diff --git a/docker/glutton/Dockerfile b/docker/glutton/Dockerfile index e686969e..38514bc6 100644 --- a/docker/glutton/Dockerfile +++ b/docker/glutton/Dockerfile @@ -1,8 +1,8 @@ FROM alpine - +# # Include dist ADD dist/ /root/dist/ - +# # Setup apk RUN apk -U --no-cache add \ build-base \ @@ -13,32 +13,32 @@ RUN apk -U --no-cache add \ libnetfilter_queue-dev \ libcap \ libpcap-dev && \ - +# # Setup go, glutton export GOPATH=/opt/go/ && \ - go get -d github.com/mushorg/glutton && \ - cd /opt/go/src/github.com/satori/ && \ - rm -rf go.uuid && \ - git clone https://github.com/satori/go.uuid && \ - cd go.uuid && \ - git checkout v1.2.0 && \ - mv /root/dist/system.go /opt/go/src/github.com/mushorg/glutton/ && \ - cd /opt/go/src/github.com/mushorg/glutton/ && \ + export GO111MODULE=on && \ + mkdir -p /opt/go && \ + cd /opt/go/ && \ + git clone https://github.com/mushorg/glutton && \ + cd /opt/go/glutton/ && \ + mv /root/dist/system.go /opt/go/glutton/ && \ + go mod download && \ make build && \ cd / && \ mkdir -p /opt/glutton && \ - mv /opt/go/src/github.com/mushorg/glutton/bin /opt/glutton/ && \ - mv /opt/go/src/github.com/mushorg/glutton/config /opt/glutton/ && \ - mv /opt/go/src/github.com/mushorg/glutton/rules /opt/glutton/ && \ + mv /opt/go/glutton/bin /opt/glutton/ && \ + mv /opt/go/glutton/config /opt/glutton/ && \ + mv /opt/go/glutton/rules /opt/glutton/ && \ + ln -s /sbin/xtables-legacy-multi /sbin/xtables-multi && \ setcap cap_net_admin,cap_net_raw=+ep /opt/glutton/bin/server && \ - setcap cap_net_admin,cap_net_raw=+ep /sbin/xtables-multi && \ - + setcap cap_net_admin,cap_net_raw=+ep /sbin/xtables-legacy-multi && \ +# # Setup user, groups and configs addgroup -g 2000 glutton && \ adduser -S -s /bin/ash -u 2000 -D -g 2000 glutton && \ mkdir -p /var/log/glutton && \ mv /root/dist/rules.yaml /opt/glutton/rules/ && \ - +# # Clean up apk del --purge build-base \ git \ @@ -47,8 +47,8 @@ RUN apk -U --no-cache add \ rm -rf /var/cache/apk/* \ /opt/go \ /root/dist - +# # Start glutton WORKDIR /opt/glutton USER glutton:glutton -CMD exec bin/server -i $(/sbin/ip address | grep '^2: ' | awk '{ print $2 }' | tr -d [:punct:]) -l /var/log/glutton/glutton.log +CMD exec bin/server -i $(/sbin/ip address | grep '^2: ' | awk '{ print $2 }' | tr -d [:punct:]) -l /var/log/glutton/glutton.log > /dev/null 2>&1 diff --git a/docker/glutton/Dockerfile.old b/docker/glutton/Dockerfile.old new file mode 100644 index 00000000..84d0ad89 --- /dev/null +++ b/docker/glutton/Dockerfile.old @@ -0,0 +1,54 @@ +FROM alpine +# +# Include dist +ADD dist/ /root/dist/ +# +# Setup apk +RUN apk -U --no-cache add \ + build-base \ + git \ + go \ + g++ \ + iptables-dev \ + libnetfilter_queue-dev \ + libcap \ + libpcap-dev && \ +# +# Setup go, glutton + export GOPATH=/opt/go/ && \ + go get -d github.com/mushorg/glutton && \ + cd /opt/go/src/github.com/satori/ && \ + rm -rf go.uuid && \ + git clone https://github.com/satori/go.uuid && \ + cd go.uuid && \ + git checkout v1.2.0 && \ + mv /root/dist/system.go /opt/go/src/github.com/mushorg/glutton/ && \ + cd /opt/go/src/github.com/mushorg/glutton/ && \ + make build && \ + cd / && \ + mkdir -p /opt/glutton && \ + mv /opt/go/src/github.com/mushorg/glutton/bin /opt/glutton/ && \ + mv /opt/go/src/github.com/mushorg/glutton/config /opt/glutton/ && \ + mv /opt/go/src/github.com/mushorg/glutton/rules /opt/glutton/ && \ + setcap cap_net_admin,cap_net_raw=+ep /opt/glutton/bin/server && \ + setcap cap_net_admin,cap_net_raw=+ep /sbin/xtables-multi && \ +# +# Setup user, groups and configs + addgroup -g 2000 glutton && \ + adduser -S -s /bin/ash -u 2000 -D -g 2000 glutton && \ + mkdir -p /var/log/glutton && \ + mv /root/dist/rules.yaml /opt/glutton/rules/ && \ +# +# Clean up + apk del --purge build-base \ + git \ + go \ + g++ && \ + rm -rf /var/cache/apk/* \ + /opt/go \ + /root/dist +# +# Start glutton +WORKDIR /opt/glutton +USER glutton:glutton +CMD exec bin/server -i $(/sbin/ip address | grep '^2: ' | awk '{ print $2 }' | tr -d [:punct:]) -l /var/log/glutton/glutton.log > /dev/null 2>&1 diff --git a/docker/glutton/dist/system.go b/docker/glutton/dist/system.go index 2b94acc7..b775d175 100644 --- a/docker/glutton/dist/system.go +++ b/docker/glutton/dist/system.go @@ -1,6 +1,7 @@ package glutton import ( + "errors" "fmt" "log" "os" @@ -10,13 +11,19 @@ import ( "time" ) -func countOpenFiles() int { - out, err := exec.Command("/bin/sh", "-c", fmt.Sprintf("lsof -p %v", os.Getpid())).Output() - if err != nil { - log.Fatal(err) +func countOpenFiles() (int, error) { + if runtime.GOOS == "linux" { + if isCommandAvailable("lsof") { + out, err := exec.Command("/bin/sh", "-c", fmt.Sprintf("lsof -p %d", os.Getpid())).Output() + if err != nil { + log.Fatal(err) + } + lines := strings.Split(string(out), "\n") + return len(lines) - 1, nil + } + return 0, errors.New("lsof command does not exist. Kindly run sudo apt install lsof") } - lines := strings.Split(string(out), "\n") - return len(lines) - 1 + return 0, errors.New("Operating system type not supported for this command") } func countRunningRoutines() int { @@ -36,3 +43,11 @@ func (g *Glutton) startMonitor(quit chan struct{}) { } }() } + +func isCommandAvailable(name string) bool { + cmd := exec.Command("/bin/sh", "-c", "command -v "+name) + if err := cmd.Run(); err != nil { + return false + } + return true +} diff --git a/docker/glutton/docker-compose.yml b/docker/glutton/docker-compose.yml index c75eec3e..5377a6aa 100644 --- a/docker/glutton/docker-compose.yml +++ b/docker/glutton/docker-compose.yml @@ -9,6 +9,7 @@ services: restart: always tmpfs: - /var/lib/glutton:uid=2000,gid=2000 + - /run:uid=2000,gid=2000 network_mode: "host" cap_add: - NET_ADMIN