Skip to content

Instantly share code, notes, and snippets.

@untergeek

untergeek/1-README.md

Last active April 28, 2023 00:03
Show Gist options
  • Save untergeek/00dcb3f64cb0afa2f8fd194e9a5856d2 to your computer and use it in GitHub Desktop.
Save untergeek/00dcb3f64cb0afa2f8fd194e9a5856d2 to your computer and use it in GitHub Desktop.
Download ZIP
Build Curator Docker image on RHEL 7.9 with Docker 1.13.1
Raw
1-README.md

Build viable Docker image for RHEL 7.9 running Docker 1.13.1

Update RHEL 7.9

subscription-manager repos --enable=rhel-7-server-rpms
subscription-manager repos --enable=rhel-7-server-extras-rpms
subscription-manager repos --enable=rhel-7-server-optional-rpms
yum install docker device-mapper-libs device-mapper-event-libs
systemctl start docker.service
systemctl enable docker.service

Download build dependencies

sudo yum install @development zlib-devel bzip2 bzip2-devel readline-devel sqlite sqlite-devel openssl-devel xz xz-devel libffi-devel findutils

Install pyenv

curl https://pyenv.run | bash

Update .bashrc

echo 'export PYENV_ROOT="$HOME/.pyenv"' >> ~/.bashrc
echo 'command -v pyenv >/dev/null || export PATH="$PYENV_ROOT/bin:$PATH"' >> ~/.bashrc
echo 'eval "$(pyenv init -)"' >> ~/.bashrc

BE SURE TO LOG OUT AND IN AGAIN (to activate these commands in .bashrc)

Install up-to-date OpenSSL version (1.1.1t is the latest at this time):

curl -O https://ftp.openssl.org/source/openssl-1.1.1t.tar.gz # or use wget
tar zxf openssl-1.1.1t.tar.gz
cd openssl-1.1.1t
./config --prefix=/opt/openssl/
make
make install

Install Python 3.11.3 using OpenSSL and pyenv

LDFLAGS="-Wl,-rpath,/opt/openssl/lib" CONFIGURE_OPTS="-with-openssl=/opt/openssl" pyenv install -v 3.11.3

Create and launch a virtualenv for Curator

pyenv virtualenv 3.11.3 curator
pyenv activate curator

Clone Curator GitHub repository

git clone https://github.com/untergeek/curator.git
cd curator

Don't alter the master branch

git checkout -b rhel7docker

Backup Dockerfile

mv Dockerfile Dockerfile.orig

Create new Dockerfile with provided file contents.

Backup post4docker.py

cp post4docker.py post4docker.py.orig

Really, TARGET just changes from 'curator' to '/curator_bin', but you can create the file with the provided contents.

Build Curator Docker image

docker build . -t curator_rhel7:VERSION

Where VERSION should match what's in curator/curator/_version.py

Run Curator

docker run --privileged --rm --name curator-test -v /path/to/configfiles:/.curator curator_rhel7:VERSION --help

Where VERSION should match what you built the Docker image with.

Conclusion

At this point, Curator should be able to be run using the Docker run instructions in the documentation, especially the part about needing to map a volume for the configuration files.

Of particular note with this version of Curator, it will NOT run if you do not add the --privileged flag. Took me a bit to figure that out. It may behave differently for you depending on where your file path is, but I experimented with world-writable files in different paths and it would tell me:

Usage: curator [OPTIONS] ACTION_FILE
Try 'curator --help' for help.

Error: Invalid value for '--config': Path '/.curator/connection.yml' does not exist.

...if I did not add the --privileged flag.

Raw
Dockerfile
FROM python:3.11.3-alpine3.17
# Add the community repo for access to patchelf binary package
RUN echo "https://dl-cdn.alpinelinux.org/alpine/v3.17/community/" >> /etc/apk/repositories
RUN apk --no-cache upgrade && apk --no-cache add build-base tar musl-utils openssl-dev patchelf expat
# patchelf-wrapper is necessary now for cx_Freeze, but not for Curator itself.
RUN pip3 install setuptools cx_Freeze patchelf-wrapper
COPY . .
# alpine4docker.sh does some link magic necessary for cx_Freeze execution
# These files are platform dependent because the architecture is in the file name.
# This script handles it, effectively:
# ARCH=$(uname -m)
# ln -s /lib/libc.musl-${ARCH}.so.1 ldd
# ln -s /lib /lib64
RUN /bin/sh alpine4docker.sh
# Install Curator locally
RUN pip3 install .
# Build (or rather Freeze) Curator
RUN python3 setup.py build_exe
# Rename 'build/exe.{system().lower()}-{machine()}-{MAJOR}.{MINOR}' to curator_build
RUN python3 post4docker.py
RUN mkdir /.curator
USER nobody:nobody
ENV LD_LIBRARY_PATH /curator/lib:$LD_LIBRARY_PATH
ENTRYPOINT ["/curator_bin/curator"]
Raw
post4docker.py
#!/usr/bin/env python3
import shutil
from platform import machine, system, python_version
MAJOR, MINOR = tuple(python_version().split('.')[:-1])
SYSTEM = system().lower()
BUILD = f'build/exe.{system().lower()}-{machine()}-{MAJOR}.{MINOR}'
TARGET = '/curator_bin'
# Rename the path of BUILD to be generic enough for Dockerfile to get
# In other words, rename it to 'curator_build'
shutil.move(BUILD, TARGET)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment