mirror of
https://github.com/neondatabase/neon.git
synced 2026-01-16 09:52:54 +00:00
211 lines
9.0 KiB
Docker
211 lines
9.0 KiB
Docker
ARG PG_VERSION
|
|
ARG REPOSITORY=neondatabase
|
|
ARG IMAGE=build-tools
|
|
ARG TAG=pinned
|
|
ARG BUILD_TAG
|
|
|
|
#########################################################################################
|
|
#
|
|
# Layer "build-deps"
|
|
#
|
|
#########################################################################################
|
|
FROM debian:bullseye-slim AS build-deps
|
|
RUN apt update && \
|
|
apt install -y git autoconf automake libtool build-essential bison flex libreadline-dev \
|
|
zlib1g-dev libxml2-dev libcurl4-openssl-dev libossp-uuid-dev wget pkg-config libssl-dev \
|
|
libicu-dev libxslt1-dev liblz4-dev libzstd-dev zstd
|
|
|
|
#########################################################################################
|
|
#
|
|
# Layer "pg-build"
|
|
# Build Postgres from the neon postgres repository.
|
|
#
|
|
#########################################################################################
|
|
FROM build-deps AS pg-build
|
|
ARG PG_VERSION
|
|
COPY vendor/postgres-${PG_VERSION} postgres
|
|
RUN cd postgres && \
|
|
export CONFIGURE_CMD="./configure CFLAGS='-O2 -g3' --enable-debug --with-openssl --with-uuid=ossp \
|
|
--with-icu --with-libxml --with-libxslt --with-lz4" && \
|
|
if [ "${PG_VERSION}" != "v14" ]; then \
|
|
# zstd is available only from PG15
|
|
export CONFIGURE_CMD="${CONFIGURE_CMD} --with-zstd"; \
|
|
fi && \
|
|
eval $CONFIGURE_CMD && \
|
|
make MAKELEVEL=0 -j $(getconf _NPROCESSORS_ONLN) -s install && \
|
|
make MAKELEVEL=0 -j $(getconf _NPROCESSORS_ONLN) -s -C contrib/ install && \
|
|
# Install headers
|
|
make MAKELEVEL=0 -j $(getconf _NPROCESSORS_ONLN) -s -C src/include install && \
|
|
make MAKELEVEL=0 -j $(getconf _NPROCESSORS_ONLN) -s -C src/interfaces/libpq install && \
|
|
# Enable some of contrib extensions
|
|
echo 'trusted = true' >> /usr/local/pgsql/share/extension/autoinc.control && \
|
|
echo 'trusted = true' >> /usr/local/pgsql/share/extension/bloom.control && \
|
|
echo 'trusted = true' >> /usr/local/pgsql/share/extension/earthdistance.control && \
|
|
echo 'trusted = true' >> /usr/local/pgsql/share/extension/insert_username.control && \
|
|
echo 'trusted = true' >> /usr/local/pgsql/share/extension/intagg.control && \
|
|
echo 'trusted = true' >> /usr/local/pgsql/share/extension/moddatetime.control && \
|
|
echo 'trusted = true' >> /usr/local/pgsql/share/extension/pg_stat_statements.control && \
|
|
echo 'trusted = true' >> /usr/local/pgsql/share/extension/pgrowlocks.control && \
|
|
echo 'trusted = true' >> /usr/local/pgsql/share/extension/pgstattuple.control && \
