| Abhay Kumar | 40252eb | 2025-10-13 13:25:53 +0000 | [diff] [blame] | 1 | FROM registry.access.redhat.com/ubi9/ubi-minimal:9.6@sha256:7c5495d5fad59aaee12abc3cbbd2b283818ee1e814b00dbc7f25bf2d14fa4f0c |
| 2 | |
| 3 | USER root |
| 4 | |
| 5 | RUN microdnf update -y \ |
| 6 | && microdnf install -y git gzip java-17-openjdk-headless tar tzdata-java \ |
| 7 | && microdnf reinstall -y tzdata \ |
| 8 | && microdnf clean all |
| 9 | |
| 10 | ENV JAVA_HOME=/usr/lib/jvm/jre-17 |
| 11 | |
| 12 | # https://docs.oracle.com/javase/7/docs/technotes/guides/net/properties.html |
| 13 | # Ensure Java doesn't cache any dns results |
| 14 | RUN cd /etc/java/java-17-openjdk/*/conf/security \ |
| 15 | && sed -e '/networkaddress.cache.ttl/d' -e '/networkaddress.cache.negative.ttl/d' -i java.security \ |
| 16 | && echo 'networkaddress.cache.ttl=0' >> java.security \ |
| 17 | && echo 'networkaddress.cache.negative.ttl=0' >> java.security |
| 18 | |
| 19 | ARG SCALA_VERSION="2.13" |
| 20 | ARG KAFKA_VERSION="3.9.1" |
| 21 | |
| 22 | WORKDIR /tmp |
| 23 | |
| 24 | # https://github.com/apache/kafka/blob/2e2b0a58eda3e677763af974a44a6aaa3c280214/tests/docker/Dockerfile#L77-L105 |
| 25 | ARG KAFKA_MIRROR="https://s3-us-west-2.amazonaws.com/kafka-packages" |
| 26 | SHELL ["/bin/bash", "-o", "pipefail", "-c"] |
| 27 | RUN --mount=type=bind,target=.,rw=true \ |
| 28 | mkdir -p "/opt/kafka-${KAFKA_VERSION}" \ |
| 29 | && chmod a+rw "/opt/kafka-${KAFKA_VERSION}" \ |
| 30 | && curl -s "$KAFKA_MIRROR/kafka_${SCALA_VERSION}-${KAFKA_VERSION}.tgz" | tar xz --strip-components=1 -C "/opt/kafka-${KAFKA_VERSION}" |
| 31 | |
| 32 | # older kafka versions depend upon jaxb-api being bundled with the JDK, but it |
| 33 | # was removed from Java 11 so work around that by including it in the kafka |
| 34 | # libs dir regardless |
| 35 | RUN curl -sLO "https://repo1.maven.org/maven2/javax/xml/bind/jaxb-api/2.3.0/jaxb-api-2.3.0.jar" \ |
| 36 | && for DIR in /opt/kafka-*; do cp -v jaxb-api-2.3.0.jar $DIR/libs/ ; done \ |
| 37 | && rm -f jaxb-api-2.3.0.jar |
| 38 | |
| 39 | # older kafka versions with the zookeeper 3.4.13/3.4.14 client aren't compatible with Java 17 so quietly bump them to 3.5.9 |
| 40 | RUN if ! stat /opt/kafka-${KAFKA_VERSION}/libs/zookeeper-3.4.*.jar; then exit 0; fi ; \ |
| 41 | rm -f /opt/kafka-${KAFKA_VERSION}/libs/zookeeper-3.4.*.jar \ |
| 42 | && curl --fail -sSL -o "/opt/kafka-${KAFKA_VERSION}/libs/zookeeper-3.5.9.jar" "https://repo1.maven.org/maven2/org/apache/zookeeper/zookeeper/3.5.9/zookeeper-3.5.9.jar" \ |
| 43 | && curl --fail -sSL -o "/opt/kafka-${KAFKA_VERSION}/libs/zookeeper-jute-3.5.9.jar" "https://repo1.maven.org/maven2/org/apache/zookeeper/zookeeper-jute/3.5.9/zookeeper-jute-3.5.9.jar" |
| 44 | |
| 45 | WORKDIR /opt/kafka-${KAFKA_VERSION} |
| 46 | |
| 47 | ENV JAVA_MAJOR_VERSION=17 |
| 48 | |
| 49 | RUN sed -e "s/JAVA_MAJOR_VERSION=.*/JAVA_MAJOR_VERSION=${JAVA_MAJOR_VERSION}/" -i"" ./bin/kafka-run-class.sh |
| 50 | |
| 51 | COPY entrypoint.sh / |
| 52 | |
| 53 | USER 65534:65534 |
| 54 | |
| 55 | ENTRYPOINT ["/entrypoint.sh"] |