summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorYasufumi Ogawa <yasufum.o@gmail.com>2019-08-27 17:21:19 +0900
committerYasufumi Ogawa <yasufum.o@gmail.com>2019-08-27 17:01:58 +0700
commitc1ae3424acd7d1f0f06fab51ec4fb2cdbbc5cba2 (patch)
treec4f63073cea3f0313799384b044d8b0265dd8bb3
parent018721d456bad15aaaae9c4a342b6cbaa33b8346 (diff)
downloadspp-c1ae3424acd7d1f0f06fab51ec4fb2cdbbc5cba2.zip
spp-c1ae3424acd7d1f0f06fab51ec4fb2cdbbc5cba2.tar.gz
spp-c1ae3424acd7d1f0f06fab51ec4fb2cdbbc5cba2.tar.xz
tools/sppc: add suricata build for ubuntu1604
Script for building an image of suricata-4.1.4 on Ubuntu 18.04 was released as previous patch. This update is to add support for Ubuntu 16.04. Building suricata-4.1.4 on Ubuntu 16.04 image has some problems and you cannot complete to compile suricata while docker building. So, you need to compile suricata by yourself after launched a container of the build image which is named as `sppc/suricata-ubuntu:16.04` by default. $ ./main.py -t suricata --dpdk-branch v18.11 --dist-ver 16.04 $ docker images ... sppc/suricata-ubuntu 16.04 ... $ docker run -it sppc/suricata-ubuntu:16.04 /bin/bash # ./install_suricata.sh ... After compilation is successfully done, logout and create a new docker image on which suricata is already built with `docker commit` command and image's container ID. In this example, new image is named as `sppc/suricata-ubuntu2:16.04`. # exit $ docker ps -a CONTAINER_ID sppc/suricata-ubuntu:16.04 "/bin/bash" 3 minutes ... $ docker commit CONTAINER_ID sppc/suricata-ubuntu2:16.04 Finally, you can run suricata with the new image. $ docker run -it sppc/suricata-ubuntu:16.04 /bin/bash # suricata --build-info These steps are described in documents in the next patches. Signed-off-by: Yasufumi Ogawa <yasufum.o@gmail.com>
-rw-r--r--tools/sppc/build/ubuntu/suricata/Dockerfile.16.04114
-rw-r--r--tools/sppc/build/ubuntu/suricata/Dockerfile.18.04112
-rw-r--r--tools/sppc/build/ubuntu/suricata/Dockerfile.latest6
3 files changed, 231 insertions, 1 deletions
diff --git a/tools/sppc/build/ubuntu/suricata/Dockerfile.16.04 b/tools/sppc/build/ubuntu/suricata/Dockerfile.16.04
new file mode 100644
index 0000000..ae06d6c
--- /dev/null
+++ b/tools/sppc/build/ubuntu/suricata/Dockerfile.16.04
@@ -0,0 +1,114 @@
+FROM ubuntu:16.04
+
+ARG rte_sdk
+ARG rte_target
+ARG home_dir
+ARG dpdk_repo
+ARG dpdk_branch
+ARG suricata_repo
+ARG suricata_branch
+ARG suricata_dir
+
+ENV http_proxy ${http_proxy}
+ENV https_proxy $https_proxy
+ENV no_proxy ${no_proxy}
+ENV RTE_SDK ${rte_sdk}
+ENV RTE_TARGET ${rte_target}
+ENV INSTALL_SURICATA_SH install_suricata.sh
+ENV DEBIAN_FRONTEND noninteractive
+
+# NOTE: There two ways for compiling suricata with DPDK. One is using sources
+# of tar ball, and another one is from github. If building suricata container
+# image, second case is failed because `source-dpdk.c` is not excluding from
+# Makefile for a reason I do not know why. However, you can compile it after
+# launching the container, but you have to compile everytime you launch the
+# container.
+# Tow of cases labeled as `Case 1` and `Case 2` in sections below and this
+# Dockerfile support both of compilation, and default is first one. If you
+# use `Case 2`, you comment out `Case 1` and activate `Case 2` by yourself.
+
+# NOTE: You can another case `Case 3`, but it does not work currently.
