[spp] [PATCH] tools/sppc: add suricata build for ubuntu1604

[spp] [PATCH] tools/sppc: add suricata build for ubuntu1604

[yasufum.o]

From: Yasufumi Ogawa <yasufum.o@gmail.com>

Script for building an image of suricata-4.1.4 on Ubuntu 18.04 was
released as previous patch. This update is to add support for Ubuntu
16.04.

Building suricata-4.1.4 on Ubuntu 16.04 image has some problems and you
cannot complete to compile suricata while docker building. So, you need
to compile suricata by yourself after launched a container of the build
image which is named as `sppc/suricata-ubuntu:16.04` by default.

  $ ./main.py -t suricata --dpdk-branch v18.11 --dist-ver 16.04
  $ docker images
  ...
  sppc/suricata-ubuntu  16.04 ...
  $ docker run -it sppc/suricata-ubuntu:16.04 /bin/bash
  # ./install_suricata.sh
  ...

After compilation is successfully done, logout and create a new docker
image on which suricata is already built with `docker commit` command
and image's container ID.
In this example, new image is named as `sppc/suricata-ubuntu2:16.04`.

  # exit
  $ docker ps -a
  CONTAINER_ID  sppc/suricata-ubuntu:16.04  "/bin/bash"  3 minutes ...
  $ docker commit CONTAINER_ID sppc/suricata-ubuntu2:16.04

Finally, you can run suricata with the new image.

  $ docker run -it sppc/suricata-ubuntu:16.04 /bin/bash
  # suricata --build-info

These steps are described in documents in the next patches.

Signed-off-by: Yasufumi Ogawa <yasufum.o@gmail.com>
---
 tools/sppc/build/ubuntu/suricata/Dockerfile.16.04  | 114 +++++++++++++++++++++
 tools/sppc/build/ubuntu/suricata/Dockerfile.18.04  | 112 ++++++++++++++++++++
 tools/sppc/build/ubuntu/suricata/Dockerfile.latest |   6 +-
 3 files changed, 231 insertions(+), 1 deletion(-)
 create mode 100644 tools/sppc/build/ubuntu/suricata/Dockerfile.16.04
 create mode 100644 tools/sppc/build/ubuntu/suricata/Dockerfile.18.04

diff --git a/tools/sppc/build/ubuntu/suricata/Dockerfile.16.04 b/tools/sppc/build/ubuntu/suricata/Dockerfile.16.04
new file mode 100644
index 0000000..ae06d6c
--- /dev/null
+++ b/tools/sppc/build/ubuntu/suricata/Dockerfile.16.04
@@ -0,0 +1,114 @@
+FROM ubuntu:16.04
+
+ARG rte_sdk
+ARG rte_target
+ARG home_dir
+ARG dpdk_repo
+ARG dpdk_branch
+ARG suricata_repo
+ARG suricata_branch
+ARG suricata_dir
+
+ENV http_proxy ${http_proxy}
+ENV https_proxy $https_proxy
+ENV no_proxy ${no_proxy}
+ENV RTE_SDK ${rte_sdk}
+ENV RTE_TARGET ${rte_target}
+ENV INSTALL_SURICATA_SH install_suricata.sh
+ENV DEBIAN_FRONTEND noninteractive
+
+# NOTE: There two ways for compiling suricata with DPDK. One is using sources
+# of tar ball, and another one is from github. If building suricata container
+# image, second case is failed because `source-dpdk.c` is not excluding from
+# Makefile for a reason I do not know why. However, you can compile it after
+# launching the container, but you have to compile everytime you launch the
+# container.
+# Tow of cases labeled as `Case 1` and `Case 2` in sections below and this
+# Dockerfile support both of compilation, and default is first one. If you
+# use `Case 2`, you comment out `Case 1` and activate `Case 2` by yourself.
+
+# NOTE: You can another case `Case 3`, but it does not work currently.
+
+ENV SURICATA_SRCDIR suricata-4.1.4
+ENV SURICATA_TGZ ${SURICATA_SRCDIR}.tar.gz
+ENV SURICATA_DOWNLOAD https://www.openinfosecfoundation.org/download/${SURICATA_TGZ}
+
+RUN apt-get update && apt-get install -y \
+    git \
+    gcc \
+    python \
+    pciutils \
+    make \
+    libnuma-dev \
+    gcc-multilib \
+    libarchive-dev \
+    linux-headers-$(uname -r) \
+    libpcap-dev \
+    pkg-config \
+    vim \
+    curl \
+    wget \
+    automake \
+    autoconf \
+    liblz4-dev \
+    libpcre3 libpcre3-dbg libpcre3-dev build-essential libpcap-dev \
+    libnet1-dev libyaml-0-2 libyaml-dev pkg-config zlib1g zlib1g-dev \
+    libcap-ng-dev libcap-ng0 make libmagic-dev libjansson-dev \
+    libnss3-dev libgeoip-dev liblua5.1-dev libhiredis-dev libevent-dev \
+    libpcre3 libpcre3-dbg libpcre3-dev build-essential libpcap-dev \
+    libnet1-dev libyaml-0-2 libyaml-dev pkg-config zlib1g zlib1g-dev \
+    libcap-ng-dev libcap-ng0 make libmagic-dev libjansson-dev \
+    libnss3-dev libgeoip-dev liblua5.1-dev libhiredis-dev libevent-dev \
+    python-yaml rustc cargo \
+    && apt-get clean \
+    && rm -rf /var/lib/apt/lists/*
+
+WORKDIR $home_dir
+RUN git clone ${dpdk_branch} ${dpdk_repo}
+
+# Compile DPDK
+WORKDIR ${rte_sdk}
+RUN make config T=${rte_target} O=${rte_target}
+WORKDIR ${rte_sdk}/${rte_target}
+RUN make -j 4
+
+## NOTE: Case 1
+#WORKDIR ${home_dir}
+#RUN wget ${SURICATA_DOWNLOAD}
+#RUN tar zxvf ${SURICATA_TGZ}
+#WORKDIR ${home_dir}/${SURICATA_SRCDIR}
+#RUN RTE_SDK=${rte_sdk} RTE_TARGET=${rte_target} autoconf
+#RUN RTE_SDK=${rte_sdk} RTE_TARGET=${rte_target} sh configure --enable-dpdk
+#RUN make -j 10
+#ENV PATH ${SURICATA_SRCDIR}/src:${PATH}
+
+# NOTE: Case 2
+# Compiling suricata with Dockerfile is failed if clone suricata
+# while building this image. So, do it after app container is launched.
+# Create suricata install script.
+WORKDIR ${home_dir}
+RUN echo "#!/bin/bash" > ${home_dir}/${INSTALL_SURICATA_SH}
+RUN echo "" >> ${home_dir}/${INSTALL_SURICATA_SH}
+RUN echo "git clone ${suricata_repo}" >> ${home_dir}/${INSTALL_SURICATA_SH}
