Dockerfile RUN shell-script not running during docker build - docker

I try to build a custom image for the EMQ MQTT server. But the script update_config.sh is not executed by during docker copmose up.
Dockerfile:
FROM emqttd-docker-v2.3.5
# change configuration file
ADD update_config.sh /opt/emqttd/etc/update_config.sh
ADD ./certs/MyEMQ1.key /opt/emqttd/etc/certs/MyEMQ1.key
ADD ./certs/MyEMQ1.pem /opt/emqttd/etc/certs/MyEMQ1.pem
ADD ./certs/MyRootCA.pem /opt/emqttd/etc/certs/MyRootCA.pem
WORKDIR /opt/emqttd/etc/
#update the emqtt config file
RUN /bin/ash -c /opt/emqttd/etc/update_config.sh
update_config.sh
#!/bin/ash
cd /opt/emqttd/etc
cp ./emq.conf ./emq.conf.bak
sed -i 's|.*listener.ssl.external.keyfile.*|listener.ssl.external.keyfile = etc/certs/MyEMQ1.key|g' ./emq.conf
sed -i 's|.*listener.ssl.external.certfile.*|listener.ssl.external.certfile = etc/certs/MyEMQ1.pem|g' ./emq.conf
sed -i 's|.*listener.ssl.external.cacertfile.*|listener.ssl.external.cacertfile = etc/certs/MyRootCA.pem|g' ./emq.conf
sed -i 's|.*listener.ssl.external.verify.*|listener.ssl.external.verify = verify_peer|g' ./emq.conf
I use docker-compose to build the image.
The update_config.sh script is copied to the image but not executed.
What I tried so far:
Used COPY instead of ADD to copy the file
Tried the RUN /bin/ash -c /opt/emqttd/etc/update_config.sh in the following
flavors:
RUN /bin/ash -c /opt/emqttd/etc/update_config.sh
RUN /opt/emqttd/etc/update_config.sh
RUN ./update_config.sh
Tried to add RUN chmod +x /opt/emqttd/etc/update_config.sh before the line RUN /bin/ash -c /opt/emqttd/etc/update_config.sh which results in the error chmod: /opt/emqttd/etc/update_config.sh: Operation not permitted during build
Can anyone help me? Thanks.

Just add ENTRYPOINT ["/bin/bash", "update_config.sh" ] this as your last line.
And also update_config.sh file to start your application and make your container in infinite loop.
Example update_config.sh:
#!/bin/ash
cd /opt/emqttd/etc
cp ./emq.conf ./emq.conf.bak
sed -i 's|.*listener.ssl.external.keyfile.*|listener.ssl.external.keyfile = etc/certs/MyEMQ1.key|g' ./emq.conf
sed -i 's|.*listener.ssl.external.certfile.*|listener.ssl.external.certfile = etc/certs/MyEMQ1.pem|g' ./emq.conf
sed -i 's|.*listener.ssl.external.cacertfile.*|listener.ssl.external.cacertfile = etc/certs/MyRootCA.pem|g' ./emq.conf
sed -i 's|.*listener.ssl.external.verify.*|listener.ssl.external.verify = verify_peer|g' ./emq.conf
sh start_your_app.sh
touch 1.txt;tail -f 1.txt #This will make your container in running infinite so that even after all the steps of this script has been executed your container will continue running. until you kill tail -f 1.txt command.
Hope this will help.
Thank you!

ash - is one of the smallest shells. This command interpreter has 24 built-in commands and 10 different command-line options.
ash hasn't all commands which you need. You should use /bin/bash

Related

Add at command to docker

Hello i want to add At command to docker container. I am using linux alpine .
I tried to use apk add at andapk add atd it is giving me the same error.
ERROR: unsatisfiable constraints: atd (missing):
required by: world[atd]
Is there a way to fix that or can is there a way to use apt-get since at exists for apt-get
Looks like at just available as is: apk add at
this Dockerfile works fine for me:
FROM alpine:latest
RUN apk add at
CMD at --help
example run:
$ docker build -t at_command_line -f Dockerfile .
$ docker run at_command_line:latest
at: unrecognized option: -
Usage: at [-V] [-q x] [-f file] [-u username] [-mMlbv] timespec ...
at [-V] [-q x] [-f file] [-u username] [-mMlbv] -t time
at -c job ...
atq [-V] [-q x]
at [ -rd ] job ...
atrm [-V] job ...
batch
I would just add to #ujlbu4's answer that you need to run the at daemon atd once your container is up and running or else the jobs will sit in the queue without getting executed.
Example Dockerfile:
FROM python:alpine
RUN apk add at
ENTRYPOINT ["atd"]
If you don't run atd you may see the following:
$ docker exec -it my_running_container /bin/sh
# echo "echo hi" | at now + 1 minutes
warning: commands will be executed using /bin/sh
job 6 at Mon Jun 21 18:11:00 2021
Can't open /var/run/atd.pid to signal atd. No atd running?

Echo dynamic sed to file inside Dockerfile

I am working on a Dockerfile, inside of which I want to dynamically create a sed expression based on the input argument variable, and write this expression to a file.
Here's part of the Dockerfile:
FROM ubuntu
ARG VERSION
RUN echo $VERSION > /usr/local/testfile
RUN echo '#!/bin/sh \n\
sed -i "s/\"version\"/\${VERSION}/g" file' > /usr/local/foo.sh
the image builds fine.
When I start a container from that image, and inspect the files:
# cat /usr/local/testfile
0.0.1
# cat /usr/local/foo.sh
#!/bin/sh
sed -i "s/\"version\"/\${VERSION}/g" file
I notice that the $VERSION was not replaced correctly in the sed command. What am I missing here? I've tried a few different things (e.g. "$VERSION") but none of them worked.
I ended up breaking down the command. I created a variable for the sed command by using string concatenation and then I echoed that to the file separately:
FROM ubuntu
ARG VERSION
ENV command="sed -i s/\"version\"/""$VERSION""/g"
RUN echo '#!/bin/sh' > /usr/local/foo.sh
RUN echo $command >> usr/local/foo.sh
# cat /usr/local/foo.sh
#!/bin/sh
sed -i s/"version"/0.0.1/g

Is it possible to add an installer, run it and delete it during one build step in Docker?

I'm trying to create a Docker image from a pretty large installer binary (300+ MB). I want to add the installer to the image, install it, and delete the installer. This doesn't seem to be possible:
COPY huge-installer.bin /tmp
RUN /tmp/huge-installer.bin
RUN rm /tmp/huge-installer.bin # <- has no effect on the image size
Using multiple build stages doesn't seem to solve this, since I need to run the installer in the final image. If I could execute the installer directly from a previous build stage, without copying it, that would solve my problem, but as far as I know that's not possible.
Is there any way to avoid including the full weight of the installer in the final image?
I ended up solving this by using the built-in HTTP server in Python to make the project directory available to the image over HTTP.
Inside the Dockerfile, I can run commands like this, piping scripts directly to bash using curl:
RUN curl "http://127.0.0.1:${SERVER_PORT}/installer-${INSTALLER_VERSION}.bin" | bash
Or save binaries, run them and delete them in one step:
RUN curl -O "http://127.0.0.1:${SERVER_PORT}/binary-${INSTALLER_VERSION}.bin" && \
./binary-${INSTALLER_VERSION}.bin && \
rm binary-${INSTALLER_VERSION}.bin
I use a Makefile to start the server and stop it after the build, but you can use a build script instead.
Here's a Makefile example:
SHELL := bash
IMAGE_NAME := app-test
VERSION := 1.0.0
SERVER_PORT := 8580
.ONESHELL:
.PHONY: build
build:
# Kills the HTTP server when the build is done
function cleanup {
pkill -f "python3 -m http.server.*${SERVER_PORT}"
}
trap cleanup EXIT
# Starts a HTTP server that makes the contents of the project directory
# available to the image
python3 -m http.server -b 127.0.0.1 ${SERVER_PORT} &>/dev/null &
sleep 1
EXTRA_ARGS=""
# Allows skipping the build cache by setting NO_CACHE=1
if [[ -n $$NO_CACHE ]]; then
EXTRA_ARGS="--no-cache"
fi
docker build $$EXTRA_ARGS \
--network host \
--build-arg SERVER_PORT=${SERVER_PORT} \
-t ${IMAGE_NAME}:latest \
.
docker tag ${IMAGE_NAME}:latest ${IMAGE_NAME}:${VERSION}
I think the best way is to download the bin from a website then run it:
RUN wget http://myweb/huge-installer.bin && /tmp/huge-installer.bin && rm /tmp/huge-installer.bin
in this way your image layer will not contain the binary you download
I didn't test it thoroughly, but wouldn't such an approach be viable? (Besides LinPy's answer, which is way easier if you have the possibility to just do it that way.)
Dockerfile:
FROM alpine:latest
COPY entrypoint.sh /tmp/entrypoint.sh
RUN \
echo "I am an image that can run your huge installer binary!" \
&& echo "I will only function when you give it to me as a volume mount."
ENTRYPOINT [ "/tmp/entrypoint.sh" ]
entrypoint.sh:
#!/bin/sh
/tmp/your-installer # install your stuff here
while true; do
echo "installer finished, commit me now!"
sleep 5
done
Then run:
$ docker build -t foo-1
$ docker run --rm --name foo-1 --rm -d -v $(pwd)/your-installer:/tmp/your-installer
$ docker logs -f foo-1
# once it echoes "commit me now!", run the next command
$ docker commit foo-1 foo-2
$ docker stop foo-1
Since the installer was only mounted as a volume, the image foo-2 should not contain it anymore. You could also go and build another Dockerfile based on foo-2 to change the entrypoint, for example.
Cf. docker commit

