基于libfaketime修改容器时间(不修改宿主机)

2020-09-14

项目地址:https://github.com/wolfcw/libfaketime.git

使用ubuntu做为基础镜像

之前测试alpine时发现兼容性不好,ubuntu验证正常
Dockerfile

FROM ubuntu:latest as builder
RUN  sed -i s@/archive.ubuntu.com/@/mirrors.aliyun.com/@g /etc/apt/sources.list \
    && apt-get update \
    && apt-get install -y --no-install-recommends wget unzip make gcc g++ \
    && apt-get autoclean -y \
    && apt-get clean -y \
    && rm -rf /var/lib/apt/lists/*

RUN wget --no-check-certificate https://github.com/wolfcw/libfaketime/archive/master.zip \
    && unzip master.zip \
    && cd libfaketime-master \
    && make && make install \
    && cd ../ \
    && rm -rf libfaketime-master master.zip

FROM ubuntu:latest
ENV JAVA_HOME="/usr/lib/jvm/default-jvm" \
    JRE_HOME="/usr/lib/jvm/default-jvm/jre" \
    PATH="/usr/lib/jvm/default-jvm/bin:$PATH" \
    LANG=C.UTF-8 \
    MALLOC_ARENA_MAX=1 

COPY jvm /usr/lib/jvm
COPY --from=builder /usr/local/lib/faketime /usr/local/lib/faketime 
COPY --from=builder /usr/local/bin/faketime /usr/local/bin/faketime
RUN mkdir -p /data/apps \
    && sed -i s@/archive.ubuntu.com/@/mirrors.aliyun.com/@g /etc/apt/sources.list \
    && apt-get update \
    && apt-get install -y --no-install-recommends tzdata curl net-tools iputils-ping nano \
    && apt-get autoclean -y \
    && apt-get clean -y \
    && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* \
    && cp /usr/share/zoneinfo/Asia/Shanghai /etc/localtime \
    && echo "Asia/Shanghai" > /etc/timezone

将jdk包、Dockerfile、build.sh放到同一目录
build.sh

WORK=`pwd`
IMAGE_URL=registry.harbor.com/java/ubuntu:jdk8201
JAVA_VERSION=8
yum install wget unzip -y && \
tar -xzf `ls *.tar.gz` && \
TMP=`ls -l |awk '/^d/ {print $NF}'` && \
wget --header "Cookie: oraclelicense=accept-securebackup-cookie;" "http://download.oracle.com/otn-pub/java/jce/${JAVA_VERSION}/jce_policy-${JAVA_VERSION}.zip" && \
unzip -jo -d "$TMP/jre/lib/security" "jce_policy-${JAVA_VERSION}.zip" && \
rm -rf  "$TMP/"*src.zip \
        "$TMP/lib/missioncontrol" \
        "$TMP/lib/visualvm" \
        "$TMP/lib/"*javafx* \
        "$TMP/jre/lib/plugin.jar" \
        "$TMP/jre/lib/ext/jfxrt.jar" \
        "$TMP/jre/bin/javaws" \
        "$TMP/jre/lib/javaws.jar" \
        "$TMP/jre/lib/desktop" \
        "$TMP/jre/plugin" \
        "$TMP/jre/lib/"deploy* \
        "$TMP/jre/lib/"*javafx* \
        "$TMP/jre/lib/"*jfx* \
        "$TMP/jre/lib/amd64/libdecora_sse.so" \
        "$TMP/jre/lib/amd64/"libprism_*.so \
        "$TMP/jre/lib/amd64/libfxplugins.so" \
        "$TMP/jre/lib/amd64/libglass.so" \
        "$TMP/jre/lib/amd64/libgstreamer-lite.so" \
        "$TMP/jre/lib/amd64/"libjavafx*.so \
        "$TMP/jre/lib/amd64/"libjfx*.so \
        "$TMP/jre/bin/jjs" \
        "$TMP/jre/bin/keytool" \
        "$TMP/jre/bin/orbd" \
        "$TMP/jre/bin/pack200" \
        "$TMP/jre/bin/policytool" \
        "$TMP/jre/bin/rmid" \
        "$TMP/jre/bin/rmiregistry" \
        "$TMP/jre/bin/servertool" \
        "$TMP/jre/bin/tnameserv" \
        "$TMP/jre/bin/unpack200" \
        "$TMP/jre/lib/ext/nashorn.jar" \
        "$TMP/jre/lib/jfr.jar" \
        "$TMP/jre/lib/jfr" \
        "$TMP/jre/lib/oblique-fonts" \
        "$TMP/jre/lib/security/README.txt" && \
ln -s $TMP default-jvm && \
mkdir jvm && mv $TMP default-jvm jvm && \
mkdir $WORK/build && \
cp $WORK/Dockerfile $WORK/build && \
mv jvm $WORK/build && \
cd $WORK/build && docker build --rm --no-cache -t $IMAGE_URL . && \
rm -rf $WORK/build
docker push $IMAGE_URL
docker rmi $IMAGE_URL

make install文件变动

/usr/local/lib/faketime # ls
libfaketime.so.1    libfaketimeMT.so.1

/usr/local/bin # ls
faketime

简单验证,更多查看git文档

~ # date
Sat Nov  9 18:30:08 CST 2019

~ # faketime '2008-12-24 08:15:42' date
Wed Dec 24 08:15:42 CST 2008

# 或

~ # LD_PRELOAD=/usr/local/lib/faketime/libfaketime.so.1 FAKETIME="-2d" date
Thu Nov  7 18:01:05 CST 2019

在k8s中配置

只需要添加如下环境变量即可:

  • LD_PRELOAD
    用于动态库的加载,动态库加载的优先级最高,一般情况下,其加载顺序为LD_PRELOAD>LD_LIBRARY_PATH>/etc/ld.so.cache>/lib>/usr/lib
  • FAKETIME
    用来指定时间,
    @ 表示start at,时间会一直推进,不加@时间会一直保持不变,
  • FAKETIME_DONT_RESET
    新起进程时间也会跟着一起推进
  • FAKETIME_NO_CACHE=1
    禁用缓存,防止由于程序已经运行时修改假时间需要10秒后才会应用
/ # export LD_PRELOAD=/usr/local/lib/faketime/libfaketime.so.1 FAKETIME="@2030-08-12 10:30:33" FAKETIME_DONT_RESET=1 FAKETIME_NO_CACHE=1
/ # /bin/sh -c "while true;do date; sleep 1;done"

Mon Aug 12 10:30:33 UTC 2030
Mon Aug 12 10:30:34 UTC 2030
Mon Aug 12 10:30:35 UTC 2030
Mon Aug 12 10:30:36 UTC 2030
Mon Aug 12 10:30:37 UTC 2030
Mon Aug 12 10:30:38 UTC 2030

yaml文件部分

env:
  - name: "LD_PRELOAD"
    value: "/usr/local/lib/faketime/libfaketime.so.1"
  - name: "FAKETIME_DONT_RESET"
    value: "1"
  - name: "FAKETIME_NO_CACHE"
    value: "1"
  - name: "FAKETIME"
    value: "@2030-08-12 10:30:33"

image.png


标题:基于libfaketime修改容器时间(不修改宿主机)
作者:fish2018
地址:http://devopser.org/articles/2019/11/09/1573295897199.html