+RUN echo "cd ${suricata_dir}" >> ${home_dir}/${INSTALL_SURICATA_SH}
+RUN echo "autoconf" >> ${home_dir}/${INSTALL_SURICATA_SH}
+RUN echo "./configure --enable-dpdk" >> ${home_dir}/${INSTALL_SURICATA_SH}
+RUN echo "make -j 10" >> ${home_dir}/${INSTALL_SURICATA_SH}
+RUN echo "make install" >> ${home_dir}/${INSTALL_SURICATA_SH}
+RUN chmod 775 ${home_dir}/${INSTALL_SURICATA_SH}
+ENV PATH ${home_dir}/${suricata_dir}/src:${PATH}
+
+# NOTE: Case 3 Compiling suricata with Dockerfile does not work
+# Compile suricata
+#WORKDIR ${home_dir}
+#RUN git clone ${suricata_branch} ${suricata_repo}
+#WORKDIR ${home_dir}/${suricata_dir}
+#RUN RTE_SDK=${rte_sdk} RTE_TARGET=${rte_target} autoconf
+#RUN RTE_SDK=${rte_sdk} RTE_TARGET=${rte_target} sh configure --enable-dpdk
+#RUN make -j 10
+#ENV PATH ${home_dir}/${suricata_dir}/src:${PATH}
+
+# Set working directory when container is launched
+WORKDIR ${home_dir}
+ADD env.sh ${home_dir}/env.sh
+RUN echo "source ${home_dir}/env.sh" >> ${home_dir}/.bashrc
diff --git a/tools/sppc/build/ubuntu/suricata/Dockerfile.18.04 b/tools/sppc/build/ubuntu/suricata/Dockerfile.18.04
new file mode 100644
index 0000000..e48d873
--- /dev/null
+++ b/tools/sppc/build/ubuntu/suricata/Dockerfile.18.04
@@ -0,0 +1,112 @@
+FROM ubuntu:18.04
+
+ARG rte_sdk
+ARG rte_target
+ARG home_dir
+ARG dpdk_repo
+ARG dpdk_branch
+ARG suricata_repo
+ARG suricata_branch
+ARG suricata_dir
+
+ENV http_proxy ${http_proxy}
+ENV https_proxy $https_proxy
+ENV no_proxy ${no_proxy}
+ENV RTE_SDK ${rte_sdk}
+ENV RTE_TARGET ${rte_target}
+ENV INSTALL_SURICATA_SH install_suricata.sh
+ENV PATH ${rte_sdk}/${rte_target}/app:${PATH}
+ENV PATH ${home_dir}/${suricata_dir}/src:${PATH}
+ENV DEBIAN_FRONTEND noninteractive
+
+# NOTE: There two ways for compiling suricata with DPDK. One is using sources
+# of tar ball, and another one is from github. If building suricata container
+# image, second case is failed because `source-dpdk.c` is not excluding from
+# Makefile for a reason I do not know why. However, you can compile it after
+# launching the container, but you have to compile everytime you launch the
+# container.
+# Tow of cases labeled as `Case 1` and `Case 2` in sections below and this
+# Dockerfile support both of compilation, and default is first one. If you
+# use `Case 2`, you comment out `Case 1` and activate `Case 2` by yourself.
+
+# NOTE: You can another case `Case 3`, but it does not work currently.
+
+ENV SURICATA_SRCDIR suricata-4.1.4
+ENV SURICATA_TGZ ${SURICATA_SRCDIR}.tar.gz
+ENV SURICATA_DOWNLOAD https://www.openinfosecfoundation.org/download/${SURICATA_TGZ}
+
+RUN apt-get update && apt-get install -y \
+    git \
+    gcc \
+    python \
+    pciutils \
+    make \
+    libnuma-dev \
+    gcc-multilib \
+    libarchive-dev \
+    linux-headers-$(uname -r) \
+    libpcap-dev \
+    pkg-config \
+    vim \
+    curl \
+    wget \
+    automake \
+    liblz4-dev \
+    libpcre3 libpcre3-dbg libpcre3-dev build-essential libpcap-dev \
+    libnet1-dev libyaml-0-2 libyaml-dev pkg-config zlib1g zlib1g-dev \
+    libcap-ng-dev libcap-ng0 make libmagic-dev libjansson-dev \
+    libnss3-dev libgeoip-dev liblua5.1-dev libhiredis-dev libevent-dev \
+    libpcre3 libpcre3-dbg libpcre3-dev build-essential libpcap-dev \
+    libnet1-dev libyaml-0-2 libyaml-dev pkg-config zlib1g zlib1g-dev \
+    libcap-ng-dev libcap-ng0 make libmagic-dev libjansson-dev \
+    libnss3-dev libgeoip-dev liblua5.1-dev libhiredis-dev libevent-dev \
