Skip to content

Dockerfile for official Akamai's DevOps environment containing CLI packages and useful tools

License

Notifications You must be signed in to change notification settings

akamai/akamai-docker

Repository files navigation

Akamai Docker Development Environment

master build

Run Akamai command line tools in docker. See the tutorial for more usage examples.

animated image showing how to purge using the akamai docker purge package

Quickstart

Enter a shell with all the tools (skip to Authentication for a refresher on .edgerc):

docker run --rm -it -v $HOME/.edgerc:/root/.edgerc:ro akamai/shell

Purge a CP Code:

docker run --rm -it -v $HOME/.edgerc:/root/.edgerc:ro akamai/shell akamai purge invalidate --cpcode 123456

Purge a CP Code (using the slim variant):

docker run --rm -it -v $HOME/.edgerc:/root/.edgerc:ro akamai/purge akamai purge invalidate --cpcode 123456

Start a long-running container in the background, execute commands against:

docker run -d --name akshell -v $HOME/.edgerc:/root/.edgerc:ro akamai/shell sleep infinity
docker exec -it akshell akamai purge invalidate --cpcode 123456

About The Images

This project provides images in two flavors:

  • small, single tool images

    Good choices for integrating exactly what you need in automation.

  • larger image combining them all (shell)

    Perfect for experimentation or automation when all-in-one is more convenient.

Variants

REPOSITORY DOCS
akamai/shell GitHub
akamai/terraform GitHub
akamai/terraform-cli GitHub
akamai/httpie GitHub
akamai/test-center GitHub
akamai/sandbox GitHub
akamai/purge GitHub
akamai/property-manager GitHub
akamai/onboard GitHub
akamai/image-manager GitHub
akamai/jsonnet GitHub
akamai/firewall GitHub
akamai/eaa GitHub
akamai/edgeworkers GitHub
akamai/dns GitHub
akamai/cps GitHub
akamai/cloudlets GitHub
akamai/appsec GitHub
akamai/api-gateway GitHub
akamai/adaptive-acceleration GitHub
akamai/etp GitHub
akamai/gtm GitHub

List of current docker images with their current sizes, can be funder in Dockerhub (https://hub.docker.com/u/akamai).

All variants use an Alpine Linux base.

The akamai/shell image replaces the previous akamai/akamai-docker image, and contains all the other variant images plus some extra utilities:

  • git
  • vim
  • tree
  • bind-tools
  • jq
  • jsonnet

Tags

We publish two tags for each image:

  • latest: built when a commit is pushed to master
  • vX.X.X: built when new version is released

General Usage

This section describes how to operate the docker images. Please find detailed usage instructions for each tool linked in the variants table.

Authentication

The standard authentication method for most Akamai APIs is called EdgeGrid. Creating an EdgeGrid client is covered on developer.akamai.com.

You will typically create an .edgerc file in your home directory with contents similar to this:

[default]
client_secret = your_client_secret
host = your_host
access_token = your_access_token
client_token = your_client_token

The following example illustrates this by displaying the list of groups using the Akamai CLI Property Manager package ("pm" is an alias for "property-manager" and "lg" is an alias for "list-groups"):

docker run -it --rm -v $HOME/.edgerc:/root/.edgerc:ro akamai/shell akamai pm lg

Mounting the file read-only (:ro) is also recommended to protect your credentials from corruption or tampering.

Short-lived Container

Good for interactive exploration of APIs

docker run --rm -it -v $HOME/.edgerc:/root/.edgerc:ro akamai/shell

Tip: You can store this command on a shell alias which allows to start the Akamai Development Environment with a single command like akadev:

alias akadev='docker run --rm -it -v $HOME/.edgerc:/root/.edgerc:ro akamai/shell'

Long-Running Container

Good for interactive tools that run commands at regular intervals, like Jenkins pipelines

Run the container in the background:

docker run -d --name akshell -v $HOME/.edgerc:/root/.edgerc:ro akamai/shell sleep infinity

Then execute commands using docker exec.

docker exec -it akshell akamai purge invalidate --cpcode 123456

You can stop and start this container by running:

docker stop akshell
docker start akshell

One-Shot Container

Good for occasional interactive use, like ephemeral tool automation

The example below invalidates a cached image on the Akamai production network (default)

docker run --rm -v $HOME/.edgerc:/root/.edgerc:ro akamai/purge akamai purge invalidate http://www.example.com/logo.png

Image Specifics

Some images require special handling in docker.