How to workaround "the input device is not a TTY" when using grunt-shell to invoke a script that calls docker run?

When issuing grunt shell:test, I'm getting warning "the input device is not a TTY" & don't want to have to use -f:
$ grunt shell:test
Running "shell:test" (shell) task
the input device is not a TTY
Warning: Command failed: /bin/sh -c ./run.sh npm test
the input device is not a TTY
Use --force to continue.
Aborted due to warnings.
Here's the Gruntfile.js command:
shell: {
test: {
command: './run.sh npm test'
}
Here's run.sh:
#!/bin/sh
# should use the latest available image to validate, but not LATEST
if [ -f .env ]; then
RUN_ENV_FILE='--env-file .env'
fi
docker run $RUN_ENV_FILE -it --rm --user node -v "$PWD":/app -w /app yaktor/node:0.39.0 $#
Here's the relevant package.json scripts with command test:
"scripts": {
"test": "mocha --color=true -R spec test/*.test.js && npm run lint"
}
How can I get grunt to make docker happy with a TTY? Executing ./run.sh npm test outside of grunt works fine:
$ ./run.sh npm test
> yaktor#0.59.2-pre.0 test /app
> mocha --color=true -R spec test/*.test.js && npm run lint
[snip]
105 passing (3s)
> yaktor#0.59.2-pre.0 lint /app
> standard --verbose
Remove the -t from the docker run command:
docker run $RUN_ENV_FILE -i --rm --user node -v "$PWD":/app -w /app yaktor/node:0.39.0 $#
The -t tells docker to configure the tty, which won't work if you don't have a tty and try to attach to the container (default when you don't do a -d).
This solved an annoying issue for me. The script had these lines:
docker exec **-it** $( docker ps | grep mysql | cut -d' ' -f1) mysql --user= ..... > /var/tmp/temp.file
mutt -s "File is here" someone#somewhere.com < /var/tmp/temp.file
The script would run great if run directly and the mail would come with the correct output. However, when run from cron, (crontab -e) the mail would come with no content. Tried many things around permissions and shells and paths etc. However no joy!
Finally found this:
*/20 * * * * scriptblah.sh > $HOME/cron.log 2>&1
And on that cron.log file found this output:
the input device is not a TTY
Search led me here. And after I removed the -t, it's working great now!
docker exec **-i** $( docker ps | grep mysql | cut -d' ' -f1) mysql --user= ..... > /var/tmp/temp.file

