How to connect to docker container from browser on host? - networking

I am using Docker for Mac 1.12.0-rc4-beta19.
The container built with following dockerfile and docker-compose.yml.
I want to connect to 1344 port of container from host os browser with http://localhost:1344.
But connection be fail.
I am using 1344 of container to test of bottle (python lightweight web framework) application
Why cannot connect to container's port from host?
docker-compose.yml:
version: '2'
services:
datastore:
image: busybox:latest
volumes:
- ./share:/share_to_container
### base (ubuntu)
base:
build: ./
ports:
- "127.0.0.1:1344:1344"
- "8000:8000"
volumes:
- ./app:/app
volumes_from:
- datastore
links:
- db
- webserver
db:
build:
context: .
dockerfile: "mysqlfile"
environment:
- MYSQL_ROOT_PASSWORD=mypassword
ports:
- "3306:3306"
volumes:
- ./mysql:/mysql
volumes_from:
- datastore
webserver:
image: nginx
ports:
- "8080:80"
volumes:
- ./nginx/mysite.template:/etc/nginx/conf.d/mysite.template
volumes_from:
- datastore
Edit:
The port 8080 connection is correctly, But 1344 is fail
The following is full Dockerfile for base service
Dockerfile_for_base:
from ubuntu:latest
maintainer myname
run mkdir ~/app
copy vim /root/.vim
copy vimrc /root/.vimrc
#update
run apt-get update
run apt-get -y update
run apt-get -y install libssl-dev
run apt-get -yf install curl
run apt-get -y install mysql-client
run apt-get -y install clang
run apt-get -y install lldb
run apt-get -y install make
run apt-get -y install libsqlite3-dev
run apt-get -y install man
run apt-get -y install vim
run apt-get -y install git
run apt-get -y install pkg-config
run apt-get -y install zip
run apt-get -y install unzip
run apt-get -y install language-pack-ja-base
run apt-get -y install language-pack-ja
run apt-get -y install language-pack-en-base
run apt-get -y install language-pack-en
run apt-get -y install fcitx-mozc
run apt-get -y install libreadline-dev
# setting locale to japanese
run update-locale LANG=ja_JP.UTF-8 LANGUAGE=ja_JP:ja
env LANG ja_JP.UTF-8
env LC_CTYPE ja_JP.UTF-8
env LC_MESSAGES en_US.UTF-8
run im-config -n fcitx
# end of locale settings
# install latest python3 and some python packages (https://github.com/docker-library/python/blob/3db904b3f5407840e591daf3aa54670a685b22b3/3.5/Dockerfile)
ENV GPG_KEY 97FC712E4C024BBEA48A61ED3A5CA953F73C700D
ENV PYTHON_VERSION 3.5.2
# if this is called "PIP_VERSION", pip explodes with "ValueError: invalid truth value '<VERSION>'"
ENV PYTHON_PIP_VERSION 8.1.2
RUN set -ex \
&& curl -fSL "https://www.python.org/ftp/python/${PYTHON_VERSION%%[a-z]*}/Python-$PYTHON_VERSION.tar.xz" -o python.tar.xz \
&& curl -fSL "https://www.python.org/ftp/python/${PYTHON_VERSION%%[a-z]*}/Python-$PYTHON_VERSION.tar.xz.asc" -o python.tar.xz.asc \
&& export GNUPGHOME="$(mktemp -d)" \
&& gpg --keyserver ha.pool.sks-keyservers.net --recv-keys "$GPG_KEY" \
&& gpg --batch --verify python.tar.xz.asc python.tar.xz \
&& rm -r "$GNUPGHOME" python.tar.xz.asc \
&& mkdir -p /usr/src/python \
&& tar -xJC /usr/src/python --strip-components=1 -f python.tar.xz \
&& rm python.tar.xz \
\
&& cd /usr/src/python \
&& ./configure \
--enable-loadable-sqlite-extensions \
--enable-shared \
&& make -j$(nproc) \
&& make install \
&& ldconfig \
&& pip3 install --no-cache-dir --upgrade pip==$PYTHON_PIP_VERSION \
&& [ "$(pip list | awk -F '[ ()]+' '$1 == "pip" { print $2; exit }')" = "$PYTHON_PIP_VERSION" ] \
&& find /usr/local -depth \
\( \
\( -type d -a -name test -o -name tests \) \
-o \
\( -type f -a -name '*.pyc' -o -name '*.pyo' \) \
\) -exec rm -rf '{}' + \
&& rm -rf /usr/src/python ~/.cache
# make some useful symlinks that are expected to exist
RUN cd /usr/local/bin \
&& ln -s easy_install-3.5 easy_install \
&& ln -s idle3 idle \
&& ln -s pydoc3 pydoc \
&& ln -s python3 python \
&& ln -s python3-config python-config
# end of latest python installation
#install some packages
run pip --no-cache-dir install bottle
run pip --no-cache-dir install feedparser
run pip --no-cache-dir install PyMySQL
run pip --no-cache-dir install -U pip
run pip --no-cache-dir install -U setuptools
#prompt and compiler environment variables
env CC clang
env CXX clang++
run echo 'export PS1="\h:\W \u$ "' >> ~/.bashrc
# git config
run git config --global user.name "myusername"
run git config --global user.email "my#email.address"
run git config --global color.ui true
run git config --global core.editor vim
expose 1000
expose 2000
expose 3000
expose 4000
expose 5000
expose 1344
cmd bash

