Created
May 24, 2022 18:42
-
-
Save jwgstr/4dcc9f16c52529486de0f6fa78c55aef to your computer and use it in GitHub Desktop.
An Example of a Dockerfile for Lambda Running Python 3.10.4
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
ARG FUNCTION_DIR="/app/" | |
ARG AWS_LINUX_VERSION="2022" | |
ARG PYTHON_VERSION="3.10.4" | |
FROM amazonlinux:${AWS_LINUX_VERSION} as python-layer | |
ARG PYTHON_VERSION | |
# install python | |
RUN yum update -y | |
RUN yum groupinstall "Development Tools" -y | |
RUN yum install openssl1.1 openssl1.1-devel libffi-devel bzip2-devel wget -y | |
RUN wget https://www.python.org/ftp/python/${PYTHON_VERSION}/Python-${PYTHON_VERSION}.tgz | |
RUN tar -xf Python-${PYTHON_VERSION}.tgz | |
RUN cd Python-${PYTHON_VERSION}/ && \ | |
./configure --enable-optimizations && \ | |
make install | |
RUN ln -s /Python-${PYTHON_VERSION}/python /usr/bin/python | |
RUN python -m pip install --upgrade pip | |
FROM amazonlinux:${AWS_LINUX_VERSION} as base-layer | |
# copy over python | |
ARG PYTHON_VERSION | |
COPY --from=python-layer /Python-${PYTHON_VERSION} /Python-${PYTHON_VERSION} | |
COPY --from=python-layer /usr/local/bin /usr/local/bin | |
COPY --from=python-layer /usr/local/lib /usr/local/lib | |
RUN ln -s /Python-${PYTHON_VERSION}/python /usr/bin/python | |
ARG FUNCTION_DIR | |
RUN mkdir -p ${FUNCTION_DIR} | |
WORKDIR ${FUNCTION_DIR} | |
FROM base-layer as build-layer | |
######## YOUR OWN SETUP PROCESS HERE ######################## | |
# copy over requirements and install those | |
COPY setup.py . | |
RUN pip install . --target "${FUNCTION_DIR}" | |
# copy over configuration and service code then install it | |
COPY config/ ${FUNCTION_DIR}/config/ | |
COPY service/ ${FUNCTION_DIR}/ | |
RUN pip install . --target "${FUNCTION_DIR}" | |
######## ########################### ######################## | |
# install lambda runtime interface client for python | |
RUN pip install awslambdaric --target "${FUNCTION_DIR}" | |
FROM base-layer as runtime-layer | |
# copy in the built dependencies | |
ARG FUNCTION_DIR | |
COPY --from=build-layer ${FUNCTION_DIR} ${FUNCTION_DIR} | |
WORKDIR ${FUNCTION_DIR} | |
# (optional) add lambda runtime interface emulator | |
#ADD https://github.com/aws/aws-lambda-runtime-interface-emulator/releases/latest/download/aws-lambda-rie /usr/bin/aws-lambda-rie | |
#RUN chmod 755 /usr/bin/aws-lambda-rie | |
#ENTRYPOINT [ "/usr/bin/aws-lambda-rie", "python", "-m", "awslambdaric" ] | |
ENTRYPOINT [ "python", "-m", "awslambdaric" ] | |
######## REFERENCE YOUR OWN HANDLER HERE ######################## | |
CMD [ "main.app" ]``` | |
######## ############################### ######################## |
If you change the python-layer
to the following, this should avoid the yum install
issues. The fix here is to use the AWS SAML CLI Python build image. I inspected this with dive
and found that it had all of the required build libraries and source files. I have not tried building the entire Dockerfile, but if that was the only issue I suspect it will work.
FROM amazon/aws-sam-cli-build-image-python3.8 as python-layer
ARG PYTHON_VERSION
RUN curl https://www.python.org/ftp/python/${PYTHON_VERSION}/Python-${PYTHON_VERSION}.tgz --output Python-${PYTHON_VERSION}.tgz
RUN tar -xf Python-${PYTHON_VERSION}.tgz
RUN cd Python-${PYTHON_VERSION}/ && \
./configure --enable-optimizations && \
make install
RUN ln -sf /Python-${PYTHON_VERSION}/python /usr/bin/python
RUN python -m pip install --upgrade pip
I assume this was yet another victim of glibc version 2.34 using syscall clone3, which was not allowed by Docker.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
So I haven't used GitLab much myself. I presume that this is an issue with your env? and not GitLab? As in you maybe have a locked down on-prem env where if you want to access a yum repo you need to point to that proxy maybe? Or you don't have yum repos cached locally at all.
My gut reaction though is if you have the ability to push images into the GitLab Container Registry, you might be able to build just the python-layer image by separating it into it's own Dockerfile on your local machine (off premise), then upload that to Container Registry (say by bringing it into your env on a flash drive, scanning it etc, and then uploading it). And then use that python-layer as the base for the remainder of the above-mentioned Dockerfile so you effectively aren't maintaining that part of the build on-prem.
This still presumes that subsequent steps like doing a pip install (which will hit remote repositories) is allowed in your on-prem env (even if only through a proxy). But given that you might have been using the AWS official python images previously this approach might get you far enough along that pip install would work.
I'm making a lot of assumptions here. Feel free to provide a little more information. Happy to help bat around ideas if you want.