cassandra

This commit is contained in:
stam 2025-04-29 21:45:50 +03:00
parent 9ccba46eee
commit ba749e093d
Signed by: stam
GPG Key ID: 4F57E51F9C45F8CD
29 changed files with 401 additions and 4 deletions

View File

@ -1,11 +1,11 @@
name: EpicMorg Advanced Cassandra Image
name: EpicMorg Ecosystem Cassandra Image
on:
workflow_dispatch:
schedule:
- cron: '0 02 * * 2,4,6'
jobs:
build-images:
name: EpicMorg Advanced Cassandra Image
name: EpicMorg Ecosystem Cassandra Image
runs-on: [ ubuntu-24.04 ]
steps:
- uses: actions/checkout@v4
@ -61,7 +61,7 @@ jobs:
retry_wait_seconds: 45
timeout_minutes: 600
max_attempts: 15
command: cd linux/advanced/cassandra/3.11 && pwd && make build && make deploy
command: cd linux/ecosystem/cassandra/3.11 && pwd && make build && make deploy
##################################################################################

View File

@ -3,6 +3,7 @@
## 2025
* `apr`
* added `cassandra` by ecosystem.
* restored `astralinux`, reworked, added `1.8` version.
* fixed `nginx` iamges, added new `1.28` version.
* added `fisheye` images to `gha`.

View File

@ -15,7 +15,7 @@ A collection of docker images for production use. This repo contains 2 types of
|:-------------|-------------:|
| `Quai.io` (default) | https://quay.io/organization/epicmorg |
| `DockerHub` (Mirror) | https://hub.docker.com/r/epicmorg |
| `Harbor` (Mirror) | [[text](https://hub.epicm.org/epicmorg)](https://hub.epicm.org/account/sign-in?globalSearch=epicmorg) |
| `Harbor` (Mirror) | [https://hub.epicm.org/epicmorg](https://hub.epicm.org/account/sign-in?globalSearch=epicmorg) |
## Docker and Podman support:
| Docker | Podman |

