|
| 1 | +FROM adoptopenjdk:11-jre-hotspot-bionic |
| 2 | + |
| 3 | +# explicitly set user/group IDs |
| 4 | +RUN set -eux; \ |
| 5 | + groupadd -r cassandra --gid=999; \ |
| 6 | + useradd -r -g cassandra --uid=999 cassandra |
| 7 | + |
| 8 | +RUN set -eux; \ |
| 9 | + apt-get update; \ |
| 10 | + apt-get install -y --no-install-recommends \ |
| 11 | +# solves warning: "jemalloc shared library could not be preloaded to speed up memory allocations" |
| 12 | + libjemalloc1 \ |
| 13 | +# "free" is used by cassandra-env.sh |
| 14 | + procps \ |
| 15 | +# "cqlsh" needs a python interpreter |
| 16 | + python3 \ |
| 17 | +# "ip" is not required by Cassandra itself, but is commonly used in scripting Cassandra's configuration (since it is so fixated on explicit IP addresses) |
| 18 | + iproute2 \ |
| 19 | +# Cassandra will automatically use numactl if available |
| 20 | +# https://github.com/apache/cassandra/blob/18bcda2d4c2eba7370a0b21f33eed37cb730bbb3/bin/cassandra#L90-L100 |
| 21 | +# https://github.com/apache/cassandra/commit/604c0e87dc67fa65f6904ef9a98a029c9f2f865a |
| 22 | + numactl \ |
| 23 | + ; \ |
| 24 | + rm -rf /var/lib/apt/lists/* |
| 25 | + |
| 26 | +# grab gosu for easy step-down from root |
| 27 | +# https://github.com/tianon/gosu/releases |
| 28 | +ENV GOSU_VERSION 1.12 |
| 29 | +RUN set -eux; \ |
| 30 | + savedAptMark="$(apt-mark showmanual)"; \ |
| 31 | + apt-get update; \ |
| 32 | + apt-get install -y --no-install-recommends ca-certificates dirmngr gnupg wget; \ |
| 33 | + rm -rf /var/lib/apt/lists/*; \ |
| 34 | + dpkgArch="$(dpkg --print-architecture | awk -F- '{ print $NF }')"; \ |
| 35 | + wget -O /usr/local/bin/gosu "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch"; \ |
| 36 | + wget -O /usr/local/bin/gosu.asc "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch.asc"; \ |
| 37 | + export GNUPGHOME="$(mktemp -d)"; \ |
| 38 | + gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys B42F6819007F00F88E364FD4036A9C25BF357DD4; \ |
| 39 | + gpg --batch --verify /usr/local/bin/gosu.asc /usr/local/bin/gosu; \ |
| 40 | + gpgconf --kill all; \ |
| 41 | + rm -rf "$GNUPGHOME" /usr/local/bin/gosu.asc; \ |
| 42 | + apt-mark auto '.*' > /dev/null; \ |
| 43 | + [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark > /dev/null; \ |
| 44 | + apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \ |
| 45 | + chmod +x /usr/local/bin/gosu; \ |
| 46 | + gosu --version; \ |
| 47 | + gosu nobody true |
| 48 | + |
| 49 | +ENV CASSANDRA_HOME /opt/cassandra |
| 50 | +ENV CASSANDRA_CONF /etc/cassandra |
| 51 | +ENV PATH $CASSANDRA_HOME/bin:$PATH |
| 52 | + |
| 53 | +# https://cwiki.apache.org/confluence/display/CASSANDRA2/DebianPackaging#DebianPackaging-AddingRepositoryKeys |
| 54 | +ENV GPG_KEYS \ |
| 55 | +# gpg: key 0353B12C: public key "T Jake Luciani <[email protected]>" imported |
| 56 | + 514A2AD631A57A16DD0047EC749D6EEC0353B12C \ |
| 57 | +# gpg: key FE4B2BDA: public key "Michael Shuler <[email protected]>" imported |
| 58 | + A26E528B271F19B9E5D8E19EA278B781FE4B2BDA \ |
| 59 | +# gpg: key E91335D77E3E87CB: public key "Michael Semb Wever <[email protected]>" imported |
| 60 | + A4C465FEA0C552561A392A61E91335D77E3E87CB |
| 61 | + |
| 62 | +ENV CASSANDRA_VERSION 4.0-beta1 |
| 63 | +ENV CASSANDRA_SHA512 240ae95f78de172333eee865f01b838433845fbd0dceea0eb91ea3a419873f74c5e266cfb62553fa0260849afa7ec5cc65335d037d1455e36b96ddc0f18effc7 |
| 64 | + |
| 65 | +RUN set -eux; \ |
| 66 | + savedAptMark="$(apt-mark showmanual)"; \ |
| 67 | + apt-get update; \ |
| 68 | + apt-get install -y --no-install-recommends ca-certificates dirmngr gnupg wget; \ |
| 69 | + rm -rf /var/lib/apt/lists/*; \ |
| 70 | + \ |
| 71 | + ddist() { \ |
| 72 | + local f="$1"; shift; \ |
| 73 | + local distFile="$1"; shift; \ |
| 74 | + local success=; \ |
