Ceph Libs
The ceph-libs image is built from ContainerFiles/ceph-libs. This image has no dedicated CVE script; security updates are included during the build.
This container packages the Ceph Libs service for use in the stack. The build installs the required packages, applies security updates and configuration, and prepares the service for integration.
graph LR
A[Base image] --> B[Install packages]
B --> C[Apply CVE patches]
C --> D[Configure Ceph Libs]
D --> E[Container ready]
Openstack_Venv --> AContainerFile used for the build
# syntax = docker/dockerfile:1
# This Dockerfile uses multi-stage build to customize DEV and PROD images:
# https://docs.docker.com/develop/develop-images/multistage-build/
ARG VENV_TAG=3.12-latest
FROM ghcr.io/rackerlabs/genestack-images/openstack-venv:${VENV_TAG} AS dependency_build
ARG CACHEBUST=0
ARG CEPH_VERSION=main
WORKDIR /opt
RUN export DEBIAN_FRONTEND=noninteractive \
&& apt update \
&& apt install -y ca-certificates lsb-release wget \
&& wget https://packages.apache.org/artifactory/arrow/$(lsb_release --id --short | tr 'A-Z' 'a-z')/apache-arrow-apt-source-latest-$(lsb_release --codename --short).deb \
&& apt install -y ./apache-arrow-apt-source-latest-$(lsb_release --codename --short).deb \
&& apt update \
&& apt install --no-install-recommends -y \
build-essential \
cmake \
doxygen \
gperf \
jq \
libaio-dev \
libarrow-dev \
libbabeltrace-ctf-dev \
libbabeltrace-dev \
libblkid-dev \
libboost-all-dev \
libparquet-glib-dev \
libparquet-dev \
libc-ares-dev \
libcap-dev \
libcap-ng-dev \
libcrypto++-dev \
libcryptsetup-dev \
libcunit1-dev \
libcurl4-openssl-dev \
libdaxctl-dev \
libdqlite-dev \
libevent-dev \
libexpat1-dev \
libffi-dev \
libfmt-dev \
libfuse3-dev \
libgnutls28-dev \
libhwloc-dev \
libibverbs-dev \
libicu-dev \
libjemalloc-dev \
libkeyutils-dev \
libldap-dev \
libldap2-dev \
liblmdb-dev \
liblttng-ctl-dev \
liblttng-ust-dev \
liblua5.4-dev \
liblz4-dev \
libnbd-dev \
libncurses-dev \
libndctl-dev \
libnl-genl-3-dev \
libnss3-dev \
libnuma-dev \
liboath-dev \
libpmem-dev \
libpmemobj-dev \
libprotobuf-dev \
librabbitmq-dev \
librdkafka-dev \
librdmacm-dev \
libre2-dev \
libsctp-dev \
libsnappy-dev \
libsqlite3-dev \
libssl-dev \
libthrift-dev \
libtool \
libudev-dev \
libutf8proc-dev \
libxml2-dev \
libxmlsec1-dev \
libyaml-cpp-dev \
libzstd-dev \
nasm \
ninja-build \
nlohmann-json3-dev \
systemtap-sdt-dev \
uuid-dev \
xfslibs-dev \
zlib1g-dev
WORKDIR /opt
RUN git clone --recursive --branch ${CEPH_VERSION} https://github.com/ceph/ceph.git
WORKDIR /opt/ceph
RUN /var/lib/openstack/bin/pip install src/python-common cython sphinx --upgrade --force
RUN . /var/lib/openstack/bin/activate \
&& /opt/ceph/do_cmake.sh -DCMAKE_BUILD_TYPE=RelWithDebInfo \
-DWITH_MANPAGE=OFF \
-DWITH_MGR_DASHBOARD_FRONTEND=OFF \
-DWITH_CEPH_DEBUG_MUTEX=OFF
WORKDIR /opt/ceph/build
RUN ninja rbd rados cephfs
RUN ninja install
FROM ghcr.io/rackerlabs/genestack-images/openstack-venv:3.12-latest
LABEL maintainer="Rackspace"
LABEL vendor="Rackspace OpenStack Team"
LABEL org.opencontainers.image.name="ceph-libs"
LABEL org.opencontainers.image.description="Ceph client libraries built for the enterprise."
COPY --from=dependency_build /usr/local /usr/local
COPY --from=dependency_build /var/lib/openstack /var/lib/openstack
RUN export DEBIAN_FRONTEND=noninteractive \
&& apt-get update && apt-get upgrade -y \
&& apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false \
&& apt-get clean -y \
&& rm -rf /var/lib/apt/lists/* \
&& find / -name '*.pyc' -delete \
&& find / -name '*.pyo' -delete \
&& find / -name '__pycache__' -delete
ENV PATH="/usr/local/bin:/usr/local/sbin:/var/lib/openstack/bin:$PATH"
WORKDIR /var/lib/openstack
Build Arguments
| Argument | Default |
|---|---|
| VENV_TAG | 3.12-latest |
| CACHEBUST | 0 |
| CEPH_VERSION | main |
Build Command
Dependencies
- Builds From OpenStack Virtual Environment
Container Image
The container image is available on Github Container Registry.