If by "host os browser" you mean your Mac, you certainly need to remove the host from the port mapping as suggested. The reason you can't connect is the actual Docker host is a (xhyve) Virtual Machine running between your Mac and Docker. Docker will automatically publish the port between your Mac and the container like you have it, just remove the host, i.e., - "1344:1344"
(Fyi, in your setup as-is you would need to connect via the VM host which doesn't really help you.)
If you still have problems, post any errors and steps to reproduce.

So, after you posted your Dockerfile, it doesn't look like you're running anything? You have the CMD action set to bash and are not overriding it in your docker-compose.yml. I'm a little surprised the container is up at all (since it would just run bash and exit).
Are these files complete?
As an aside, you may want to reformat / lint your Dockerfile for best practises.

Did you see this forum topic?
So just run a container and call ˋifconfigˋ command. Example of output:
bash-4.3# ifconfig
eth0 Link encap:Ethernet HWaddr 02:42:AC:11:00:02
inet addr:172.17.0.2 Bcast:0.0.0.0 Mask:255.255.0.0
inet6 addr: fe80::42:acff:fe11:2%32738/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:6 errors:0 dropped:0 overruns:0 frame:0
TX packets:6 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:508 (508.0 B) TX bytes:508 (508.0 B)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1%32738/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
So IP of VM from example is 172.17.0.2

Related

How can i fix MYSQL error in php consumer?