View File

@ -0,0 +1,253 @@
FROM quay.io/epicmorg/debian:bookworm-python-2.7 as builder
RUN echo "=============================================" && \
python${PYTHON_VERSION} --version && \
python2 --version && \
python --version && \
pip2 --version && \
pip --version && \
# echo "=============================================" && \
# python${PYTHON_VERSION} -c "import ssl; print(ssl.OPENSSL_VERSION)" && \
echo "============================================="
##################################################################
##################################################################
##################################################################
# Final Layer
##################################################################
##################################################################
##################################################################
FROM quay.io/epicmorg/debian:bookworm-jdk8
##################################################################
# Python 2.7
##################################################################
ENV REQUESTS_CA_BUNDLE=/etc/ssl/certs/ca-certificates.crt
ENV PYTHON_VERSION=2.7
ENV PYTHON_FULL_VERSION=${PYTHON_VERSION}.18
ENV PYTHON_DIR=${EMG_LOCAL_BASE_DIR}/python/${PYTHON_VERSION}
ARG PYTHON_BIN_DIR=${PYTHON_DIR}/bin
ARG PYTHON_SRC_DIR=${PYTHON_DIR}/src
COPY etc/apt/preferences.d /etc/apt/preferences.d
COPY --from=builder ${PYTHON_DIR} ${PYTHON_DIR}
ENV PATH="${PYTHON_BIN_DIR}:${PATH}"
RUN mv ${PYTHON_SRC_DIR} /usr/local/src/${PYTHON_FULL_VERSION} && \
ln -sfv /usr/local/src/${PYTHON_FULL_VERSION} ${PYTHON_SRC_DIR} && \
rm -rfv /usr/bin/pip3 && \
rm -rfv /usr/bin/pip2 && \
rm -rfv /usr/bin/pip && \
rm -rfv /usr/bin/python && \
rm -rfv /usr/bin/python2 && \
rm -rfv /usr/bin/python3 && \
update-alternatives --install /usr/bin/pip2 pip2 ${PYTHON_DIR}/bin/pip${PYTHON_VERSION} 1 && \
update-alternatives --install /usr/bin/pip pip ${PYTHON_DIR}/bin/pip${PYTHON_VERSION} 1 && \
update-alternatives --install /usr/bin/python python ${PYTHON_DIR}/bin/python${PYTHON_VERSION} 1 && \
update-alternatives --install /usr/bin/python2 python2 ${PYTHON_DIR}/bin/python${PYTHON_VERSION} 1 && \
ldconfig
RUN echo "=============================================" && \
python${PYTHON_VERSION} --version && \
python2 --version && \
python --version && \
pip2 --version && \
pip --version && \
# echo "=============================================" && \
# python${PYTHON_VERSION} -c "import ssl; print(ssl.OPENSSL_VERSION)" && \
echo "============================================="
##################################################################
# Cassandra
##################################################################
# explicitly set user/group IDs
RUN set -eux; \
groupadd -r cassandra --gid=1337; \
useradd -r -g cassandra --uid=1337 cassandra
RUN set -eux; \
apt-get update; \
apt-get install -y --no-install-recommends \
# solves warning: "jemalloc shared library could not be preloaded to speed up memory allocations"
libjemalloc2 \
# "free" is used by cassandra-env.sh
procps \
# "cqlsh" needs a python interpreter
# python2 \
# "ip" is not required by Cassandra itself, but is commonly used in scripting Cassandra's configuration (since it is so fixated on explicit IP addresses)
iproute2 \
# Cassandra will automatically use numactl if available
# https://github.com/apache/cassandra/blob/18bcda2d4c2eba7370a0b21f33eed37cb730bbb3/bin/cassandra#L90-L100
# https://github.com/apache/cassandra/commit/604c0e87dc67fa65f6904ef9a98a029c9f2f865a
numactl \
