Skip to content

Commit

Permalink
feat: replace default ubuntu based images with ubi-minimal based ones
Browse files Browse the repository at this point in the history
  • Loading branch information
pkoutsovasilis committed Dec 24, 2024
1 parent 9b92245 commit 7d6077b
Show file tree
Hide file tree
Showing 3 changed files with 23 additions and 74 deletions.
1 change: 1 addition & 0 deletions CHANGELOG.next.asciidoc
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,7 @@ https://github.com/elastic/beats/compare/v8.8.1\...main[Check the HEAD diff]
- Drop support for Debian 10 and upgrade statically linked glibc from 2.28 to 2.31 {pull}41402[41402]
- Fix metrics not being ingested, due to "Limit of total fields [10000] has been exceeded while adding new fields [...]". The total fields limit has been increased to 12500. No significant performance impact on Elasticsearch is anticipated. {pull}41640[41640]
- Set default kafka version to 2.1.0 in kafka output and filebeat. {pull}41662[41662]
- Replace default Ubuntu-based images with UBI-minimal-based ones {pull}42150[42150]

*Auditbeat*

Expand Down
56 changes: 2 additions & 54 deletions dev-tools/packaging/packages.yml
Original file line number Diff line number Diff line change
Expand Up @@ -159,7 +159,7 @@ shared:
- &docker_spec
<<: *binary_spec
extra_vars:
from: '--platform=linux/amd64 ubuntu:24.04'
from: '--platform=linux/amd64 docker.elastic.co/ubi9/ubi-minimal'
buildFrom: '--platform=linux/amd64 cgr.dev/chainguard/wolfi-base'
user: '{{ .BeatName }}'
linux_capabilities: ''
Expand All @@ -172,18 +172,8 @@ shared:
- &docker_arm_spec
<<: *docker_spec
extra_vars:
from: '--platform=linux/arm64 ubuntu:24.04'
buildFrom: '--platform=linux/arm64 cgr.dev/chainguard/wolfi-base'

- &docker_ubi_spec
extra_vars:
image_name: '{{.BeatName}}-ubi'
from: '--platform=linux/amd64 docker.elastic.co/ubi9/ubi-minimal'

- &docker_arm_ubi_spec
extra_vars:
image_name: '{{.BeatName}}-ubi'
from: '--platform=linux/arm64 docker.elastic.co/ubi9/ubi-minimal'
buildFrom: '--platform=linux/arm64 cgr.dev/chainguard/wolfi-base'

- &docker_wolfi_spec
extra_vars:
Expand Down Expand Up @@ -405,15 +395,6 @@ specs:
<<: *elastic_docker_spec
<<: *elastic_license_for_binaries

- os: linux
arch: amd64
types: [docker]
spec:
<<: *docker_spec
<<: *docker_ubi_spec
<<: *elastic_docker_spec
<<: *elastic_license_for_binaries

- os: linux
arch: amd64
types: [docker]
Expand All @@ -431,15 +412,6 @@ specs:
<<: *elastic_docker_spec
<<: *elastic_license_for_binaries

- os: linux
arch: arm64
types: [docker]
spec:
<<: *docker_arm_spec
<<: *docker_arm_ubi_spec
<<: *elastic_docker_spec
<<: *elastic_license_for_binaries

- os: linux
arch: arm64
types: [docker]
Expand Down Expand Up @@ -536,18 +508,6 @@ specs:
'{{.BeatName}}{{.BinaryExt}}':
source: ./{{.XPackDir}}/{{.BeatName}}/build/golang-crossbuild/{{.BeatName}}-{{.GOOS}}-{{.Platform.Arch}}{{.BinaryExt}}

- os: linux
arch: amd64
types: [docker]
spec:
<<: *docker_spec
<<: *docker_ubi_spec
<<: *elastic_docker_spec
<<: *elastic_license_for_binaries
files:
'{{.BeatName}}{{.BinaryExt}}':
source: ./{{.XPackDir}}/{{.BeatName}}/build/golang-crossbuild/{{.BeatName}}-{{.GOOS}}-{{.Platform.Arch}}{{.BinaryExt}}

- os: linux
arch: amd64
types: [docker]
Expand All @@ -571,18 +531,6 @@ specs:
'{{.BeatName}}{{.BinaryExt}}':
source: ./{{.XPackDir}}/{{.BeatName}}/build/golang-crossbuild/{{.BeatName}}-{{.GOOS}}-{{.Platform.Arch}}{{.BinaryExt}}

