Skip to content

Commit

Permalink
Switch Docker images to UBI (#6427)
Browse files Browse the repository at this point in the history 
* feat: replace default ubuntu based images with ubi-minimal based ones

* fix: re-introduce -ubi suffixed images

* fix: mark as a breaking change
  • Loading branch information
@pkoutsovasilis
pkoutsovasilis authored Jan 8, 2025
1 parent a66f89c commit 181c0c8
Show file tree
Hide file tree
Showing 5 changed files with 71 additions and 71 deletions.
32 changes: 32 additions & 0 deletions ...fragments/1734959878-Replace-default-Ubuntu-based-images-with-UBI-minimal-based-ones.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,32 @@
# Kind can be one of:
# - breaking-change: a change to previously-documented behavior
# - deprecation: functionality that is being removed in a later release
# - bug-fix: fixes a problem in a previous version
# - enhancement: extends functionality but does not break or fix existing behavior
# - feature: new functionality
# - known-issue: problems that we are aware of in a given version
# - security: impacts on the security of a product or a user’s deployment.
# - upgrade: important information for someone upgrading from a prior version
# - other: does not fit into any of the other categories
kind: breaking-change

# Change summary; a 80ish characters long description of the change.
summary: Replace default Ubuntu-based images with UBI-minimal-based ones

# Long description; in case the summary is not enough to describe the change
# this field accommodate a description without length limits.
# NOTE: This field will be rendered only for breaking-change and known-issue kinds at the moment.
#description:

# Affected component; usually one of "elastic-agent", "fleet-server", "filebeat", "metricbeat", "auditbeat", "all", etc.
component: elastic-agent

# PR URL; optional; the PR number that added the changeset.
# If not present is automatically filled by the tooling finding the PR where this changelog fragment has been added.
# NOTE: the tooling supports backports, so it's able to fill the original PR number instead of the backport PR number.
# Please provide it if you are adding a fragment for a different PR.
pr: https://github.com/elastic/elastic-agent/pull/6427

# Issue URL; optional; the GitHub issue related to this changeset (either closes or is part of).
# If not present is automatically filled by the tooling with the issue linked to the PR number.
#issue: https://github.com/owner/repo/1234
63 changes: 17 additions & 46 deletions dev-tools/packaging/packages.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -222,21 +222,12 @@ shared:
extra_vars:
buildFrom: '--platform=linux/arm64 cgr.dev/chainguard/wolfi-base'

- &docker_ubuntu_spec
docker_variant: 'basic'
extra_vars:
from: '--platform=linux/amd64 ubuntu:24.04'
- &docker_ubuntu_arm_spec
docker_variant: 'basic'
extra_vars:
from: '--platform=linux/arm64 ubuntu:24.04'

- &docker_ubi_spec
docker_variant: 'ubi'
docker_variant: 'basic'
extra_vars:
from: '--platform=linux/amd64 docker.elastic.co/ubi9/ubi-minimal'
- &docker_ubi_arm_spec
docker_variant: 'ubi'
docker_variant: 'basic'
extra_vars:
from: '--platform=linux/arm64 docker.elastic.co/ubi9/ubi-minimal'

Expand Down Expand Up @@ -545,7 +536,7 @@ specs:
types: [docker]
spec:
<<: *docker_spec
<<: *docker_ubuntu_spec
<<: *docker_ubi_spec
<<: *docker_builder_spec

- os: linux
Expand Down Expand Up @@ -595,7 +586,7 @@ specs:
types: [docker]
spec:
<<: *docker_spec
<<: *docker_ubuntu_spec
<<: *docker_ubi_spec
<<: *docker_builder_spec
<<: *docker_elastic_spec
<<: *apache_license_for_binaries
Expand Down Expand Up @@ -652,7 +643,7 @@ specs:
types: [docker]
spec:
<<: *docker_spec
<<: *docker_ubuntu_spec
<<: *docker_ubi_spec
<<: *docker_builder_spec
<<: *docker_elastic_spec
<<: *elastic_license_for_binaries
Expand All @@ -661,11 +652,12 @@ specs:
types: [docker]
spec:
<<: *docker_spec
<<: *docker_ubuntu_arm_spec
<<: *docker_ubi_arm_spec
<<: *docker_builder_arm_spec
<<: *docker_elastic_spec
<<: *elastic_license_for_binaries

# keep producing ubi suffixed images
- os: linux
arch: amd64
types: [docker]
Expand All @@ -675,6 +667,7 @@ specs:
<<: *docker_builder_spec
<<: *docker_elastic_spec
<<: *elastic_license_for_binaries
docker_variant: "ubi"
- os: linux
arch: arm64
types: [docker]
Expand All @@ -684,6 +677,7 @@ specs:
<<: *docker_builder_arm_spec
<<: *docker_elastic_spec
<<: *elastic_license_for_binaries
docker_variant: "ubi"