| 75 | + local distUrl=; \ |
| 76 | + for distUrl in \ |
| 77 | +# https://issues.apache.org/jira/browse/INFRA-8753?focusedCommentId=14735394#comment-14735394 |
| 78 | + 'https://www.apache.org/dyn/closer.cgi?action=download&filename=' \ |
| 79 | +# if the version is outdated (or we're grabbing the .asc file), we might have to pull from the dist/archive :/ |
| 80 | + https://www-us.apache.org/dist/ \ |
| 81 | + https://www.apache.org/dist/ \ |
| 82 | + https://archive.apache.org/dist/ \ |
| 83 | + ; do \ |
| 84 | + if wget --progress=dot:giga -O "$f" "$distUrl$distFile" && [ -s "$f" ]; then \ |
| 85 | + success=1; \ |
| 86 | + break; \ |
| 87 | + fi; \ |
| 88 | + done; \ |
| 89 | + [ -n "$success" ]; \ |
| 90 | + }; \ |
| 91 | + \ |
| 92 | + ddist 'cassandra-bin.tgz' "cassandra/$CASSANDRA_VERSION/apache-cassandra-$CASSANDRA_VERSION-bin.tar.gz"; \ |
| 93 | + echo "$CASSANDRA_SHA512 *cassandra-bin.tgz" | sha512sum --check --strict -; \ |
| 94 | + \ |
| 95 | + ddist 'cassandra-bin.tgz.asc' "cassandra/$CASSANDRA_VERSION/apache-cassandra-$CASSANDRA_VERSION-bin.tar.gz.asc"; \ |
| 96 | + export GNUPGHOME="$(mktemp -d)"; \ |
| 97 | + for key in $GPG_KEYS; do \ |
| 98 | + gpg --batch --keyserver ha.pool.sks-keyservers.net --recv-keys "$key"; \ |
| 99 | + done; \ |
| 100 | + gpg --batch --verify cassandra-bin.tgz.asc cassandra-bin.tgz; \ |
| 101 | + rm -rf "$GNUPGHOME"; \ |
| 102 | + \ |
| 103 | + apt-mark auto '.*' > /dev/null; \ |
| 104 | + [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark > /dev/null; \ |
| 105 | + apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \ |
| 106 | + \ |
| 107 | + mkdir -p "$CASSANDRA_HOME"; \ |
| 108 | + tar --extract --file cassandra-bin.tgz --directory "$CASSANDRA_HOME" --strip-components 1; \ |
| 109 | + rm cassandra-bin.tgz*; \ |
| 110 | + \ |
| 111 | + [ ! -e "$CASSANDRA_CONF" ]; \ |
| 112 | + mv "$CASSANDRA_HOME/conf" "$CASSANDRA_CONF"; \ |
| 113 | + ln -sT "$CASSANDRA_CONF" "$CASSANDRA_HOME/conf"; \ |
| 114 | + \ |
| 115 | + dpkgArch="$(dpkg --print-architecture)"; \ |
| 116 | + case "$dpkgArch" in \ |
| 117 | + ppc64el) \ |
| 118 | +# https://issues.apache.org/jira/browse/CASSANDRA-13345 |
| 119 | +# "The stack size specified is too small, Specify at least 328k" |
| 120 | + if grep -q -- '^-Xss' "$CASSANDRA_CONF/jvm.options"; then \ |
| 121 | +# 3.11+ (jvm.options) |
| 122 | + grep -- '^-Xss256k$' "$CASSANDRA_CONF/jvm.options"; \ |
| 123 | + sed -ri 's/^-Xss256k$/-Xss512k/' "$CASSANDRA_CONF/jvm.options"; \ |
| 124 | + grep -- '^-Xss512k$' "$CASSANDRA_CONF/jvm.options"; \ |
| 125 | + elif grep -q -- '-Xss256k' "$CASSANDRA_CONF/cassandra-env.sh"; then \ |
| 126 | +# 3.0 (cassandra-env.sh) |
| 127 | + sed -ri 's/-Xss256k/-Xss512k/g' "$CASSANDRA_CONF/cassandra-env.sh"; \ |
| 128 | + grep -- '-Xss512k' "$CASSANDRA_CONF/cassandra-env.sh"; \ |
| 129 | + fi; \ |
| 130 | + ;; \ |
| 131 | + esac; \ |
| 132 | + \ |
| 133 | + mkdir -p "$CASSANDRA_CONF" /var/lib/cassandra /var/log/cassandra; \ |
| 134 | + chown -R cassandra:cassandra "$CASSANDRA_CONF" /var/lib/cassandra /var/log/cassandra; \ |
| 135 | + chmod 777 "$CASSANDRA_CONF" /var/lib/cassandra /var/log/cassandra; \ |
| 136 | + ln -sT /var/lib/cassandra "$CASSANDRA_HOME/data"; \ |
| 137 | + ln -sT /var/log/cassandra "$CASSANDRA_HOME/logs"; \ |
| 138 | + \ |
| 139 | +# smoke test |
| 140 | + cassandra -v |
| 141 | + |
| 142 | +VOLUME /var/lib/cassandra |
| 143 | + |
| 144 | +COPY docker-entrypoint.sh /usr/local/bin/ |
| 145 | +ENTRYPOINT ["docker-entrypoint.sh"] |
| 146 | + |
| 147 | +# 7000: intra-node communication |
| 148 | +# 7001: TLS intra-node communication |
| 149 | +# 7199: JMX |
| 150 | +# 9042: CQL |
| 151 | +# 9160: thrift service |
| 152 | +EXPOSE 7000 7001 7199 9042 9160 |
| 153 | +CMD ["cassandra", "-f"] |
0 commit comments