diff --git a/dockerfiles/haproxy/Dockerfile b/dockerfiles/haproxy/Dockerfile index f7836f5..636ea13 100644 --- a/dockerfiles/haproxy/Dockerfile +++ b/dockerfiles/haproxy/Dockerfile @@ -38,9 +38,9 @@ ARG UBUNTU_BASE=ubuntu:22.04 FROM ${UBUNTU_BASE} AS builder -ARG OPENSSL_VERSION="openssl-3.0.14" +ARG OPENSSL_VERSION="openssl-3.0.15" ARG QATLIB_VERSION="24.02.0" -ARG QAT_ENGINE_VERSION="v1.6.1" +ARG QAT_ENGINE_VERSION="v1.7.0" ARG IPSEC_MB_VERSION="v1.5" ARG IPP_CRYPTO_VERSION="ippcp_2021.12.1" ARG HAPROXY_VERSION="v2.8.0" @@ -49,11 +49,11 @@ ENV DEBIAN_FRONTEND=noninteractive # Install required packages including curl, telnet, and git RUN apt-get update && \ - apt-get install -y apt-utils --no-install-recommends + apt-get install -y apt-utils # Upgrade all other packages RUN apt-get upgrade -y && \ - apt-get install -y --no-install-recommends \ + apt-get install -y \ libudev-dev \ make \ gcc \ @@ -75,7 +75,7 @@ RUN apt-get upgrade -y && \ libtool && \ git clone --depth 1 -b $OPENSSL_VERSION https://github.com/openssl/openssl.git && \ git clone --depth 1 -b $QAT_ENGINE_VERSION https://github.com/intel/QAT_Engine && \ - git clone --depth 1 -b $IPP_CRYPTO_VERSION https://github.com/intel/ipp-crypto && \ + git clone --depth 1 -b $IPP_CRYPTO_VERSION https://github.com/intel/cryptography-primitives && \ git clone --depth 1 -b $IPSEC_MB_VERSION https://github.com/intel/intel-ipsec-mb && \ git clone --depth 1 -b $QATLIB_VERSION https://github.com/intel/qatlib && \ git clone --depth 1 -b $HAPROXY_VERSION https://github.com/haproxy/haproxy @@ -99,13 +99,13 @@ RUN ./autogen.sh && \ usermod -a -G qat appuser # Building Crypto_MB -WORKDIR /ipp-crypto/sources/ippcp/crypto_mb +WORKDIR /cryptography-primitives/sources/ippcp/crypto_mb RUN cmake . -B"../build" \ -DOPENSSL_INCLUDE_DIR=/usr/local/include \ -DOPENSSL_LIBRARIES=/usr/local/lib64 \ -DOPENSSL_ROOT_DIR=/openssl -WORKDIR /ipp-crypto/sources/ippcp/build +WORKDIR /cryptography-primitives/sources/ippcp/build RUN make crypto_mb -j && make install -j # Building Ipsec_MB @@ -148,7 +148,9 @@ COPY --from=builder /usr/local/sbin/haproxy /usr/local/sbin/haproxy COPY --from=builder /usr/local/etc/haproxy/ /usr/local/etc/haproxy/ RUN ldconfig +#Expose the 8080 port EXPOSE 8080 + # Switch to non-root user USER appuser diff --git a/dockerfiles/haproxy/haproxy b/dockerfiles/haproxy/haproxy new file mode 160000 index 0000000..fdd8154 --- /dev/null +++ b/dockerfiles/haproxy/haproxy @@ -0,0 +1 @@ +Subproject commit fdd8154ed37fef7f351075caa357917f94704dd7 diff --git a/dockerfiles/qat_crypto_base/Dockerfile b/dockerfiles/qat_crypto_base/Dockerfile index dfbe6a4..13c22fd 100644 --- a/dockerfiles/qat_crypto_base/Dockerfile +++ b/dockerfiles/qat_crypto_base/Dockerfile @@ -3,7 +3,7 @@ # \ # BSD LICENSE \ # \ -# opyright(c) 2024 Intel Corporation. \ +# Copyright(c) 2024 Intel Corporation. \ # All rights reserved. \ # \ # Redistribution and use in source and binary forms, with or without \ @@ -38,9 +38,9 @@ ARG UBUNTU_BASE=ubuntu:22.04 FROM ${UBUNTU_BASE} AS builder -ARG OPENSSL_VERSION="openssl-3.0.14" +ARG OPENSSL_VERSION="openssl-3.0.15" ARG QATLIB_VERSION="24.02.0" -ARG QAT_ENGINE_VERSION="v1.6.1" +ARG QAT_ENGINE_VERSION="v1.7.0" ARG IPSEC_MB_VERSION="v1.5" ARG IPP_CRYPTO_VERSION="ippcp_2021.12.1" ARG GID @@ -48,11 +48,11 @@ ENV DEBIAN_FRONTEND=noninteractive # Install required packages including curl, telnet, and git RUN apt-get update && \ - apt-get install -y apt-utils --no-install-recommends + apt-get install -y apt-utils # Upgrade all other packages RUN apt-get upgrade -y && \ - apt-get install -y --no-install-recommends \ + apt-get install -y \ libudev-dev \ make \ gcc \ @@ -70,7 +70,7 @@ RUN apt-get upgrade -y && \ libtool && \ git clone --depth 1 -b $OPENSSL_VERSION https://github.com/openssl/openssl.git && \ git clone --depth 1 -b $QAT_ENGINE_VERSION https://github.com/intel/QAT_Engine && \ - git clone --depth 1 -b $IPP_CRYPTO_VERSION https://github.com/intel/ipp-crypto && \ + git clone --depth 1 -b $IPP_CRYPTO_VERSION https://github.com/intel/cryptography-primitives && \ git clone --depth 1 -b $IPSEC_MB_VERSION https://github.com/intel/intel-ipsec-mb && \ git clone --depth 1 -b $QATLIB_VERSION https://github.com/intel/qatlib @@ -93,13 +93,13 @@ RUN ./autogen.sh && \ usermod -a -G qat appuser # Building Cypto_MB -WORKDIR /ipp-crypto/sources/ippcp/crypto_mb +WORKDIR /cryptography-primitives/sources/ippcp/crypto_mb RUN cmake . -B"../build" \ -DOPENSSL_INCLUDE_DIR=/usr/local/include \ -DOPENSSL_LIBRARIES=/usr/local/lib64 \ -DOPENSSL_ROOT_DIR=/openssl -WORKDIR /ipp-crypto/sources/ippcp/build +WORKDIR /cryptography-primitives/sources/ippcp/build RUN make crypto_mb -j && make install -j # Building Ipsec_MB @@ -115,7 +115,7 @@ RUN ./autogen.sh && \ --enable-qat_sw && \ make -j && make install -j -#Added to remobe libc library for vulnerability issue +#Added to remove libc library for vulnerability issue RUN apt-get purge -y linux-libc-dev FROM ${UBUNTU_BASE} diff --git a/docs/software_requirements.md b/docs/software_requirements.md index e7bc8c9..845ba39 100644 --- a/docs/software_requirements.md +++ b/docs/software_requirements.md @@ -14,7 +14,7 @@ and also from the latest versions from the links below. * [Intel® QuickAssist Technology Driver for Linux\* HW Version 2.0][4] - **QAT20.L.1.1.50-00003** * [Intel® QuickAssist Technology Driver for Linux\* HW Version 1.x][5] - **QAT.L.4.26.0-00008** * [Intel® QuickAssist Technology Driver for FreeBSD\* HW Version 1.x and 2.0] - **QAT.B.3.14.31-00003** (FreeBSD 13.2) -* [Intel® QATlib for Linux with intree driver][7] - **QATlib 24.09.0** +* [Intel® QATlib for Linux with intree driver][7] - **QATlib 24.09.0** & **QATlib 24.02.0** (for Dockerfile only) * [Intel® QATlib for FreeBSD with intree driver(FreeBSD 14)][8] - **FreeBSD QATlib 23.09.0** (FreeBSD 14) ## QAT_SW Libraries: