pkg/kamailio/alpine_docker: Added docker packaging scripts
authorSergey Safarov <s.safarov@gmail.com>
Fri, 22 Sep 2017 14:05:01 +0000 (10:05 -0400)
committerSergey Safarov <s.safarov@gmail.com>
Fri, 22 Sep 2017 19:54:42 +0000 (15:54 -0400)
pkg/kamailio/alpine_docker/Dockerfile [new file with mode: 0644]
pkg/kamailio/alpine_docker/README.md [new file with mode: 0644]
pkg/kamailio/alpine_docker/build.sh [new file with mode: 0755]
pkg/kamailio/alpine_docker/entrypoint.sh [new file with mode: 0755]
pkg/kamailio/alpine_docker/hooks/pre_build [new file with mode: 0755]

diff --git a/pkg/kamailio/alpine_docker/Dockerfile b/pkg/kamailio/alpine_docker/Dockerfile
new file mode 100644 (file)
index 0000000..7b55b40
--- /dev/null
@@ -0,0 +1,6 @@
+FROM scratch
+
+ADD kamailio_img.tar.gz /
+COPY entrypoint.sh /
+
+ENTRYPOINT ["/entrypoint.sh"]
diff --git a/pkg/kamailio/alpine_docker/README.md b/pkg/kamailio/alpine_docker/README.md
new file mode 100644 (file)
index 0000000..c5c7e07
--- /dev/null
@@ -0,0 +1,91 @@
+About
+-----
+
+Container designed to run on host, bridge and swarm network.
+Size of container decreased to 50MB (23MB compressed)
+Significantly increased security - removed all libs except libc, busybox, tcpdump, dumpcap, kamailio and dependent libs.
+Docker container is created useing Alpine linux packaging
+
+Used environment variables
+--------------------------
+
+1. ```SHM_MEMORY``` - amount of shared memory to allocate for the running Kamailio server (in Mb), default value 64Mb;
+2. ```PKG_MEMORY``` - amount of per-process (package) memory to allocate for Kamailio (in Mb), default value 8Mb
+
+Usage container
+---------------
+
+```sh
+docker run --net=host --name kamailio \
+           -v /etc/kamailio/:/etc/kamailio \
+           kamailio/kamailio
+```
+
+systemd unit file
+-----------------
+
+You can use this systemd unit files on your docker host.
+Unit file can be placed to ```/etc/systemd/system/kamailio-docker.service``` and enabled by commands
+```sh
+systemd start kamailio-docker.service
+systemd enable kamailio-docker.service
+```
+
+host network
+============
+
+```sh
+$ cat /etc/systemd/system/kamailio-docker.service
+[Unit]
+Description=kamailio Container
+After=docker.service network-online.target
+Requires=docker.service
+
+
+[Service]
+Restart=always
+TimeoutStartSec=0
+#One ExecStart/ExecStop line to prevent hitting bugs in certain systemd versions
+ExecStart=/bin/sh -c 'docker rm -f kamailio; \
+          docker run -t --net=host --name kamailio \
+                 -v /etc/kamailio/:/etc/kamailio \
+                 kamailio/kamailio'
+ExecStop=-/bin/sh -c '/usr/bin/docker stop kamailio; \
+          /usr/bin/docker rm -f kamailio;'
+
+[Install]
+WantedBy=multi-user.target
+```
+
+default bridge network
+======================
+```sh
+[Unit]
+Description=kamailio Container
+After=docker.service network-online.target
+Requires=docker.service
+
+
+[Service]
+Restart=always
+TimeoutStartSec=0
+#One ExecStart/ExecStop line to prevent hitting bugs in certain systemd versions
+ExecStart=/bin/sh -c 'docker rm -f kamailio; \
+          docker run -t --network bridge --name kamailio \
+                 -p 5060:5060/udp -p 5060:5060 \
+                 -v /etc/kamailio/:/etc/kamailio \
+                 kamailio/kamailio'
+
+ExecStop=-/bin/sh -c '/usr/bin/docker stop kamailio; \
+          /usr/bin/docker rm -f kamailio;'
+
+[Install]
+WantedBy=multi-user.target
+```
+
+.bashrc file
+------------
+To simplify kamailio managment you can add alias for ```kamctl``` to ```.bashrc``` file as example bellow.