|
|
echo 'trusted = true' >> /usr/local/pgsql/share/extension/refint.control && \
|
|
echo 'trusted = true' >> /usr/local/pgsql/share/extension/xml2.control && \
|
|
# We need to grant EXECUTE on pg_stat_statements_reset() to neon_superuser.
|
|
# In vanilla postgres this function is limited to Postgres role superuser.
|
|
# In neon we have neon_superuser role that is not a superuser but replaces superuser in some cases.
|
|
# We could add the additional grant statements to the postgres repository but it would be hard to maintain,
|
|
# whenever we need to pick up a new postgres version and we want to limit the changes in our postgres fork,
|
|
# so we do it here.
|
|
old_list="pg_stat_statements--1.0--1.1.sql pg_stat_statements--1.1--1.2.sql pg_stat_statements--1.2--1.3.sql pg_stat_statements--1.3--1.4.sql pg_stat_statements--1.4--1.5.sql pg_stat_statements--1.4.sql pg_stat_statements--1.5--1.6.sql"; \
|
|
# the first loop is for pg_stat_statement extension version <= 1.6
|
|
for file in /usr/local/pgsql/share/extension/pg_stat_statements--*.sql; do \
|
|
filename=$(basename "$file"); \
|
|
if echo "$old_list" | grep -q -F "$filename"; then \
|
|
echo 'GRANT EXECUTE ON FUNCTION pg_stat_statements_reset() TO neon_superuser;' >> $file; \
|
|
fi; \
|
|
done; \
|
|
# the second loop is for pg_stat_statement extension versions >= 1.7,
|
|
# where pg_stat_statement_reset() got 3 additional arguments
|
|
for file in /usr/local/pgsql/share/extension/pg_stat_statements--*.sql; do \
|
|
filename=$(basename "$file"); \
|
|
if ! echo "$old_list" | grep -q -F "$filename"; then \
|
|
echo 'GRANT EXECUTE ON FUNCTION pg_stat_statements_reset(Oid, Oid, bigint) TO neon_superuser;' >> $file; \
|
|
fi; \
|
|
done
|
|
|
|
#########################################################################################
|
|
#
|
|
# Layer "neon-pg-ext-build"
|
|
# compile neon extensions
|
|
#
|
|
#########################################################################################
|
|
FROM build-deps AS neon-pg-ext-build
|
|
ARG PG_VERSION
|
|
|
|
COPY pgxn/ pgxn/
|
|
|
|
RUN make -j $(getconf _NPROCESSORS_ONLN) \
|
|
PG_CONFIG=/usr/local/pgsql/bin/pg_config \
|
|
-C pgxn/neon \
|
|
-s install && \
|
|
make -j $(getconf _NPROCESSORS_ONLN) \
|
|
PG_CONFIG=/usr/local/pgsql/bin/pg_config \
|
|
-C pgxn/neon_utils \
|
|
-s install && \
|
|
make -j $(getconf _NPROCESSORS_ONLN) \
|
|
PG_CONFIG=/usr/local/pgsql/bin/pg_config \
|
|
-C pgxn/neon_test_utils \
|
|
-s install && \
|
|
make -j $(getconf _NPROCESSORS_ONLN) \
|
|
PG_CONFIG=/usr/local/pgsql/bin/pg_config \
|
|
-C pgxn/neon_rmgr \
|
|
-s install && \
|
|
case "${PG_VERSION}" in \
|
|
"v14" | "v15") \
|
|
;; \
|
|
"v16") \
|
|
echo "Skipping HNSW for PostgreSQL 16" && exit 0 \
|
|
;; \
|
|
*) \
|
|
echo "unexpected PostgreSQL version" && exit 1 \
|
|
;; \
|
|
esac && \
|
|
make -j $(getconf _NPROCESSORS_ONLN) \
|
|
PG_CONFIG=/usr/local/pgsql/bin/pg_config \
|
|
-C pgxn/hnsw \
|
|
-s install
|
|
|
|
#########################################################################################
|
|
#
|
|
# Compile and run the Neon-specific `compute_ctl` binary
|
|
#
|
|
#########################################################################################
|
|
FROM $REPOSITORY/$IMAGE:$TAG AS compute-tools
|
|
ARG BUILD_TAG
|
|
ENV BUILD_TAG=$BUILD_TAG
|
|
|
|
USER nonroot
|
|
# Copy entire project to get Cargo.* files with proper dependencies for the whole project
|
|
COPY --chown=nonroot . .