i have this dockerfile for php-consumer:
`
FROM node:latest as node
FROM php:8.0-fpm
COPY --from=mlocati/php-extension-installer:1.2 /usr/bin/install-php-extensions /usr/local/bin/
COPY --from=node /usr/local/lib/node_modules /usr/local/lib/node_modules
COPY --from=node /usr/local/bin/node /usr/local/bin/node
RUN ln -s /usr/local/lib/node_modules/npm/bin/npm-cli.js /usr/local/bin/npm
RUN apt-get update && apt-get install -y \
libpq-dev \
wget \
zlib1g-dev \
libmcrypt-dev \
libzip-dev \
git \
php7.*-xml \
pkg-config \
libcurl4-openssl-dev \
librabbitmq-dev \
libpng-dev \
libjpeg-dev \
libfreetype6-dev
RUN apt-get update && apt-get install -y zlib1g-dev libicu-dev g++
RUN docker-php-ext-configure intl
RUN docker-php-ext-install intl
ENV CFLAGS="$CFLAGS -D_GNU_SOURCE"
RUN docker-php-ext-configure gd --with-freetype=/usr/include/ --with-jpeg=/usr/include/ && \
docker-php-ext-install mysqli pdo pdo_mysql zip curl sockets pcntl
RUN install-php-extensions \
decimal \
pdo_mysql \
intl \
amqp \
bcmath \
pcntl \
sockets \
xsl
RUN pecl install -o -f redis \
&& rm -rf /tmp/pear \
&& docker-php-ext-enable redis
RUN apt-get update && apt-get install libxslt1-dev -y && docker-php-ext-install xsl
RUN curl -S https://getcomposer.org/installer | php -- --install-dir=/usr/local/bin --filename=composer
COPY consume.sh /consumer/consume.sh
WORKDIR /workdir
ENTRYPOINT ["bash", "/consumer/consume.sh"]
`
This consume.sh:
`
#!/bin/bash
sleep 10;
/workdir/bin/console messenger:consume >&1;
`
This messenger.yaml:
`
framework:
messenger:
transports:
movies:
dsn: "%env(MESSENGER_TRANSPORT_DSN)%"
options:
vhost: "/"
routing:
App\Message\Tmdb\MovieRequestedMessage: movies
`
`
DATABASE_URL="mysql://user_name:password#mysql/database_name?serverVersion=5.7"
`
And when i dispatch the message, i got this error in php_consumer:
`02:46:24 WARNING [messenger] Error thrown while handling message App\Message\Tmdb\MovieRequestedMessage. Sending for retry #1 using 1000 ms delay. Error: "Handling "App\Message\Tmdb\MovieRequestedMessage" failed: An exception occurred in the driver: SQLSTATE[HY000] [2002] No such file or directory" ["class" => "App\Message\Tmdb\MovieRequestedMessage","retryCount" => 1,"delay" => 1000,"error" => "Handling "App\Message\Tmdb\MovieRequestedMessage" failed: An exception occurred in the driver: SQLSTATE[HY000] [2002] No such file or directory","exception" => Symfony\Component\Messenger\Exception\HandlerFailedException { …}]
docker-compose.yml:
php-consumer:
container_name: php_consumer
build:
context: docker/php-consumer
env_file:
- .env
volumes:
- .:/project
depends_on:
- mysql
- rabbitmq
- php-cli
- php-fpm
environment:
- "MESSENGER_TRANSPORT_DSN=${MESSENGER_TRANSPORT_DSN}"
- "DATABASE_URL=${DATABASE_URL}"
networks:
- network
I tried to change mysql to mysql container ip, but it doesn't work.
I would be very grateful for any clarification, and for any help. Thank you so much!