; \
rm -rf /var/lib/apt/lists/*; \
# https://issues.apache.org/jira/browse/CASSANDRA-15767 ("bin/cassandra" only looks for "libjemalloc.so" or "libjemalloc.so.1" which doesn't match our "libjemalloc.so.2")
libjemalloc="$(readlink -e /usr/lib/*/libjemalloc.so.2)"; \
ln -sT "$libjemalloc" /usr/local/lib/libjemalloc.so; \
ldconfig
# grab gosu for easy step-down from root
# https://github.com/tianon/gosu/releases
RUN set -eux; \
savedAptMark="$(apt-mark showmanual)"; \
apt-get update; \
apt-get install -y --no-install-recommends ca-certificates gnupg wget; \
rm -rf /var/lib/apt/lists/*; \
dpkgArch="$(dpkg --print-architecture | awk -F- '{ print $NF }')"; \
apt-mark auto '.*' > /dev/null; \
[ -z "$savedAptMark" ] || apt-mark manual $savedAptMark > /dev/null; \
apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \
gosu --version; \
gosu nobody true
ENV CASSANDRA_HOME /opt/cassandra
ENV CASSANDRA_CONF /etc/cassandra
ENV CASSANDRA_DATA /var/lib/cassandra
ENV CASSANDRA_VERSION 3.11.19
ENV CASSANDRA_SHA512 42d7732c2b81c65a960101d1146603d430de341adcdf8d0ffc649753a340cf64dad696050f2ec01faff5f15e726f4f2a459f0b3ac281569b957f7726f51d43e0
ENV CASSANDRA_LUCENE_PLUGIN_VER=3.11.3.0
ARG CASSANDRA_LUCENE_PLUGIN_DEST=${CASSANDRA_HOME}/lib/
ARG CASSANDRA_LUCENE_PLUGIN_URL=https://repo1.maven.org/maven2/com/stratio/cassandra/cassandra-lucene-index-plugin/${CASSANDRA_LUCENE_PLUGIN_VER}/cassandra-lucene-index-plugin-${CASSANDRA_LUCENE_PLUGIN_VER}.jar
ENV PATH ${CASSANDRA_HOME}/bin:$PATH
# https://cwiki.apache.org/confluence/display/CASSANDRA2/DebianPackaging#DebianPackaging-AddingRepositoryKeys
# $ docker run --rm buildpack-deps:bullseye-curl bash -c 'wget -qO- https://downloads.apache.org/cassandra/KEYS | gpg --batch --import &> /dev/null && gpg --batch --list-keys --with-fingerprint --with-colons' | awk -F: '$1 == "pub" && $2 == "-" { pub = 1 } pub && $1 == "fpr" { fpr = $10 } $1 == "sub" { pub = 0 } pub && fpr && $1 == "uid" && $2 == "-" { print "#", $10; print "\t" fpr " \\"; pub = 0 }'
ENV GPG_KEYS \
# Eric Evans <eevans@sym-link.com>
CEC86BB4A0BA9D0F90397CAEF8358FA2F2833C93 \
# Eric Evans <eevans@sym-link.com>
C4965EE9E3015D192CCCF2B6F758CE318D77295D \
# Sylvain Lebresne (pcmanus) <sylvain@datastax.com>
5AED1BF378E9A19DADE1BCB34BD736A82B5C1B00 \
# T Jake Luciani <jake@apache.org>
514A2AD631A57A16DD0047EC749D6EEC0353B12C \
# Michael Shuler <michael@pbandjelly.org>
A26E528B271F19B9E5D8E19EA278B781FE4B2BDA \
# Michael Semb Wever <mick@thelastpickle.com>
A4C465FEA0C552561A392A61E91335D77E3E87CB \
# Alex Petrov <oleksandr.petrov@gmail.com>
9E66CEC6106D578D0B1EB9BFF1000962B7F6840C \
# Jordan West <jwest@apache.org>
C4009872C59B49561310D966D0062876AF30F054 \
# Brandon Williams <brandonwilliams@apache.org>
B7842CDAF36E6A3214FAE35D5E85B9AE0B84C041 \
# Ekaterina Buryanova Dimitrova (CODE SIGNING KEY) <e.dimitrova@gmail.com>
3E9C876907A560ACA00964F363E9BAD215BBF5F0 \
# Sam Tunnicliffe (CODE SIGNING KEY) <samt@apache.org>
F8B7FD00E05C932991A2CD6150EE103D162C5A55 \
# Stefan Miklosovic <smiklosovic@apache.org>
7464AAD9068241C50BA6A26232F35CB2F546D93E \
# Berenguer Blasi (Code Signing Key) <bereng@apache.org>
CEC5C50B9C629EF0F5AB2706650B72EB14CCD622
RUN set -eux; \
savedAptMark="$(apt-mark showmanual)"; \
apt-get update; \
apt-get install -y --no-install-recommends ca-certificates gnupg wget; \
rm -rf /var/lib/apt/lists/*; \
\
ddist() { \
local f="$1"; shift; \
local distFile="$1"; shift; \
local success=; \
local distUrl=; \
for distUrl in \
# https://github.com/docker-library/tomcat/pull/308
https://dlcdn.apache.org/ \
# if the version is outdated, we have to pull from the archive
https://archive.apache.org/dist/ \
; do \
if wget --progress=dot:giga -O "$f" "$distUrl$distFile" && [ -s "$f" ]; then \
success=1; \
break; \
fi; \
done; \
[ -n "$success" ]; \
}; \
\
ddist 'cassandra-bin.tgz' "cassandra/$CASSANDRA_VERSION/apache-cassandra-$CASSANDRA_VERSION-bin.tar.gz"; \
echo "$CASSANDRA_SHA512 *cassandra-bin.tgz" | sha512sum --check --strict -; \
\
ddist 'cassandra-bin.tgz.asc' "cassandra/$CASSANDRA_VERSION/apache-cassandra-$CASSANDRA_VERSION-bin.tar.gz.asc"; \
export GNUPGHOME="$(mktemp -d)"; \
for key in $GPG_KEYS; do \
gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \
done; \
gpg --batch --verify cassandra-bin.tgz.asc cassandra-bin.tgz; \
rm -rf "$GNUPGHOME"; \
\
apt-mark auto '.*' > /dev/null; \
[ -z "$savedAptMark" ] || apt-mark manual $savedAptMark > /dev/null; \
apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \
\
mkdir -p "${CASSANDRA_HOME}"; \
tar --extract --file cassandra-bin.tgz --directory "${CASSANDRA_HOME}" --strip-components 1; \
rm cassandra-bin.tgz*; \
\
[ ! -e "${CASSANDRA_CONF}" ]; \
mv "${CASSANDRA_HOME}/conf" "${CASSANDRA_CONF}"; \
ln -sT "${CASSANDRA_CONF}" "${CASSANDRA_HOME}/conf"; \
\
dpkgArch="$(dpkg --print-architecture)"; \
case "$dpkgArch" in \
ppc64el) \
# https://issues.apache.org/jira/browse/CASSANDRA-13345
# "The stack size specified is too small, Specify at least 328k"
grep -- '^-Xss256k$' "${CASSANDRA_CONF}/jvm.options"; \
sed -ri 's/^-Xss256k$/-Xss512k/' "${CASSANDRA_CONF}/jvm.options"; \
grep -- '^-Xss512k$' "${CASSANDRA_CONF}/jvm.options"; \
;; \
esac; \
\
mkdir -p "${CASSANDRA_CONF}" ${CASSANDRA_DATA} /var/log/cassandra; \
chown -R cassandra:cassandra "${CASSANDRA_CONF}" ${CASSANDRA_DATA} /var/log/cassandra; \
chmod 1777 "${CASSANDRA_CONF}" ${CASSANDRA_DATA} /var/log/cassandra; \
chmod -R a+rwX "${CASSANDRA_CONF}"; \
ln -sT ${CASSANDRA_DATA} "${CASSANDRA_HOME}/data"; \
ln -sT /var/log/cassandra "${CASSANDRA_HOME}/logs"; \
\
# smoke test
cassandra -v
##################################################################
# Install Cassandra Plugin
##################################################################
ADD ${CASSANDRA_LUCENE_PLUGIN_URL} ${CASSANDRA_LUCENE_PLUGIN_DEST}
VOLUME ${CASSANDRA_DATA}
COPY docker-entrypoint.sh /usr/local/bin/
RUN ln -s /usr/local/bin/docker-entrypoint.sh /docker-entrypoint.sh && \
chmod +x /usr/local/bin/docker-entrypoint.sh
ENTRYPOINT ["docker-entrypoint.sh"]
# 7000: intra-node communication
# 7001: TLS intra-node communication
# 7199: JMX
# 9042: CQL
# 9160: thrift service
EXPOSE 7000 7001 7199 9042 9160
CMD ["cassandra", "-f"]
##################################################################
# Cleanup
##################################################################
RUN echo "clean up" && \
apt-get clean -y && \
apt-get autoclean -y && \
rm -rfv /var/lib/apt/lists/* && \
rm -rfv /var/cache/apt/archives/*.deb && \
rm -rfv /root/tmp/* && \
rm -rfv /tmp/*
##################################################################
# update file db
##################################################################
RUN updatedb