|
|
RUN cd compute_tools && cargo build --locked --profile release-line-debug-size-lto
|
|
|
|
#########################################################################################
|
|
#
|
|
# Clean up postgres folder before inclusion
|
|
#
|
|
#########################################################################################
|
|
FROM neon-pg-ext-build AS postgres-cleanup-layer
|
|
COPY --from=neon-pg-ext-build /usr/local/pgsql /usr/local/pgsql
|
|
|
|
# Remove binaries from /bin/ that we won't use (or would manually copy & install otherwise)
|
|
RUN cd /usr/local/pgsql/bin && rm ecpg raster2pgsql shp2pgsql pgtopo_export pgtopo_import pgsql2shp
|
|
|
|
# Remove headers that we won't need anymore - we've completed installation of all extensions
|
|
RUN rm -r /usr/local/pgsql/include
|
|
|
|
# Remove static postgresql libraries - all compilation is finished, so we
|
|
# can now remove these files - they must be included in other binaries by now
|
|
# if they were to be used by other libraries.
|
|
RUN rm /usr/local/pgsql/lib/lib*.a
|
|
|
|
#########################################################################################
|
|
#
|
|
# Final layer
|
|
# Put it all together into the final image
|
|
#
|
|
#########################################################################################
|
|
FROM debian:bullseye-slim
|
|
# Add user postgres
|
|
RUN mkdir /var/db && useradd -m -d /var/db/postgres postgres && \
|
|
echo "postgres:test_console_pass" | chpasswd && \
|
|
mkdir /var/db/postgres/compute && mkdir /var/db/postgres/specs && \
|
|
mkdir /var/db/postgres/pgbouncer && \
|
|
chown -R postgres:postgres /var/db/postgres && \
|
|
chmod 0750 /var/db/postgres/compute && \
|
|
chmod 0750 /var/db/postgres/pgbouncer && \
|
|
echo '/usr/local/lib' >> /etc/ld.so.conf && /sbin/ldconfig && \
|
|
# create folder for file cache
|
|
mkdir -p -m 777 /neon/cache
|
|
|
|
COPY --from=postgres-cleanup-layer --chown=postgres /usr/local/pgsql /usr/local/pgsql-$PG_VERSION
|
|
COPY --from=compute-tools --chown=postgres /home/nonroot/target/release-line-debug-size-lto/compute_ctl /usr/local/bin/compute_ctl
|
|
|
|
# Install:
|
|
# libreadline8 for psql
|
|
# libicu67, locales for collations (including ICU and plpgsql_check)
|
|
# liblz4-1 for lz4
|
|
# libossp-uuid16 for extension ossp-uuid
|
|
# libgeos, libgdal, libsfcgal1, libproj and libprotobuf-c1 for PostGIS
|
|
# libxml2, libxslt1.1 for xml2
|
|
# libzstd1 for zstd
|
|
# libboost* for rdkit
|
|
# ca-certificates for communicating with s3 by compute_ctl
|
|
RUN apt update && \
|
|
apt install --no-install-recommends -y \
|
|
gdb \
|
|
libicu67 \
|
|
liblz4-1 \
|
|
libreadline8 \
|
|
libboost-iostreams1.74.0 \
|
|
libboost-regex1.74.0 \
|
|
libboost-serialization1.74.0 \
|
|
libboost-system1.74.0 \
|
|
libossp-uuid16 \
|
|
libgeos-c1v5 \
|
|
libgdal28 \
|
|
libproj19 \
|
|
libprotobuf-c1 \
|
|
libsfcgal1 \
|
|
libxml2 \
|
|
libxslt1.1 \
|
|
libzstd1 \
|
|
libcurl4-openssl-dev \
|
|
locales \
|
|
procps \
|
|
ca-certificates && \
|
|
rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* && \
|
|
localedef -i en_US -c -f UTF-8 -A /usr/share/locale/locale.alias en_US.UTF-8
|
|
|
|
ENV LANG en_US.utf8
|
|
USER postgres
|
|
ENTRYPOINT ["/usr/local/bin/compute_ctl"]
|