diff --git a/CHANGELOG.md b/CHANGELOG.md index 68eab5a..91dbb75 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,7 +1,15 @@ # Changelog This file only reflects the changes that are made in this image. -Please refer to the SaltStack [Release Notes](https://docs.saltstack.com/en/develop/topics/releases/2018.3.4.html) for the list of changes in SaltStack. +Please refer to the SaltStack [Release Notes](https://docs.saltstack.com/en/develop/topics/releases/2019.2.0.html) for the list of changes in SaltStack. + +**2019.2.0** + +- Upgrade SaltStack Master to `2019.2.0` +- Change Docker base image to `ubuntu:bionic-20190204` +- Upgrade Python to version `3.6` +- Upgrade `libgit2` to `0.27.8` +- Reduce image size by updating, installing and cleaning packages in one single step **2018.3.4** diff --git a/Dockerfile b/Dockerfile index ee9fae1..e85e971 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,24 +1,15 @@ -FROM ubuntu:xenial-20190122 +FROM ubuntu:bionic-20190204 ARG BUILD_DATE ARG VCS_REF # https://github.com/saltstack/salt/releases -ENV SALT_VERSION="2018.3.4" \ - PYTHON_VERSION="3.5" \ +ENV SALT_VERSION="2019.2.0" \ + PYTHON_VERSION="3.6" \ LIBSSH2_VERSION="1.8.0" \ - LIBGIT2_VERSION="0.27.7" \ + LIBGIT2_VERSION="0.27.8" \ PYGIT2_VERSION="0.27.2" \ - GITPYTHON_VERSION="2.1.11" \ - M2CRYPTO_VERSION="0.31.0" \ - MAKO_VERSION="1.0.7" \ - PYCRYPTODOME_VERSION="3.7.2" \ - LIBNACL_VERSION="1.6.1" \ - RAET_VERSION="0.6.8" \ - CHERRYPY_VERSION="18.0.1" \ - TIMELIB_VERSION="0.2.4" \ - DOCKERPY_VERSION="1.10.6" \ - MSGPACKPURE_VERSION="0.1.3" + M2CRYPTO_VERSION="0.31.0" ENV SALT_DOCKER_DIR="/etc/docker-salt" \ SALT_ROOT_DIR="/etc/salt" \ @@ -35,24 +26,21 @@ ENV SALT_CONFS_DIR="${SALT_DATA_DIR}/config" \ SALT_BASE_DIR="${SALT_DATA_DIR}/srv" \ SALT_LOGS_DIR="${SALT_DATA_DIR}/logs" -# Set non interactive mode -ENV DEBIAN_FRONTEND=noninteractive - RUN mkdir -p ${SALT_BUILD_DIR} WORKDIR ${SALT_BUILD_DIR} # Install packages -RUN apt-get update -RUN apt-get install --yes --quiet --no-install-recommends \ - sudo ca-certificates wget locales pkg-config openssh-client \ +RUN apt-get update \ + && DEBIAN_FRONTEND=noninteractive apt-get install --yes --quiet --no-install-recommends \ + sudo ca-certificates apt-transport-https wget locales pkg-config openssh-client \ python${PYTHON_VERSION} python${PYTHON_VERSION}-dev \ - python3-pip python3-setuptools python3-wheel gettext-base \ - supervisor logrotate - -# Configure locales -RUN update-locale LANG=C.UTF-8 LC_MESSAGES=POSIX \ + python3-pip python3-setuptools python3-wheel \ + supervisor logrotate git gettext-base tzdata \ + && DEBIAN_FRONTEND=noninteractive update-locale LANG=C.UTF-8 LC_MESSAGES=POSIX \ locale-gen en_US.UTF-8 \ - dpkg-reconfigure locales + dpkg-reconfigure locales \ + && DEBIAN_FRONTEND=noninteractive apt-get clean --yes \ + && rm -rf /var/lib/apt/lists/* # Install saltstack COPY assets/build ${SALT_BUILD_DIR} @@ -67,8 +55,6 @@ COPY assets/runtime ${SALT_RUNTIME_DIR} RUN chmod -R +x ${SALT_RUNTIME_DIR} # Cleaning tasks -RUN apt-get clean --yes -RUN rm -rf /var/lib/apt/lists/* RUN rm -rf ${SALT_BUILD_DIR}/* # Entrypoint diff --git a/README.md b/README.md index 0c50199..da105d7 100644 --- a/README.md +++ b/README.md @@ -1,4 +1,4 @@ -# SaltStack Master v2018.3.4 +# SaltStack