-
Notifications
You must be signed in to change notification settings - Fork 59
/
Dockerfile.ubuntu.openjdk11
130 lines (115 loc) · 5.6 KB
/
Dockerfile.ubuntu.openjdk11
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
FROM ibm-semeru-runtimes:open-11-jre-jammy
USER root
ARG LIBERTY_VERSION=24.0.0.6
ARG LIBERTY_SHA=08a2f3aee2f96fad4d2b6f728fd55658be3f02a0
ARG LIBERTY_DOWNLOAD_URL=https://repo1.maven.org/maven2/io/openliberty/openliberty-runtime/$LIBERTY_VERSION/openliberty-runtime-$LIBERTY_VERSION.zip
ARG LIBERTY_BUILD_LABEL=cl240620240603-2001
ARG OPENJ9_SCC=true
ARG VERBOSE=false
LABEL org.opencontainers.image.authors="Leo Christy Jesuraj, Melissa Lee, Thomas Watson, Michal Broz, Wendy Raschke" \
org.opencontainers.image.vendor="Open Liberty" \
org.opencontainers.image.url="https://openliberty.io/" \
org.opencontainers.image.source="https://github.com/OpenLiberty/ci.docker" \
org.opencontainers.image.revision="$LIBERTY_BUILD_LABEL" \
org.opencontainers.image.description="This image contains the Open Liberty runtime with IBM Semeru Runtime Open Edition OpenJDK with OpenJ9 and Ubuntu as the base OS. For more information on this image please see https://github.com/OpenLiberty/ci.docker#building-an-application-image" \
org.opencontainers.image.title="Open Liberty" \
org.opencontainers.image.version="$LIBERTY_VERSION"
COPY NOTICES /opt/ol/NOTICES
COPY helpers /opt/ol/helpers
COPY fixes/ /opt/ol/fixes/
# Install dumb-init
RUN set -eux; \
ARCH="$(dpkg --print-architecture)"; \
case "${ARCH}" in \
aarch64|arm64) \
DUMB_INIT_URL='https://github.com/Yelp/dumb-init/releases/download/v1.2.5/dumb-init_1.2.5_aarch64'; \
DUMB_INIT_SHA256=b7d648f97154a99c539b63c55979cd29f005f88430fb383007fe3458340b795e; \
;; \
amd64|x86_64) \
DUMB_INIT_URL='https://github.com/Yelp/dumb-init/releases/download/v1.2.5/dumb-init_1.2.5_x86_64'; \
DUMB_INIT_SHA256=e874b55f3279ca41415d290c512a7ba9d08f98041b28ae7c2acb19a545f1c4df; \
;; \
ppc64el|ppc64le) \
DUMB_INIT_URL='https://github.com/Yelp/dumb-init/releases/download/v1.2.5/dumb-init_1.2.5_ppc64le'; \
DUMB_INIT_SHA256=3d15e80e29f0f4fa1fc686b00613a2220bc37e83a35283d4b4cca1fbd0a5609f; \
;; \
s390x) \
DUMB_INIT_URL='https://github.com/Yelp/dumb-init/releases/download/v1.2.5/dumb-init_1.2.5_s390x'; \
DUMB_INIT_SHA256=47e4601b152fc6dcb1891e66c30ecc62a2939fd7ffd1515a7c30f281cfec53b7; \
;;\
*) \
echo "Unsupported arch: ${ARCH}"; \
exit 1; \
;; \
esac; \
curl -LfsSo /usr/bin/dumb-init ${DUMB_INIT_URL}; \
echo "${DUMB_INIT_SHA256} */usr/bin/dumb-init" | sha256sum -c -; \
chmod +x /usr/bin/dumb-init;
# Install Open Liberty
RUN apt-get update \
&& apt-get install -y --no-install-recommends unzip openssl wget \
&& wget -q $LIBERTY_DOWNLOAD_URL -U UA-Open-Liberty-Docker -O /tmp/wlp.zip \