How to install and setup WordPress using Podman

With docker I was able to run WordPress example for docker-compose on nearly every platform, without prior docker knowledge.
I look for a way to achieve the same with Podman.
In my case, to have a fast cross-platform way to setup a working WordPress installation for development.
As Podman is far younger, a valid answer in 2022 would also be: It is not possible, because... / only possible provided constraint X.
Still I would like to create an entry point for other people, who run into the same issue in the future.
I posted my own efforts below. Before I spend more hours debugging lots of small (but still solvable) issues, I wanted to find out if someone else faced the same problem and already has a solution. If you have, please clearly document its constraints.
My particular issue, as a reference
I am on Ubuntu 20.04 and podman -v gives 3.4.2.
docker/podman compose
When I use docker-compose up with Podman back-end on docker's WordPress .yml-file, I run into the "duplicate mount destination" issue.
podman-compose is part of Podman 4.1.0, which is not available on Ubuntu as I write this.
Red Hat example
The example of Red Hat gives "Error establishing a database connection ... contact with the database server at mysql could not be established".
A solution for the above does not work for me. share is likely a typo. I tried to replace with unshare.
Cent OS example
I found an example which uses pods instead of a docker-compose.yml file. But it is written for Cent OS.
I modified the Cent OS example, see the script below. I get the containers up and running. However, WordPress is unable to connect to the database.
#!/bin/bash
# Set environment variables:
DB_NAME='wordpress_db'
DB_PASS='mysupersecurepass'
DB_USER='justbeauniqueuser'
POD_NAME='wordpress_with_mariadb'
CONTAINER_NAME_DB='wordpress_db'
CONTAINER_NAME_WP='wordpress'
mkdir -P html
mkdir -P database
# Remove previous attempts
sudo podman pod rm -f $POD_NAME
# Pull before run, bc: invalid reference format eror
sudo podman pull mariadb:latest
sudo podman pull wordpress
# Create a pod instead of --link. So both containers are able to reach each others.
sudo podman pod create -n $POD_NAME -p 80:80
sudo podman run --detach --pod $POD_NAME \
-e MYSQL_ROOT_PASSWORD=$DB_PASS \
-e MYSQL_PASSWORD=$DB_PASS \
-e MYSQL_DATABASE=$DB_NAME \
-e MYSQL_USER=$DB_USER \
--name $CONTAINER_NAME_DB -v "$PWD/database":/var/lib/mysql \
docker.io/mariadb:latest
sudo podman run --detach --pod $POD_NAME \
-e WORDPRESS_DB_HOST=127.0.0.1:3306 \
-e WORDPRESS_DB_NAME=$DB_NAME \
-e WORDPRESS_DB_USER=$DB_USER \
-e WORDPRESS_DB_PASSWORD=$DB_PASS \
--name $CONTAINER_NAME_WP -v "$PWD/html":/var/www/html \
docker.io/wordpress
Also, I was a bit unsure where to post this question. If server fault or another stack exchange are a better fit, I will happily post there.
Actually, your code works with just small changes.
I removed the sudo's and changed the pods external port to 8090, instead of 80. So now everything is running as a non-root user.
#!/bin/bash
# https://stackoverflow.com/questions/74054932/how-to-install-and-setup-wordpress-using-podman
# Set environment variables:
DB_NAME='wordpress_db'
DB_PASS='mysupersecurepass'
DB_USER='justbeauniqueuser'
POD_NAME='wordpress_with_mariadb'
CONTAINER_NAME_DB='wordpress_db'
CONTAINER_NAME_WP='wordpress'
mkdir -p html
mkdir -p database
# Remove previous attempts
podman pod rm -f $POD_NAME
# Pull before run, bc: invalid reference format error
podman pull docker.io/mariadb:latest
podman pull docker.io/wordpress
# Create a pod instead of --link.
# So both containers are able to reach each others.
podman pod create -n $POD_NAME -p 8090:80
podman run --detach --pod $POD_NAME \
-e MYSQL_ROOT_PASSWORD=$DB_PASS \
-e MYSQL_PASSWORD=$DB_PASS \
-e MYSQL_DATABASE=$DB_NAME \
-e MYSQL_USER=$DB_USER \
--name $CONTAINER_NAME_DB -v "$PWD/database":/var/lib/mysql \
docker.io/mariadb:latest
podman run --detach --pod $POD_NAME \
-e WORDPRESS_DB_HOST=127.0.0.1:3306 \
-e WORDPRESS_DB_NAME=$DB_NAME \
-e WORDPRESS_DB_USER=$DB_USER \
-e WORDPRESS_DB_PASSWORD=$DB_PASS \
--name $CONTAINER_NAME_WP -v "$PWD/html":/var/www/html \
docker.io/wordpress
This is what worked for me:
#!/bin/bash
# https://stackoverflow.com/questions/74054932/how-to-install-and-setup-wordpress-using-podman
# Set environment variables:
POD_NAME='wordpress_mariadb'
DB_ROOT_PW='sup3rS3cr3t'
DB_NAME='wp'
DB_PASS='s0m3wh4tS3cr3t'
DB_USER='wordpress'
podman pod create --name $POD_NAME -p 8080:80
podman run \
-d --restart=always --pod=$POD_NAME \
-e MYSQL_ROOT_PASSWORD="$DB_ROOT_PW" \
-e MYSQL_DATABASE="$DB_NAME" \
-e MYSQL_USER="$DB_USER" \
-e MYSQL_PASSWORD="$DB_PASS" \
-v $HOME/public_html/wordpress/mysql:/var/lib/mysql:Z \
--name=wordpress-db docker.io/mariadb:latest
podman run \
-d --restart=always --pod=$POD_NAME \
-e WORDPRESS_DB_NAME="$DB_NAME" \
-e WORDPRESS_DB_USER="$DB_USER" \
-e WORDPRESS_DB_PASSWORD="$DB_PASS" \
-e WORDPRESS_DB_HOST="127.0.0.1" \
-v $HOME/public_html/wordpress/html:/var/www/html:Z \
--name wordpress docker.io/library/wordpress:latest

