Skip to content

Instantly share code, notes, and snippets.

@mmastoras
Created January 24, 2020 21:59
Show Gist options
  • Save mmastoras/c156730e706dc7c0b1955400ae116253 to your computer and use it in GitHub Desktop.
Save mmastoras/c156730e706dc7c0b1955400ae116253 to your computer and use it in GitHub Desktop.
Zookeeper DockerFile + Verify sigs
FROM openjdk:8-jre-slim
ARG GPG_KEY=3F7A1D16FA4217B1DC75E1C9FFE35B7F15DFA1BA
ARG SHORT_DISTRO_NAME=zookeeper-3.5.5
ARG DISTRO_NAME=apache-zookeeper-3.5.5-bin
ARG CONSUL_VERSION=1.5.3
ARG CONSUL_TEMPLATE_VERSION=0.20.1
ARG OPENSSL_VERSION=1.1.1c
ENV ZOO_CONF_DIR=/conf \
ZOO_DATA_DIR=/data \
ZOO_DATA_LOG_DIR=/datalog \
ZOO_LOG_DIR=/logs \
ZOO_TICK_TIME=2000 \
ZOO_INIT_LIMIT=5 \
ZOO_SYNC_LIMIT=2 \
ZOO_AUTOPURGE_PURGEINTERVAL=0 \
ZOO_AUTOPURGE_SNAPRETAINCOUNT=3 \
ZOO_MAX_CLIENT_CNXNS=60 \
ZOO_STANDALONE_ENABLED=true \
ZOO_ADMINSERVER_ENABLED=true \
BIN_DIR=/bin
# Add a user with an explicit UID/GID and create necessary directories
RUN set -eux; \
groupadd -r zookeeper --gid=1000 && \
useradd -r -g zookeeper --uid=1000 zookeeper && \
mkdir -p "$BIN_DIR" "$ZOO_DATA_LOG_DIR" "$ZOO_DATA_DIR" "$ZOO_CONF_DIR" "$ZOO_LOG_DIR" && \
chown zookeeper:zookeeper "$ZOO_DATA_LOG_DIR" "$ZOO_DATA_DIR" "$ZOO_CONF_DIR" "$ZOO_LOG_DIR" && \
chmod 777 "$ZOO_CONF_DIR"
# Install required packages
RUN set -eux; \
apt-get update; \
DEBIAN_FRONTEND=noninteractive \
apt-get install -y --no-install-recommends \
build-essential \
ca-certificates \
curl \
dirmngr \
gosu \
gnupg \
netcat \
wget \
unzip; \
rm -rf /var/lib/apt/lists/*; \
# Verify that gosu binary works
gosu nobody true
# Download Apache Zookeeper, verify its PGP signature, untar and clean up
RUN set -eux; \
wget -q "https://www.apache.org/dist/zookeeper/$SHORT_DISTRO_NAME/$DISTRO_NAME.tar.gz" && \
wget -q "https://www.apache.org/dist/zookeeper/$SHORT_DISTRO_NAME/$DISTRO_NAME.tar.gz.asc" && \
export GNUPGHOME="$(mktemp -d)" && \
gpg --keyserver ha.pool.sks-keyservers.net --recv-key "$GPG_KEY" || \
gpg --keyserver pgp.mit.edu --recv-keys "$GPG_KEY" || \
gpg --keyserver keyserver.pgp.com --recv-keys "$GPG_KEY" && \
gpg --batch --verify "$DISTRO_NAME.tar.gz.asc" "$DISTRO_NAME.tar.gz" && \
tar -zxf "$DISTRO_NAME.tar.gz" && \
mv "$DISTRO_NAME/conf/"* "$ZOO_CONF_DIR" && \
rm -rf "$GNUPGHOME" "$DISTRO_NAME.tar.gz" "$DISTRO_NAME.tar.gz.asc" && \
chown -R zookeeper:zookeeper "/$DISTRO_NAME"
# install openssl
RUN curl --silent https://www.openssl.org/source/openssl-${OPENSSL_VERSION}.tar.gz -o /tmp/openssl-${OPENSSL_VERSION}.tgz && \
cd /tmp && tar -xzf openssl-${OPENSSL_VERSION}.tgz && \
cd openssl-${OPENSSL_VERSION} && ./config && make depend && make install && make uninstall_docs && \
ln -sf /usr/local/ssl/bin/openssl `which openssl` && \
cd / && \
rm -rf /tmp/openssl-${OPENSSL_VERSION}
# Download consul cli
RUN wget -q https://releases.hashicorp.com/consul/${CONSUL_VERSION}/consul_${CONSUL_VERSION}_linux_amd64.zip && \
unzip consul_${CONSUL_VERSION}_linux_amd64.zip && \
mv consul $BIN_DIR/. && \
rm -f consul_${CONSUL_VERSION}_linux_amd64.zip
# Download consul consul-template
RUN wget -q https://releases.hashicorp.com/consul-template/${CONSUL_TEMPLATE_VERSION}/consul-template_${CONSUL_TEMPLATE_VERSION}_linux_amd64.tgz && \
tar -xzf consul-template_${CONSUL_TEMPLATE_VERSION}_linux_amd64.tgz && \
mv consul-template ${BIN_DIR}/. && \
rm -f consul-template_${CONSUL_TEMPLATE_VERSION}_linux_amd64.tgz
# copy consul template
RUN mkdir -p /consul-templates
COPY zookeeper-services.ctpl /consul-templates/
WORKDIR $DISTRO_NAME
VOLUME ["$ZOO_DATA_DIR", "$ZOO_DATA_LOG_DIR", "$ZOO_LOG_DIR"]
EXPOSE 2181 2281 2888 3888 8080
ENV PATH=$PATH:$BIN_DIR:/$DISTRO_NAME/bin \
ZOOCFGDIR=$ZOO_CONF_DIR
COPY docker-entrypoint.sh /
ENTRYPOINT ["/docker-entrypoint.sh"]
CMD ["zkServer.sh", "start-foreground"]
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment