I have a Dockerfile as:
FROM nginx:1.21.3-alpine
RUN apk update && apk add bash \
&& apk upgrade
I can see that package ncurses is installed and the version is 6.2_p20210612-r0.
Now, There is a newer package available in the main repository edge branch with version 6.2_p20211002-r0 here.
As far as I understand after building an image from the above mentioned Dockerfile the version of ncurses should be updated to 6.2_p20211002-r0 BUT instead it stays as 6.2_p20210612-r0. I cannot understand why?
I confirmed this by running a container after build and running:
apk info -a ncurses
The output was:
ncurses-6.2_p20210612-r0 installed size:
284 KiB
The nginx:1.21.3-alpine image is based on Alpine 3.14 (see cat /etc/os-release), and therefore ncurses is updated with the version of the Alpine 3.14 repository, which is currently 6.2_p20210612-r0.
For installing ncurses from edge (currently version 6.2_p20211002-r0), you could specify the edge repository explicitly in the apk command:
apk add ncurses --repository=http://dl-cdn.alpinelinux.org/alpine/edge/main
Mixing and matching packages from different repositories this way might be OK in some cases, but has to be tested carefully. For ncurses, some functionality might be broken, since the matching ncurses-libs package should be installed as well, but some of the package images depend on ncurses-libs, so re-installing it triggers update of these packages. Moreover, the nginx-module-njs dependent package must be removed. If this is acceptable, you could modify the Dockerfile as follows:
FROM nginx:1.21.3-alpine
RUN apk update && \
apk del ncurses ncurses-libs nginx-module-njs && \
apk add ncurses ncurses-libs --repository=http://dl-cdn.alpinelinux.org/alpine/edge/main && \
apk add bash && \
apk upgrade
Related
I know that every line of RUN ... will add a layer to the docker image and that it is recommended to make RUN commands connected with &&. But my question is:
Is better this:
RUN apk update && apk upgrade \
&& apk add openssh \
&& apk add --update nodejs nodejs-npm \
&& npm install -g #angular/cli \
&& apk add openjdk11 \
&& apk add maven \
&& apk add git
Or this:
RUN apk update && apk upgrade
RUN apk add openssh
RUN apk add --update nodejs nodejs-npm
RUN npm install -g #angular/cli
RUN apk add openjdk11
RUN apk add maven
RUN apk add git
The first one creates just one layer but when a version of anything changes the image would have to start from the beginning, not from cash. The second approach will create more layers but when just the version of git changes only the git layer needs to be build again and all previous layers can be used from cash.
I'd recommend:
Install all the OS packages in a single apk invocation: there is some overhead in starting the package manager (more noticeable with dpkg/apt) and it is faster if you start it once and install several packages
If you need to run an update command, always run it in the same RUN command as your other package-manager steps. This avoids some trouble with Docker layer caching (again, very noticeable with apt) where docker build doesn't re-run update, but then it does try to run a changed install step; when it tries to install a package using yesterday's package index, the upload of that package that happened today deleted yesterday's file and the download will fail.
Don't npm install single packages. That means your package.json file is incomplete. Add it there.
I've seen recommendations both ways as to whether or not to run a full upgrade. Keeping up-to-date on security fixes is important; the underlying base images on Docker Hub also update pretty regularly. So if your image is FROM alpine:latest, doing a docker build --pull will get you much of the effect of an explicit apk upgrade.
Stylistically, if I need any substantial number of packages, I find the list a little more maintainable if I sort it alphabetically and put one package on a line, but this is purely personal preference.
Putting this all together would transform your example into:
RUN apk update \
&& apk upgrade \
&& apk add \
git \
maven \
nodejs \
nodejs-npm \
openjdk11 \
openssh
COPY package.json package-lock.json . # includes #angular/cli
RUN npm ci
Don't be afraid to use multiple containers, if that makes sense. (What's your application that uses both Java and Node together; can it be split into two single-language parts?) Don't install unnecessary developer-oriented tools in your image. (Does your application invoke git while it's running; do you install a dependency directly from GitHub; or can you remove git?) Don't try to run an ssh daemon in your container. (It breaks the "one process per container" rule which instantly makes things harder to manage; 90% of the SO examples have a hard-coded user password plus sudo rights, which is not really a security best practice; managing the credentials is essentially impossible.)
Both approaches are on the extreem, you need to try to minimize the layers for "reusability" at the same time to optimize for lower number of layers.
Based on your example, the build can be organized as follows:
RUN apk update && apk upgrade \
&& apk add openssh \
&& apk add --update nodejs nodejs-npm \
&& apk add openjdk11 \
&& apk add maven \
&& apk add git
RUN npm install -g #angular/cli \
Now I have only 2 layers, first one is bringing the OS packages and the second one dealing with the node.js packages. Now this can better be reused in other builds.
Once you have done this modification, you can move to multistage build where you will be able to better control and reuse the intermediate containers like in this example
I am trying to install google-chrome-stable on alpine image using dpkg. However, the dpkg is installed but it does not install google-chrome-stable and return this error instead? Is there a way to install google-chrome-stable in alpine image either using dpkg or other way?
dpkg: regarding google-chrome-stable_current_amd64.deb containing
google-chrome-stable:amd64, pre-dependency problem:
google-chrome-stable:amd64 pre-depends on dpkg (>= 1.14.0)
dpkg: error processing archive google-chrome-stable_current_amd64.deb (--install):
pre-dependency problem - not installing google-chrome-stable:amd64
Errors were encountered while processing:
Dockerfile:
# Base image
FROM ruby:2.6.3-alpine3.10
# Use node version 10.16.3, yarn version 1.16.0
RUN apk add --no-cache --repository http://dl-cdn.alpinelinux.org/alpine/v3.10/main/ nodejs=10.16.3-r0
RUN apk add --no-cache --repository http://dl-cdn.alpinelinux.org/alpine/v3.10/community/ yarn=1.16.0-r0
# Install dependencies
RUN apk upgrade
RUN apk --update \
add build-base \
git \
tzdata \
nodejs \
nodejs-npm \
bash \
curl \
yarn \
gzip \
postgresql-client \
postgresql-dev \
imagemagick \
imagemagick-dev \
imagemagick-libs \
chromium \
chromium-chromedriver \
ncurses \
less \
dpkg=1.19.7-r0 \
chromium \
chromium-chromedriver
RUN dpkg --add-architecture amd64
RUN wget https://dl.google.com/linux/direct/google-chrome-stable_current_amd64.deb
RUN dpkg -i google-chrome-stable_current_amd64.deb
# This is the base directory used in any
# further COPY, RUN and ENTRYPOINT commands
WORKDIR /webapp
# Copy Gemfile and Gemfile.lock and run bundle install
COPY Gemfile* /webapp/
RUN gem install bundler -v '1.17.3' && \
bundle _1.17.3_ install
# Copy everything to /webapp for docker image
COPY . ./
EXPOSE 3000
# Run the application
CMD ["rails", "server", "-b", "0.0.0.0"]
Installing the Chrome .deb file this way won't work on Alpine.
While the dpkg package is available in the Alpine repository, and is useful for installing lightweight Debian packages, you won't be able to use it for installing complex Debian packages, since it'll be impossible to satisfy many Debian dependencies. Alpine is generally not Debian compatible (relying on musl libc), so installing native Alpine packages using apk is the right way to go.
AFAIK, there's currently no Google Chrome Alpine Linux compatible, musl-libc build.
You could, however, install the Chromium browser, which is available using an apk package:
apk add chromium
Another option is enabling glibc on a vanilla Alpine image, making it compatible with Debian binaries. This is a fairly simple procedure, see: Dockerfile. However, it may not be suitable for images with existing applications such as ruby:2.6.3-alpine3.10. Moreover, even with a glibc setup on Alpine, Chrome is not likely to run without issues. I have made a quick attempt (Dockerfile) but couldn't get past the first segfault.