Docker container failing to start with connection to database from shinyproxy

I want to connect an individual app within shiny proxy to a docker network.
I have a few apps on shinyproxy, only one needs to connect to the database.
It is a postgresql DB running on the same machine in a docker set up to receive connections though the network my-docker-network
In application.yml Should I use
container-network: my-docker-network
or
container-network-connections: ["my-docker-network"]
?
Even though I don’t need internal networks in shiny proxy do I still need to set ``internal-networking: trueunderdocker:```
At the moment the container isn’t starting, but as the container runs fine by itself using docker run --net my-docker-network --env-file /mypath/.Renviron my_app_image it seems to be a connection issue. The container also works if I run it with --network="host"
I've tried various options of putting the .Renviron in different places and don't think that is the issue.
Full dockerfile (other apps deleted and pseudonomised):
FROM rocker/r-ver:3.6.3
RUN apt-get update --allow-releaseinfo-change && apt-get install -y \
lbzip2 \
libfftw3-dev \
libgdal-dev \
libgeos-dev \
libgsl0-dev \
libgl1-mesa-dev \
libglu1-mesa-dev \
libhdf4-alt-dev \
libhdf5-dev \
libjq-dev \
liblwgeom-dev \
libpq-dev \
libproj-dev \
libprotobuf-dev \
libnetcdf-dev \
libsqlite3-dev \
libssl-dev \
libudunits2-dev \
netcdf-bin \
postgis \
protobuf-compiler \
sqlite3 \
tk-dev \
unixodbc-dev \
libssh2-1-dev \
r-cran-v8 \
libv8-dev \
net-tools \
libsqlite3-dev \
libxml2-dev
#for whatever reason it wasn't working
#RUN export ADD=shiny && bash /etc/cont-init.d/add
#install packages
RUN R -e "install.packages(c('somepackages'))"
#copy app script and variables into docker
RUN mkdir /home/app
COPY .Renviron /home/app/
COPY global.R /home/app/
COPY ui.R /home/app/
COPY server.R /home/app/
COPY Rprofile.site /usr/lib/R/etc/
#add run script
CMD ["R", "-e", "shiny::runApp('home/app')"]
Useful parts of the application.yml
At the moment I always get "500/container doesn't respond/run" on the shinyproxy side even though it runs on the standalone.
proxy:
title: apps - page
# logo-url: https://link/to/your/logo.png
landing-page: /
favicon-path: favicon.ico
heartbeat-rate: 10000
heartbeat-timeout: 60000
container-wait-time: 40000
port: 8080
authentication: simple
admin-groups: admins
container-log-path: /etc/shinyproxy/logs
# Example: 'simple' authentication configuration
users:
- name: admin
password: password
groups: admins
- name: user
password: password
groups: users
# Docker configuration
docker:
cert-path: /home/none
url: http://localhost:2375
port-range-start: 20000
# internal-networking: true
specs:
- id: 06_rshiny_dashboard_r_ver
display-name: app r_ver container r_app_r_ver
description: using simple rver set up docker and the r_app_r_ver image
container-cmd: ["R", "-e", "shinyrunApp('/home/app')"]
#container-cmd: ["R", "-e", "shiny::runApp('/home/app', shiny.port = 3838, shiny.host = '0.0.0.0')"]
container-image: asela_r_app_r_ver:latest
#container-network: my-docker-network
container-network-connections: [ "my-docker-network" ]
container-env-file: /home/app/.Renviron
