Created
April 19, 2024 13:29
-
-
Save rmb938/4a5884c090191649ad2b52af4c7b6c33 to your computer and use it in GitHub Desktop.
kube-router centos & rocky builds
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ARG BUILDTIME_BASE=golang:1-alpine | |
| ARG RUNTIME_BASE=centos:7 | |
| ARG TARGETPLATFORM | |
| ARG CNI_VERSION | |
| FROM ${BUILDTIME_BASE} as builder | |
| ENV BUILD_IN_DOCKER=false | |
| ENV KUBE_ROUTER_VERSION=v2.1.0 | |
| RUN apk add --no-cache make git tar curl | |
| RUN git clone --depth 1 --branch ${KUBE_ROUTER_VERSION} https://github.com/cloudnativelabs/kube-router.git /build | |
| WORKDIR /build | |
| RUN make kube-router \ | |
| && make gobgp \ | |
| && make cni-download | |
| FROM ${RUNTIME_BASE} | |
| RUN yum update -y | |
| RUN yum install -y \ | |
| iptables \ | |
| ipset \ | |
| iproute \ | |
| ipvsadm \ | |
| conntrack-tools \ | |
| curl \ | |
| bash && \ | |
| mkdir -p /var/lib/gobgp && \ | |
| mkdir -p /usr/local/share/bash-completion && \ | |
| curl -L -o /usr/local/share/bash-completion/bash-completion \ | |
| https://raw.githubusercontent.com/scop/bash-completion/master/bash_completion | |
| COPY --from=builder /build/build/image-assets/bashrc /root/.bashrc | |
| COPY --from=builder /build/build/image-assets/profile /root/.profile | |
| COPY --from=builder /build/build/image-assets/vimrc /root/.vimrc | |
| COPY --from=builder /build/build/image-assets/motd-kube-router.sh /etc/motd-kube-router.sh | |
| COPY --from=builder /build/build/image-assets/cni-install /usr/local/bin/cni-install | |
| COPY --from=builder /build/kube-router /build/gobgp /usr/local/bin/ | |
| COPY --from=builder /build/cni-download /usr/libexec/cni | |
| # Use iptables-wrappers so that correct version of iptables-legacy or iptables-nft gets used. Alpine contains both, but | |
| # which version is used should be based on the host system as well as where rules that may have been added before | |
| # kube-router are being placed. For more information see: https://github.com/kubernetes-sigs/iptables-wrappers | |
| COPY --from=builder /build/build/image-assets/iptables-wrapper-installer.sh / | |
| # This is necessary because of the bug reported here: https://github.com/flannel-io/flannel/pull/1340/files | |
| # Basically even under QEMU emulation, it still doesn't have an ARM kernel in-play which means that calls to | |
| # iptables-nft will fail in the build process. The sanity check here only makes sure that we are not using | |
| # iptables-1.8.0-1.8.2. For now we'll manage that on our own. | |
| RUN /iptables-wrapper-installer.sh --no-sanity-check | |
| WORKDIR /root | |
| ENTRYPOINT ["/usr/local/bin/kube-router"] |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ARG BUILDTIME_BASE=golang:1-alpine | |
| ARG RUNTIME_BASE=rockylinux:8 | |
| ARG TARGETPLATFORM | |
| ARG CNI_VERSION | |
| FROM ${BUILDTIME_BASE} as builder | |
| ENV BUILD_IN_DOCKER=false | |
| ENV KUBE_ROUTER_VERSION=v2.1.0 | |
| RUN apk add --no-cache make git tar curl | |
| RUN git clone --depth 1 --branch ${KUBE_ROUTER_VERSION} https://github.com/cloudnativelabs/kube-router.git /build | |
| WORKDIR /build | |
| RUN make kube-router \ | |
| && make gobgp \ | |
| && make cni-download | |
| FROM ${RUNTIME_BASE} | |
| RUN dnf update -y | |
| RUN dnf install -y \ | |
| iptables \ | |
| ipset \ | |
| iproute \ | |
| ipvsadm \ | |
| conntrack-tools \ | |
| curl \ | |
| bash && \ | |
| mkdir -p /var/lib/gobgp && \ | |
| mkdir -p /usr/local/share/bash-completion && \ | |
| curl -L -o /usr/local/share/bash-completion/bash-completion \ | |
| https://raw.githubusercontent.com/scop/bash-completion/master/bash_completion | |
| COPY --from=builder /build/build/image-assets/bashrc /root/.bashrc | |
| COPY --from=builder /build/build/image-assets/profile /root/.profile | |
| COPY --from=builder /build/build/image-assets/vimrc /root/.vimrc | |
| COPY --from=builder /build/build/image-assets/motd-kube-router.sh /etc/motd-kube-router.sh | |
| COPY --from=builder /build/build/image-assets/cni-install /usr/local/bin/cni-install | |
| COPY --from=builder /build/kube-router /build/gobgp /usr/local/bin/ | |
| COPY --from=builder /build/cni-download /usr/libexec/cni | |
| # Use iptables-wrappers so that correct version of iptables-legacy or iptables-nft gets used. Alpine contains both, but | |
| # which version is used should be based on the host system as well as where rules that may have been added before | |
| # kube-router are being placed. For more information see: https://github.com/kubernetes-sigs/iptables-wrappers | |
| COPY --from=builder /build/build/image-assets/iptables-wrapper-installer.sh / | |
| # This is necessary because of the bug reported here: https://github.com/flannel-io/flannel/pull/1340/files | |
| # Basically even under QEMU emulation, it still doesn't have an ARM kernel in-play which means that calls to | |
| # iptables-nft will fail in the build process. The sanity check here only makes sure that we are not using | |
| # iptables-1.8.0-1.8.2. For now we'll manage that on our own. | |
| RUN /iptables-wrapper-installer.sh --no-sanity-check | |
| WORKDIR /root | |
| ENTRYPOINT ["/usr/local/bin/kube-router"] |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment