(**NEW**) Updated to latest Ubuntu 24.04 and related latest tools, e.g., pip, Maven, Python, Java, etc.
Non-Root
implementationThis new release is designed to support the deployment for Non-Root child images implementations and deployments to platform such as OpenShift or RedHat host operating system which requiring special policy to deploy. And, for better security practice, we decided to migrate (eventaully) our Docker containers to use Non-Root implementation.
Here are some of the things you can do if your images requiring "Root" acccess - you really
want to do it:
We like to promote the use of "Non-Root" images as better Docker security practice. And, whenever possible, you also want to further confine the use of "root" privilges in your Docker implementation so that it can prevent the "rooting hacking into your Host system". To lock down your docker images and/or this base image, you will add the following line at the very end to remove sudo: (Notice that this might break some of your run-time code if you use sudo during run-time)
sudo agt-get remove -y sudo
After that, combining with other Docker security practice (see below references), you just re-build your local images and re-deploy it as non-development quality of docker container. However, there are many other practices to secure your Docker containes. See below:
./build.sh or 'make build'
./run.sh
./tryJava.sh
./tryNodeJS.sh
./tryPython.sh
./tryWebSockerServer.sh
./tryJava.sh
encouters some permission to write share folder in Container. To fix later!./build.sh
docker pull openkbs/jdk-mvn-py3
FROM openkbs/jdk-mvn-py3
... (then your customization Dockerfile code here)
Then, you're ready to run:
mkdir ./data
docker run -d --name my-jdk-mvn-py3 -v $PWD/data:/data -i -t openkbs/jdk-mvn-py3
Say, you will build the image "my/jdk-mvn-py3".
docker build -t my/jdk-mvn-py3 .
To run your own image, say, with some-jdk-mvn-py3:
mkdir ./data
docker run -d --name some-jdk-mvn-py3 -v $PWD/data:/data -i -t my/jdk-mvn-py3
docker exec -it some-jdk-mvn-py3 /bin/bash
To run Python code
docker run -it --rm openkbs/jdk-mvn-py3 python3 -c 'print("Hello World")'
or,
docker run -i --rm openkbs/jdk-mvn-py3 python3 < myPyScript.py
or,
mkdir ./data
echo "print('Hello World')" > ./data/myPyScript.py
docker run -it --rm --name some-jdk-mvn-py3 -v "$PWD"/data:/data openkbs/jdk-mvn-py3 python3 myPyScript.py
or,
alias dpy3='docker run --rm openkbs/jdk-mvn-py3 python3'
dpy3 -c 'print("Hello World")'
Remember, the default working directory, /data, inside the docker container -- treat is as "/". So, if you create subdirectory, "./data/workspace", in the host machine and the docker container will have it as "/data/workspace".
#!/bin/bash -x
mkdir ./data
cat >./data/HelloWorld.java <<-EOF
public class HelloWorld {
public static void main(String[] args) {
System.out.println("Hello, World");
}
}
EOF
cat ./data/HelloWorld.java
alias djavac='docker run -it --rm --name some-jdk-mvn-py3 -v '$PWD'/data:/data openkbs/jdk-mvn-py3 javac'
alias djava='docker run -it --rm --name some-jdk-mvn-py3 -v '$PWD'/data:/data openkbs/jdk-mvn-py3 java'
djavac HelloWorld.java
djava HelloWorld
And, the output:
Hello, World
Hence, the alias above, "djavac" and "djava" is your docker-based "javac" and "java" commands and it will work the same way as your local installed Java's "javac" and "java" commands.
Run the NodeJS mini-server script:
./tryNodeJS.sh
Then, open web browser to go to http://0.0.0.0:3000/ to NodeJS mini-web server test.
There are various ways to run Python virtual envrionments, for example,
Add the following code to the end of ~/.bashrc
#########################################################################
#### ---- Customization for multiple virtual python environment ---- ####
#########################################################################
export VIRTUALENVWRAPPER_PYTHON=/usr/bin/python3
source /usr/local/bin/virtualenvwrapper.sh
export WORKON_HOME=~/Envs
if [ ! -d $WORKON_HOME ]; then
mkdir -p $WORKON_HOME
fi
mkvirtualenv my-venv
workon my-venv
However, for larger complex projects, you might want to consider to use Docker-based IDE. For example, try the following Docker-based IDEs:
./certificates
-v `pwd`/certificates:/certificates ... (the rest parameters)
If you want to map to different directory for certificates, e.g., /home/developer/certificates, then
-v `pwd`/certificates:/home/developer/certificates -e SOURCE_CERTIFICATES_DIR=/home/developer/certificates ... (the rest parameters)
~/scripts/setup_system_certificates.sh
. Note that the script assumes the certficates are in /certificates
directory.~/scripts/setup_system_certificates.sh
will automatic copy to target directory and setup certificates for both System commands (wget, curl, etc) to use and Web Browsers'.~$ /usr/scripts/printVersions.sh
JAVA_HOME=/usr/lib/jvm/java-23-openjdk-amd64
java: /usr/bin/java /usr/share/java /usr/lib/jvm/java-23-openjdk-amd64/bin/java /usr/share/man/man1/java.1.gz
/usr/lib/jvm/java-23-openjdk-amd64/bin/java
openjdk version "23-ea" 2024-09-17
OpenJDK Runtime Environment (build 23-ea+10-Ubuntu-1)
OpenJDK 64-Bit Server VM (build 23-ea+10-Ubuntu-1, mixed mode, sharing)
/usr/bin/mvn
Apache Maven 3.9.6 (bc0240f3c744dd6b6ec2920b3cd08dcc295161ae)
Maven home: /usr/apache-maven-3.9.6
Java version: 23-ea, vendor: Private Build, runtime: /usr/lib/jvm/java-23-openjdk-amd64
Default locale: en, platform encoding: UTF-8
OS name: "linux", version: "6.5.0-21-generic", arch: "amd64", family: "unix"
/usr/bin/python3
Python 3.12.2
/usr/bin/pip
pip 23.3 from /usr/lib/python3/dist-packages/pip (python 3.12)
/usr/bin/pip3
pip 23.3 from /usr/lib/python3/dist-packages/pip (python 3.12)
/usr/bin/gradle
Welcome to Gradle 7.6.4!
Here are the highlights of this release:
- Added support for Java 19.
- Introduced `--rerun` flag for individual task rerun.
- Improved dependency block for test suites to be strongly typed.
- Added a pluggable system for Java toolchains provisioning.
For more details see https://docs.gradle.org/7.6.4/release-notes.html
------------------------------------------------------------
Gradle 7.6.4
------------------------------------------------------------
Build time: 2024-02-05 14:29:18 UTC
Revision: e0bb3fc8cefad8432c9033cdfb12dc14facc9dd9
Kotlin: 1.7.10
Groovy: 3.0.13
Ant: Apache Ant(TM) version 1.10.13 compiled on January 4 2023
JVM: 23-ea (Private Build 23-ea+10-Ubuntu-1)
OS: Linux 6.5.0-21-generic amd64
/usr/bin/npm
10.2.4
/usr/bin/node
v21.6.2
DISTRIB_ID=Ubuntu
DISTRIB_RELEASE=24.04
DISTRIB_CODENAME=noble
DISTRIB_DESCRIPTION="Ubuntu Noble Numbat (development branch)"
PRETTY_NAME="Ubuntu Noble Numbat (development branch)"
NAME="Ubuntu"
VERSION_ID="24.04"
VERSION="24.04 (Noble Numbat)"
VERSION_CODENAME=noble
ID=ubuntu
ID_LIKE=debian
HOME_URL="https://www.ubuntu.com/"
SUPPORT_URL="https://help.ubuntu.com/"
BUG_REPORT_URL="https://bugs.launchpad.net/ubuntu/"
PRIVACY_POLICY_URL="https://www.ubuntu.com/legal/terms-and-policies/privacy-policy"
UBUNTU_CODENAME=noble
LOGO=ubuntu-logo