTAINERS:-"32"}
export BK_STREAM_STORAGE_ROOT_PATH=${BK_STREAM_STORAGE_ROOT_PATH:-"/stream"}
+# zk-shell
+export ZK_SHELL_HOME=${ZK_SHELL_HOME:-"${HOME}"}
echo "Environment Vars for bookie:"
echo ""
diff --git a/docker/scripts/init_bookie.sh b/docker/scripts/init_bookie.sh
index 1617442d17..086fc4809f 100755
--- a/docker/scripts/init_bookie.sh
+++ b/docker/scripts/init_bookie.sh
@@ -21,25 +21,29 @@
# */
source ${SCRIPTS_DIR}/common.sh
+function run_zk_shell() {
+ HOME=${ZK_SHELL_HOME} zk-shell "$@"
+}
+
function wait_for_zookeeper() {
echo "wait for zookeeper"
- until zk-shell --run-once "ls /" ${BK_zkServers}; do sleep 5; done
+ until run_zk_shell --run-once "ls /" ${BK_zkServers}; do sleep 5; done
}
function create_zk_root() {
if [ "x${BK_CLUSTER_ROOT_PATH}" != "x" ]; then
echo "create the zk root dir for bookkeeper at
'${BK_CLUSTER_ROOT_PATH}'"
- zk-shell --run-once "create ${BK_CLUSTER_ROOT_PATH} '' false false
true" ${BK_zkServers}
+ run_zk_shell --run-once "create ${BK_CLUSTER_ROOT_PATH} '' false false
true" ${BK_zkServers}
fi
}
function init_cluster() {
- zk-shell --run-once "ls ${BK_zkLedgersRootPath}/available/readonly"
${BK_zkServers}
+ run_zk_shell --run-once "ls ${BK_zkLedgersRootPath}/available/readonly"
${BK_zkServers}
if [ $? -eq 0 ]; then
echo "Cluster metadata already exists"
else
# Create an ephemeral zk node `bkInitLock` for use as a lock.
- lock=`zk-shell --run-once "create ${BK_CLUSTER_ROOT_PATH}/bkInitLock
'' true false false" ${BK_zkServers}`
+ lock=`run_zk_shell --run-once "create
${BK_CLUSTER_ROOT_PATH}/bkInitLock '' true false false" ${BK_zkServers}`
if [ -z "$lock" ]; then
echo "znodes do not exist in Zookeeper for Bookkeeper.
Initializing a new Bookkeekeper cluster in Zookeeper."
/opt/bookkeeper/bin/bookkeeper shell initnewcluster
@@ -57,7 +61,7 @@ function init_cluster() {
while [ ${tenSeconds} -lt 100 ]
do
sleep 10
- zk-shell --run-once "ls
${BK_zkLedgersRootPath}/available/readonly" ${BK_zkServers}
+ run_zk_shell --run-once "ls
${BK_zkLedgersRootPath}/available/readonly" ${BK_zkServers}
if [ $? -eq 0 ]; then
echo "Waited $tenSeconds * 10 seconds. Successfully listed
''${BK_zkLedgersRootPath}/available/readonly'"
break