Master v2019.2.0 Dockerfile to build a [SaltStack](https://www.saltstack.com) Master image for the Docker opensource container platform. @@ -30,7 +30,7 @@ For other methods to install SaltStack please refer to the [Official SaltStack I Automated builds of the image are available on [Dockerhub](https://hub.docker.com/r/cdalvaro/saltstack-master/) and is the recommended method of installation. ```sh -docker pull cdalvaro/saltstack-master:2018.3.4 +docker pull cdalvaro/saltstack-master:2019.2.0 ``` You can also pull the latest tag which is built from the repository HEAD @@ -67,7 +67,7 @@ docker run --name salt_master --detach \ --env 'SALT_LOG_LEVEL=info' \ --volume $(pwd)/roots/:/home/salt/data/srv/ \ --volume $(pwd)/keys/:/home/salt/data/keys/ \ - cdalvaro/saltstack-master:2018.3.4 + cdalvaro/saltstack-master:2019.2.0 ``` ## Configuration @@ -91,7 +91,7 @@ docker run --name salt_master -d \ --env 'SALT_LOG_LEVEL=info' \ --volume $(pwd)/roots/:/home/salt/data/srv/ \ --volume $(pwd)/keys/:/home/salt/data/keys/ \ - cdalvaro/saltstack-master:2018.3.4 + cdalvaro/saltstack-master:2019.2.0 ``` ### Master Signed Keys @@ -105,7 +105,7 @@ docker run --name salt_stack --detach \ --env 'SALT_MASTER_SIGN_PUBKEY=True' --volume $(pwd)/roots/:/home/salt/data/srv/ \ --volume $(pwd)/keys/:/home/salt/data/keys/ \ - cdalvaro/saltstack-master:2018.3.4 + cdalvaro/saltstack-master:2019.2.0 ``` The container will create the `master_sign` key and its signature. More information about how to configure the minion service can be found [here](https://docs.saltstack.com/en/latest/topics/tutorials/multimaster_pki.html#prepping-the-minion-to-verify-received-public-keys). @@ -115,7 +115,7 @@ Additionally, you can generate new keys by executing the following command: ```sh docker run --name salt_stack -it --rm \ --volume $(pwd)/keys/:/home/salt/data/keys/ \ - cdalvaro/saltstack-master:2018.3.4 app:gen-signed-keys other_master_sign + cdalvaro/saltstack-master:2019.2.0 app:gen-signed-keys other_master_sign ``` The newly created keys will appear inside `keys/generated/other_master_sign` directory. @@ -131,7 +131,7 @@ docker run --name salt_stack -it --rm \ --env "USERMAP_UID=$(id -u)" --env "USERMAP_GID=$(id -g)" \ --volume $(pwd)/roots/:/home/salt/data/srv/ \ --volume $(pwd)/keys/:/home/salt/data/keys/ \ - cdalvaro/saltstack-master:2018.3.4 + cdalvaro/saltstack-master:2019.2.0 ``` ### Git Fileserver @@ -180,13 +180,15 @@ Salt logs are accessible by mounting the volume `/home/salt/data/logs/`. Inside that directory you could find `supervisor/` logs and `salt/` logs: +```sh docker run --name salt_master --detach \ --publish 4505:4505/tcp --publish 4506:4506/tcp \ --env 'SALT_LOG_LEVEL=info' \ --volume $(pwd)/roots/:/home/salt/data/srv/ \ --volume $(pwd)/keys/:/home/salt/data/keys/ \ --volume $(pwd)/logs/:/home/salt/data/logs/ \ - cdalvaro/saltstack-master:2018.3.4 + cdalvaro/saltstack-master:2019.2.0 +``` Check [Available Configuration Parameters](#available-configuration-parameters) section for configuring logrotate. @@ -231,7 +233,7 @@ docker run --name salt_master -d \ --volume $(pwd)/roots/:/home/salt/data/srv/ \ --volume $(pwd)/keys/:/home/salt/data/keys/ \ --volume $(pwd)/config/:/home/salt/data/config/ \ - cdalvaro/saltstack-master:2018.3.4 + cdalvaro/saltstack-master:2019.2.0 ``` ## Usage diff --git a/VERSION b/VERSION index 5f1fbee..a1f92e9 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -2018.3.4 \ No newline at end of file +2019.2.0 \ No newline at end of file diff --git a/assets/build/install.sh b/assets/build/install.sh index e7389c6..cc1753d 100755 --- a/assets/build/install.sh +++ b/assets/build/install.sh @@ -6,11 +6,12 @@ source ${SALT_BUILD_DIR}/functions.sh # Install build dependencies echo "Installing dependencies ..." -BUILD_DEPENDENCIES="gnupg git cmake gcc g++ make \ +BUILD_DEPENDENCIES="cmake gcc g++ make \ libhttp-parser-dev libssl-dev zlib1g-dev \ - libzmq-dev libcurl4-openssl-dev libffi-dev" + libcurl4-openssl-dev libffi-dev swig" -apt-get install --yes --quiet --no-install-recommends ${BUILD_DEPENDENCIES} +apt-get update +DEBIAN_FRONTEND=noninteractive apt-get install --yes --quiet --no-install-recommends ${BUILD_DEPENDENCIES} # Create salt user echo "Creating ${SALT_USER} user ..." @@ -37,20 +38,6 @@ cd libgit2-${LIBGIT2_VERSION}/ cmake -DCMAKE_BUILD_TYPE=Release -DBUILD_SHARED_LIBS=ON -DBUILD_CLAR=OFF -DTHREADSAFE=ON . cmake --build . --target install -# Install python packages -echo "Installing python packages ..." -pip3 install "pygit2==v${PYGIT2_VERSION}" \ - "gitpython==v${GITPYTHON_VERSION}" \ - "M2Crypto==v${M2CRYPTO_VERSION}" \ - "Mako==v${MAKO_VERSION}" \ - "pycryptodome==v${PYCRYPTODOME_VERSION}" \ - "libnacl==v${LIBNACL_VERSION}" \ - "raet==v${RAET_VERSION}" \ - "CherryPy==v${CHERRYPY_VERSION}" \ - "timelib==v${TIMELIB_VERSION}" \ - "docker-py==v${DOCKERPY_VERSION}" \ - "msgpack-pure==v${MSGPACKPURE_VERSION}" - # Bootstrap script options: # https://docs.saltstack.com/en/latest/topics/tutorials/salt_bootstrap.html#command-line-options ## -M: install Salt Master by default @@ -65,6 +52,18 @@ wget -O bootstrap-salt.sh https://bootstrap.saltstack.com sh bootstrap-salt.sh ${SALT_BOOTSTRAP_OPTS} git v${SALT_VERSION} chown -R ${SALT_USER}: ${SALT_ROOT_DIR} +# Install python3 packages +echo "Installing python3 packages ..." +DEBIAN_FRONTEND=noninteractive apt-get install --yes --quiet --no-install-recommends \ +python3-mako python3-pycryptodome python3-cherrypy3 python3-git python3-u-msgpack \ +python3-ioflo python3-redis python3-gnupg python3-mysqldb python3-dateutil python3-timelib \ +python3-raet python3-libnacl + +# Install pip3 python packages +echo "Installing pip3 python packages ..." +pip3 install "pygit2==v${PYGIT2_VERSION}" \ + "M2Crypto==v${M2CRYPTO_VERSION}" + # Configure ssh echo "Configuring ssh ..." sed -i -e "s|^[# ]*StrictHostKeyChecking.*$| StrictHostKeyChecking no|" /etc/ssh/ssh_config @@ -111,3 +110,7 @@ autorestart=true stdout_logfile=${SALT_LOGS_DIR}/supervisor/%(program_name)s.log stderr_logfile=${SALT_LOGS_DIR}/supervisor/%(program_name)s.log EOF + +# purge build dependencies and cleanup apt +DEBIAN_FRONTEND=noninteractive apt-get clean --yes +rm -rf /var/lib/apt/lists/* diff --git a/docker-compose.yml b/docker-compose.yml index 7769673..6780b08 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -3,7 +3,7 @@ version: '3' services: master: container_name: salt_master - image: cdalvaro/saltstack-master:2018.3.4 + image: cdalvaro/saltstack-master:2019.2.0 restart: always volumes: - "roots/:/home/salt/data/srv"