+```sh
+alias kamctl='docker exec -i -t kamailio /usr/sbin/kamctl'
+```
diff --git a/pkg/kamailio/alpine_docker/build.sh b/pkg/kamailio/alpine_docker/build.sh
new file mode 100755 (executable)
index 0000000..ea1cd53
--- /dev/null
@@ -0,0 +1,137 @@
+#!/bin/sh -e
+
+# This script is wrote by Sergey Safarov <s.safarov@gmail.com>
+
+BUILD_ROOT=/tmp/kamailio
+FILELIST=/tmp/filelist
+FILELIST_BINARY=/tmp/filelist_binary
+TMP_TAR=/tmp/kamailio_min.tar.gz
+IMG_TAR=kamailio_img.tar.gz
+
+prepare_build() {
+apk add --no-cache abuild git gcc build-base bison flex expat-dev postgresql-dev pcre-dev mariadb-dev \
+    libxml2-dev curl-dev unixodbc-dev confuse-dev ncurses-dev sqlite-dev lua-dev openldap-dev \
+    libressl-dev net-snmp-dev libuuid libev-dev jansson-dev json-c-dev libevent-dev linux-headers \
+    libmemcached-dev rabbitmq-c-dev hiredis-dev libmaxminddb-dev libunistring-dev
+
+    adduser -D build && addgroup build abuild
+    echo "%abuild ALL=(ALL) NOPASSWD: ALL" > /etc/sudoers.d/abuild
+    su - build -c "git config --global user.name 'Your Full Name'"
+    su - build -c "git config --global user.email 'your@email.address'"
+    su - build -c "abuild-keygen -a -i"
+}
+
+build_and_install(){
+    if [ ! -z "$GIT_TAG" ]; then
+        sed -i -e "s/^_gitcommit=.*/_gitcommit=$GIT_TAG/" /usr/src/kamailio/pkg/kamailio/alpine/APKBUILD
+    fi
+    chown -R build /usr/src/kamailio
+    su - build -c "cd /usr/src/kamailio/pkg/kamailio/alpine; abuild snapshot"
+    su - build -c "cd /usr/src/kamailio/pkg/kamailio/alpine; abuild -r"
+    cd /home/build/packages/kamailio/x86_64
+    ls -1 kamailio-*.apk |  xargs apk --no-cache --allow-untrusted add
+}
+
+list_installed_kamailio_packages() {
+       apk info | grep kamailio
+}
+
+kamailio_files() {
+    local PACKAGES
+    PACKAGES=$(apk info | grep kamailio)
+    PACKAGES="musl $PACKAGES"
+    for pkg in $PACKAGES
+    do
+        # list package files and filter package name
+        apk info --contents $pkg 2> /dev/null | sed -e '/\S\+ contains:/d'  -e '/^$/d' -e 's/^/\//'
+    done
+}
+
+extra_files() {
+    cat << EOF
+/etc
+/bin
+/bin/busybox
+/usr/bin
+/usr/bin/dumpcap
+/usr/lib
+/usr/sbin
+/usr/sbin/tcpdump
+/var
+/var/run
+/run
+EOF
+}
+
+sort_filelist() {
+    sort $FILELIST | uniq > $FILELIST.new
+    mv -f $FILELIST.new $FILELIST
+}
+
+filter_unnecessary_files() {
+# excluded following files and directories recursive
+# /usr/lib/debug/usr/lib/kamailio/
+# /usr/share/doc/kamailio
+# /usr/share/man
+# /usr/share/snmp
+
+    sed -i \
