Develop Reference

Docker cron job

I need to schedule some cron jobs in docker/kubernetes environment, which will make some external service calls using curl commands. I was trying to use plain alpine:3.6 image but it doesn't have curl.
Any suggestion what base image will be good for this purpose? Also, it will be helpful if there are some examples.

Prepare your own docker image which will includes packages you need or just use something like this https://github.com/aylei/kubectl-debug

I am able to run curl as cronjob job using alpine image as
FROM alpine:3.6
RUN apk --no-cache add curl bash
RUN apk add --no-cache tzdata
ENV TZ=Asia/Kolkata
RUN ln -snf /usr/share/zoneinfo/$TZ /etc/localtime && echo $TZ /etc/timezone
RUN mkdir -p /var/log/cron \
&& touch /var/log/cron/cron.log \
&& mkdir -m 0644 -p /etc/cron.d
ADD curlurl /etc/crontabs/root
CMD bash -c "crond -L /var/log/cron/cron.log && tail -F /var/log/cron/cron.log"
#ENTRYPOINT /bin/bash
Where curlurl is having simple curl command as cron job
* * * * * /usr/bin/curl http://dummy.restapiexample.com/api/v1/employees >> /var/log/cron/cron.log
# Leave one blank line below or cron will fail
This is working fine . But now I have tried to make alpine base image with push in private repo to avoid downloading every time. But it stopped working. How can i debug why cron job is not running anymore. Below is the way I have used.
BaseImage
FROM alpine:3.6
RUN apk --no-cache add curl bash
RUN apk add --no-cache tzdata
ENTRYPOINT /bin/bash
Docker for curl
FROM my/alpine:3.6
ENV TZ=Asia/Kolkata
RUN ln -snf /usr/share/zoneinfo/$TZ /etc/localtime && echo $TZ /etc/timezone
RUN mkdir -p /var/log/cron \
&& touch /var/log/cron/cron.log \
&& mkdir -m 0644 -p /etc/cron.d
ADD curlurl /etc/crontabs/root
CMD bash -c "crond -L /var/log/cron/cron.log && tail -F /var/log/cron/cron.log"
After making it like this I am not able to get any cron output . Any suggestion on how can I debug it.

Create alpine linux iso from docker - libburn permission denied

I have been trying to build an iso-image for alpine-linux inside a docker container following the standard instructions here however i seem to be unable to actually write the .iso back into the mounted volume due to libburn :
>>> mkimage-x86_64: Creating alpine-standard-edge-x86_64.iso
xorriso 1.4.8 : RockRidge filesystem manipulator, libburnia project.
libburn : SORRY : Failed to open device (a pseudo-drive) : Permission denied
libburn : FATAL : Burn run failed
xorriso : FATAL : -abort_on 'FAILURE' encountered 'FATAL' during image writing
libisofs: MISHAP : Image write cancelled
xorriso : FAILURE : libburn indicates failure with writing.
This is the standard result of trying to run the downloaded script from the tutorial:
sh aports/scripts/mkimage.sh --tag edge --outdir /build2/ --arch x86_64 --repository http://dl-cdn.alpinelinux.org/alpine/edge/main --profile standard
The docker image im using:
FROM alpine:latest
RUN addgroup root abuild
RUN apk add --update \
alpine-sdk \
# build-base \
apk-tools \
alpine-conf \
busybox \
git \
fakeroot \
syslinux \
xorriso \
squashfs-tools \
mtools \
dosfstools \
grub-efi \
&& rm -rf /var/cache/apk/*
COPY . /usr/src/app
WORKDIR /usr/src/app
RUN mkdir /usr/src/app/build
RUN touch /usr/src/app/build/worked.txt
RUN adduser -G abuild -g "Alpine Package Builder" -s /bin/sh -u 12345 -D builder
RUN echo "builder:newpass"|chpasswd
RUN chgrp -R abuild /usr/local; \
find /usr/local -type d | xargs chmod g+w; \
echo "builder ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers.d/builder; \
chmod 0440 /etc/sudoers.d/builder
WORKDIR /build2/
RUN git clone git://git.alpinelinux.org/aports
RUN chmod +x aports/scripts/mkimage.sh
RUN abuild-keygen -i -a
USER builder
I have looked over the official forum however only one post mentioned something similar but did not allude to any actual resolution.
Failing to find a solution for this, can anyone else recommend a good alternative minimal distro that can be build an iso via script for x_86, x_64 and rpi?

You can easily create your own Alpine Linux ISO image using script alpine-make-vm-image.
Example:
sudo ./alpine-make-vm-image \
--image-format qcow2 \
--image-size 5G \
--packages "ca-certificates git ssl_client" \
--script-chroot \
alpine-$(date +%Y-%m-%d).qcow2 -- ./configure.sh

You're getting a permission denied error because the user you created can't access the pseudo device needed by xorriso. I removed all the user creation parts and just ran the whole thing as root and it works.
Here's the Dockerfile I used:
FROM alpine:latest
RUN apk add --no-cache \
alpine-conf \
alpine-sdk \
apk-tools \
dosfstools \
grub-efi \
mtools \
squashfs-tools \
syslinux \
xorriso
WORKDIR /src
RUN git clone git://git.alpinelinux.org/aports
RUN chmod +x aports/scripts/mkimage.sh
RUN addgroup root abuild
RUN abuild-keygen -i -a -n
WORKDIR /build
ENTRYPOINT /src/aports/scripts/mkimage.sh
CMD "--tag edge --arch x86_64 --repository http://dl-cdn.alpinelinux.org/alpine/edge/main --profile standard"
Then build and run.
docker build -t alpine-iso .
docker run -v "$(pwd):/build" -it alpine-iso

My docker starts zookeeper, but it then automatically exists

i write dockfile start zookeeper
FROM buildpack-deps:sid-scm
RUN apt-get update && apt-get install -y --no-install-recommends \
bzip2 \
unzip \
xz-utils \
gettext-base \
&& rm -rf /var/lib/apt/lists/*
COPY zookeeper-3.4.12.tar.gz /opt
COPY config.template.properties /opt
RUN tar xfz /opt/zookeeper-3.4.12.tar.gz -C /opt
ENV ZK_HOME /opt/zookeeper-3.4.12
COPY startzookeeper.sh /opt
RUN chmod a+x /opt/startzookeeper.sh $ZK_HOME
CMD ["/opt/startzookeeper.sh"]
the startzookeeper.sh file is
#!/usr/bin/env bash
eval "cat <<EOF
$(</opt/config.template.properties)
EOF
" | tee /opt/zoo.cfg 2> /dev/null
#echo "$ZK_HOME" > 2.txt
cp /opt/zoo.cfg "$ZK_HOME"/conf
#
exec "$ZK_HOME/bin/zkServer.sh" start
but when i run docker ps,it is empty.
i try add tail -f /dev/null,but it does not work.
i don't know why,the zookeeper should run always,why it exist?
thanks any suggestions.

You could adapt your script to imitate the one from the official zookeeper-docker
(from hub.docker.com)
Its docker-entrypoint.sh ends with exec "$#", which executes "zkServer.sh", "start-foreground".
The important part is the start-foreground option, which ensures the process does not exit immediately, as that would exit your container as well.

How can i use volume in my dockerfile for copy the jmeter result in my local

How can I use volume in my dockerfile for copy the JMeter result in my local?
Need to display the result in local, how can I copy the result and paste in local with the help of VOLUME.
For example:- I am saving the JMeter HTML report in my container but after that container is automatically stopped. So someone suggests me to use the docker VOLUME command for RUN the HTML.
FROM alpine
ARG JMETER_VERSION="4.0"
ENV JMETER_HOME /opt/apache-jmeter-${JMETER_VERSION}
ENV JMETER_BIN ${JMETER_HOME}/bin
ENV JMETER_DOWNLOAD_URL https://archive.apache.org/dist/jmeter/binaries/apache-jmeter-${JMETER_VERSION}.tgz
ENV JMETER_PLUGINS_DOWNLOAD_URL http://repo1.maven.org/maven2/kg/apc/jmeter-plugins-functions/2.0/jmeter-plugins-functions-2.0.jar
ENV JMETER_PLUGINS_FOLDER ${JMETER_HOME}/lib/ext/
# Change TimeZone TODO: TZ still is not set!
ARG TZ="Australia/Melbourne"
RUN apk update \
&& apk upgrade \
&& apk add ca-certificates \
&& update-ca-certificates \
&& apk add --update openjdk8-jre tzdata curl unzip bash \
&& rm -rf /var/cache/apk/* \
&& mkdir -p /tmp/dependencies \
&& curl -L --silent ${JMETER_DOWNLOAD_URL} > /tmp/dependencies/apache-jmeter-${JMETER_VERSION}.tgz \
&& mkdir -p /opt \
&& tar -xzf /tmp/dependencies/apache-jmeter-${JMETER_VERSION}.tgz -C /opt \
&& rm -rf /tmp/dependencies
RUN curl -L --silent ${JMETER_PLUGINS_DOWNLOAD_URL}/jmeter-plugins-dummy/0.2/jmeter-plugins-dummy-0.2.jar -o ${JMETER_PLUGINS_FOLDER}/jmeter-plugins-dummy-0.2.jar
RUN curl -L --silent ${JMETER_PLUGINS_DOWNLOAD_URL}/jmeter-plugins-cmn-jmeter/0.5/jmeter-plugins-cmn-jmeter-0.5.jar -o ${JMETER_PLUGINS_FOLDER}/jmeter-plugins-cmn-jmeter-0.5.jar
# TODO: plugins (later)
# && unzip -oq "/tmp/dependencies/JMeterPlugins-*.zip" -d $JMETER_HOME
# Set global PATH such that "jmeter" command is found
ENV PATH $PATH:$JMETER_BIN
ENV URL_PATH=${URL}
WORKDIR ${JMETER_HOME}
#RUN export DATETIME=$(date +%Y%m%d)
RUN mkdir -p /var/www/html/"$(date +%Y%m%d)"
VOLUME /var/www/html/
#Copy the *.jmx file jmeter bin file
COPY Get_Ping_Node_API.jmx ./bin
CMD ./bin/jmeter -n -t ./bin/Get_Ping_Node_API.jmx -l ./bin/result.jtl -e -o ./bin/result_html'

You can use docker volume while you run the docker image.
You can add --volume , -v flag to your docker run command.
docker run -v "HOST DIR":"CONTAINER DIR"

docker gulp build failing with nginx

I am using this sample repository -
https://github.com/umputun/nginx-le
To create a docker image from Nginx with letsencrypt.
Now, I am getting the following error -
PEM_read_bio_X509_AUX("/etc/nginx/ssl/") failed (SSL: error:0906D06C:PEM routines:PEM_read_bio:no start line:Expecting: TRUSTED CERTIFICATE)
nginx: [emerg] PEM_read_bio_X509_AUX("/etc/nginx/ssl/") failed (SSL: error:0906D06C:PEM routines:PEM_read_bio:no start line:Expecting: TRUSTED CERTIFICATE)
When I try to test my nginx configuration.
Now, as stated in the above github repo I have this in my Dockerfile -
FROM nginx:stable-alpine
ADD conf/nginx.conf /etc/nginx/nginx.conf
ADD conf/service.conf /etc/nginx/conf.d/service.conf
RUN rm -rf /usr/share/nginx/html/*
COPY --from=builder /usr/build/app/dist /usr/share/nginx/html
ADD script/entrypoint.sh /entrypoint.sh
ADD script/le.sh /le.sh
RUN \
rm /etc/nginx/conf.d/default.conf && \
chmod +x /entrypoint.sh && \
chmod +x /le.sh && \
apk add --update certbot tzdata openssl && \
rm -rf /var/cache/apk/*
CMD ["/entrypoint.sh"]
-----Updated Dockerfile---------
FROM nginx:latest
RUN curl -sL https://deb.nodesource.com/setup_8.x | sudo -E bash -
RUN apt-get install -y nodejs
RUN apt-get install -y build-essential
RUN curl -sL https://dl.yarnpkg.com/debian/pubkey.gpg | sudo apt-key add -
RUN echo "deb https://dl.yarnpkg.com/debian/ stable main" | sudo tee /etc/apt/sources.list.d/yarn.list
RUN apt-get update -y && sudo apt-get install -y yarn
RUN mkdir -p /usr/build
WORKDIR /usr/build
COPY package.json .
#COPY package-lock.json .
COPY bower.json .
COPY .bowerrc .
RUN npm install --quite
RUN npm install -g gulp bower --quite
RUN bower install --allow-root
RUN mkdir /usr/build/app
RUN cp -R /usr/build/node_modules /usr/build/app
RUN cp -R /usr/build/bower_components /usr/build/app
RUN cp -R /usr/build/*.json /usr/build/app/
RUN cp /usr/build/.bowerrc /usr/build/app/
COPY src /usr/build/app
RUN mkdir /usr/build/app/gulp
ADD gulp/* /usr/build/app/gulp/
ADD gulpfile.js /usr/build/app
WORKDIR /usr/build/app
RUN ls -al .
RUN rm -rf /usr/build/app/dist
RUN mkdir /usr/build/app/dist
RUN gulp build
RUN ls -al /usr/build/app
#RUN yum -y install nodejs
#RUN yum install gcc-c++ make
ADD conf/nginx.conf /etc/nginx/nginx.conf
#ADD conf/service.conf /etc/nginx/conf.d/service.conf
RUN rm -rf /usr/share/nginx/html/*
RUN ls -al /usr/share/nginx/ && ls -al /usr/share/nginx/html/ && ls -al /usr/build/app/dist/
RUN mv /usr/build/app/dist/* /usr/share/nginx/html/
#ADD script/entrypoint.sh /entrypoint.sh
#ADD script/le.sh /le.sh
RUN rm /etc/nginx/conf.d/default.conf && \
chmod +x /entrypoint.sh
CMD ["/entrypoint.sh"]
Now, it reaches entrypoint.sh successfully & I have checked the files in my nginx webroot are getting copied along with the conf.
-------updated issue---------
So, I figured it was not creating the ssh keys because it was not able to generate any html files as part of "gulp build:dev" command & therefore
throwing an error. So I updated my entrypoint to remove lets encrypt for now & only run nginx conf like this -
#!/bin/sh
echo "start nginx"
export TZ="America/Chicago"
cp /usr/share/zoneinfo/${TZ} /etc/localtime && echo ${TZ} > /etc/timezone
echo "ssl_key=${SSL_KEY:=le-key.pem}, ssl_cert=${SSL_CERT:=le-crt.pem}, ssl_chain_cert=${SSL_CHAIN_CERT:=le-chain-crt.pem}"
SSL_KEY=/etc/nginx/ssl/${SSL_KEY}
SSL_CERT=/etc/nginx/ssl/${SSL_CERT}
SSL_CHAIN_CERT=/etc/nginx/ssl/${SSL_CHAIN_CERT}
mkdir -p /etc/nginx/conf.d
mkdir -p /etc/nginx/ssl
#copy /etc/nginx/service*.conf if any of servcie*.conf mounted
if [ -f /etc/nginx/nginx*.conf ]; then
cp -fv /etc/nginx/nginx*.conf /etc/nginx/conf.d/
fi
#replace SSL_KEY, SSL_CERT and SSL_CHAIN_CERT by actual keys
ls -al /etc/nginx/conf.d
#sed -i "s|SSL_KEY|${SSL_KEY}|g" /etc/nginx/conf.d/*.conf
#sed -i "s|SSL_CERT|${SSL_CERT}|g" /etc/nginx/conf.d/*.conf
#sed -i "s|SSL_CHAIN_CERT|${SSL_CHAIN_CERT}|g" /etc/nginx/conf.d/*.conf
#generate dhparams.pem
if [ ! -f /etc/nginx/ssl/dhparams.pem ]; then
echo "make dhparams"
cd /etc/nginx/ssl
openssl dhparam -out dhparams.pem 2048
chmod 600 dhparams.pem
fi
#disable ssl configuration and let it run without SSL
mv -v /etc/nginx/conf.d /etc/nginx/conf.d.disabled
(
sleep 5 #give nginx time to start
echo "start letsencrypt updater"
while :
do
echo "trying to update letsencrypt ..."
# /le.sh
rm -f /etc/nginx/conf.d/default.conf 2>/dev/null #remove default config, conflicting on 80
mv -v /etc/nginx/conf.d.disabled /etc/nginx/conf.d #enable
echo "reload nginx with ssl"
ls -al /etc/nginx/ssl
echo "key contents are - "
cat /etc/nginx/ssl/dhparams.pem
nginx -t
nginx -s reload
sleep 60d
done
) &
nginx -g "daemon off;"
So, here in the script in the end when I test the nginx configuration it gives the following error -
-----Update-----
So, now I am getting this error -
Step 38/40 : RUN mv /usr/build/app/dist/* /usr/share/nginx/html/
---> Running in 9f59c1d5cb90
mv: cannot stat '/usr/build/app/dist/*': No such file or directory
The command '/bin/sh -c mv /usr/build/app/dist/* /usr/share/nginx/html/' returned a non-zero code: 1
Logs for the gulp build:dev command are -
---> Running in 1acca8373940
[14:40:09] Using gulpfile /usr/build/app/gulpfile.js
[14:40:09] Starting 'scripts'...
[14:40:09] Starting 'styles'...
[14:40:09] Starting 'fonts-dev'...
[14:40:10] Starting 'other-dev'...
[14:40:10] Finished 'scripts' after 1.14 s
[14:40:10] Finished 'styles' after 1.13 s
[14:40:10] Starting 'inject'...
[14:40:10] Finished 'other-dev' after 39 ms
[14:40:10] Finished 'inject' after 29 ms
[14:40:10] Starting 'html-dev'...
[14:40:10] Finished 'html-dev' after 288 ms
[14:40:11] Finished 'fonts-dev' after 2.44 s
[14:40:11] Starting 'build:dev'...
[14:40:11] Finished 'build:dev' after 123 μs
Removing intermediate container 1acca8373940
which suggests that gulp build was successful but still in this step -
Step 34/40 : RUN ls -al /usr/build/app/dist
---> Running in c141120c29dc
total 8
drwxr-xr-x 2 root root 4096 Apr 27 14:35 .
drwxr-xr-x 1 root root 4096 Apr 27 14:35 ..
Removing intermediate container c141120c29dc
I am not getting anything in the dist directory. Any suggestions for debugging, solving this ?
Can anyone help me find / debug / solve this issue ?