From aaec162da65243042bd009afa41e866c7ea1db5e Mon Sep 17 00:00:00 2001 From: Sven Boeckelmann Date: Thu, 20 Jun 2024 03:38:43 +0200 Subject: [PATCH] update docker files and enable native docker image builds --- .github/workflows/maven-release.yml | 1 - .../src/main/docker/Dockerfile.jvm | 100 +++++++++++++----- .../src/main/docker/Dockerfile.legacy-jar | 96 ++++++++++++----- .../src/main/docker/Dockerfile.native | 12 +-- .../src/main/docker/Dockerfile.native-micro | 30 ++++++ .../src/main/resources/application.yml | 2 +- 6 files changed, 177 insertions(+), 64 deletions(-) create mode 100644 testdata-generator-quarkus-rest-app/src/main/docker/Dockerfile.native-micro diff --git a/.github/workflows/maven-release.yml b/.github/workflows/maven-release.yml index 3270efa..4b3e1e7 100644 --- a/.github/workflows/maven-release.yml +++ b/.github/workflows/maven-release.yml @@ -267,7 +267,6 @@ jobs: build-quarkus-native-container-images: - if: false name: "Build Native Container Image" needs: [ build-vue-js-job ] diff --git a/testdata-generator-quarkus-rest-app/src/main/docker/Dockerfile.jvm b/testdata-generator-quarkus-rest-app/src/main/docker/Dockerfile.jvm index 70c1619..cf59071 100644 --- a/testdata-generator-quarkus-rest-app/src/main/docker/Dockerfile.jvm +++ b/testdata-generator-quarkus-rest-app/src/main/docker/Dockerfile.jvm @@ -7,49 +7,91 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/quarkus-rest-jvm . +# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/quarkus-converter-service-app-jvm . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/quarkus-rest-jvm +# docker run -i --rm -p 8080:8080 quarkus/quarkus-converter-service-app-jvm # # If you want to include the debug port into your docker image -# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5005 +# you will have to expose the debug port (default 5005 being the default) like this : EXPOSE 8080 5005. +# Additionally you will have to set -e JAVA_DEBUG=true and -e JAVA_DEBUG_PORT=*:5005 +# when running the container # # Then run the container using : # -# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/quarkus-rest-jvm +# docker run -i --rm -p 8080:8080 quarkus/quarkus-converter-service-app-jvm +# +# This image uses the `run-java.sh` script to run the application. +# This scripts computes the command line to execute your Java application, and +# includes memory/GC tuning. +# You can configure the behavior using the following environment properties: +# - JAVA_OPTS: JVM options passed to the `java` command (example: "-verbose:class") +# - JAVA_OPTS_APPEND: User specified Java options to be appended to generated options +# in JAVA_OPTS (example: "-Dsome.property=foo") +# - JAVA_MAX_MEM_RATIO: Is used when no `-Xmx` option is given in JAVA_OPTS. This is +# used to calculate a default maximal heap memory based on a containers restriction. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xmx` is set to a ratio +# of the container available memory as set here. The default is `50` which means 50% +# of the available memory is used as an upper boundary. You can skip this mechanism by +# setting this value to `0` in which case no `-Xmx` option is added. +# - JAVA_INITIAL_MEM_RATIO: Is used when no `-Xms` option is given in JAVA_OPTS. This +# is used to calculate a default initial heap memory based on the maximum heap memory. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xms` is set to a ratio +# of the `-Xmx` memory as set here. The default is `25` which means 25% of the `-Xmx` +# is used as the initial heap size. You can skip this mechanism by setting this value +# to `0` in which case no `-Xms` option is added (example: "25") +# - JAVA_MAX_INITIAL_MEM: Is used when no `-Xms` option is given in JAVA_OPTS. +# This is used to calculate the maximum value of the initial heap memory. If used in +# a container without any memory constraints for the container then this option has +# no effect. If there is a memory constraint then `-Xms` is limited to the value set +# here. The default is 4096MB which means the calculated value of `-Xms` never will +# be greater than 4096MB. The value of this variable is expressed in MB (example: "4096") +# - JAVA_DIAGNOSTICS: Set this to get some diagnostics information to standard output +# when things are happening. This option, if set to true, will set +# `-XX:+UnlockDiagnosticVMOptions`. Disabled by default (example: "true"). +# - JAVA_DEBUG: If set remote debugging will be switched on. Disabled by default (example: +# true"). +# - JAVA_DEBUG_PORT: Port used for remote debugging. Defaults to 5005 (example: "8787"). +# - CONTAINER_CORE_LIMIT: A calculated core limit as described in +# https://www.kernel.org/doc/Documentation/scheduler/sched-bwc.txt. (example: "2") +# - CONTAINER_MAX_MEMORY: Memory limit given to the container (example: "1024"). +# - GC_MIN_HEAP_FREE_RATIO: Minimum percentage of heap free after GC to avoid expansion. +# (example: "20") +# - GC_MAX_HEAP_FREE_RATIO: Maximum percentage of heap free after GC to avoid shrinking. +# (example: "40") +# - GC_TIME_RATIO: Specifies the ratio of the time spent outside the garbage collection. +# (example: "4") +# - GC_ADAPTIVE_SIZE_POLICY_WEIGHT: The weighting given to the current GC time versus +# previous GC times. (example: "90") +# - GC_METASPACE_SIZE: The initial metaspace size. (example: "20") +# - GC_MAX_METASPACE_SIZE: The maximum metaspace size. (example: "100") +# - GC_CONTAINER_OPTIONS: Specify Java GC to use. The value of this variable should +# contain the necessary JRE command-line options to specify the required GC, which +# will override the default of `-XX:+UseParallelGC` (example: -XX:+UseG1GC). +# - HTTPS_PROXY: The location of the https proxy. (example: "myuser@127.0.0.1:8080") +# - HTTP_PROXY: The location of the http proxy. (example: "myuser@127.0.0.1:8080") +# - NO_PROXY: A comma separated lists of hosts, IP addresses or domains that can be +# accessed directly. (example: "foo.example.com,bar.example.com") # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.4 +FROM registry.access.redhat.com/ubi8/openjdk-21:1.19 + +ENV LANGUAGE='en_US:en' -ARG JAVA_PACKAGE=java-17-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.8 -ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' -# Install java and the run-java script -# Also set up permissions for user `1001` -RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ - && microdnf update \ - && microdnf clean all \ - && mkdir /deployments \ - && chown 1001 /deployments \ - && chmod "g+rwX" /deployments \ - && chown 1001:root /deployments \ - && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ - && chown 1001 /deployments/run-java.sh \ - && chmod 540 /deployments/run-java.sh \ - && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/conf/security/java.security -# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. -ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" # We make four distinct layers so if there are application changes the library layers can be re-used -COPY --chown=1001 target/quarkus-app/lib/ /deployments/lib/ -COPY --chown=1001 target/quarkus-app/*.jar /deployments/ -COPY --chown=1001 target/quarkus-app/app/ /deployments/app/ -COPY --chown=1001 target/quarkus-app/quarkus/ /deployments/quarkus/ +COPY --chown=185 target/quarkus-app/lib/ /deployments/lib/ +COPY --chown=185 target/quarkus-app/*.jar /deployments/ +COPY --chown=185 target/quarkus-app/app/ /deployments/app/ +COPY --chown=185 target/quarkus-app/quarkus/ /deployments/quarkus/ EXPOSE 8080 -USER 1001 +USER 185 +ENV JAVA_OPTS_APPEND="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +ENV JAVA_APP_JAR="/deployments/quarkus-run.jar" -ENTRYPOINT [ "/deployments/run-java.sh" ] +ENTRYPOINT [ "/opt/jboss/container/java/run/run-java.sh" ] diff --git a/testdata-generator-quarkus-rest-app/src/main/docker/Dockerfile.legacy-jar b/testdata-generator-quarkus-rest-app/src/main/docker/Dockerfile.legacy-jar index 18c0f05..6c9a706 100644 --- a/testdata-generator-quarkus-rest-app/src/main/docker/Dockerfile.legacy-jar +++ b/testdata-generator-quarkus-rest-app/src/main/docker/Dockerfile.legacy-jar @@ -3,49 +3,91 @@ # # Before building the container image run: # -# ./mvnw package -Dquarkus.package.type=legacy-jar +# ./mvnw package -Dquarkus.package.jar.type=legacy-jar # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/quarkus-rest-legacy-jar . +# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/quarkus-converter-service-app-legacy-jar . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/quarkus-rest-legacy-jar +# docker run -i --rm -p 8080:8080 quarkus/quarkus-converter-service-app-legacy-jar # # If you want to include the debug port into your docker image -# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5005 +# you will have to expose the debug port (default 5005 being the default) like this : EXPOSE 8080 5005. +# Additionally you will have to set -e JAVA_DEBUG=true and -e JAVA_DEBUG_PORT=*:5005 +# when running the container # # Then run the container using : # -# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/quarkus-rest-legacy-jar +# docker run -i --rm -p 8080:8080 quarkus/quarkus-converter-service-app-legacy-jar +# +# This image uses the `run-java.sh` script to run the application. +# This scripts computes the command line to execute your Java application, and +# includes memory/GC tuning. +# You can configure the behavior using the following environment properties: +# - JAVA_OPTS: JVM options passed to the `java` command (example: "-verbose:class") +# - JAVA_OPTS_APPEND: User specified Java options to be appended to generated options +# in JAVA_OPTS (example: "-Dsome.property=foo") +# - JAVA_MAX_MEM_RATIO: Is used when no `-Xmx` option is given in JAVA_OPTS. This is +# used to calculate a default maximal heap memory based on a containers restriction. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xmx` is set to a ratio +# of the container available memory as set here. The default is `50` which means 50% +# of the available memory is used as an upper boundary. You can skip this mechanism by +# setting this value to `0` in which case no `-Xmx` option is added. +# - JAVA_INITIAL_MEM_RATIO: Is used when no `-Xms` option is given in JAVA_OPTS. This +# is used to calculate a default initial heap memory based on the maximum heap memory. +# If used in a container without any memory constraints for the container then this +# option has no effect. If there is a memory constraint then `-Xms` is set to a ratio +# of the `-Xmx` memory as set here. The default is `25` which means 25% of the `-Xmx` +# is used as the initial heap size. You can skip this mechanism by setting this value +# to `0` in which case no `-Xms` option is added (example: "25") +# - JAVA_MAX_INITIAL_MEM: Is used when no `-Xms` option is given in JAVA_OPTS. +# This is used to calculate the maximum value of the initial heap memory. If used in +# a container without any memory constraints for the container then this option has +# no effect. If there is a memory constraint then `-Xms` is limited to the value set +# here. The default is 4096MB which means the calculated value of `-Xms` never will +# be greater than 4096MB. The value of this variable is expressed in MB (example: "4096") +# - JAVA_DIAGNOSTICS: Set this to get some diagnostics information to standard output +# when things are happening. This option, if set to true, will set +# `-XX:+UnlockDiagnosticVMOptions`. Disabled by default (example: "true"). +# - JAVA_DEBUG: If set remote debugging will be switched on. Disabled by default (example: +# true"). +# - JAVA_DEBUG_PORT: Port used for remote debugging. Defaults to 5005 (example: "8787"). +# - CONTAINER_CORE_LIMIT: A calculated core limit as described in +# https://www.kernel.org/doc/Documentation/scheduler/sched-bwc.txt. (example: "2") +# - CONTAINER_MAX_MEMORY: Memory limit given to the container (example: "1024"). +# - GC_MIN_HEAP_FREE_RATIO: Minimum percentage of heap free after GC to avoid expansion. +# (example: "20") +# - GC_MAX_HEAP_FREE_RATIO: Maximum percentage of heap free after GC to avoid shrinking. +# (example: "40") +# - GC_TIME_RATIO: Specifies the ratio of the time spent outside the garbage collection. +# (example: "4") +# - GC_ADAPTIVE_SIZE_POLICY_WEIGHT: The weighting given to the current GC time versus +# previous GC times. (example: "90") +# - GC_METASPACE_SIZE: The initial metaspace size. (example: "20") +# - GC_MAX_METASPACE_SIZE: The maximum metaspace size. (example: "100") +# - GC_CONTAINER_OPTIONS: Specify Java GC to use. The value of this variable should +# contain the necessary JRE command-line options to specify the required GC, which +# will override the default of `-XX:+UseParallelGC` (example: -XX:+UseG1GC). +# - HTTPS_PROXY: The location of the https proxy. (example: "myuser@127.0.0.1:8080") +# - HTTP_PROXY: The location of the http proxy. (example: "myuser@127.0.0.1:8080") +# - NO_PROXY: A comma separated lists of hosts, IP addresses or domains that can be +# accessed directly. (example: "foo.example.com,bar.example.com") # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.4 +FROM registry.access.redhat.com/ubi8/openjdk-21:1.19 + +ENV LANGUAGE='en_US:en' -ARG JAVA_PACKAGE=java-17-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.8 -ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' -# Install java and the run-java script -# Also set up permissions for user `1001` -RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ - && microdnf update \ - && microdnf clean all \ - && mkdir /deployments \ - && chown 1001 /deployments \ - && chmod "g+rwX" /deployments \ - && chown 1001:root /deployments \ - && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ - && chown 1001 /deployments/run-java.sh \ - && chmod 540 /deployments/run-java.sh \ - && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/conf/security/java.security -# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. -ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" COPY target/lib/* /deployments/lib/ -COPY target/*-runner.jar /deployments/app.jar +COPY target/*-runner.jar /deployments/quarkus-run.jar EXPOSE 8080 -USER 1001 +USER 185 +ENV JAVA_OPTS_APPEND="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +ENV JAVA_APP_JAR="/deployments/quarkus-run.jar" -ENTRYPOINT [ "/deployments/run-java.sh" ] +ENTRYPOINT [ "/opt/jboss/container/java/run/run-java.sh" ] diff --git a/testdata-generator-quarkus-rest-app/src/main/docker/Dockerfile.native b/testdata-generator-quarkus-rest-app/src/main/docker/Dockerfile.native index 73f7fc1..b881f3a 100644 --- a/testdata-generator-quarkus-rest-app/src/main/docker/Dockerfile.native +++ b/testdata-generator-quarkus-rest-app/src/main/docker/Dockerfile.native @@ -1,20 +1,20 @@ #### -# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode. # # Before building the container image run: # -# ./mvnw package -Pnative +# ./mvnw package -Dnative # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native -t quarkus/quarkus-rest . +# docker build -f src/main/docker/Dockerfile.native -t quarkus/quarkus-converter-service-app . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/quarkus-rest +# docker run -i --rm -p 8080:8080 quarkus/quarkus-converter-service-app # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.4 +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.9 WORKDIR /work/ RUN chown 1001 /work \ && chmod "g+rwX" /work \ @@ -24,4 +24,4 @@ COPY --chown=1001:root target/*-runner /work/application EXPOSE 8080 USER 1001 -CMD ["./application", "-Dquarkus.http.host=0.0.0.0"] +ENTRYPOINT ["./application", "-Dquarkus.http.host=0.0.0.0"] diff --git a/testdata-generator-quarkus-rest-app/src/main/docker/Dockerfile.native-micro b/testdata-generator-quarkus-rest-app/src/main/docker/Dockerfile.native-micro new file mode 100644 index 0000000..e437e23 --- /dev/null +++ b/testdata-generator-quarkus-rest-app/src/main/docker/Dockerfile.native-micro @@ -0,0 +1,30 @@ +#### +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode. +# It uses a micro base image, tuned for Quarkus native executables. +# It reduces the size of the resulting container image. +# Check https://quarkus.io/guides/quarkus-runtime-base-image for further information about this image. +# +# Before building the container image run: +# +# ./mvnw package -Dnative +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.native-micro -t quarkus/quarkus-converter-service-app . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/quarkus-converter-service-app +# +### +FROM quay.io/quarkus/quarkus-micro-image:2.0 +WORKDIR /work/ +RUN chown 1001 /work \ + && chmod "g+rwX" /work \ + && chown 1001:root /work +COPY --chown=1001:root target/*-runner /work/application + +EXPOSE 8080 +USER 1001 + +ENTRYPOINT ["./application", "-Dquarkus.http.host=0.0.0.0"] diff --git a/testdata-generator-quarkus-rest-app/src/main/resources/application.yml b/testdata-generator-quarkus-rest-app/src/main/resources/application.yml index a4f8879..8c8ce02 100644 --- a/testdata-generator-quarkus-rest-app/src/main/resources/application.yml +++ b/testdata-generator-quarkus-rest-app/src/main/resources/application.yml @@ -25,7 +25,7 @@ quarkus: locales: en default-locale: en-US native: - additional-build-args: "--initialize-at-run-time=io.openepcis.testdata.generator.format.RandomValueGenerator" + additional-build-args: "--trace-class-initialization=io.netty.buffer.UnpooledByteBufAllocator$InstrumentedUnpooledUnsafeHeapByteBuf\\,io.netty.buffer.UnpooledDirectByteBuf\\,io.netty.buffer.ByteBufUtil\\,io.netty.buffer.AbstractReferenceCountedByteBuf\\,io.netty.buffer.PooledByteBufAllocator\\,io.netty.buffer.UnpooledHeapByteBuf\\,io.netty.buffer.UnpooledUnsafeDirectByteBuf\\,io.netty.buffer.UnpooledUnsafeHeapByteBuf\\,io.netty.buffer.UnpooledByteBufAllocator$InstrumentedUnpooledUnsafeDirectByteBuf\\,java.security.SecureRandom,--initialize-at-run-time=io.openepcis.testdata.generator.format.RandomValueGenerator" resources: includes: "ssl/*"