Add base images and make PI samples inherit from it (#419)

.dockerignore

@@ -0,0 +1,16 @@
+# From .gitignore
+.idea/
+.vscode/
+_output/
+bin/
+profile.cov
+
+# Additional
+.gitignore
+.github/
+deploy/
+examples/
+hack/
+manifests/
+proposals/
+sdk/

Makefile

@@ -99,7 +99,12 @@ images:
 
 .PHONY: test_images
 test_images:
+	${IMG_BUILDER} build -t mpioperator/base examples/base
+	${IMG_BUILDER} build -t mpioperator/openmpi examples/base -f examples/base/openmpi.Dockerfile
+	${IMG_BUILDER} build -t mpioperator/openmpi-builder examples/base -f examples/base/openmpi-builder.Dockerfile
 	${IMG_BUILDER} build -t mpioperator/mpi-pi:openmpi examples/pi
+	${IMG_BUILDER} build -t mpioperator/intel examples/base -f examples/base/intel.Dockerfile
+	${IMG_BUILDER} build -t mpioperator/intel-builder examples/base -f examples/base/intel-builder.Dockerfile
 	${IMG_BUILDER} build -t mpioperator/mpi-pi:intel examples/pi -f examples/pi/intel.Dockerfile
 
 .PHONY: tidy

examples/base/Dockerfile

@@ -0,0 +1,24 @@
+FROM debian:buster
+
+RUN apt update && apt install -y --no-install-recommends \
+			openssh-server \
+			openssh-client \
+		&& rm -rf /var/lib/apt/lists/*
+# Add priviledge separation directoy to run sshd as root.
+RUN mkdir -p /var/run/sshd
+# Add capability to run sshd as non-root.
+RUN setcap CAP_NET_BIND_SERVICE=+eip /usr/sbin/sshd
+
+# Allow OpenSSH to talk to containers without asking for confirmation
+# by disabling StrictHostKeyChecking.
+# mpi-operator mounts the .ssh folder from a Secret. For that to work, we need
+# to disable UserKnownHostsFile to avoid write permissions.
+# Disabling StrictModes avoids directory and files read permission checks.
+RUN sed -i 's/[ #]\(.*StrictHostKeyChecking \).*/ \1no/g' /etc/ssh/ssh_config \
+    && echo "    UserKnownHostsFile /dev/null" >> /etc/ssh/ssh_config \
+    && sed -i 's/#\(StrictModes \).*/\1no/g' /etc/ssh/sshd_config
+
+RUN useradd -m mpiuser
+WORKDIR /home/mpiuser
+# Configurations for running sshd as non-root.
+COPY --chown=mpiuser sshd_config .sshd_config

examples/base/intel-builder.Dockerfile

@@ -0,0 +1,24 @@
+FROM bash AS downloader
+
+RUN wget https://apt.repos.intel.com/intel-gpg-keys/GPG-PUB-KEY-INTEL-SW-PRODUCTS.PUB -O key.PUB
+
+FROM debian:buster
+
+COPY --from=downloader key.PUB /tmp/key.PUB
+
+# Install Intel oneAPI keys.
+RUN apt update \
+    && apt install -y --no-install-recommends gnupg2 ca-certificates \
+    && apt-key add /tmp/key.PUB \
+    && rm /tmp/key.PUB \
+    && echo "deb https://apt.repos.intel.com/oneapi all main" | tee /etc/apt/sources.list.d/oneAPI.list \
+    && apt remove -y gnupg2 ca-certificates \
+    && apt autoremove -y \
+    && apt update \
+    && apt install -y --no-install-recommends \
+        libstdc++-8-dev binutils \
+        intel-oneapi-compiler-dpcpp-cpp \
+        intel-oneapi-mpi-devel \
+    && rm -rf /var/lib/apt/lists/*
+
+ENV I_MPI_CC=clang I_MPI_CXX=clang++

examples/base/intel.Dockerfile

@@ -0,0 +1,25 @@
+FROM bash AS downloader
+
+RUN wget https://apt.repos.intel.com/intel-gpg-keys/GPG-PUB-KEY-INTEL-SW-PRODUCTS.PUB -O key.PUB
+
+
+FROM mpioperator/base
+
+COPY --from=downloader key.PUB /tmp/key.PUB
+
+# Install Intel oneAPI keys.
+RUN apt update \
+    && apt install -y --no-install-recommends gnupg2 ca-certificates \
+    && apt-key add /tmp/key.PUB \
+    && rm /tmp/key.PUB \
+    && echo "deb https://apt.repos.intel.com/oneapi all main" | tee /etc/apt/sources.list.d/oneAPI.list \
+    && apt remove -y gnupg2 ca-certificates \
+    && apt autoremove -y \
+    && apt update \
+    && apt install -y --no-install-recommends \
+        dnsutils \
+        intel-oneapi-mpi \
+    && rm -rf /var/lib/apt/lists/*
+
+COPY intel-entrypoint.sh /entrypoint.sh
+ENTRYPOINT ["/entrypoint.sh"]

examples/base/openmpi-builder.Dockerfile

@@ -0,0 +1,7 @@
+FROM debian:buster as builder
+
+RUN apt update \
+    && apt install -y --no-install-recommends \
+        g++ \
+        libopenmpi-dev \
+    && rm -rf /var/lib/apt/lists/*

examples/base/openmpi.Dockerfile

@@ -0,0 +1,5 @@
+FROM mpioperator/base
+
+RUN apt update \
+    && apt install -y --no-install-recommends openmpi-bin \
+    && rm -rf /var/lib/apt/lists/*

examples/pi/Dockerfile

@@ -1,35 +1,9 @@
-FROM debian:buster as builder
-
-RUN apt update && apt install -y --no-install-recommends \
-			g++ \
-			libopenmpi-dev \
-			&& rm -rf /var/lib/apt/lists/*
+FROM mpioperator/openmpi-builder as builder
 