- os: linux
arch: amd64
Expand Down Expand Up @@ -780,24 +774,12 @@ specs:
/usr/share/{{.BeatName}}/bin/{{.BeatName}}{{.BinaryExt}}:
source: ./{{.XPackDir}}/{{.BeatName}}/build/golang-crossbuild/{{.BeatName}}-{{.GOOS}}-{{.Platform.Arch}}{{.BinaryExt}}

- os: linux
arch: amd64
types: [docker]
spec:
<<: *docker_spec
<<: *docker_ubuntu_spec
<<: *docker_builder_spec
<<: *docker_elastic_spec
<<: *elastic_license_for_binaries
files:
'{{.BeatName}}{{.BinaryExt}}':
source: ./{{.XPackDir}}/{{.BeatName}}/build/golang-crossbuild/{{.BeatName}}-{{.GOOS}}-{{.Platform.Arch}}{{.BinaryExt}}
- os: linux
arch: arm64
types: [docker]
spec:
<<: *docker_spec
<<: *docker_ubuntu_arm_spec
<<: *docker_ubi_arm_spec
<<: *docker_builder_arm_spec
<<: *docker_elastic_spec
<<: *elastic_license_for_binaries
Expand All @@ -817,18 +799,6 @@ specs:
files:
'{{.BeatName}}{{.BinaryExt}}':
source: ./{{.XPackDir}}/{{.BeatName}}/build/golang-crossbuild/{{.BeatName}}-{{.GOOS}}-{{.Platform.Arch}}{{.BinaryExt}}
- os: linux
arch: arm64
types: [docker]
spec:
<<: *docker_spec
<<: *docker_ubi_arm_spec
<<: *docker_builder_arm_spec
<<: *docker_elastic_spec
<<: *elastic_license_for_binaries
files:
'{{.BeatName}}{{.BinaryExt}}':
source: ./{{.XPackDir}}/{{.BeatName}}/build/golang-crossbuild/{{.BeatName}}-{{.GOOS}}-{{.Platform.Arch}}{{.BinaryExt}}

- os: linux
arch: amd64
Expand Down Expand Up @@ -914,14 +884,14 @@ specs:
<<: *elastic_license_for_deb_rpm

######## Docker images #########
#### Ubuntu-based images ####
#### UBI-minimal-based images ####
# Complete image gets a 'complete' variant for synthetics and other large
# packages too big to fit in the main image
- os: linux
arch: amd64
types: [docker]
spec:
<<: *docker_ubuntu_spec
<<: *docker_ubi_spec
<<: *docker_builder_spec
<<: *agent_docker_complete_spec
<<: *docker_elastic_spec
Expand All @@ -945,7 +915,7 @@ specs:
arch: arm64
types: [docker]
spec:
<<: *docker_ubuntu_arm_spec
<<: *docker_ubi_arm_spec
<<: *docker_builder_arm_spec
<<: *agent_docker_complete_spec
<<: *docker_elastic_spec
Expand All @@ -969,27 +939,28 @@ specs:
arch: amd64
types: [docker]
spec:
<<: *docker_ubuntu_spec
<<: *docker_ubi_spec
<<: *docker_builder_spec
<<: *agent_docker_spec
<<: *docker_elastic_spec
<<: *elastic_license_for_binaries
docker_variant: 'ubi'
files:
'{{.BeatName}}{{.BinaryExt}}':
source: ./build/golang-crossbuild/{{.BeatName}}-{{.GOOS}}-{{.Platform.Arch}}{{.BinaryExt}}
- os: linux
arch: arm64
types: [docker]
spec:
<<: *docker_ubuntu_arm_spec
<<: *docker_ubi_arm_spec
<<: *docker_builder_arm_spec
<<: *agent_docker_spec
<<: *docker_elastic_spec
<<: *elastic_license_for_binaries
docker_variant: 'ubi'
files:
'{{.BeatName}}{{.BinaryExt}}':
source: ./build/golang-crossbuild/{{.BeatName}}-{{.GOOS}}-{{.Platform.Arch}}{{.BinaryExt}}
#### ubi-based ####
- os: linux
arch: amd64
types: [docker]
Expand Down
42 changes: 22 additions & 20 deletions dev-tools/packaging/templates/docker/Dockerfile.elastic-agent.tmpl
View file
Original file line number Diff line number Diff line change
Expand Up @@ -69,20 +69,11 @@ FROM {{ .from }}
ENV BEAT_SETUID_AS={{ .user }}

{{- if contains .from "ubi-minimal" }}
RUN for iter in {1..10}; do microdnf update -y && microdnf install -y tar gzip findutils shadow-utils && microdnf clean all && exit_code=0 && break || exit_code=$? && echo "microdnf error: retry $iter in 10s" && sleep 10; done; (exit $exit_code)
{{- end }}

{{- if contains .from "ubuntu" }}
# Delete the existing "ubuntu" user to prevent conflict with the user that is added later.
# See https://bugs.launchpad.net/cloud-images/+bug/2005129/comments/2.
RUN touch /var/mail/ubuntu && chown ubuntu /var/mail/ubuntu && userdel -r ubuntu
RUN for iter in {1..10}; do \
apt-get update -y && \
DEBIAN_FRONTEND=noninteractive apt-get install --no-install-recommends --yes ca-certificates curl gawk xz-utils && \
apt-get clean all && \
exit_code=0 && break || exit_code=$? && echo "apt-get error: retry $iter in 10s" && sleep 10; \
done; \
(exit $exit_code)
microdnf update -y && \
microdnf install -y tar gzip findutils shadow-utils ca-certificates gawk libcap xz && \
microdnf clean all && \
exit_code=0 && break || exit_code=$? && echo "microdnf error: retry $iter in 10s" && sleep 10; done; (exit $exit_code)
{{- end }}

{{- if contains .from "wolfi" }}
Expand Down Expand Up @@ -187,7 +178,7 @@ RUN apk add --no-cache git make python-3.11 py3.11-pip && \
chmod 0755 {{ $beatHome }}/data/elastic-agent-*/components/connectors
{{- end }}

{{- if (and (eq .Variant "complete") (contains .from "ubuntu")) }}
{{- if (and (eq .Variant "complete") (contains .from "ubi-minimal")) }}
USER root
ENV NODE_PATH={{ $beatHome }}/.node
RUN echo \
Expand Down Expand Up @@ -239,12 +230,23 @@ USER root
# We don't use npx playwright install-deps because that could pull a newer version
# Install additional fonts as well
RUN for iter in {1..10}; do \
apt-get update -y && \
$NODE_PATH/node/lib/node_modules/@elastic/synthetics/node_modules/.bin/playwright install-deps chromium && \
DEBIAN_FRONTEND=noninteractive apt-get install --no-install-recommends --yes \
fonts-noto \
fonts-noto-cjk && \
exit_code=0 && break || exit_code=$? && echo "apt-get error: retry $iter in 10s" && sleep 10; \
microdnf -y update && \
microdnf -y install fontconfig freetype cairo glib2 gtk3 pango xorg-x11-fonts-misc xorg-x11-fonts-Type1 \
at-spi2-atk atk at-spi2-core alsa-lib cups-libs dbus-libs libdrm mesa-libEGL mesa-libgbm nspr nss libX11 \
libX11-xcb libxcb libXcomposite libXdamage libXext libXfixes libXrandr libxkbcommon libxshmfence glib2 \
dbus-glib libicu mesa-libGL unzip iptables systemd && \
mkdir -p /usr/share/fonts/google-noto && \
curl -LO https://noto-website-2.storage.googleapis.com/pkgs/NotoSansCJKjp-hinted.zip && \
unzip NotoSansCJKjp-hinted.zip -d /usr/share/fonts/google-noto && \
rm -f NotoSansCJKjp-hinted.zip && \
microdnf -y remove unzip && \
curl -LO https://github.com/googlefonts/noto-fonts/raw/main/hinted/ttf/NotoSans/NotoSans-Regular.ttf && \
mv NotoSans-Regular.ttf /usr/share/fonts/google-noto && \
curl -LO https://github.com/googlefonts/noto-emoji/raw/main/fonts/NotoColorEmoji.ttf && \
mv NotoColorEmoji.ttf /usr/share/fonts/google-noto && \
fc-cache -fv && \
microdnf clean all && \
exit_code=0 && break || exit_code=$? && echo "microdnf error: retry $iter in 10s" && sleep 10; \
done; \
(exit $exit_code)
{{- end }}
Expand Down
4 changes: 0 additions & 4 deletions pkg/testing/kubernetes/supported.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -52,10 +52,6 @@ var variants = []struct {
Name: "basic",
Image: "docker.elastic.co/beats/elastic-agent",
},
{
Name: "ubi",
Image: "docker.elastic.co/beats/elastic-agent-ubi",
},
{
Name: "wolfi",
Image: "docker.elastic.co/beats/elastic-agent-wolfi",
Expand Down
1 change: 0 additions & 1 deletion testing/integration/kubernetes_agent_standalone_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -71,7 +71,6 @@ func TestKubernetesAgentStandaloneKustomize(t *testing.T) {
// test all produced images
{Type: define.Kubernetes, DockerVariant: "basic"},
{Type: define.Kubernetes, DockerVariant: "wolfi"},
{Type: define.Kubernetes, DockerVariant: "ubi"},
{Type: define.Kubernetes, DockerVariant: "complete"},
{Type: define.Kubernetes, DockerVariant: "complete-wolfi"},
},
Expand Down

0 comments on commit 181c0c8

Please sign in to comment.