access-groups: [admins]
logging:
file:
name: /etc/shinyproxy/shinyproxy.log
Various commented out lines show the current set up but have tried with/without
Fixed it by using a shiny server version of the docker - not sure why but this sorted out some connection issue.
Dockerfile:
FROM rocker/r-ver:3.6.3
RUN apt-get update --allow-releaseinfo-change && apt-get install -y \
lbzip2 \
libfftw3-dev \
libgdal-dev \
libgeos-dev \
libgsl0-dev \
libgl1-mesa-dev \
libglu1-mesa-dev \
libhdf4-alt-dev \
libhdf5-dev \
libjq-dev \
liblwgeom-dev \
libpq-dev \
libproj-dev \
libprotobuf-dev \
libnetcdf-dev \
libsqlite3-dev \
libssl-dev \
libudunits2-dev \
netcdf-bin \
postgis \
protobuf-compiler \
sqlite3 \
tk-dev \
unixodbc-dev \
libssh2-1-dev \
r-cran-v8 \
libv8-dev \
net-tools \
libsqlite3-dev \
libxml2-dev \
wget \
gdebi
##No version control
#then install shiny
RUN wget --no-verbose https://download3.rstudio.org/ubuntu-14.04/x86_64/VERSION -O "version.txt" && \
VERSION=$(cat version.txt) && \
wget --no-verbose "https://download3.rstudio.org/ubuntu-14.04/x86_64/shiny-server-$VERSION-amd64.deb" -O ss-latest.deb && \
gdebi -n ss-latest.deb && \
rm -f version.txt ss-latest.deb
#install packages
RUN R -e "install.packages(c('xtable', 'stringr', 'glue', 'data.table', 'pool', 'RPostgres', 'palettetown', 'deckgl', 'sf', 'shinyWidgets', 'shiny', 'stats', 'graphics', 'grDevices', 'datasets', 'utils', 'methods', 'base'))"
##No version control over
##with version control and renv.lock file
##With version control over
#copy shiny server config over
COPY shiny-server.conf /etc/shiny-server/shiny-server.conf
#avoid some errors
#already in there
#RUN echo 'sanitize_errors off;disable_protocols xdr-streaming xhr-streaming iframe-eventsource iframe-htmlfile;' >> /etc/shiny-server/shiny-server.conf
# copy the app to the image
COPY .Renviron /srv/shiny-server/
COPY global.R /srv/shiny-server/
COPY server.R /srv/shiny-server/
COPY ui.R /srv/shiny-server/
# select port
EXPOSE 3838
# Copy further configuration files into the Docker image
COPY shiny-server.sh /usr/bin/shiny-server.sh
RUN ["chmod", "+x", "/usr/bin/shiny-server.sh"]
# run app
CMD ["/usr/bin/shiny-server.sh"]
application.yml:
proxy:
title: apps - page
# logo-url: https://link/to/your/logo.png
landing-page: /
favicon-path: favicon.ico
heartbeat-rate: 10000
heartbeat-timeout: 60000
container-wait-time: 40000
port: 8080
authentication: simple
admin-groups: admins
container-log-path: /etc/shinyproxy/logs
# Example: 'simple' authentication configuration
users:
- name: admin
password: password
groups: admins
- name: user
password: password
groups: users
# Docker configuration
docker:
cert-path: /home/none
url: http://localhost:2375
port-range-start: 20000
# internal-networking: true
- id: 10_asela_rshiny_shinyserv
display-name: ASELA Dash internal shiny server version
description: container has own shinyserver within it functions on docker network only not on host container-network version
container-cmd: ["/usr/bin/shiny-server.sh"]
access-groups: [admins]
container-image: asela_r_app_shinyserv_ver:latest
container-network: asela-docker-net
logging:
file:
name: /etc/shinyproxy/shinyproxy.log