Terraform

Because the docker container will be running with / as the working directory, you cannot simply mount your configuration and run terraform apply.

The easiest approach is to specify the mount path in the container as an argument to terraform commands:

docker run --rm -v $HOME/.edgerc:/root/.edgerc:ro \
  -v $HOME/terraform-config:/tf:ro \
  akamai/terraform \
    terraform apply /tf

Terraform >=0.13.0

Since 0.13, Terraform requires providers to be declared and pinned to a specific version. The Akamai docker image bakes in a few commonly-used provider plugins, in addition to the Akamai provider.

You can use the terraform.tf file we use as reference if you wish to include these pre-baked plugins in your project.

If those providers are enough for your requirement, then you're all set. If you need more providers, be advised that terraform init will by default install the providers in a folder within the container, which you will lose along with the container.

In that case, you may wish to install them yourself in a location of your choosing. To do this, simply set the TF_PLUGIN_CACHE_DIR environment variable to the appropriate location. For example:

docker run --rm -v $HOME/.edgerc:/root/.edgerc:ro \
  -v $HOME/terraform-config:/tf:ro \
  -v $HOME/terraform-plugin-cache:/tf-plugins:rw \
  -e TF_PLUGIN_CACHE_DIR=/tf-plugins \
  akamai/terraform \
    terraform init /tf

HTTPIE

When using HTTPIE non-interactively in docker (without -it), you may wish to read the Scripting Best Practices section of the documentation.

Sandbox

Note: Credits go to Nick Le Mouton for his awesome blog post: https://www.noodles.net.nz/2018/10/12/running-akamai-sandbox-in-docker-with-https/

Assuming you run a webserver locally on port 5000 and sandbox is exposed on port 9550:

  • ensure you run docker with port mapping:

    docker run -it -p 9550:9550 --name mylab akamai/akamai-docker
  • set up sandbox client to listen on address 0.0.0.0:

    "sandboxServerInfo": {
      "secure": false,
      "port": 9550,
      "host": "0.0.0.0"
    },
  • setup origin mapping using a special docker hostname:

    "originMappings": [
      {
        "from": "",
        "to": {
          "secure": false,
          "port": 5000,
          "host": "host.docker.internal"
        }
      }
    ],

Non-Interactive Sandbox

The above use case assumes that user starts bash sessions and invokes commands inside of it. However, it's also possible to use this docker image to execute commands straight like on the following example:

❯ docker run -it --rm -p 9550:9550 -v $HOME/.edgerc:/root/.edgerc -v $(pwd)/sandbox:/cli/.akamai-cli/cache/sandbox-cli akamai/akamai-docker akamai sandbox list
Local sandboxes:

current  name      sandbox_id
-------  --------  ------------------------------------
YES      username  11111111-222-3333-4444-555555555555

This way, the container is immediately removed when the execution is complete. You can use path mount - like in the example above - to persist state across multiple commands invocations. The example above stores sandbox-cli local data in $(pwd)/sandbox subfolder so it's possible to operate on the same sandbox like in a single bash session.

Build

The build system is described at length in docs/BUILD.md.

Tutorial

You can find further usage examples on docs/TUTORIAL.md.

License

Copyright © 2024 Akamai Technologies, Inc. All rights reserved.

See Apache License 2.0

By submitting a contribution (the “Contribution”) to this project, and for good and valuable consideration, the receipt and sufficiency of which are hereby acknowledged, you (the “Assignor”) irrevocably convey, transfer, and assign the Contribution to the owner of the repository (the “Assignee”), and the Assignee hereby accepts, all of your right, title, and interest in and to the Contribution along with all associated copyrights, copyright registrations, and/or applications for registration and all issuances, extensions and renewals thereof (collectively, the “Assigned Copyrights”). You also assign all of your rights of any kind whatsoever accruing under the Assigned Copyrights provided by applicable law of any jurisdiction, by international treaties and conventions and otherwise throughout the world.