How to deal with state "Exit 0" in Docker

I have build a Docker image and afterwards run a container using Docker Compose. The following command will do the job for me:
docker-compose up -d
I have restarted the PC and now I want to start the previous container that I've created before. So I have tried the following command:
$ docker-compose start
Starting php-apache ... done
Apparently it works but it doesn't as per the output for the following command:
$ docker-compose ps
Name Command State Ports
---------------------------------------------------------------------------
php55devwork_php-apache_1 /bin/sh -c bash -C '/usr/l ... Exit 0
For sure something is wrong and I am trying to find out what.
How do I find why the command is failing?
Is there any place where I could see a log file or something that help me to identify and fix the error?
Here is the repository if you want to give it a try.
Update
If I remove the container: docker rm <container-id> and recreate it by running docker-compose up -d --build it works again.
Update #1
I am not able to see such weird characters:
This is what helped me to resolve this issue:
Under one of your services in the docker-compose yaml file, type in the following:
tty: true so it'll look like
version: '3'
services:
web:
tty: true
Hopefully this helps someone; thumps up if it helps you :)
I took a look into your Docker github and setup_php_settings
on line (line n. 27) there is source /etc/apache2/envvars && exec /usr/sbin/apache2 -DFOREGROUND
and that runs apache2 on foreground so it shouldn't exit with status code 0.
But it seems to me like your setup_php_settings contains some weird character (when I run your image with compose)
(original is one on right side) weird character
I have changed it to new lines and it worked for me. Let us know if it helped.
If you want to debug your docker container you can run it without entrypoint like:
docker run -it yourImage bash
-- AFTER some investigation:
There were still some errors when I restart docker container - like in your case stopped container and start after reboot. There were problems: symbolic links already exist and apache2 has grumpy PID so we need to do something like in oficial php docker
This is full setup_php_settings worked for me after container restart.
#!/bin/bash -x
set -e
PHP_ERROR_REPORTING=${PHP_ERROR_REPORTING:-"E_ALL & ~E_DEPRECATED & ~E_NOTICE"}
sed -ri 's/^display_errors\s*=\s*Off/display_errors = On/g' /etc/php5/apache2/php.ini
sed -ri 's/^display_errors\s*=\s*Off/display_errors = On/g' /etc/php5/cli/php.ini
sed -ri "s/^error_reporting\s*=.*$//g" /etc/php5/apache2/php.ini
sed -ri "s/^error_reporting\s*=.*$//g" /etc/php5/cli/php.ini
echo "error_reporting = $PHP_ERROR_REPORTING" >> /etc/php5/apache2/php.ini
echo "error_reporting = $PHP_ERROR_REPORTING" >> /etc/php5/cli/php.ini
mkdir -p /data/tmp/php/uploads
mkdir -p /data/tmp/php/sessions
mkdir -p /data/tmp/php/xdebug
chown -R www-data:www-data /data/tmp/php*
ln -sf /etc/php5/mods-available/zz-php.ini /etc/php5/apache2/conf.d/zz-php.ini
ln -sf /etc/php5/mods-available/zz-php-directories.ini /etc/php5/apache2/conf.d/zz-php-directories.ini
# Add symbolic link to get Zend out of the current install dir
ln -sf /usr/share/php/libzend-framework-php/Zend/ /usr/share/php/Zend
a2enmod rewrite
php5enmod mcrypt
# Apache gets grumpy about PID files pre-existing
: "${APACHE_PID_FILE:=${APACHE_RUN_DIR:=/var/run/apache2}/apache2.pid}"
rm -f "$APACHE_PID_FILE"
source /etc/apache2/envvars && exec /usr/sbin/apache2 -DFOREGROUND "$#"
You can check logs with docker compose logs.
Looking through your repo, you have
ENTRYPOINT bash -C '/usr/local/bin/setup_php_settings';'bash'
which, without an interactive session, bash will exit immediately (with an exit code 0) after reading the end of file on stdin.
Normally getting an exit 0 should be a reason to celebrate, as it indicates that your command has ended successfully (http://www.tldp.org/LDP/abs/html/exit-status.html).
Having had a look at your Dockerfile it looks like, your just invoking bash in your entry point which then for sure will exit (as it is non blocking). In order to serve some data, you should rather be calling php (which is a blocking operation that keeps the container up), like done in the official docker files for php (see the CMD ["php", "-a"] at https://github.com/docker-library/php/blob/1c56325a69718a3e3cf76179e75d070b7e23da62/5.6/Dockerfile)

Resources