Compiling a .Net Core Console App with Npgsql and CoreRT

I'm trying to compile a .net core console application into native executable (linux-x64) on an ubuntu 18.04 docker container, using both coreRT and Npgsql. I'm currently using docker-compose to set up the DB and application containers.
docker-compose.yml
version: '3'
services:
database:
image: postgres:10
environment:
- POSTGRES_USER=dbuser
- POSTGRES_PASSWORD=dbpassword
- POSTGRES_DB=dbsample
ports:
- 5432:5432
tmpfs:
- /var/lib/postgresql/data:rw,noexec,nosuid,size=400m
volumes:
- ./db-init:/docker-entrypoint-initdb.d
prototype:
build: .
depends_on:
- database
links:
- database:database
Dockerfile
FROM ubuntu:18.04
RUN apt-get update \
&& apt-get install -y \
apt-transport-https \
build-essential \
clang \
cmake \
curl \
git-core \
gpg \
libbz2-dev \
libkrb5-dev \
libncurses5-dev \
libncursesw5-dev \
libreadline-dev \
libsqlite3-dev \
libssl-dev \
llvm \
make \
parallel \
wget \
zlib1g-dev
RUN wget -qO- https://packages.microsoft.com/keys/microsoft.asc | gpg --dearmor > microsoft.asc.gpg \
&& mv microsoft.asc.gpg /etc/apt/trusted.gpg.d/ \
&& wget -q https://packages.microsoft.com/config/ubuntu/18.04/prod.list \
&& mv prod.list /etc/apt/sources.list.d/microsoft-prod.list \
&& chown root:root /etc/apt/trusted.gpg.d/microsoft.asc.gpg \
&& chown root:root /etc/apt/sources.list.d/microsoft-prod.list \
&& apt-get update \
&& apt-get install -y dotnet-sdk-2.2
ENV CppCompilerAndLinker=clang-6.0
ENV DOTNET_CLI_TELEMETRY_OPTOUT=true
WORKDIR /home/app
COPY ./HelloWorld.fsproj /home/app
COPY ./nuget.config /home/app
RUN dotnet restore
COPY ./ /home/app
RUN dotnet publish -r linux-x64 -c Release -v detailed -o outside
CMD ./outside/HelloWorld
When It gets to compile it (dotnet publish -r linux-x64 -c Release -v detailed -o outside), it enters infinite loop consuming all the memory avaiable for the container. Until it shows this error:
Task "Exec"
"/root/.nuget/packages/runtime.linux-x64.microsoft.dotnet.ilcompiler/1.0.0-alpha-27919-02/tools/ilc" #"obj/Release/netcoreapp2.2/linux-x64/native/HelloWorld.ilc.rsp"
Killed
1:7>/root/.nuget/packages/microsoft.dotnet.ilcompiler/1.0.0-alpha-27919-02/build/Microsoft.NETCore.Native.targets(249,5): error MSB3073: The command ""/root/.nuget/packages/runtime.linux-x64.microsoft.dotnet.ilcompiler/1.0.0-alpha-27919-02/tools/ilc" #"obj/Release/netcoreapp2.2/linux-x64/native/HelloWorld.ilc.rsp"" exited with code 137. [/home/app/HelloWorld.fsproj]
Done executing task "Exec" -- FAILED.
1:7>Done building target "IlcCompile" in project "HelloWorld.fsproj" -- FAILED.
1:7>Done Building Project "/home/app/HelloWorld.fsproj" (Publish target(s)) -- FAILED.
It seems to be somehow related with the usage of generics and reflections in F#. I've looked in both Npgsql and coreRT repos and couldn't find someone close to get them both working. Have anyone faced this problem? Or managed to use Npgsql and coreRT?