View File

@ -0,0 +1,35 @@
PIP_BREAK_SYSTEM_PACKAGES=1
all: app
app:
make build
make deploy
make clean
build:
buildah-wrapper --build
deploy:
buildah-wrapper --deploy
build-kaniko:
kaniko-wrapper --kaniko-image gcr.io/kaniko-project/executor:debug --dry-run
deploy-kaniko:
kaniko-wrapper --deploy --kaniko-image gcr.io/kaniko-project/executor:debug
build-compose:
docker-compose build --compress --parallel --progress plain
deploy-compose:
docker-compose push
clean:
docker container prune -f
docker image prune -f
docker network prune -f
docker volume prune -f
docker system prune -af
buildah rm -a
buildah rmi -a

View File

@ -0,0 +1,94 @@
#!/usr/bin/env bash
set -e
# first arg is `-f` or `--some-option`
# or there are no args
if [ "$#" -eq 0 ] || [ "${1#-}" != "$1" ]; then
set -- cassandra -f "$@"
fi
# allow the container to be started with `--user`
if [ "$1" = 'cassandra' -a "$(id -u)" = '0' ]; then
find "$CASSANDRA_CONF" /var/lib/cassandra /var/log/cassandra \
\! -user cassandra -exec chown cassandra '{}' +
exec gosu cassandra "$BASH_SOURCE" "$@"
fi
_ip_address() {
# scrape the first non-localhost IP address of the container
# in Swarm Mode, we often get two IPs -- the container IP, and the (shared) VIP, and the container IP should always be first
ip address | awk '
$1 != "inet" { next } # only lines with ip addresses
$NF == "lo" { next } # skip loopback devices
$2 ~ /^127[.]/ { next } # skip loopback addresses
$2 ~ /^169[.]254[.]/ { next } # skip link-local addresses
{
gsub(/\/.+$/, "", $2)
print $2
exit
}
'
}
# "sed -i", but without "mv" (which doesn't work on a bind-mounted file, for example)
_sed-in-place() {
local filename="$1"; shift
local tempFile
tempFile="$(mktemp)"
sed "$@" "$filename" > "$tempFile"
cat "$tempFile" > "$filename"
rm "$tempFile"
}
if [ "$1" = 'cassandra' ]; then
: ${CASSANDRA_RPC_ADDRESS='0.0.0.0'}
: ${CASSANDRA_LISTEN_ADDRESS='auto'}
if [ "$CASSANDRA_LISTEN_ADDRESS" = 'auto' ]; then
CASSANDRA_LISTEN_ADDRESS="$(_ip_address)"
fi
: ${CASSANDRA_BROADCAST_ADDRESS="$CASSANDRA_LISTEN_ADDRESS"}
if [ "$CASSANDRA_BROADCAST_ADDRESS" = 'auto' ]; then
CASSANDRA_BROADCAST_ADDRESS="$(_ip_address)"
fi
: ${CASSANDRA_BROADCAST_RPC_ADDRESS:=$CASSANDRA_BROADCAST_ADDRESS}
if [ -n "${CASSANDRA_NAME:+1}" ]; then
: ${CASSANDRA_SEEDS:="cassandra"}
fi
: ${CASSANDRA_SEEDS:="$CASSANDRA_BROADCAST_ADDRESS"}
_sed-in-place "$CASSANDRA_CONF/cassandra.yaml" \
-r 's/(- seeds:).*/\1 "'"$CASSANDRA_SEEDS"'"/'
for yaml in \
broadcast_address \
broadcast_rpc_address \
cluster_name \
endpoint_snitch \
listen_address \
num_tokens \
rpc_address \
start_rpc \
; do
var="CASSANDRA_${yaml^^}"
val="${!var}"
if [ "$val" ]; then
_sed-in-place "$CASSANDRA_CONF/cassandra.yaml" \
-r 's/^(# )?('"$yaml"':).*/\2 '"$val"'/'
fi
done
for rackdc in dc rack; do
var="CASSANDRA_${rackdc^^}"
val="${!var}"
if [ "$val" ]; then
_sed-in-place "$CASSANDRA_CONF/cassandra-rackdc.properties" \
-r 's/^('"$rackdc"'=).*/\1 '"$val"'/'
fi
done
fi
exec "$@"

View File

@ -0,0 +1,3 @@
Package: python-*
Pin: release *
Pin-Priority: -1

View File

@ -0,0 +1,3 @@
Package: python2-*
Pin: release *
Pin-Priority: -1

View File

@ -0,0 +1,3 @@
Package: python3-*
Pin: release *
Pin-Priority: -1

View File

@ -0,0 +1,5 @@
services:
app:
image: "quay.io/epicmorg/cassandra:3.11-bitnami"
build:
context: .