&& echo "$LIBERTY_SHA /tmp/wlp.zip" > /tmp/wlp.zip.sha1 \
&& sha1sum -c /tmp/wlp.zip.sha1 \
&& unzip -q /tmp/wlp.zip -d /opt/ol \
&& rm /tmp/wlp.zip \
&& rm /tmp/wlp.zip.sha1 \
&& mkdir -p /licenses \
&& cp /opt/ol/wlp/LICENSE /licenses/ \
&& apt-get remove -y unzip \
&& apt-get remove -y wget \
&& rm -rf /var/lib/apt/lists/* \
&& useradd -u 1001 -r -g 0 -s /usr/sbin/nologin default \
&& chown -R 1001:0 /opt/ol/wlp \
&& chmod -R g+rw /opt/ol/wlp
# Set Path Shortcuts
ENV PATH=$PATH:/opt/ol/wlp/bin:/opt/ol/helpers/build \
LOG_DIR=/logs \
WLP_OUTPUT_DIR=/opt/ol/wlp/output \
WLP_SKIP_MAXPERMSIZE=true \
OPENJ9_SCC=$OPENJ9_SCC
# Configure Open Liberty
RUN /opt/ol/wlp/bin/server create --template=javaee8 \
&& rm -rf $WLP_OUTPUT_DIR/.classCache /output/workarea \
&& rm -rf /opt/ol/wlp/usr/servers/defaultServer/server.env
# Create symlinks && set permissions for non-root user
RUN mkdir /logs \
&& mkdir -p /opt/ol/wlp/usr/shared/resources/lib.index.cache \
&& ln -s /opt/ol/wlp/usr/shared/resources/lib.index.cache /lib.index.cache \
&& mkdir -p $WLP_OUTPUT_DIR/defaultServer \
&& ln -s $WLP_OUTPUT_DIR/defaultServer /output \
&& ln -s /opt/ol/wlp/usr/servers/defaultServer /config \
&& mkdir -p /config/configDropins/defaults \
&& mkdir -p /config/configDropins/overrides \
&& mkdir -p /config/dropins \
&& mkdir -p /config/apps \
&& ln -s /opt/ol/wlp /liberty \
&& ln -s /opt/ol/fixes /fixes \
&& chown -R 1001:0 /config \
&& chmod -R g+rw /config \
&& chown -R 1001:0 /logs \
&& chmod -R g+rw /logs \
&& chown -R 1001:0 /opt/ol/wlp/usr \
&& chmod -R g+rw /opt/ol/wlp/usr \
&& chown -R 1001:0 /opt/ol/wlp/output \
&& chmod -R g+rw /opt/ol/wlp/output \
&& chown -R 1001:0 /opt/ol/helpers \
&& chmod -R g+rw /opt/ol/helpers \
&& chown -R 1001:0 /opt/ol/fixes \
&& chmod -R g+rwx /opt/ol/fixes \
&& mkdir /etc/wlp \
&& chown -R 1001:0 /etc/wlp \
&& chmod -R g+rw /etc/wlp \
&& echo "<server description=\"Default Server\"><httpEndpoint id=\"defaultHttpEndpoint\" host=\"*\" /></server>" > /config/configDropins/defaults/open-default-port.xml
# Create a new SCC layer
RUN if [ "$OPENJ9_SCC" = "true" ]; then populate_scc.sh; fi \
&& rm -rf /output/messaging /output/resources/security /logs/* $WLP_OUTPUT_DIR/.classCache \
&& chown -R 1001:0 /opt/ol/wlp/output \
&& chmod -R g+rwx /opt/ol/wlp/output
#These settings are needed so that we can run as a different user than 1001 after server warmup
ENV RANDFILE=/tmp/.rnd \
OPENJ9_JAVA_OPTIONS="-XX:+IgnoreUnrecognizedVMOptions -XX:+IdleTuningGcOnIdle -Xshareclasses:name=openj9_system_scc,cacheDir=/opt/java/.scc,readonly,nonFatal -Dosgi.checkConfiguration=false"
USER 1001
EXPOSE 9080 9443
ENTRYPOINT ["/opt/ol/helpers/runtime/docker-server.sh"]
CMD ["/opt/ol/wlp/bin/server", "run", "defaultServer"]