+
+ENV SURICATA_SRCDIR suricata-4.1.4
+ENV SURICATA_TGZ ${SURICATA_SRCDIR}.tar.gz
+ENV SURICATA_DOWNLOAD https://www.openinfosecfoundation.org/download/${SURICATA_TGZ}
+
+RUN apt-get update && apt-get install -y \
+ git \
+ gcc \
+ python \
+ pciutils \
+ make \
+ libnuma-dev \
+ gcc-multilib \
+ libarchive-dev \
+ linux-headers-$(uname -r) \
+ libpcap-dev \
+ pkg-config \
+ vim \
+ curl \
+ wget \
+ automake \
+ autoconf \
+ liblz4-dev \
+ libpcre3 libpcre3-dbg libpcre3-dev build-essential libpcap-dev \
+ libnet1-dev libyaml-0-2 libyaml-dev pkg-config zlib1g zlib1g-dev \
+ libcap-ng-dev libcap-ng0 make libmagic-dev libjansson-dev \
+ libnss3-dev libgeoip-dev liblua5.1-dev libhiredis-dev libevent-dev \
+ libpcre3 libpcre3-dbg libpcre3-dev build-essential libpcap-dev \
+ libnet1-dev libyaml-0-2 libyaml-dev pkg-config zlib1g zlib1g-dev \
+ libcap-ng-dev libcap-ng0 make libmagic-dev libjansson-dev \
+ libnss3-dev libgeoip-dev liblua5.1-dev libhiredis-dev libevent-dev \
+ python-yaml rustc cargo \
+ && apt-get clean \
+ && rm -rf /var/lib/apt/lists/*
+
+WORKDIR $home_dir
+RUN git clone ${dpdk_branch} ${dpdk_repo}
+
+# Compile DPDK
+WORKDIR ${rte_sdk}
+RUN make config T=${rte_target} O=${rte_target}
+WORKDIR ${rte_sdk}/${rte_target}
+RUN make -j 4
+
+## NOTE: Case 1
+#WORKDIR ${home_dir}
+#RUN wget ${SURICATA_DOWNLOAD}
+#RUN tar zxvf ${SURICATA_TGZ}
+#WORKDIR ${home_dir}/${SURICATA_SRCDIR}
+#RUN RTE_SDK=${rte_sdk} RTE_TARGET=${rte_target} autoconf
+#RUN RTE_SDK=${rte_sdk} RTE_TARGET=${rte_target} sh configure --enable-dpdk
+#RUN make -j 10
+#ENV PATH ${SURICATA_SRCDIR}/src:${PATH}
+
+# NOTE: Case 2
+# Compiling suricata with Dockerfile is failed if clone suricata
+# while building this image. So, do it after app container is launched.
+# Create suricata install script.
+WORKDIR ${home_dir}
+RUN echo "#!/bin/bash" > ${home_dir}/${INSTALL_SURICATA_SH}
+RUN echo "" >> ${home_dir}/${INSTALL_SURICATA_SH}
+RUN echo "git clone ${suricata_repo}" >> ${home_dir}/${INSTALL_SURICATA_SH}
+RUN echo "cd ${suricata_dir}" >> ${home_dir}/${INSTALL_SURICATA_SH}
+RUN echo "autoconf" >> ${home_dir}/${INSTALL_SURICATA_SH}
+RUN echo "./configure --enable-dpdk" >> ${home_dir}/${INSTALL_SURICATA_SH}
+RUN echo "make -j 10" >> ${home_dir}/${INSTALL_SURICATA_SH}
+RUN echo "make install" >> ${home_dir}/${INSTALL_SURICATA_SH}
+RUN chmod 775 ${home_dir}/${INSTALL_SURICATA_SH}
+ENV PATH ${home_dir}/${suricata_dir}/src:${PATH}
+
+# NOTE: Case 3 Compiling suricata with Dockerfile does not work
+# Compile suricata
+#WORKDIR ${home_dir}
+#RUN git clone ${suricata_branch} ${suricata_repo}
+#WORKDIR ${home_dir}/${suricata_dir}
+#RUN RTE_SDK=${rte_sdk} RTE_TARGET=${rte_target} autoconf
+#RUN RTE_SDK=${rte_sdk} RTE_TARGET=${rte_target} sh configure --enable-dpdk
+#RUN make -j 10
+#ENV PATH ${home_dir}/${suricata_dir}/src:${PATH}
+
+# Set working directory when container is launched
+WORKDIR ${home_dir}
+ADD env.sh ${home_dir}/env.sh
+RUN echo "source ${home_dir}/env.sh" >> ${home_dir}/.bashrc
diff --git a/tools/sppc/build/ubuntu/suricata/Dockerfile.18.04 b/tools/sppc/build/ubuntu/suricata/Dockerfile.18.04
new file mode 100644
index 0000000..e48d873
--- /dev/null
+++ b/tools/sppc/build/ubuntu/suricata/Dockerfile.18.04
@@ -0,0 +1,112 @@
+FROM ubuntu:18.04
+
+ARG rte_sdk
+ARG rte_target
+ARG home_dir
+ARG dpdk_repo
+ARG dpdk_branch
+ARG suricata_repo
+ARG suricata_branch
+ARG suricata_dir
+
+ENV http_proxy ${http_proxy}
+ENV https_proxy $https_proxy
+ENV no_proxy ${no_proxy}
+ENV RTE_SDK ${rte_sdk}
+ENV RTE_TARGET ${rte_target}
+ENV INSTALL_SURICATA_SH install_suricata.sh
+ENV PATH ${rte_sdk}/${rte_target}/app:${PATH}
+ENV PATH ${home_dir}/${suricata_dir}/src:${PATH}
+ENV DEBIAN_FRONTEND noninteractive
+
+# NOTE: There two ways for compiling suricata with DPDK. One is using sources
+# of tar ball, and another one is from github. If building suricata container
+# image, second case is failed because `source-dpdk.c` is not excluding from
+# Makefile for a reason I do not know why. However, you can compile it after
+# launching the container, but you have to compile everytime you launch the
+# container.
+# Tow of cases labeled as `Case 1` and `Case 2` in sections below and this
+# Dockerfile support both of compilation, and default is first one. If you
+# use `Case 2`, you comment out `Case 1` and activate `Case 2` by yourself.
+
+# NOTE: You can another case `Case 3`, but it does not work currently.
+
+ENV SURICATA_SRCDIR suricata-4.1.4
+ENV SURICATA_TGZ ${SURICATA_SRCDIR}.tar.gz
+ENV SURICATA_DOWNLOAD https://www.openinfosecfoundation.org/download/${SURICATA_TGZ}
+
+RUN apt-get update && apt-get install -y \
+ git \
+ gcc \
+ python \
+ pciutils \
+ make \
+ libnuma-dev \
+ gcc-multilib \
+ libarchive-dev \
+ linux-headers-$(uname -r) \
+ libpcap-dev \
+ pkg-config \
+ vim \
+ curl \
+ wget \
+ automake \
+ liblz4-dev \
+ libpcre3 libpcre3-dbg libpcre3-dev build-essential libpcap-dev \
+ libnet1-dev libyaml-0-2 libyaml-dev pkg-config zlib1g zlib1g-dev \
+ libcap-ng-dev libcap-ng0 make libmagic-dev libjansson-dev \
+ libnss3-dev libgeoip-dev liblua5.1-dev libhiredis-dev libevent-dev \
+ libpcre3 libpcre3-dbg libpcre3-dev build-essential libpcap-dev \
+ libnet1-dev libyaml-0-2 libyaml-dev pkg-config zlib1g zlib1g-dev \
+ libcap-ng-dev libcap-ng0 make libmagic-dev libjansson-dev \
+ libnss3-dev libgeoip-dev liblua5.1-dev libhiredis-dev libevent-dev \
+ python-yaml rustc cargo \
+ && apt-get clean \
+ && rm -rf /var/lib/apt/lists/*
+
+WORKDIR $home_dir
+RUN git clone ${dpdk_branch} ${dpdk_repo}
+
+# Compile DPDK
+WORKDIR ${rte_sdk}
+RUN make config T=${rte_target} O=${rte_target}
+WORKDIR ${rte_sdk}/${rte_target}
+RUN make -j 4
+
+# NOTE: Case 1
+WORKDIR ${home_dir}
+RUN wget ${SURICATA_DOWNLOAD}
+RUN tar zxvf ${SURICATA_TGZ}
+WORKDIR ${home_dir}/${SURICATA_SRCDIR}
+RUN RTE_SDK=${rte_sdk} RTE_TARGET=${rte_target} autoconf
+RUN RTE_SDK=${rte_sdk} RTE_TARGET=${rte_target} sh configure --enable-dpdk
+RUN make -j 10
+ENV PATH ${SURICATA_SRCDIR}/src:${PATH}
+
+# NOTE: Case 2
+# Compiling suricata with Dockerfile is failed if clone suricata
+# while building this image. So, do it after app container is launched.