- os: linux
arch: arm64
types: [docker]
spec:
<<: *docker_arm_spec
<<: *docker_arm_ubi_spec
<<: *elastic_docker_spec
<<: *elastic_license_for_binaries
files:
'{{.BeatName}}{{.BinaryExt}}':
source: ./{{.XPackDir}}/{{.BeatName}}/build/golang-crossbuild/{{.BeatName}}-{{.GOOS}}-{{.Platform.Arch}}{{.BinaryExt}}

- os: linux
arch: arm64
types: [docker]
Expand Down
40 changes: 20 additions & 20 deletions dev-tools/packaging/templates/docker/Dockerfile.tmpl
Original file line number Diff line number Diff line change
Expand Up @@ -49,25 +49,14 @@ RUN for iter in {1..10}; do \
{{- if contains .from "ubi-minimal" }}
RUN for iter in {1..10}; do \
microdnf -y update && \
microdnf -y install findutils shadow-utils && \
microdnf -y install findutils shadow-utils ca-certificates \
gawk libcap xz tar && \
microdnf clean all && \
exit_code=0 && break || exit_code=$? && echo "microdnf error: retry $iter in 10s" && sleep 10; \
done; \
(exit $exit_code)
{{- end }}

{{- if contains .from "ubuntu" }}
RUN touch /var/mail/ubuntu && chown ubuntu /var/mail/ubuntu && userdel -r ubuntu

RUN for iter in {1..10}; do \
apt-get update -y && \
DEBIAN_FRONTEND=noninteractive apt-get install --no-install-recommends --yes ca-certificates curl gawk libcap2-bin xz-utils && \
apt-get clean all && \
exit_code=0 && break || exit_code=$? && echo "apt-get error: retry $iter in 10s" && sleep 10; \
done; \
(exit $exit_code)
{{- end }}

LABEL \
org.label-schema.build-date="{{ date }}" \
org.label-schema.schema-version="1.0" \
Expand Down Expand Up @@ -166,7 +155,7 @@ USER {{ .user }}
RUN (npm i -g --loglevel verbose --production --engine-strict @elastic/synthetics@stack_release || sh -c 'tail -n +1 ${NPM_CONFIG_PREFIX}/_logs/* && exit 1')
{{- end }}

{{- if (and (eq .BeatName "heartbeat") (contains .from "ubuntu")) }}
{{- if (and (eq .BeatName "heartbeat") (contains .from "ubi-minimal")) }}
USER root
ENV NODE_PATH={{ $beatHome }}/.node
RUN echo \
Expand Down Expand Up @@ -217,12 +206,23 @@ USER root
# We don't use npx playwright install-deps because that could pull a newer version
# Install additional fonts as well
RUN for iter in {1..10}; do \
apt-get update -y && \
$NODE_PATH/node/lib/node_modules/@elastic/synthetics/node_modules/.bin/playwright install-deps chromium && \
DEBIAN_FRONTEND=noninteractive apt-get install --no-install-recommends --yes \
fonts-noto \
fonts-noto-cjk && \
exit_code=0 && break || exit_code=$? && echo "apt-get error: retry $iter in 10s" && sleep 10; \
microdnf -y update && \
microdnf -y install fontconfig freetype cairo glib2 gtk3 pango xorg-x11-fonts-misc xorg-x11-fonts-Type1 \
at-spi2-atk atk at-spi2-core alsa-lib cups-libs dbus-libs libdrm mesa-libEGL mesa-libgbm nspr nss libX11 \
libX11-xcb libxcb libXcomposite libXdamage libXext libXfixes libXrandr libxkbcommon libxshmfence glib2 \
dbus-glib libicu mesa-libGL unzip -y && \
mkdir -p /usr/share/fonts/google-noto && \
curl -LO https://noto-website-2.storage.googleapis.com/pkgs/NotoSansCJKjp-hinted.zip && \
unzip NotoSansCJKjp-hinted.zip -d /usr/share/fonts/google-noto && \
rm -f NotoSansCJKjp-hinted.zip && \
microdnf -y remove unzip && \
curl -LO https://github.com/googlefonts/noto-fonts/raw/main/hinted/ttf/NotoSans/NotoSans-Regular.ttf && \
mv NotoSans-Regular.ttf /usr/share/fonts/google-noto && \
curl -LO https://github.com/googlefonts/noto-emoji/raw/main/fonts/NotoColorEmoji.ttf && \
mv NotoColorEmoji.ttf /usr/share/fonts/google-noto && \
fc-cache -fv && \
microdnf clean all && \
exit_code=0 && break || exit_code=$? && echo "microdnf error: retry $iter in 10s" && sleep 10; \
done; \
(exit $exit_code)
{{- end }}
Expand Down

0 comments on commit 7d6077b

Please sign in to comment.