From 55d25507755bc5a433a06283aa07b6f390250a7b Mon Sep 17 00:00:00 2001 From: Clemens Lange Date: Thu, 25 Oct 2018 16:25:33 +0200 Subject: [PATCH 1/5] initial CC7 CMS container --- cc7-cms/Dockerfile | 75 +++++++++++++++++++++++++++++++++++++++++ cc7-cms/Makefile | 72 +++++++++++++++++++++++++++++++++++++++ cc7-cms/dot-bashrc | 7 ++++ cc7-cms/dot-pythonrc.py | 19 +++++++++++ cc7-cms/entrypoint.sh | 9 +++++ 5 files changed, 182 insertions(+) create mode 100644 cc7-cms/Dockerfile create mode 100644 cc7-cms/Makefile create mode 100644 cc7-cms/dot-bashrc create mode 100644 cc7-cms/dot-pythonrc.py create mode 100755 cc7-cms/entrypoint.sh diff --git a/cc7-cms/Dockerfile b/cc7-cms/Dockerfile new file mode 100644 index 0000000..065ca03 --- /dev/null +++ b/cc7-cms/Dockerfile @@ -0,0 +1,75 @@ +# CC7 OS capable of using/running CMS software release(s). + +# Make the base image configurable: +ARG BASEIMAGE=cern/cc7-base:latest + +# Set up the CC7 CMSSW base: +FROM ${BASEIMAGE} + +LABEL maintainer="Clemens Lange " + +# Build-time metadata as defined at http://label-schema.org +ARG BUILD_DATE +ARG VCS_REF +ARG VCS_URL +ARG VERSION +LABEL org.label-schema.build-date=$BUILD_DATE \ + org.label-schema.name="CC7 CMS base OS" \ + org.label-schema.description="CC7 OS capable of using/running CMS software release(s)." \ + org.label-schema.url="http://cms-sw.github.io/" \ + org.label-schema.vcs-ref=$VCS_REF \ + org.label-schema.vcs-url=$VCS_URL \ + org.label-schema.vendor="CERN" \ + org.label-schema.version=$VERSION \ + org.label-schema.schema-version="1.0" + +# Perform the installation as root +USER root +WORKDIR /root + +RUN yum install -y libXft-devel libX11-devel libXpm-devel libXext-devel mesa-libGLU-devel \ + libXmu libXpm libSM libXft libXext \ + HEP_OSlibs wget git \ + glibc-devel.i686 glibc-devel \ + tcsh zsh tcl \ + perl-ExtUtils-Embed perl-libwww-perl \ + compat-libstdc++-33 \ + zip e2fsprogs \ + CERN-CA-certs voms-clients-cpp \ + krb5-devel cern-wrappers krb5-workstation \ + glibc-headers time \ + strace sudo && \ + yum clean -y all + +RUN wget http://repository.egi.eu/sw/production/cas/1/current/repo-files/EGI-trustanchors.repo && \ + mv EGI-trustanchors.repo /etc/yum.repos.d/ && \ + wget http://linuxsoft.cern.ch/wlcg/wlcg-centos7.repo && \ + mv wlcg-centos7.repo /etc/yum.repos.d/ && \ + wget http://linuxsoft.cern.ch/wlcg/RPM-GPG-KEY-wlcg && \ + mv RPM-GPG-KEY-wlcg /etc/pki/rpm-gpg/ && \ + yum install -y ca-policy-egi-core wlcg-repo.noarch wlcg-voms-cms && \ + yum clean -y all + +RUN groupadd -g 1000 cmsusr && adduser -u 1000 -g 1000 cmsusr && \ + echo "cmsusr ALL=(ALL) NOPASSWD:ALL" > /etc/sudoers && \ + groupadd -g 1001 cmsinst && adduser -u 1001 -g 1001 cmsinst && \ + install -d /opt && install -d -o cmsinst /opt/cms + +# Make Images grid/singularity compatible +RUN mkdir -p /cvmfs /afs /eos /opt/cms + +# Add a couple of useful files to cmsusr account +WORKDIR /home/cmsusr +USER cmsusr +ENV USER cmsusr +ENV HOME /home/cmsusr + +ADD dot-pythonrc.py $HOME/.pythonrc.py +ADD dot-bashrc $HOME/.bashrc +ADD dot-bashrc $HOME/.zshrc + +ADD entrypoint.sh /opt/cms/entrypoint.sh +RUN sudo chmod 755 /opt/cms/entrypoint.sh + +ENTRYPOINT ["/opt/cms/entrypoint.sh"] +CMD ["/bin/zsh"] diff --git a/cc7-cms/Makefile b/cc7-cms/Makefile new file mode 100644 index 0000000..b130147 --- /dev/null +++ b/cc7-cms/Makefile @@ -0,0 +1,72 @@ +default: build + +# Build Docker image +build: docker_build output + +# Build and push Docker image +release: docker_build docker_push output + +# Image can be overidden with env var. +DOCKER_IMAGE ?= clelange/cc7-cms +CERN_IMAGE ?= gitlab-registry.cern.ch/clange/cmssw-docker/cc7-cms + +# Get the latest commit. +GIT_COMMIT = $(strip $(shell git rev-parse --short HEAD)) + +# Get the date as version number +CODE_VERSION = $(strip $(shell date +"%Y-%m-%d")) + +# Find out if the working directory is clean +GIT_NOT_CLEAN_CHECK = $(shell git status --porcelain) +ifneq (x$(GIT_NOT_CLEAN_CHECK), x) +DOCKER_TAG_SUFFIX = "-dirty" +endif + +# If we're releasing to Docker Hub, and we're going to mark it with the latest tag, it should exactly match a version release +ifeq ($(MAKECMDGOALS),release) +# Use the version number as the release tag. +DOCKER_TAG = $(CODE_VERSION) + +# See what commit is tagged to match the version +VERSION_COMMIT = $(strip $(shell git rev-list $(CODE_VERSION) -n 1 | cut -c1-7)) +ifneq ($(VERSION_COMMIT), $(GIT_COMMIT)) +$(error echo You are trying to push a build based on commit $(GIT_COMMIT) but the tagged release version is $(VERSION_COMMIT)) +endif + +# Don't push to Docker Hub if this isn't a clean repo +ifneq (x$(GIT_NOT_CLEAN_CHECK), x) +$(error echo You are trying to release a build based on a dirty repo) +endif + +else +# Add the commit ref for development builds. Mark as dirty if the working directory isn't clean +DOCKER_TAG = $(CODE_VERSION)-$(GIT_COMMIT)$(DOCKER_TAG_SUFFIX) +endif + +docker_build: + # Build Docker image + docker build \ + --build-arg BUILD_DATE=`date -u +"%Y-%m-%dT%H:%M:%SZ"` \ + --build-arg VERSION=$(CODE_VERSION) \ + --build-arg VCS_URL=`git config --get remote.origin.url` \ + --build-arg VCS_REF=$(GIT_COMMIT) \ + -t $(DOCKER_IMAGE):$(DOCKER_TAG) \ + --compress --squash . + # Tag image as latest + docker tag $(DOCKER_IMAGE):$(DOCKER_TAG) $(DOCKER_IMAGE):latest + +docker_push: + # Tag image also for CERN GitLab container registry + docker tag $(DOCKER_IMAGE):$(DOCKER_TAG) $(CERN_IMAGE):$(DOCKER_TAG) + docker tag $(DOCKER_IMAGE):$(DOCKER_TAG) $(CERN_IMAGE):latest + + # Push to DockerHub + docker push $(DOCKER_IMAGE):$(DOCKER_TAG) + docker push $(DOCKER_IMAGE):latest + + # Push to CERN GitLab container registry + docker push $(CERN_IMAGE):$(DOCKER_TAG) + docker push $(CERN_IMAGE):latest + +output: + @echo Docker Image: $(DOCKER_IMAGE):$(DOCKER_TAG) diff --git a/cc7-cms/dot-bashrc b/cc7-cms/dot-bashrc new file mode 100644 index 0000000..ef8bd87 --- /dev/null +++ b/cc7-cms/dot-bashrc @@ -0,0 +1,7 @@ +## .bashrc/.zshrc +export PYTHONSTARTUP=$HOME/.pythonrc.py +export PS1='[\t] \e[91m\u\e[0m@\e[34m\h \e[36m\w \e[0m$ ' +export PROMPT='[%*] %F{red}%n%f@%F{blue}%m%f %F{yellow}%3~%f $ ' +# define aliases +alias cmsenv='eval `scramv1 runtime -sh`' +alias cmsrel='scramv1 project CMSSW' diff --git a/cc7-cms/dot-pythonrc.py b/cc7-cms/dot-pythonrc.py new file mode 100644 index 0000000..082ee7a --- /dev/null +++ b/cc7-cms/dot-pythonrc.py @@ -0,0 +1,19 @@ +## +## for tab-completion +## +import rlcompleter, readline +readline.parse_and_bind('tab: complete') +readline.parse_and_bind( 'set show-all-if-ambiguous On' ) + +## +## for history +## +import os, atexit +histfile = os.path.join(os.environ["HOME"], ".python_history") +try: + readline.read_history_file(histfile) +except IOError: + pass +atexit.register(readline.write_history_file, histfile) +del os, atexit, histfile +del readline diff --git a/cc7-cms/entrypoint.sh b/cc7-cms/entrypoint.sh new file mode 100755 index 0000000..ac68157 --- /dev/null +++ b/cc7-cms/entrypoint.sh @@ -0,0 +1,9 @@ +#!/bin/sh +set -e + +echo "::: Setting up CMS environment\ + (works only if /cvmfs is mounted on host) ..." +source /cvmfs/cms.cern.ch/cmsset_default.sh +echo "::: Setting up CMS environment... [done]" + +exec "$@" -- GitLab From b56300c3779ffff547ae097bb98c206515ffbdb3 Mon Sep 17 00:00:00 2001 From: Clemens Lange Date: Thu, 25 Oct 2018 16:39:31 +0200 Subject: [PATCH 2/5] remove packages already installed in base image, download repository GPG keys --- cc7-cms/Dockerfile | 6 ++++-- slc5-cms/Dockerfile | 2 ++ slc6-cms/Dockerfile | 4 +++- 3 files changed, 9 insertions(+), 3 deletions(-) diff --git a/cc7-cms/Dockerfile b/cc7-cms/Dockerfile index 065ca03..69456a7 100644 --- a/cc7-cms/Dockerfile +++ b/cc7-cms/Dockerfile @@ -31,18 +31,20 @@ RUN yum install -y libXft-devel libX11-devel libXpm-devel libXext-devel mesa libXmu libXpm libSM libXft libXext \ HEP_OSlibs wget git \ glibc-devel.i686 glibc-devel \ - tcsh zsh tcl \ + zsh \ perl-ExtUtils-Embed perl-libwww-perl \ compat-libstdc++-33 \ zip e2fsprogs \ CERN-CA-certs voms-clients-cpp \ - krb5-devel cern-wrappers krb5-workstation \ + krb5-devel \ glibc-headers time \ strace sudo && \ yum clean -y all RUN wget http://repository.egi.eu/sw/production/cas/1/current/repo-files/EGI-trustanchors.repo && \ mv EGI-trustanchors.repo /etc/yum.repos.d/ && \ + wget http://repository.egi.eu/sw/production/cas/1/GPG-KEY-EUGridPMA-RPM-3 && \ + mv GPG-KEY-EUGridPMA-RPM-3 /etc/pki/rpm-gpg/ && \ wget http://linuxsoft.cern.ch/wlcg/wlcg-centos7.repo && \ mv wlcg-centos7.repo /etc/yum.repos.d/ && \ wget http://linuxsoft.cern.ch/wlcg/RPM-GPG-KEY-wlcg && \ diff --git a/slc5-cms/Dockerfile b/slc5-cms/Dockerfile index 83bf674..6aa4508 100644 --- a/slc5-cms/Dockerfile +++ b/slc5-cms/Dockerfile @@ -41,6 +41,8 @@ RUN yum install -y libXft-devel libX11-devel libXpm-devel libXext-devel mesa RUN wget http://repository.egi.eu/sw/production/cas/1/current/repo-files/EGI-trustanchors.repo && \ mv EGI-trustanchors.repo /etc/yum.repos.d/ && \ + wget http://repository.egi.eu/sw/production/cas/1/GPG-KEY-EUGridPMA-RPM-3 && \ + mv GPG-KEY-EUGridPMA-RPM-3 /etc/pki/rpm-gpg/ && \ wget http://linuxsoft.cern.ch/wlcg/wlcg-sl5.repo && \ mv wlcg-sl5.repo /etc/yum.repos.d/ && \ wget http://linuxsoft.cern.ch/wlcg/RPM-GPG-KEY-wlcg && \ diff --git a/slc6-cms/Dockerfile b/slc6-cms/Dockerfile index fbafd65..a7c3a18 100644 --- a/slc6-cms/Dockerfile +++ b/slc6-cms/Dockerfile @@ -43,6 +43,8 @@ RUN yum install -y libXft-devel libX11-devel libXpm-devel libXext-devel mesa RUN wget http://repository.egi.eu/sw/production/cas/1/current/repo-files/EGI-trustanchors.repo && \ mv EGI-trustanchors.repo /etc/yum.repos.d/ && \ + wget http://repository.egi.eu/sw/production/cas/1/GPG-KEY-EUGridPMA-RPM-3 && \ + mv GPG-KEY-EUGridPMA-RPM-3 /etc/pki/rpm-gpg/ && \ wget http://linuxsoft.cern.ch/wlcg/wlcg-sl6.repo && \ mv wlcg-sl6.repo /etc/yum.repos.d/ && \ wget http://linuxsoft.cern.ch/wlcg/RPM-GPG-KEY-wlcg && \ @@ -72,4 +74,4 @@ ADD entrypoint.sh /opt/cms/entrypoint.sh RUN sudo chmod 755 /opt/cms/entrypoint.sh ENTRYPOINT ["/opt/cms/entrypoint.sh"] -CMD ["/bin/zsh"] \ No newline at end of file +CMD ["/bin/zsh"] -- GitLab From f77ea1b990bfe97dbb49cbd77d7423e5ba1b6c25 Mon Sep 17 00:00:00 2001 From: Clemens Lange Date: Thu, 25 Oct 2018 16:52:45 +0200 Subject: [PATCH 3/5] fix entrypoint with more explicit error message --- cc7-cms/entrypoint.sh | 9 +++++++-- slc5-cms/entrypoint.sh | 4 +++- slc6-cms/entrypoint.sh | 9 +++++++-- 3 files changed, 17 insertions(+), 5 deletions(-) diff --git a/cc7-cms/entrypoint.sh b/cc7-cms/entrypoint.sh index ac68157..e9e1524 100755 --- a/cc7-cms/entrypoint.sh +++ b/cc7-cms/entrypoint.sh @@ -3,7 +3,12 @@ set -e echo "::: Setting up CMS environment\ (works only if /cvmfs is mounted on host) ..." -source /cvmfs/cms.cern.ch/cmsset_default.sh -echo "::: Setting up CMS environment... [done]" +if [ -f /cvmfs/cms.cern.ch/cmsset_default.sh ]; then + source /cvmfs/cms.cern.ch/cmsset_default.sh + echo "::: Setting up CMS environment... [done]" +else + echo "::: Could not set up CMS environment... [ERROR]" + echo "::: /cvmfs/cms.cern.ch/cmsset_default.sh not found/available" +fi exec "$@" diff --git a/slc5-cms/entrypoint.sh b/slc5-cms/entrypoint.sh index 25ed04e..e9e1524 100755 --- a/slc5-cms/entrypoint.sh +++ b/slc5-cms/entrypoint.sh @@ -7,6 +7,8 @@ if [ -f /cvmfs/cms.cern.ch/cmsset_default.sh ]; then source /cvmfs/cms.cern.ch/cmsset_default.sh echo "::: Setting up CMS environment... [done]" else - echo "::: ERROR: Could not set up CMS environment... [done]" + echo "::: Could not set up CMS environment... [ERROR]" + echo "::: /cvmfs/cms.cern.ch/cmsset_default.sh not found/available" fi + exec "$@" diff --git a/slc6-cms/entrypoint.sh b/slc6-cms/entrypoint.sh index ac68157..e9e1524 100755 --- a/slc6-cms/entrypoint.sh +++ b/slc6-cms/entrypoint.sh @@ -3,7 +3,12 @@ set -e echo "::: Setting up CMS environment\ (works only if /cvmfs is mounted on host) ..." -source /cvmfs/cms.cern.ch/cmsset_default.sh -echo "::: Setting up CMS environment... [done]" +if [ -f /cvmfs/cms.cern.ch/cmsset_default.sh ]; then + source /cvmfs/cms.cern.ch/cmsset_default.sh + echo "::: Setting up CMS environment... [done]" +else + echo "::: Could not set up CMS environment... [ERROR]" + echo "::: /cvmfs/cms.cern.ch/cmsset_default.sh not found/available" +fi exec "$@" -- GitLab From 43bb46587b96788134cb473a46534377a77d7d2f Mon Sep 17 00:00:00 2001 From: Clemens Lange Date: Thu, 25 Oct 2018 16:54:47 +0200 Subject: [PATCH 4/5] remove backslash from bash prompt --- slc6-cms/dot-bashrc | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/slc6-cms/dot-bashrc b/slc6-cms/dot-bashrc index ea904a6..ef8bd87 100644 --- a/slc6-cms/dot-bashrc +++ b/slc6-cms/dot-bashrc @@ -1,7 +1,7 @@ ## .bashrc/.zshrc export PYTHONSTARTUP=$HOME/.pythonrc.py -export PS1='[\t] \e[91m\u\e[0m@\e[34m\h \e[36m\w \e[0m$ \' +export PS1='[\t] \e[91m\u\e[0m@\e[34m\h \e[36m\w \e[0m$ ' export PROMPT='[%*] %F{red}%n%f@%F{blue}%m%f %F{yellow}%3~%f $ ' # define aliases alias cmsenv='eval `scramv1 runtime -sh`' -alias cmsrel='scramv1 project CMSSW' \ No newline at end of file +alias cmsrel='scramv1 project CMSSW' -- GitLab From 9ad8e51d610a1938a4d413d3879182fc2d069628 Mon Sep 17 00:00:00 2001 From: Clemens Lange Date: Thu, 25 Oct 2018 17:21:45 +0200 Subject: [PATCH 5/5] update README for CC7 --- README.md | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/README.md b/README.md index 89feda3..6077e04 100644 --- a/README.md +++ b/README.md @@ -6,13 +6,14 @@ There are different sets of Dockerfiles in this repository: - [standalone](standalone) images [![](https://images.microbadger.com/badges/image/clelange/cmssw.svg)](https://microbadger.com/images/clelange/cmssw) - [cvmfs](cvmfs)-based images [![](https://images.microbadger.com/badges/image/clelange/cmssw-cvmfs.svg)](https://microbadger.com/images/clelange/cmssw-cvmfs) [![](https://images.microbadger.com/badges/version/clelange/cmssw-cvmfs.svg)](https://microbadger.com/images/clelange/cmssw-cvmfs) +- [cc7-cms](cc7-cms) images [![](https://images.microbadger.com/badges/image/clelange/cc7-cms.svg)](https://microbadger.com/images/clelange/cc7-cms) [![](https://images.microbadger.com/badges/version/clelange/cc7-cms.svg)](https://microbadger.com/images/clelange/cc7-cms) - [slc6-cms](slc6-cms) images [![](https://images.microbadger.com/badges/image/clelange/slc6-cms.svg)](https://microbadger.com/images/clelange/slc6-cms) [![](https://images.microbadger.com/badges/version/clelange/slc6-cms.svg)](https://microbadger.com/images/clelange/slc6-cms) - [slc5-cms](slc5-cms) images [![](https://images.microbadger.com/badges/image/clelange/slc5-cms.svg)](https://microbadger.com/images/clelange/slc5-cms) [![](https://images.microbadger.com/badges/version/clelange/slc5-cms.svg)](https://microbadger.com/images/clelange/slc5-cms) The non-standalone images need a network connection, and can be slow, since CMSSW is loaded via the network. The advantage is that they are much smaller (few hundreds of MB) while the standalone images contain the full CMSSW release (>= 15 GB). -All sets of images are currently based on (SLC6)[http://linux.web.cern.ch/linux/scientific6/]. +All sets of images with the exception of the standalone CMSSW_4_X_Y ones are currently based on (SLC6)[http://linux.web.cern.ch/linux/scientific6/]. ## Building containers @@ -52,9 +53,9 @@ make make docker_push ``` -### SLC5/SLC6-CMS version +### SLC5/SLC6/CC7-CMS version -This image does not know about CMSSW, it is only an SLC5/SLC6 image with some additional packages installed. CVMFS needs to be mounted as volume (see below): +This image does not know about CMSSW, it is only an SLC5/SLC6/CC7 image with some additional packages installed. More information on Linux@CERN see the [CERN IT Linux webpage](http://linuxsoft.cern.ch/). CVMFS needs to be mounted as volume (see below): ```shell make -- GitLab