+# Create suricata install script.
+#WORKDIR ${home_dir}
+#RUN echo "#!/bin/bash" > ${home_dir}/${INSTALL_SURICATA_SH}
+#RUN echo "" >> ${home_dir}/${INSTALL_SURICATA_SH}
+#RUN echo "git clone ${suricata_repo}" >> ${home_dir}/${INSTALL_SURICATA_SH}
+#RUN echo "cd ${suricata_dir}" >> ${home_dir}/${INSTALL_SURICATA_SH}
+#RUN echo "autoconf" >> ${home_dir}/${INSTALL_SURICATA_SH}
+#RUN echo "./configure --enable-dpdk" >> ${home_dir}/${INSTALL_SURICATA_SH}
+#RUN echo "make -j 10" >> ${home_dir}/${INSTALL_SURICATA_SH}
+#RUN echo "make install" >> ${home_dir}/${INSTALL_SURICATA_SH}
+#RUN chmod 775 ${home_dir}/${INSTALL_SURICATA_SH}
+
+# NOTE: Case 3 Compiling suricata with Dockerfile does not work
+# Compile suricata
+#RUN git clone ${suricata_branch} ${suricata_repo}
+#WORKDIR ${home_dir}/${suricata_dir}
+#RUN RTE_SDK=${rte_sdk} RTE_TARGET=${rte_target} autoconf
+#RUN RTE_SDK=${rte_sdk} RTE_TARGET=${rte_target} sh configure --enable-dpdk
+#RUN make -j 10
+
+# Set working directory when container is launched
+WORKDIR ${home_dir}
+ADD env.sh ${home_dir}/env.sh
+RUN echo "source ${home_dir}/env.sh" >> ${home_dir}/.bashrc
diff --git a/tools/sppc/build/ubuntu/suricata/Dockerfile.latest b/tools/sppc/build/ubuntu/suricata/Dockerfile.latest
index fec71a5..c3928a0 100644
--- a/tools/sppc/build/ubuntu/suricata/Dockerfile.latest
+++ b/tools/sppc/build/ubuntu/suricata/Dockerfile.latest
@@ -28,6 +28,9 @@ ENV DEBIAN_FRONTEND noninteractive
# Tow of cases labeled as `Case 1` and `Case 2` in sections below and this
# Dockerfile support both of compilation, and default is first one. If you
# use `Case 2`, you comment out `Case 1` and activate `Case 2` by yourself.
+
+# NOTE: You can another case `Case 3`, but it does not work currently.
+
ENV SURICATA_SRCDIR suricata-4.1.4
ENV SURICATA_TGZ ${SURICATA_SRCDIR}.tar.gz
ENV SURICATA_DOWNLOAD https://www.openinfosecfoundation.org/download/${SURICATA_TGZ}
@@ -78,6 +81,7 @@ WORKDIR ${home_dir}/${SURICATA_SRCDIR}
RUN RTE_SDK=${rte_sdk} RTE_TARGET=${rte_target} autoconf
RUN RTE_SDK=${rte_sdk} RTE_TARGET=${rte_target} sh configure --enable-dpdk
RUN make -j 10
+ENV PATH ${SURICATA_SRCDIR}/src:${PATH}
# NOTE: Case 2
# Compiling suricata with Dockerfile is failed if clone suricata
@@ -94,7 +98,7 @@ RUN make -j 10
#RUN echo "make install" >> ${home_dir}/${INSTALL_SURICATA_SH}
#RUN chmod 775 ${home_dir}/${INSTALL_SURICATA_SH}
-# NOTE: Compiling suricata with Dockerfile does not work
+# NOTE: Case 3 Compiling suricata with Dockerfile does not work
# Compile suricata
#RUN git clone ${suricata_branch} ${suricata_repo}
#WORKDIR ${home_dir}/${suricata_dir}