How to run only one thing as root in docker

I'm trying to create a Dockerfile which runs as non-root user.
When i building this all works fine, but nginx cannot write the log file because it dosen't have enough permissions. Can I, when building a Docker, give root permissions only for nginx?
I'm trying chmod, chown for blocked directories. Doesn't work
FROM php:7.1-fpm-alpine
RUN apk add --no-cache shadow
RUN apk add --no-cache --virtual .ext-deps \
openssl \
unzip \
libjpeg-turbo-dev \
libwebp-dev \
libpng-dev \
freetype-dev \
libmcrypt-dev \
imagemagick-dev \
nodejs-npm \
nginx \
git \
inkscape
# imagick
RUN apk add --update --no-cache autoconf g++ imagemagick-dev libtool make pcre-dev \
&& pecl install imagick \
&& docker-php-ext-enable imagick \
&& apk del autoconf g++ libtool make pcre-dev
# Install Blackfire
RUN version=$(php -r "echo PHP_MAJOR_VERSION.PHP_MINOR_VERSION;") \
&& curl -A "Docker" -o /tmp/blackfire-probe.tar.gz -D - -L -s https://blackfire.io/api/v1/releases/probe/php/linux/amd64/$version \
&& tar zxpf /tmp/blackfire-probe.tar.gz -C /tmp \
&& mv /tmp/blackfire-*.so $(php -r "echo ini_get('extension_dir');")/blackfire.so \
&& printf "extension=blackfire.so\nblackfire.agent_socket=tcp://blackfire:8707\n" > $PHP_INI_DIR/conf.d/blackfire.ini
RUN apk add -y icu-dev \
&& docker-php-ext-configure intl \
&& docker-php-ext-install intl
RUN docker-php-ext-configure pdo_mysql && \
docker-php-ext-configure opcache && \
docker-php-ext-configure exif && \
docker-php-ext-configure pdo && \
docker-php-ext-configure zip && \
docker-php-ext-configure gd \
--with-jpeg-dir=/usr/include --with-png-dir=/usr/include --with-webp-dir=/usr/include --with-freetype-dir=/usr/include && \
docker-php-ext-configure sockets && \
docker-php-ext-configure mcrypt
RUN docker-php-ext-install pdo zip pdo_mysql opcache exif gd sockets mcrypt && \
docker-php-source delete
RUN ln -s /usr/bin/php7 /usr/bin/php && \
curl -sS https://getcomposer.org/installer | php -- --install-dir=/usr/local/bin --filename=composer && \
mkdir -p /run/nginx
COPY ./init.sh /
COPY ./default.conf /etc/nginx/conf.d/default.conf
COPY ./.env /
RUN chmod +x /init.sh
EXPOSE 80
RUN addgroup -g 1001 node \
&& adduser -u 1001 -G node -s /bin/sh -D node
ARG UID=1001
ARG GID=1001
ENV UID=${UID}
ENV GID=${GID}
RUN usermod -u $UID node \
&& groupmod -g $GID node
RUN chown 1001:1001 /var/lib/nginx -R
RUN mkdir -p /var/tmp/nginx
RUN chown 1001:1001 /var/tmp/nginx -R
USER node
ENTRYPOINT [ "/init.sh" ]
There are quite a few unknowns in your question, for example, the contents of your default.conf file. By default the nginx logs are stored in /var/log/nginx, but I'll assume you're overriding that in the configuration.
The next thing is that the master process of nginx needs to be run as root if you wan't it to be able to bind to system ports (0 - 1023) so in case you are using nginx as a web server and intend to use ports 80 and 443 you should stick with running the nginx process as root.
In case you plan to use other ports and are set on the idea of running the master process as non-root, then you can check this answer for suggestions on how to do that - https://stackoverflow.com/a/42329561/5359953
I am using the term master process a lot here, because nginx spawns worker processes to handle the actual requests and those can be run as a different user (Defined in the nginx configuration file)
I found the solution. I just changed RUN chown 1001:1001 /var/lib/nginx -R to RUN chown -R 1001:1001 /var/. Thats works fine
RUN chown -R 1001:1001 /var/
sometimes it's will be actually bad decision.
u can try add permissions like this
RUN chown -R 1001:1001 /var/tmp/nginx
RUN chown -R 1001:1001 /var/lib/nginx
RUN chown -R 1001:1001 /var/log/nginx
RUN chown -R 1001:1001 /run/nginx
I guess RUN chown 1001:1001 /var/lib/nginx -R work wrong because I set the flag -R too late

Resources