+        -e '\|^/usr/lib/debug/|d' \
+        -e '\|^/usr/share/doc/kamailio/|d' \
+        -e '\|^/usr/share/man/|d' \
+        -e '\|^/usr/share/snmp/|d' \
+        $FILELIST
+}
+
+ldd_helper() {
+    TESTFILE=$1
+    LD_PRELOAD=/usr/sbin/kamailio ldd $TESTFILE 2> /dev/null > /dev/null || return
+
+    LD_PRELOAD=/usr/sbin/kamailio ldd $TESTFILE | sed -e 's/^.* => //' -e 's/ (.*)//' -e 's/\s\+//' -e '/^ldd$/d'
+}
+
+find_binaries() {
+    rm -f $FILELIST_BINARY
+    set +e
+    for f in $(cat $FILELIST)
+    do
+        ldd_helper /$f >> $FILELIST_BINARY
+    done
+    set -e
+    sort $FILELIST_BINARY | sort | uniq > $FILELIST_BINARY.new
+    mv -f $FILELIST_BINARY.new $FILELIST_BINARY
+
+    # Resolving simbolic links
+    cat $FILELIST_BINARY | xargs realpath > $FILELIST_BINARY.new
+    mv -f $FILELIST_BINARY.new $FILELIST_BINARY
+}
+
+tar_files() {
+    local TARLIST=/tmp/tarlist
+    cat $FILELIST > $TARLIST
+    cat $FILELIST_BINARY >> $TARLIST
+    tar -czf $TMP_TAR --no-recursion -T $TARLIST
+    rm -f $TARLIST
+}
+
+make_image_tar() {
+    mkdir -p $BUILD_ROOT
+    cd $BUILD_ROOT
+    tar xzf $TMP_TAR
+    /bin/busybox --install -s bin
+    sed -i -e '/mi_fifo/d' etc/kamailio/kamailio.cfg
+    tar czf /usr/src/kamailio/pkg/kamailio/alpine_docker/$IMG_TAR *
+}
+
+prepare_build
+build_and_install
+#install PCAP tools
+apk add --no-cache wireshark-common tcpdump
+
+kamailio_files > $FILELIST
+extra_files >> $FILELIST
+sort_filelist
+filter_unnecessary_files
+find_binaries
+tar_files
+make_image_tar
diff --git a/pkg/kamailio/alpine_docker/entrypoint.sh b/pkg/kamailio/alpine_docker/entrypoint.sh
new file mode 100755 (executable)
index 0000000..3720d06
--- /dev/null
@@ -0,0 +1,14 @@
+#!/bin/sh
+#
+#  Created by Sergey Safarov <s.safarov@gmail.com>
+#
+
+SHM_MEMORY=${SHM_MEMORY:-64}
+PKG_MEMORY=${PKG_MEMORY:-8}
+trap 'kill -SIGTERM "$pid"' SIGTERM
+
+/usr/sbin/kamailio -DD -E -m $SHM_MEMORY -M $PKG_MEMORY &
+pid="$!"
+
+wait $pid
+exit 0
diff --git a/pkg/kamailio/alpine_docker/hooks/pre_build b/pkg/kamailio/alpine_docker/hooks/pre_build
new file mode 100755 (executable)
index 0000000..88be066
--- /dev/null
@@ -0,0 +1,14 @@
+#!/bin/bash -e
+
+echo "=> Build Kamailio source code"
+
+if [ ! -z "$SOURCE_BRANCH" ];then
+    ENV_OPT="-e SOURCE_BRANCH=$SOURCE_BRANCH"
+fi
+
+if [ ! -z "$GIT_TAG" ];then
+    ENV_OPT="$ENV_OPT -e GIT_TAG=$GIT_TAG"
+fi
+
+docker run --volume=`pwd`/../../..:/usr/src/kamailio --volume=`pwd`/build.sh:/build.sh --entrypoint=/build.sh $ENV_OPT alpine:edge
+exit $?