Add rocky10 Docker containers

.github/workflows/docker-cbdb-build-containers.yml

@@ -60,6 +60,7 @@ on:
     paths:
       - 'devops/deploy/docker/build/rocky8/**'
       - 'devops/deploy/docker/build/rocky9/**'
+      - 'devops/deploy/docker/build/rocky10/**'
       - 'devops/deploy/docker/build/ubuntu22.04/**'
       - 'devops/deploy/docker/build/ubuntu24.04/**'
   pull_request:
@@ -81,7 +82,7 @@ jobs:
     # Matrix strategy to build for both Rocky Linux 8 and 9, Ubuntu 22.04 and 24.04
     strategy:
       matrix:
-        platform: ['rocky8', 'rocky9', 'ubuntu22.04', 'ubuntu24.04']
+        platform: ['rocky8', 'rocky9', 'rocky10', 'ubuntu22.04', 'ubuntu24.04']
 
     steps:
       # Checkout repository code with full history
@@ -108,6 +109,8 @@ jobs:
               - 'devops/deploy/docker/build/rocky8/**'
             rocky9:
               - 'devops/deploy/docker/build/rocky9/**'
+            rocky10:
+              - 'devops/deploy/docker/build/rocky10/**'
             ubuntu22.04:
               - 'devops/deploy/docker/build/ubuntu22.04/**'
             ubuntu24.04:

.github/workflows/docker-cbdb-test-containers.yml

@@ -49,6 +49,7 @@ on:
     paths:
       - 'devops/deploy/docker/test/rocky8/**'
       - 'devops/deploy/docker/test/rocky9/**'
+      - 'devops/deploy/docker/test/rocky10/**'
       - 'devops/deploy/docker/test/ubuntu22.04/**'
       - 'devops/deploy/docker/test/ubuntu24.04/**'
   pull_request:
@@ -68,7 +69,7 @@ jobs:
     strategy:
       matrix:
         # Build for Rocky Linux 8 and 9, Ubuntu 22.04 and 24.04
-        platform: ['rocky8', 'rocky9', 'ubuntu22.04', 'ubuntu24.04']
+        platform: ['rocky8', 'rocky9', 'rocky10', 'ubuntu22.04', 'ubuntu24.04']
 
     steps:
       # Checkout repository code
@@ -92,6 +93,8 @@ jobs:
               - 'devops/deploy/docker/test/rocky8/**'
             rocky9:
               - 'devops/deploy/docker/test/rocky9/**'
+            rocky10:
+              - 'devops/deploy/docker/test/rocky10/**'
             ubuntu22.04:
               - 'devops/deploy/docker/test/ubuntu22.04/**'
             ubuntu24.04:

devops/deploy/docker/build/rocky10/Dockerfile

@@ -0,0 +1,216 @@
+# --------------------------------------------------------------------
+#
+# Licensed to the Apache Software Foundation (ASF) under one or more
+# contributor license agreements. See the NOTICE file distributed
+# with this work for additional information regarding copyright
+# ownership. The ASF licenses this file to You under the Apache
+# License, Version 2.0 (the "License"); you may not use this file
+# except in compliance with the License. You may obtain a copy of the
+# License at
+#
+#    http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+# implied. See the License for the specific language governing
+# permissions and limitations under the License.
+#
+# --------------------------------------------------------------------
+#
+# Apache Cloudberry (Incubating) is an effort undergoing incubation at
+# the Apache Software Foundation (ASF), sponsored by the Apache
+# Incubator PMC.
+#
+# Incubation is required of all newly accepted projects until a
+# further review indicates that the infrastructure, communications,
+# and decision making process have stabilized in a manner consistent
+# with other successful ASF projects.
+#
+# While incubation status is not necessarily a reflection of the
+# completeness or stability of the code, it does indicate that the
+# project has yet to be fully endorsed by the ASF.
+#
+# --------------------------------------------------------------------
+# Dockerfile for Apache Cloudberry Build Environment
+# --------------------------------------------------------------------
+# This Dockerfile sets up a Rocky Linux 10-based container for building
+# and developing Apache Cloudberry. It installs necessary system
+# utilities, development tools, and configures the environment for SSH
+# access and systemd support.
+#
+# Key Features:
+# - Locale setup for en_US.UTF-8
+# - SSH daemon setup for remote access
+# - Essential development tools and libraries installation
+# - User configuration for 'gpadmin' with sudo privileges
+#
+# Usage:
+#   docker build -t cloudberry-db-env .
+#   docker run -h cdw -it cloudberry-db-env
+# --------------------------------------------------------------------
+
+# Base image: Rocky Linux 10
+FROM rockylinux/rockylinux:10
+
+# Argument for configuring the timezone
+ARG TIMEZONE_VAR="America/Los_Angeles"
+
+# Environment variables for locale and user
+ENV container=docker
+ENV LANG=en_US.UTF-8
+ENV USER=gpadmin
+
+# --------------------------------------------------------------------
+# Install Development Tools and Utilities
+# --------------------------------------------------------------------
+# Install various development tools, system utilities, and libraries
+# required for building and running Apache Cloudberry.
+# - EPEL repository is enabled for additional packages.
+# - Cleanup steps are added to reduce image size after installation.
+# --------------------------------------------------------------------
+RUN dnf makecache && \
+    dnf install -y \
+        epel-release \
+        git && \
+    dnf makecache && \
+    dnf config-manager --disable epel && \
+    dnf install -y --enablerepo=epel \
+        bat \
+        libssh2-devel \
+        python3-devel \
+        htop && \
+    dnf install -y \
+        bison \
+        cmake3 \
+        ed \
+        file \
+        flex \
+        gcc \
+        gcc-c++ \
+        gdb \
+        glibc-langpack-en \
+        glibc-locale-source \
+        initscripts \
+        iproute \
+        less \
+        lsof \
+        m4 \
+        net-tools \
+        openssh-clients \
+        openssh-server \
+        perl \
+        rpm-build \
+        rpmdevtools \
+        rsync \
+        sudo \
+        tar \
+        unzip \
+        util-linux-ng \
+        wget \
+        sshpass \
+        which && \
+    dnf install -y \
+        apr-devel \
+        bzip2-devel \
+        java-21-openjdk \
+        java-21-openjdk-devel \
+        krb5-devel \
+        libcurl-devel \
+        libevent-devel \
+        libxml2-devel \
+        libuuid-devel \
+        libzstd-devel \
+        lz4 \
+        lz4-devel \
+        openldap-devel \
+        openssl-devel \
+        pam-devel \
+        perl-ExtUtils-Embed \
+        perl-Test-Simple \
+        perl-core \
+        python3-setuptools \
+        readline-devel \
+        zlib-devel && \
+    dnf install -y --enablerepo=crb \
+        liburing-devel \
+        libuv-devel \
+        libyaml-devel \
+        perl-IPC-Run \
+        python3-wheel \
+        protobuf-devel && \
+    dnf clean all && \
+    cd && XERCES_LATEST_RELEASE=3.3.0 && \
+    wget -nv "https://archive.apache.org/dist/xerces/c/3/sources/xerces-c-${XERCES_LATEST_RELEASE}.tar.gz" && \
+    echo "$(curl -sL https://archive.apache.org/dist/xerces/c/3/sources/xerces-c-${XERCES_LATEST_RELEASE}.tar.gz.sha256)" | sha256sum -c - && \
+    tar xf "xerces-c-${XERCES_LATEST_RELEASE}.tar.gz"; rm "xerces-c-${XERCES_LATEST_RELEASE}.tar.gz" && \
+    cd xerces-c-${XERCES_LATEST_RELEASE} && \
+    ./configure --prefix=/usr/local/xerces-c && \
+    make -j$(nproc) && \
+    make install -C ~/xerces-c-${XERCES_LATEST_RELEASE} && \
+    rm -rf ~/xerces-c* && \
+    cd && GO_VERSION="go1.24.13" && \
+    ARCH=$(uname -m) && \
+    if [ "${ARCH}" = "aarch64" ]; then \
+        GO_ARCH="arm64" && \
+        GO_SHA256="74d97be1cc3a474129590c67ebf748a96e72d9f3a2b6fef3ed3275de591d49b3"; \
+    elif [ "${ARCH}" = "x86_64" ]; then \
+        GO_ARCH="amd64" && \
+        GO_SHA256="1fc94b57134d51669c72173ad5d49fd62afb0f1db9bf3f798fd98ee423f8d730"; \
+    else \
+        echo "Unsupported architecture: ${ARCH}" && exit 1; \
+    fi && \
+    GO_URL="https://go.dev/dl/${GO_VERSION}.linux-${GO_ARCH}.tar.gz" && \
+    wget -nv "${GO_URL}" && \
+    echo "${GO_SHA256}  ${GO_VERSION}.linux-${GO_ARCH}.tar.gz" | sha256sum -c - && \
+    tar xf "${GO_VERSION}.linux-${GO_ARCH}.tar.gz" && \
+    mv go "/usr/local/${GO_VERSION}" && \
+    ln -s "/usr/local/${GO_VERSION}" /usr/local/go && \
+    rm -f "${GO_VERSION}.linux-${GO_ARCH}.tar.gz" && \
+    echo 'export PATH=$PATH:/usr/local/go/bin' | tee -a /etc/profile.d/go.sh > /dev/null
+
+# --------------------------------------------------------------------
+# Copy Configuration Files and Setup the Environment
+# --------------------------------------------------------------------
+# - Copy custom configuration files from the build context to /tmp/.
+# - Apply custom system limits and timezone.
+# - Create and configure the 'gpadmin' user with sudo privileges.
+# - Set up SSH for password-based authentication.
+# - Generate locale and set the default locale to en_US.UTF-8.
+# --------------------------------------------------------------------
+
+# Copy configuration files from their respective locations
+COPY ./configs/* /tmp/
+
+RUN cp /tmp/90-cbdb-limits /etc/security/limits.d/90-cbdb-limits && \
+    sed -i.bak -r 's/^(session\s+required\s+pam_limits.so)/#\1/' /etc/pam.d/* && \
+    cat /usr/share/zoneinfo/${TIMEZONE_VAR} > /etc/localtime && \
+    chmod 777 /tmp/init_system.sh && \
+    /usr/sbin/groupadd gpadmin && \
+    /usr/sbin/useradd gpadmin -g gpadmin -G wheel && \
+    setcap cap_net_raw+ep /usr/bin/ping && \
+    echo 'gpadmin ALL=(ALL) NOPASSWD: ALL' > /etc/sudoers.d/90-gpadmin && \
+    echo -e '\n# Add Cloudberry entries\nif [ -f /usr/local/cbdb/cloudberry-env.sh ]; then\n  source /usr/local/cbdb/cloudberry-env.sh\nfi' >> /home/gpadmin/.bashrc && \
+    ssh-keygen -A && \
+    echo "PasswordAuthentication yes" >> /etc/ssh/sshd_config && \
+    localedef -i en_US -f UTF-8 en_US.UTF-8 && \
+    echo "LANG=en_US.UTF-8" | tee /etc/locale.conf && \
+    dnf clean all  # Final cleanup to remove unnecessary files
+
+# Install testinfra via pip
+RUN pip3 install pytest-testinfra
+
+# Copying test files into the container
+COPY ./tests /tests
+
+# --------------------------------------------------------------------
+# Set the Default User and Command
+# --------------------------------------------------------------------
+# The default user is set to 'gpadmin', and the container starts by
+# running the init_system.sh script. The container also mounts the
+# /sys/fs/cgroup volume for systemd compatibility.
+# --------------------------------------------------------------------
+USER gpadmin
+
+VOLUME [ "/sys/fs/cgroup" ]
+CMD ["bash","-c","/tmp/init_system.sh"]

devops/deploy/docker/build/rocky10/configs/90-cbdb-limits

@@ -0,0 +1,32 @@
+# /etc/security/limits.d/90-db-limits
+# --------------------------------------------------------------------
+#
+# Licensed to the Apache Software Foundation (ASF) under one or more
+# contributor license agreements. See the NOTICE file distributed
+# with this work for additional information regarding copyright
+# ownership. The ASF licenses this file to You under the Apache
+# License, Version 2.0 (the "License"); you may not use this file
+# except in compliance with the License. You may obtain a copy of the
+# License at
+#
+#    http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+# implied. See the License for the specific language governing
+# permissions and limitations under the License.
+#
+# --------------------------------------------------------------------
+
+# Core dump file size limits for gpadmin
+gpadmin soft core unlimited
+gpadmin hard core unlimited
+
+# Open file limits for gpadmin
+gpadmin soft nofile 524288
+gpadmin hard nofile 524288
+
+# Process limits for gpadmin
+gpadmin soft nproc 131072
+gpadmin hard nproc 131072

devops/deploy/docker/build/rocky10/configs/gpinitsystem.conf

@@ -0,0 +1,89 @@
+# --------------------------------------------------------------------
+#
+# Licensed to the Apache Software Foundation (ASF) under one or more
+# contributor license agreements. See the NOTICE file distributed
+# with this work for additional information regarding copyright
+# ownership. The ASF licenses this file to You under the Apache
+# License, Version 2.0 (the "License"); you may not use this file
+# except in compliance with the License. You may obtain a copy of the
+# License at
+#
+#    http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+# implied. See the License for the specific language governing
+# permissions and limitations under the License.
+#
+# --------------------------------------------------------------------
+
+# --------------------------------------------------------------------
+# gpinitsystem Configuration File for Apache Cloudberry
+# --------------------------------------------------------------------
+# This configuration file is used to initialize an Apache Cloudberry
+# cluster. It defines the settings for the coordinator, primary segments,
+# and mirrors, as well as other important configuration options.
+# --------------------------------------------------------------------
+
+# Segment prefix - This prefix is used for naming the segment directories.
+# For example, the primary segment directories will be named gpseg0, gpseg1, etc.
+SEG_PREFIX=gpseg
+
+# Coordinator port - The port number where the coordinator will listen.
+# This is the port used by clients to connect to the database.
+COORDINATOR_PORT=5432
+
+# Coordinator hostname - The hostname of the machine where the coordinator
+# will be running. The $(hostname) command will automatically insert the
+# hostname of the current machine.
+COORDINATOR_HOSTNAME=$(hostname)
+
+# Coordinator data directory - The directory where the coordinator's data
+# will be stored. This directory should have enough space to store metadata
+# and system catalogs.
+COORDINATOR_DIRECTORY=/data1/coordinator
+
+# Base port for primary segments - The starting port number for the primary
+# segments. Each primary segment will use a unique port number starting from
+# this base.
+PORT_BASE=6000
+
+# Primary segment data directories - An array specifying the directories where
+# the primary segment data will be stored. Each directory corresponds to a
+# primary segment. In this case, two primary segments will be created in the
+# same directory.
+declare -a DATA_DIRECTORY=(/data1/primary /data1/primary)
+
+# Base port for mirror segments - The starting port number for the mirror
+# segments. Each mirror segment will use a unique port number starting from
+# this base.
+MIRROR_PORT_BASE=7000
+
+# Mirror segment data directories - An array specifying the directories where
+# the mirror segment data will be stored. Each directory corresponds to a
+# mirror segment. In this case, two mirror segments will be created in the
+# same directory.
+declare -a MIRROR_DATA_DIRECTORY=(/data1/mirror /data1/mirror)
+
+# Trusted shell - The shell program used for remote execution. Cloudberry uses
+# SSH to run commands on other machines in the cluster. 'ssh' is the default.
+TRUSTED_SHELL=ssh
+
+# Database encoding - The character set encoding to be used by the database.
+# 'UNICODE' is a common choice, especially for internationalization.
+ENCODING=UNICODE
+
+# Default database name - The name of the default database to be created during
+# initialization. This is also the default database that the gpadmin user will
+# connect to.
+DATABASE_NAME=gpadmin
+
+# Machine list file - A file containing the list of hostnames where the primary
+# segments will be created. Each line in the file represents a different machine.
+# This file is critical for setting up the cluster across multiple nodes.
+MACHINE_LIST_FILE=/home/gpadmin/hostfile_gpinitsystem
+
+# --------------------------------------------------------------------
+# End of gpinitsystem Configuration File
+# --------------------------------------------------------------------