I have a docker container that has OpenSSL 1.1.1k. I want to upgrade openssl package to openssl-1.1.1l. I try update it in Dockerfile like this:
FROM php:7.4.21-fpm-alpine3.13
RUN apk add --update --no-cache \
openssl
...
But after rebuild my container, openssl version is still 1.1.1k
How can I upgrade openssl version ?
UPD:
Command apk --update list | grep -E ^openssl-1 in my docker container shows me the following:
openssl-1.1.1k-r0 x86_64 {openssl} (OpenSSL) [installed]
openssl-1.1.1s-r0 x86_64 {openssl} (OpenSSL) [upgradable from: openssl-1.1.1k-r0]
openssl-1.0.2u-r0 x86_64 {openssl} (openssl)
Also, my Dockerfile has:
RUN echo 'http://dl-cdn.alpinelinux.org/alpine/v3.8/main' >> /etc/apk/repositories && \
apk add --no-cache libcrypto1.0 libssl1.0 \
But, there are no openssl 1.1.1 packages for alpine 3.8. See
So, my Dockerfile looks like:
FROM php:7.4.21-fpm-alpine3.13
RUN apk add --no-cache --virtual .ext-deps \
nodejs \
npm \
git \
libzip-dev unzip
RUN apk add --update --no-cache \
jpegoptim optipng pngquant gifsicle openssl
# Add openssl dependencies for wkhtmltopdf
RUN echo 'http://dl-cdn.alpinelinux.org/alpine/v3.8/main' >> /etc/apk/repositories && \
apk add --no-cache libcrypto1.0 libssl1.0
What should i do in this case ?
I added the RUN apk update && apk upgrade openssl command to the Dockerfile and rebuilt my container.
Related
I build a docker container based on alpine linux. I try to send messages to an external kafka broker using the symfony messenger.
This is my messenger config:
messenger:
transports:
de_fadi_criminal_charges_public_criminal_charge_created:
dsn: '%env(KAFKA_DSN)%'
serializer: App\Serializer\Avro\CriminalChargeCreatedSerializer
options:
flushTimeout: 10000
flushRetries: 5
topic:
name: 'de.fadi.criminal_charges.public.criminal_charge_created'
kafka_conf:
security.protocol: 'sasl_ssl'
ssl.ca.location: '%kernel.project_dir%/config/kafka/ca.pem'
sasl.username: '%env(KAFKA_SASL_USERNAME)%'
sasl.password: '%env(KAFKA_SASL_PASSWORD)%'
sasl.mechanism: 'PLAIN'
and these are the relevant lines in my Docker file:
ARG LIBRDKAFKA_GIT_SHA1=1f7417d4796e036b8c19f17373f8290ff5c7561f
RUN apk add --update --no-cache alpine-sdk bash python autoconf openssl \
&& git clone -o ${LIBRDKAFKA_GIT_SHA1} https://github.com/edenhill/librdkafka.git /tmp/librdkafka \
&& cd /tmp/librdkafka/ \
&& ./configure \
&& make \
&& make install
When I check after the build if Open SSL is available I get this:
$ openssl version
OpenSSL 1.1.1l 24 Aug 2021
When I try to send messages to the configured server I get this error message:
Unsupported value "sasl_ssl" for configuration property "security.protocol": OpenSSL not available at build time
All answers I found pointed to the fact that you first have to install openssl, then build rdkafka which I did. What am I missing?
as #dave_thompson_085 pointed out it isn't sufficient to include the openssl library, if you are going to use it to build software
Replacing openssl with openssl-dev did the trick:
RUN apk add --update --no-cache alpine-sdk bash python autoconf openssl-dev \
&& git clone -o ${LIBRDKAFKA_GIT_SHA1} https://github.com/edenhill/librdkafka.git /tmp/librdkafka \
&& cd /tmp/librdkafka/ \
&& ./configure \
&& make \
&& make install
I have try to build docker image using golang:1.14.9-alpine, and i always getting below error for installing thus libraries , what i need to do install thus libraies ?
ERROR: unable to select packages:
liblzma-dev (no such package):
required by: world[liblzma-dev]
libxml-dev (no such package):
required by: world[libxml-dev]
below my docker file
FROM golang:1.14.9-alpine
RUN apk update && apk upgrade \
&& apk --no-cache --update add build-base
RUN apk add --no-cache \
alpine-sdk \
protobuf \
ca-certificates \
curl \
make \
libx11-dev \
libxslt-dev \
libxml2 \
gcc \
g++ \
ca-certificates \
libxml-dev \
liblzma-dev \
libxslt-dev
RUN go get github.com/golang/protobuf/proto#v1.4.3
RUN go get github.com/golang/protobuf/protoc-gen-go#v1.4.3
RUN go get github.com/micro/protoc-gen-micro/v2
RUN export GO111MODULE=on
COPY . .
RUN make build
RUN chmod 765 test-service
I think the package is xz-dev
You can try a multistage build and then copy the required executables to alpine version. It will optimize the build further.
You can try something like this:
# Build Stage
FROM golang:1.14.9 as build
...
# Build here
RUN make build
...
# Release stage
FROM alpine:3.13.5 as release
# Copy only the needed files
COPY --from=build <build output> <exec location>
CMD <exec>
I have the following dockerfile:
FROM alpine:latest
ADD crontab.txt /crontab.txt
ADD script.sh /script.sh
COPY entry.sh /entry.sh
ADD app /app
RUN chmod 755 /script.sh /entry.sh
RUN /usr/bin/crontab /crontab.txt
# install dependencies
# the lapack package is only in the community repository
RUN echo "http://dl-8.alpinelinux.org/alpine/edge/testing" >> /etc/apk/repositories \
&& apk update \
&& apk add --no-cache python3 py-pip py3-setuptools python-dev py3-lxml py3-requests py3-numpy py3-cssselect py3-pandas
RUN apk --update add --no-cache \
lapack-dev \
gcc \
freetype-dev
# Install dependencies
RUN apk add --no-cache --virtual .build-deps \
gfortran \
musl-dev \
g++
RUN ln -s /usr/include/locale.h /usr/include/xlocale.h
#RUN pip3 install cython
RUN pip3 install pymongo xlrd
CMD ["/entry.sh"]
when I try to build the dockerfile, I received the error saying that py3-pandas (missing).
I am wondering whether that's the Alpine package management issue.
I can reproduce your issue by doing just:
FROM alpine:latest
RUN echo "http://dl-8.alpinelinux.org/alpine/edge/testing" >> /etc/apk/repositories \
&& apk update \
&& apk add --no-cache py3-pandas
Some comments here:
If you are going to use the edge/testing packages repository already, then you would be better using the alpine:edge image, although I would not advise this for a production server, of course
Using another package repository than the default one on apk can be done on a one run basis using the option
-X, --repository REPO Use packages from REPO
From apk --help
The package python-dev does not exist in the edge/testing repository, you should use python3-dev
Important disclaimer: this solution does involve using the testing repository and the edge rolling release branch of Alpine, and is thus not recommended for production use.
So, in the end, all your dependencies can be installed doing:
FROM alpine:edge
RUN apk add --no-cache --repository http://dl-cdn.alpinelinux.org/alpine/edge/testing \
py-pip \
py3-setuptools \
python3-dev \
py3-lxml \
py3-requests \
py3-numpy \
py3-cssselect \
py3-pandas \
lapack-dev \
gcc \
freetype-dev
Note that I didn't add the build dependancies there, as they don't seems to be related to your issue at hand
Don't use alpine images for python; there's too many issues. Use a something like python:slim-buster. You can then just install your requirements with:
FROM python:3.8.4-slim-buster
COPY ./requirements.txt /requirements.txt
RUN pip install -r /requirements.txt
I am trying to install a package in alpine, in this case I specify 'jasper-dev', but it has happened to me with many others. The output I get in the terminal is:
/ # apk add jasper-dev
ERROR: unsatisfiable constraints:
jasper-dev (missing):
required by: world [jasper-dev]
However when I search for the package at https://pkgs.alpinelinux.org/, the package appears.
This is my Dockerfile.
FROM python:3.7-alpine
RUN echo "#testing http://dl-cdn.alpinelinux.org/alpine/edge/testing" >> /etc/apk/repositories
RUN apk --update --no-cache add py3-numpy py3-pandas#testing \
build-base \
openblas-dev \
unzip \
wget \
cmake \
ca-certificates \
libjpeg \
libjpeg-turbo-dev \
libpng-dev \
jasper-dev \
tiff-dev \
libwebp-dev \
clang-dev \
linux-headers
How can I install this package?
I show the version of alpine with cat /etc/alpine-release and see that it is the 3.12.0. Then I search https://pkgs.alpinelinux.org/ for the package jasper-dev in the branch v3.12 and we see that it does not appear.
So we look in previous branches and see that it appears in v3.10, so I modify my Dockerfile to add that repo to /etc/apk/repositories with RUN echo 'http: // dl-cdn. alpinelinux.org/alpine/v3.10/main ' >> /etc/apk/repositories. This will install the package by executing the docker build
I have a docker instance setup from which I am using moviepy.editor.VideoFileClip to edit urls that come from a google cloud instance.
Locally, I have no problem doing this at all and can run:
from moviepy.editor import VideoFileClip
vfc = VideoFileClip('https://storage.googleapis.com/<bucket>/<mp4 name>')
...
However, in the docker instance, I am having problems accessing the file via moviepy, with the error:
Failed to resolve hostname storage.googleapis.com: Name or service not known
In the same python shell, i can run:
import urllib.request
urllib.request.urlretrieve('https://storage.googleapis.com/<bucket>/<mp4 name>', '/tmp/file.mp4')
And it works perfectly. Any idea what's going wrong?
Python Version: Python 3.7.3
Moviepy Version: moviepy==0.2.3.5
Platform Name: Alpine
Platform Version: Linux fe434704cf18 4.9.125-linuxkit #1 SMP Fri Sep 7 08:20:28 UTC 2018 x86_64 Linux
Dockerfile:
FROM jrottenberg/ffmpeg:4.1-alpine as ffmpeg
FROM python:3.7-alpine3.8
RUN apk update && apk upgrade && \
apk add --no-cache --update \
libgcc \
libstdc++ \
curl \
ca-certificates \
libcrypto1.0 \
libssl1.0 \
libgomp \
bash \
expat \
git \
openblas \
musl \
ffmpeg \
ghostscript \
file \
imagemagick
COPY --from=ffmpeg /usr/local /usr/local
WORKDIR /
COPY requirements.txt ./
RUN apk add --no-cache jpeg-dev zlib-dev postgresql-libs postgresql-dev && \
apk add --no-cache --virtual .build-deps gcc g++ build-base linux-headers \
ca-certificates python3-dev libffi-dev libressl-dev && \
ln -s /usr/include/local.h /usr/include/xlocale.h && \
apk add py-numpy && \
pip install pip --upgrade && \
pip install numpy && \
pip install --no-cache-dir -r requirements.txt && \
apk --purge del .build-deps
RUN rm requirements.txt
COPY ./docker/imagemagick.policy.xml etc/ImageMagick-6/policy.xml
COPY . .
# Run celery.py when the container launches
CMD ["celery", "worker", "-A", "a.celery", "--loglevel=info"]