-
Notifications
You must be signed in to change notification settings - Fork 25
/
Dockerfile
91 lines (82 loc) · 4.08 KB
/
Dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
ARG BCI_BASE_IMAGE=registry.suse.com/bci/bci-base:15.5
ARG BCI_BUSYBOX_IMAGE=registry.suse.com/bci/bci-busybox:15.5
ARG GO_IMAGE=rancher/hardened-build-base:v1.22.7b1
FROM ${BCI_BASE_IMAGE} as bci-base
FROM ${BCI_BUSYBOX_IMAGE} as bci-busybox
FROM ${GO_IMAGE} as build
RUN set -x && \
apk --no-cache add \
bash \
binutils-gold \
libc6-compat \
curl \
file \
git \
libseccomp-dev \
rsync \
tar \
make \
gcc \
py-pip
FROM build AS build-k8s-codegen
ARG TAG
COPY ./scripts/semver-parse.sh /semver-parse.sh
RUN chmod +x /semver-parse.sh
RUN echo $(/semver-parse.sh ${TAG} all)
RUN git clone -b $(/semver-parse.sh ${TAG} all) --depth=1 -- https://github.com/kubernetes/kubernetes.git ${GOPATH}/src/kubernetes
WORKDIR ${GOPATH}/src/kubernetes
# force code generation
RUN make WHAT=cmd/kube-apiserver
# build statically linked executables
RUN echo "export MAJOR=$(/semver-parse.sh ${TAG} major)" >> /usr/local/go/bin/go-build-static-k8s.sh
RUN echo "export MINOR=$(/semver-parse.sh ${TAG} minor)" >> /usr/local/go/bin/go-build-static-k8s.sh
RUN echo "export GIT_COMMIT=$(git rev-parse HEAD)" >> /usr/local/go/bin/go-build-static-k8s.sh
RUN echo "export KUBERNETES_VERSION=$(/semver-parse.sh ${TAG} k8s)" >> /usr/local/go/bin/go-build-static-k8s.sh
RUN echo "export BUILD_DATE=$(date -u +%Y-%m-%dT%H:%M:%SZ)" >> /usr/local/go/bin/go-build-static-k8s.sh
RUN echo "export GO_LDFLAGS=\"-linkmode=external \
-X k8s.io/component-base/version.gitVersion=\${KUBERNETES_VERSION} \
-X k8s.io/component-base/version.gitMajor=\${MAJOR} \
-X k8s.io/component-base/version.gitMinor=\${MINOR} \
-X k8s.io/component-base/version.gitCommit=\${GIT_COMMIT} \
-X k8s.io/component-base/version.gitTreeState=clean \
-X k8s.io/component-base/version.buildDate=\${BUILD_DATE} \
-X k8s.io/client-go/pkg/version.gitVersion=\${KUBERNETES_VERSION} \
-X k8s.io/client-go/pkg/version.gitMajor=\${MAJOR} \
-X k8s.io/client-go/pkg/version.gitMinor=\${MINOR} \
-X k8s.io/client-go/pkg/version.gitCommit=\${GIT_COMMIT} \
-X k8s.io/client-go/pkg/version.gitTreeState=clean \
-X k8s.io/client-go/pkg/version.buildDate=\${BUILD_DATE} \
\"" >> /usr/local/go/bin/go-build-static-k8s.sh
RUN echo 'go-build-static.sh -gcflags=-trimpath=${GOPATH}/src/kubernetes -mod=vendor -tags=selinux,osusergo,netgo ${@}' \
>> /usr/local/go/bin/go-build-static-k8s.sh
RUN chmod -v +x /usr/local/go/bin/go-*.sh
FROM build-k8s-codegen AS build-k8s
ARG TARGETARCH
ARG K3S_ROOT_VERSION=v0.14.0
ADD https://github.com/k3s-io/k3s-root/releases/download/${K3S_ROOT_VERSION}/k3s-root-${TARGETARCH}.tar /opt/k3s-root/k3s-root.tar
RUN tar xvf /opt/k3s-root/k3s-root.tar -C /opt/k3s-root --wildcards --strip-components=2 './bin/aux/*tables*'
RUN tar xvf /opt/k3s-root/k3s-root.tar -C /opt/k3s-root './bin/ipset'
RUN go-build-static-k8s.sh -o bin/kube-apiserver ./cmd/kube-apiserver
RUN go-build-static-k8s.sh -o bin/kube-controller-manager ./cmd/kube-controller-manager
RUN go-build-static-k8s.sh -o bin/kube-scheduler ./cmd/kube-scheduler
RUN go-build-static-k8s.sh -o bin/kube-proxy ./cmd/kube-proxy
RUN go-build-static-k8s.sh -o bin/kubeadm ./cmd/kubeadm
RUN go-build-static-k8s.sh -o bin/kubectl ./cmd/kubectl
RUN go-build-static-k8s.sh -o bin/kubelet ./cmd/kubelet
RUN go-assert-static.sh bin/*
RUN if [ "${TARGETARCH}" = "amd64" ]; then \
go-assert-boring.sh bin/* ; \
fi
RUN install -s bin/* /usr/local/bin/
RUN kube-proxy --version
FROM bci-base AS kernel-tools
RUN zypper update -y && \
zypper install -y which conntrack-tools kmod
FROM bci-busybox as kubernetes
COPY --from=kernel-tools /usr/lib64/conntrack-tools /usr/lib64/conntrack-tools
COPY --from=kernel-tools /usr/lib64/libmnl* /usr/lib64/libnetfilter* /usr/lib64/libnfnetlink* /usr/lib64/
COPY --from=kernel-tools /usr/sbin/conntrack /usr/sbin/conntrack
COPY --from=kernel-tools /usr/sbin/modprobe /usr/sbin/modprobe
COPY --from=build-k8s /opt/k3s-root/aux/ /usr/sbin/
COPY --from=build-k8s /opt/k3s-root/bin/ /bin/
COPY --from=build-k8s /usr/local/bin/ /usr/local/bin/