Edit 9/5/21: Running the debian compatible Chrome stable on Alpine is going to be a very difficult task to say the least. This is in part due to the very large number of dependencies and libraries. Trying to run it results with segfaults during dynamic linking and finally assertions from the dynamic linker. Even if we manage to get passed these issues and start Chrome it will probably be very unstable.
Since chromium-chromedriver is presented in your package list, I suppose that you want to do browser automation.As to browser automation, I used java and selenium, and download chromium binary and chromium driver binary manually.
What the most I want to tell you is that the chromium binary and chromium driver binary bundle might not work as expected, and you need to downgrade the version of either chrome driver or chrome and make several trial to find a matched versions that really work, no matter whether you use node.js or java selenium.
With Selenium, you have another option that you can deploy the chrome and chromedriver bundle as a http service in a different server, and make selenium invoke the remote chrome service.
ChromeDriver for version 93.0.4577.15
I am currently using the node:12-alpine Docker image and I am trying to install Chromium version 77, but I am unable to figure out how as I can not find a package for it.
I am fine with changing to a different docker image if that would allow me to install Chromium version 77.
Question:
How can I download and install Chromium version 77 in a docker image?
You can use 3.x version of alpine which has Chromium v77
FROM alpine:3.10
RUN apk update && apk add --no-cache chromium
PS: I also added chromium-driver and libcanberra-gtk3 module for my requirement.
FROM alpine:3.7
RUN apk add --no-cache --virtual .build-deps curl \
&& curl -fSL https://chrome.com/chrome.tar.gz -o chrome.tar.gz
Just download it, it should be fine.
download chrome:
chrome download
I am trying to install Go inside an Alpine Docker image. For that I downloaded tar file from here inside my alpine docker image, untar it using following command:
tar -C /usr/local -xzf go1.10.3.linux-amd64.tar.gz
exported PATH to have go binary as:
export PATH=$PATH:/usr/local/go/bin
However, when I say go version then it says that sh: go: not found. I am quite new to alpine. Does anyone know, what I am missing here?
Steps to reproduce-
$ docker run -it alpine sh
$ wget https://dl.google.com/go/go1.10.3.linux-amd64.tar.gz
$ tar -C /usr/local -xzf go1.10.3.linux-amd64.tar.gz
$ export PATH=$PATH:/usr/local/go/bin
$ go version
I just copied it over using multi stage builds, seems to be ok so far
FROM XXX
COPY --from=golang:1.13-alpine /usr/local/go/ /usr/local/go/
ENV PATH="/usr/local/go/bin:${PATH}"
The following Dockerfile worked for me. Simpler and more abstract.
FROM alpine:latest
RUN apk add --no-cache git make musl-dev go
# Configure Go
ENV GOROOT /usr/lib/go
ENV GOPATH /go
ENV PATH /go/bin:$PATH
RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin
# Install Glide
RUN go get -u github.com/Masterminds/glide/...
WORKDIR $GOPATH
CMD ["make"]
source: https://raw.githubusercontent.com/mickep76/alpine-golang/master/Dockerfile
Thanks BMitch.
I compiled the go source code and performed the below steps inside alpine image container.
echo "installing go version 1.10.3..."
apk add --no-cache --virtual .build-deps bash gcc musl-dev openssl go
wget -O go.tgz https://dl.google.com/go/go1.10.3.src.tar.gz
tar -C /usr/local -xzf go.tgz
cd /usr/local/go/src/
./make.bash
export PATH="/usr/local/go/bin:$PATH"
export GOPATH=/opt/go/
export PATH=$PATH:$GOPATH/bin
apk del .build-deps
go version
With Alpine, you have libmusl instead of glibc. Alpine's libmusl is not a 1 for 1 replacement. Code linked against glibc will show a not found error which is actually from the dynamic linker. You can see what libraries are linked to the binary with ldd:
/ # ldd /usr/local/go/bin/go
/lib64/ld-linux-x86-64.so.2 (0x7f63ceed1000)
libpthread.so.0 => /lib64/ld-linux-x86-64.so.2 (0x7f63ceed1000)
libc.so.6 => /lib64/ld-linux-x86-64.so.2 (0x7f63ceed1000)
There are two options. The preferred option, and one used by docker's go images on Alpine, is to compile the go binaries on Alpine. You can see this in the Dockerfile for the golang image: https://github.com/docker-library/golang/blob/69f2d2a132565bf60afc91813801a3bdcc981526/1.10/alpine3.8/Dockerfile
The other option is to install glibc on Alpine, but once you start doing things like that, I'd question why use Alpine at all, and whether Debian or CentOS would be a more appropriate base image for you. Alpine has a wiki topic on this and there are third parties that have created glibc packages for alpine.
I found the best way to get golang up running in alpine linux is to install it from source. This is also way followed in the official alpine go docker images.
FROM alpine:3.12
ARG GOLANG_VERSION=1.14.3
#we need the go version installed from apk to bootstrap the custom version built from source
RUN apk update && apk add go gcc bash musl-dev openssl-dev ca-certificates && update-ca-certificates
RUN wget https://dl.google.com/go/go$GOLANG_VERSION.src.tar.gz && tar -C /usr/local -xzf go$GOLANG_VERSION.src.tar.gz
RUN cd /usr/local/go/src && ./make.bash
ENV PATH=$PATH:/usr/local/go/bin
RUN rm go$GOLANG_VERSION.src.tar.gz
#we delete the apk installed version to avoid conflict
RUN apk del go
RUN go version
If the basic requirement is to have specific go version installed inside alpine based docker image then refer these images available on official golang dockerhub account.
docker pull golang:1.12-alpine
docker pull golang:1.11-alpine
Just in case someone encounters the same issue with me.
I was able to install the golang1.17.6 ion Alpine3.15 by following #Yogesh Jilhawar 's answer.
When I ran the command apk add --no-cache --virtual .build-deps bash gcc musl-dev openssl go, I got
ERROR: unable to select packages:
go (no such packages):
required by: world[go]
Then I tried to install the "gcc-go", it installs. After that, I can build the golang from the source successfully.
There Is the Alpine package, with the latest versione of golang:
pkg --update add go
I crafted a docker image using alpine 3.5 as base Image. I want my php apllication running inside container to communicate with a redis server.But I don't find any php7-redis client in Alpine.
Is there a workway around it ?I tried to use pecl to install redis but there is no pecl package in alpine.I tried with pear but pear doesn't have redis package. Any thoughts on this issue ?
For versions of Alpine prior to 3.6, such as the current official PHP Alpine image (Alpine 3.4), you need to build the extension from source. There are a few dependencies you also need to do that: autoconf, git, gcc/g++, and make. As an example, this is a complete Dockerfile for the latest stable release of PHP built on Alpine with the redis extension for php7 installed and enabled:
FROM php:alpine
RUN apk add --no-cache autoconf git g++ make
RUN \
git clone https://github.com/phpredis/phpredis.git && \
cd phpredis && \
git checkout php7 && \
phpize && \
./configure && \
make && make install && \
docker-php-ext-enable redis
If you want a smaller image you can remove the phpredis directory and the deps that were needed to clone and build it afterward. If you're not using an official PHP image then you will need to replace docker-php-ext-enable redis with a couple of commands to move the redis.so where you need it and add the extension=redis.so line to your PHP config.
You can find your solution here https://pkgs.alpinelinux.org/package/edge/community/x86_64/php7-redis
php7-redis is in v3.6 (released yesterday) and edge (rolling/unstable), as you can easily find yourself on pkgs.alpinelinux.org.
pecl is currently provided by package php7-pear.