Amazon Linux Base Docker Image
For more information on Docker, visit docker.com
Description:
This instruction set will show how to build a base container image using Amazon Linux 2017.03. This container image is the image used for many of the appcontainers images found on the docker hub.
Amazon Linux Base Minimal Install - 192 MB (tags: latest, 2017.03) Amazon Linux Base with Ansible - 260 MB (tags: ansible, ansible-2017.03)
These containers are built from amazonlinux:latest, (192/260 MB Before Flatification)
Installation Steps:
Install the Epel Repository:
yum install -y epel-release
rpm --import http://download.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL-6
Install the Remi Repository:
cd /etc/yum.repos.d/;
curl -O http://rpms.famillecollet.com/enterprise/remi-release-6.rpm;
rpm -Uvh remi-release-6*.rpm;
rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-remi
rm -fr *.rpm
Modify both of the Epel and Remi Repos to enable epel, remi base and PHP 7.1:
sed -ie '/\[epel\]/,/^\[/s/enabled=0/enabled=1/' /etc/yum.repos.d/epel.repo && \
sed -ie '/\[remi\]/,/^\[/s/enabled=0/enabled=1/' /etc/yum.repos.d/remi.repo && \
sed -ie '/\[remi-php71\]/,/^\[/s/enabled=0/enabled=1/' /etc/yum.repos.d/remi-php71.repo && \
Update the OS and install required packages:
yum clean all;
yum -y update;
yum -y install findutils
The following packages are also installed on the :ansible variant only
yum update ansible
Install and Configure pip, and the AWSCLI:
curl "https://bootstrap.pypa.io/get-pip.py" -o "/tmp/get-pip.py" && \
python /tmp/get-pip.py && \
pip install pip --upgrade && \
pip install awscli --upgrade --user && \
rm -fr /tmp/get-pip.py && \
The following configuration is also set on the ansible variant only
mkdir -p /etc/ansible/roles || exit 0 && \
echo localhost ansible_connection=local > /etc/ansible/hosts
Cleanup:
Remove the contents of /var/cache/ after a yum update or yum install will save about 150MB from the image size
yum clean all
rm -f /etc/yum.repos.d/*.rpm; rm -fr /var/cache/*
Cleanup Locales:
for x in `ls /usr/share/locale | grep -v -i en | grep -v -i local`;do rm -fr /usr/share/locale/$x; done && \
for x in `ls /usr/share/i18n/locales/ | grep -v en_`; do rm -fr /usr/share/i18n/locales/$x; done && \
rm -fr /usr/share/locale/ca* /usr/share/locale/den /usr/share/locale/men /usr/share/locale/wen /usr/share/locale/zen
cd /usr/lib/locale;
localedef --list-archive | grep -v -i ^en | xargs localedef --delete-from-archive;
mv -f locale-archive locale-archive.tmpl;
build-locale-archive
Set the default Timezone to EST:
cp /etc/localtime /root/old.timezone && \
rm -f /etc/localtime && \
ln -s /usr/share/zoneinfo/America/New_York /etc/localtime
Remove Man Pages and Docs to preserve Space:
rm -fr /usr/share/doc/* /usr/share/man/* /usr/share/groff/* /usr/share/info/*;
rm -rf /usr/share/lintian/* /usr/share/linda/* /var/cache/man/*
Set the Terminal CLI Prompt:
Copy the included Terminal CLI Color Scheme file to /etc/profile.d so that the terminal color will be included in all child images
#!/bin/bash
if [ "$PS1" ]; then
set_prompt () {
Last_Command=$?
Blue='\[\e[01;34m\]'
White='\[\e[01;37m\]'
Red='\[\e[01;31m\]'
YellowBack='\[\e[01;43m\]'
Green='\[\e[01;32m\]'
Yellow='\[\e[01;33m\]'
Black='\[\e[01;30m\]'
Reset='\[\e[00m\]'
FancyX=':('
Checkmark=':)'
# If it was successful, print a green check mark. Otherwise, print a red X.
if [[ $Last_Command == 0 ]]; then
PS1="$Green$Checkmark "
else
PS1="$Red$FancyX "
fi
# If root, just print the host in red. Otherwise, print the current user and host in green.
if [[ $EUID == 0 ]]; then
PS1+="$Black $YellowBack $TERMTAG $Reset $Red \\u@\\h"
else
PS1+="$Black $YellowBack $TERMTAG $Reset $Green \\u@\\h"
fi
# Print the working directory and prompt marker in blue, and reset the text color to the default.
PS1+="$Blue\\w \\\$$Reset "
}
PROMPT_COMMAND='set_prompt'
fi
Prevent the .bashrc from being executed via SSH or SCP sessions:
echo -e "\nif [[ -n \"\$SSH_CLIENT\" || -n \"\$SSH_TTY\" ]]; then\n\treturn;\nfi\n" >> /root/.bashrc && \
echo -e "\nif [[ -n \"\$SSH_CLIENT\" || -n \"\$SSH_TTY\" ]]; then\n\treturn;\nfi\n" >> /etc/skel/.bashrc
Set Dockerfile Runtime command:
Default command to run when lauched via docker run
CMD /bin/bash
Dockerfile:
###########################################################
# Dockerfile to build the AmazonLinux Base Container
# Based on: library/amazonlinux:latest
# DATE: 11/28/16
# COPYRIGHT: Appcontainers.com
###########################################################
# Set the base image in namespace/repo format.
# To use repos that are not on the docker hub use the example.com/namespace/repo format.
FROM library/amazonlinux:2017.03
# File Author / Maintainer
MAINTAINER Rich Nason rnason@appcontainers.com
###########################################################
#********************* APP VERSIONS *********************
###########################################################
###########################################################
#*********** OVERRIDE ENABLED ENV VARIABLES *************
###########################################################
ENV TERMTAG AMZNLinuxBase
###########################################################
#************** ADD REQUIRED APP FILES ******************
###########################################################
###########################################################
#*************** UPDATES & PRE-REQS *********************
###########################################################
# Clean, Update, and Install... then clear non English local data.
RUN yum clean all && \
# Install required packages
yum -y install epel-release && \
rpm --import http://download.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL-6 && \
# Download and install the Remi repository
cd /etc/yum.repos.d/ && \
curl -O http://rpms.famillecollet.com/enterprise/remi-release-6.rpm && \
rpm -Uvh remi-release-6*.rpm && \
rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-remi && \
rm -fr *.rpm && \
#Enable the remi repo
sed -ie '/\[epel\]/,/^\[/s/enabled=0/enabled=1/' /etc/yum.repos.d/epel.repo && \
sed -ie '/\[remi\]/,/^\[/s/enabled=0/enabled=1/' /etc/yum.repos.d/remi.repo && \
# sed -ie '/\[remi-php56\]/,/^\[/s/enabled=0/enabled=1/' /etc/yum.repos.d/remi.repo && \
sed -ie '/\[remi-php71\]/,/^\[/s/enabled=0/enabled=1/' /etc/yum.repos.d/remi-php71.repo && \
# Now that epel is installed, clean all again and update
yum clean all && \
yum -y update && \
yum -y install findutils && \
# yum -y install ansible findutils && \
# Remove yum cache this bad boy can be 150MBish
yum clean all && \
rm -fr /var/cache/*
###########################################################
#*************** APPLICATION INSTALL ********************
###########################################################
# Install pip and configure ansible
RUN curl "https://bootstrap.pypa.io/get-pip.py" -o "/tmp/get-pip.py" && \
python /tmp/get-pip.py && \
pip install pip --upgrade && \
pip install awscli --upgrade --user && \
rm -fr /tmp/get-pip.py
# mkdir -p /etc/ansible/roles || exit 0 && \
# echo localhost ansible_connection=local > /etc/ansible/hosts
###########################################################
#************** POST DEPLOY CLEAN UP ********************
###########################################################
# Remove locales other than english
RUN for x in `ls /usr/share/locale | grep -v -i en | grep -v -i local`;do rm -fr /usr/share/locale/$x; done && \
for x in `ls /usr/share/i18n/locales/ | grep -v en_`; do rm -fr /usr/share/i18n/locales/$x; done && \
rm -fr /usr/share/locale/ca* /usr/share/locale/den /usr/share/locale/men /usr/share/locale/wen /usr/share/locale/zen && \
cd /usr/lib/locale && \
localedef --list-archive | grep -v -i ^en | xargs localedef --delete-from-archive && \
mv -f locale-archive locale-archive.tmpl && \
build-locale-archive
# Set the default Timezone to EST
RUN cp /etc/localtime /root/old.timezone && \
rm -f /etc/localtime && \
ln -s /usr/share/zoneinfo/America/New_York /etc/localtime
# Remove documentation to cut down the image size
RUN rm -fr /usr/share/doc/* /usr/share/man/* /usr/share/groff/* /usr/share/info/* && \
rm -rf /usr/share/lintian/* /usr/share/linda/* /var/cache/man/*
# Rebuild the RPM Database
RUN rm -f /var/lib/rpm/__db* && \
rpm --rebuilddb
###########################################################
#************* CONFIGURE START ITEMS ********************
###########################################################
ADD termcolor.sh /etc/profile.d/PS1.sh
RUN chmod +x /etc/profile.d/PS1.sh
# Add the following to prevent any additions to the .bashrc from being executed via SSH or SCP sessions
RUN echo -e "source /etc/profile.d/PS1.sh" >> /root/.bashrc && \
echo -e "\nif [[ -n \"\$SSH_CLIENT\" || -n \"\$SSH_TTY\" ]]; then\n\treturn;\nfi\n" >> /root/.bashrc && \
echo -e "\nif [[ -n \"\$SSH_CLIENT\" || -n \"\$SSH_TTY\" ]]; then\n\treturn;\nfi\n" >> /etc/skel/.bashrc
CMD /bin/bash
###########################################################
#************ EXPOSE APPLICATION PORTS ******************
###########################################################
###########################################################
#*************** OPTIONAL / LEGACY **********************
###########################################################
Building the image from the Dockerfile:
docker build -t build/amazon .
Packaging the final image:
Because we want to make this image as light weight as possible in terms of size, the image is flattened in order to remove the docker build tree, removing any intermediary build containers from the image. In order to remove the reversion history, the image needs to be ran, and then exported/imported. Note that just saving the image will not remove the revision history, In order to remove the revision history, the running container must be exported and then re-imported.
Run the container build:
docker run -it -d \
--name amazon \
build/amazon \
/bin/bash
The run statement should start a detached container, however if you are attached, detach from the container
CTL P + CTL Q
Export and Re-import the Container:
Note that because we started the build container with the name of amazon, we will use that in the export statement instead of the container ID.
docker export amazon | docker import - appcontainers/amazon:latest
Verify:
Issuing a docker images should now show a newly saved appcontainers/amazon image, which can be pushed to the docker hub.
Run the container:
docker run -it -d appcontainers/amazon
Dockerfile Change-log:
05/15/2017 - Update PHP to 7.1, install AWSCLI Tools
11/28/2016 - Initial build including vim, python, pip, and ansible