 COPY pi.cc /src/pi.cc
 RUN mpic++ /src/pi.cc -o /pi
 
 
-FROM debian:buster
-
-RUN apt update && apt install -y --no-install-recommends \
-			openmpi-bin \
-			openssh-server \
-			openssh-client \
-			&& rm -rf /var/lib/apt/lists/*
-# Add priviledge separation directoy to run sshd as root.
-RUN mkdir -p /var/run/sshd
-# Add capability to run sshd as non-root.
-RUN setcap CAP_NET_BIND_SERVICE=+eip /usr/sbin/sshd
+FROM mpioperator/openmpi
 
-RUN useradd -m mpiuser
-WORKDIR /home/mpiuser
-COPY --chown=mpiuser sshd_config .sshd_config
-# Allow OpenSSH to talk to containers without asking for confirmation
-# by disabling StrictHostKeyChecking.
-# mpi-operator mounts the .ssh folder from a Secret. For that to work, we need
-# to disable UserKnownHostsFile to avoid write permissions.
-# Disabling StrictModes avoids directory and files read permission checks.
-RUN sed -i 's/[ #]\(.*StrictHostKeyChecking \).*/ \1no/g' /etc/ssh/ssh_config && \
-    echo "    UserKnownHostsFile /dev/null" >> /etc/ssh/ssh_config && \
-    sed -i 's/#\(StrictModes \).*/\1no/g' /etc/ssh/sshd_config
 COPY --from=builder /pi /home/mpiuser/pi

examples/pi/intel.Dockerfile

@@ -1,64 +1,9 @@
-FROM bash AS downloader
+FROM mpioperator/intel-builder as builder
 
-RUN wget https://apt.repos.intel.com/intel-gpg-keys/GPG-PUB-KEY-INTEL-SW-PRODUCTS.PUB -O key.PUB
-
-
-FROM debian:buster as base
-
-COPY --from=downloader key.PUB /tmp/key.PUB
-
-# Install Intel oneAPI keys.
-RUN apt update \
-		&& apt install -y --no-install-recommends gnupg2 ca-certificates \
-    && apt-key add /tmp/key.PUB \
-		&& rm /tmp/key.PUB \
-		&& echo "deb https://apt.repos.intel.com/oneapi all main" | tee /etc/apt/sources.list.d/oneAPI.list \
-		&& apt remove -y gnupg2 ca-certificates \
-		&& apt autoremove -y \
-		&& rm -rf /var/lib/apt/lists/*
-
-
-FROM base as builder
-
-RUN apt update \
-		&& apt install -y --no-install-recommends \
-			libstdc++-8-dev binutils \
-			intel-oneapi-compiler-dpcpp-cpp \
-			intel-oneapi-mpi-devel \
-		&& rm -rf /var/lib/apt/lists/*
-
-ENV I_MPI_CC=clang I_MPI_CXX=clang++
 COPY pi.cc /src/pi.cc
 RUN bash -c "source /opt/intel/oneapi/setvars.sh && mpicxx /src/pi.cc -o /pi"
 
 
-FROM base
-
-RUN apt update \
-		&& apt install -y --no-install-recommends \
-			openssh-server \
-			openssh-client \
-			dnsutils \
-			intel-oneapi-mpi \
-		&& rm -rf /var/lib/apt/lists/*
-
-# Add priviledge separation directoy to run sshd as root.
-RUN mkdir -p /var/run/sshd
-# Add capability to run sshd as non-root.
-RUN setcap CAP_NET_BIND_SERVICE=+eip /usr/sbin/sshd
-
-RUN useradd -m mpiuser
-WORKDIR /home/mpiuser
-COPY intel-entrypoint.sh /entrypoint.sh
-ENTRYPOINT ["/entrypoint.sh"]
-COPY --chown=mpiuser sshd_config .sshd_config
-# Allow OpenSSH to talk to containers without asking for confirmation
-# by disabling StrictHostKeyChecking.
-# mpi-operator mounts the .ssh folder from a Secret. For that to work, we need
-# to disable UserKnownHostsFile to avoid write permissions.
-# Disabling StrictModes avoids directory and files read permission checks.
-RUN sed -i 's/[ #]\(.*StrictHostKeyChecking \).*/ \1no/g' /etc/ssh/ssh_config && \
-    echo "    UserKnownHostsFile /dev/null" >> /etc/ssh/ssh_config && \
-    sed -i 's/#\(StrictModes \).*/\1no/g' /etc/ssh/sshd_config
+FROM mpioperator/intel
 
 COPY --from=builder /pi /home/mpiuser/pi