zeek-docker icon indicating copy to clipboard operation
zeek-docker copied to clipboard

Published 20 hours ago verified publisher icon zeek

Update using newer docker features

Open JustinAzoff opened this issue 7 years ago • 9 comments

Docker now supports --build-arg as well as multi-stage dockerfiles which should mean I can remove the use of docker-squash and remove a lot of duplicate code between the versions.

JustinAzoff avatar Oct 23 '17 21:10 JustinAzoff

multistage docker files are being used now, still need to use build args which will mean most files can be removed

https://docs.docker.com/engine/reference/builder/#arg

JustinAzoff avatar Jun 05 '19 19:06 JustinAzoff

@JustinAzoff as discussed, sounds like we could still use some work to leverage --build-args to parameterize the release type (build/release) and version.

@kahou82 is happy to help out here.

delapsley avatar Apr 03 '20 21:04 delapsley

Hi @JustinAzoff , I am looking into enhancing it further. It would be great if you have a list of items you want to improve.

Also, I notice there are some issue with the old builds:

  • From 1.5 to 2.4.x, no multi-stage docker is used.
  • From 1.5 to 2.4.x, debian:stretch is not used. (I can't apt-get update from squeeze anymore).
  • From 2.5.x to 2.6.x, COPY from files geogetter image is not working as the touch file workaround is not there.

If you don't mind, I can fix those as well. Please let me know.

kahou82 avatar Apr 07 '20 13:04 kahou82

The main thing is using --build-args so one could easily just pass in 3.0.1, 3.0.2, 3.0.3, 3.1.0, 3.1.1 and have it build the image without having to have 5 dockerfiles.

Getting the older 1.5 to 2.4 stuff to build again would be nice.. but getting those to build will likely installing older openssl packages.

There's a lot of issues with the old geoip support, since the files are no longer supported and now you need a license key to download the new data... may not be able to easily support that anymore

JustinAzoff avatar Apr 07 '20 21:04 JustinAzoff

Thanks guys. How about this: let's split the fix in two. First fix/mr addresses the parameterization of the 3.0.1, 3.0.2, 3.0.3, 3.1.0, and 3.1.1 files.

Second MR figures out how to address the older images. @JustinAzoff is it ok if we update the linux distro the 1.5 to 2.4.x containers depend on?

On a related note, @JustinAzoff what do you think of creating base linux images (including dependencies) and pushing to our dockerhub repo? I know it's basically creating a golden image, but at least we won't hit the missing repos issue in the future. What do you think?

delapsley avatar Apr 08 '20 01:04 delapsley

I submitted a PR to consolidate to one single Dockerfile for Zeek 3.0.0+:

https://github.com/zeek/zeek-docker/pull/15

kahou82 avatar Apr 08 '20 20:04 kahou82

Yeah, we should be using debian buster now, not stretch. having a common zeek-builder base image is a great idea too.

JustinAzoff avatar Apr 08 '20 21:04 JustinAzoff

So I'm thinking if we can move the

RUN apt-get -y install build-essential git...

and the corresponding 'install runtime dependencies' part, into another script that gets the version passed, we can use the same dockerfile for almost all the versions.. at least 3.1 back to 2.6.. since that's the primary difference.

To get really old versions to build on newer distributions we are going to start having to build and install openssl.

JustinAzoff avatar Apr 14 '20 01:04 JustinAzoff

Oh, and if the buildbro part is split into a 'getbro' and 'buildbro' script the stuff the gitbro does can be incorporated. that would let someone do

docker build --build-arg ZEEK_VER=topic/whatever

to build a container of any arbitrary branch

JustinAzoff avatar Apr 14 '20 01:04 JustinAzoff