+    python-yaml rustc cargo \
+    && apt-get clean \
+    && rm -rf /var/lib/apt/lists/*
+
+WORKDIR $home_dir
+RUN git clone ${dpdk_branch} ${dpdk_repo}
+
+# Compile DPDK
+WORKDIR ${rte_sdk}
+RUN make config T=${rte_target} O=${rte_target}
+WORKDIR ${rte_sdk}/${rte_target}
+RUN make -j 4
+
+# NOTE: Case 1
+WORKDIR ${home_dir}
+RUN wget ${SURICATA_DOWNLOAD}
+RUN tar zxvf ${SURICATA_TGZ}
+WORKDIR ${home_dir}/${SURICATA_SRCDIR}
+RUN RTE_SDK=${rte_sdk} RTE_TARGET=${rte_target} autoconf
+RUN RTE_SDK=${rte_sdk} RTE_TARGET=${rte_target} sh configure --enable-dpdk
+RUN make -j 10
+ENV PATH ${SURICATA_SRCDIR}/src:${PATH}
+
+# NOTE: Case 2
+# Compiling suricata with Dockerfile is failed if clone suricata
+# while building this image. So, do it after app container is launched.
+# Create suricata install script.
+#WORKDIR ${home_dir}
+#RUN echo "#!/bin/bash" > ${home_dir}/${INSTALL_SURICATA_SH}
+#RUN echo "" >> ${home_dir}/${INSTALL_SURICATA_SH}
+#RUN echo "git clone ${suricata_repo}" >> ${home_dir}/${INSTALL_SURICATA_SH}
+#RUN echo "cd ${suricata_dir}" >> ${home_dir}/${INSTALL_SURICATA_SH}
+#RUN echo "autoconf" >> ${home_dir}/${INSTALL_SURICATA_SH}
+#RUN echo "./configure --enable-dpdk" >> ${home_dir}/${INSTALL_SURICATA_SH}
+#RUN echo "make -j 10" >> ${home_dir}/${INSTALL_SURICATA_SH}
+#RUN echo "make install" >> ${home_dir}/${INSTALL_SURICATA_SH}
+#RUN chmod 775 ${home_dir}/${INSTALL_SURICATA_SH}
+
+# NOTE: Case 3 Compiling suricata with Dockerfile does not work
+# Compile suricata
+#RUN git clone ${suricata_branch} ${suricata_repo}
+#WORKDIR ${home_dir}/${suricata_dir}
+#RUN RTE_SDK=${rte_sdk} RTE_TARGET=${rte_target} autoconf
+#RUN RTE_SDK=${rte_sdk} RTE_TARGET=${rte_target} sh configure --enable-dpdk
+#RUN make -j 10
+
+# Set working directory when container is launched
+WORKDIR ${home_dir}
+ADD env.sh ${home_dir}/env.sh
+RUN echo "source ${home_dir}/env.sh" >> ${home_dir}/.bashrc
diff --git a/tools/sppc/build/ubuntu/suricata/Dockerfile.latest b/tools/sppc/build/ubuntu/suricata/Dockerfile.latest
index fec71a5..c3928a0 100644
--- a/tools/sppc/build/ubuntu/suricata/Dockerfile.latest
+++ b/tools/sppc/build/ubuntu/suricata/Dockerfile.latest
@@ -28,6 +28,9 @@ ENV DEBIAN_FRONTEND noninteractive
 # Tow of cases labeled as `Case 1` and `Case 2` in sections below and this
 # Dockerfile support both of compilation, and default is first one. If you
 # use `Case 2`, you comment out `Case 1` and activate `Case 2` by yourself.
+
+# NOTE: You can another case `Case 3`, but it does not work currently.
+
 ENV SURICATA_SRCDIR suricata-4.1.4
 ENV SURICATA_TGZ ${SURICATA_SRCDIR}.tar.gz
 ENV SURICATA_DOWNLOAD https://www.openinfosecfoundation.org/download/${SURICATA_TGZ}
@@ -78,6 +81,7 @@ WORKDIR ${home_dir}/${SURICATA_SRCDIR}
 RUN RTE_SDK=${rte_sdk} RTE_TARGET=${rte_target} autoconf
 RUN RTE_SDK=${rte_sdk} RTE_TARGET=${rte_target} sh configure --enable-dpdk
 RUN make -j 10
+ENV PATH ${SURICATA_SRCDIR}/src:${PATH}
 
 # NOTE: Case 2
 # Compiling suricata with Dockerfile is failed if clone suricata
@@ -94,7 +98,7 @@ RUN make -j 10
 #RUN echo "make install" >> ${home_dir}/${INSTALL_SURICATA_SH}
 #RUN chmod 775 ${home_dir}/${INSTALL_SURICATA_SH}
 
-# NOTE: Compiling suricata with Dockerfile does not work
+# NOTE: Case 3 Compiling suricata with Dockerfile does not work
 # Compile suricata
 #RUN git clone ${suricata_branch} ${suricata_repo}
 #WORKDIR ${home_dir}/${suricata_dir}
-- 
2.7.4