crontab not executing on centos7 container - docker

As below, i have a centos7 container and i have a cron job configured. But it does not seem to be executing. What am i missing?
host: centos:7 docker container running on a mac
[root#a2118127510b /]# cat /etc/*-release
CentOS Linux release 7.2.1511 (Core)
NAME="CentOS Linux"
VERSION="7 (Core)"
ID="centos"
ID_LIKE="rhel fedora"
VERSION_ID="7"
PRETTY_NAME="CentOS Linux 7 (Core)"
BUG_REPORT_URL="https://bugs.centos.org/
CentOS Linux release 7.2.1511 (Core)
CentOS Linux release 7.2.1511 (Core)
[root#a2118127510b /]#
[root#a2118127510b /]# date
Fri Sep 16 06:27:49 UTC 2016
[root#a2118127510b /]# crontab -l
no crontab for root
[root#a2118127510b /]# cat mycron
* * * * * echo "hello" >> /var/log/cron1.log 2>&1
[root#a2118127510b /]# touch /var/log/cron1.log
[root#a2118127510b /]# crontab -u root mycron
[root#a2118127510b /]# crontab -l
* * * * * echo "hello" >> /var/log/cron1.log 2>&1
[root#a2118127510b /]# date
Fri Sep 16 06:27:55 UTC 2016
[root#a2118127510b /]# cat /var/log/cron1.log
[root#a2118127510b /]# date
Fri Sep 16 06:32:03 UTC 2016
[root#a2118127510b /]# cat /var/log/cron1.log
[root#a2118127510b /]#

Docker containers (generally) only run one process, whereas in a typical VM/OS setup there are multiple services running in the background performing things like Cron execution and the like. It's likely that the Cron service isn't running in your container and therefore isn't triggering any Cron jobs.
You can check if the Cron service is running using ps or a similar command. http://www.cyberciti.biz/faq/howto-linux-unix-start-restart-cron/ also gives information about starting and stopping the Cron service.
The most 'Dockerlike' approach would be to have a container that just ran the Cron process as it's single job running in foreground mode and displaying the output from the process instead of writing to a log file. https://github.com/aptible/docker-cron-example does something similar to this although it runs Cron in the background and then tail the log in the foreground.

Related

What if the Docker installed image does not have a shutdown command?

The official image ubuntu18.04 of the installed Docker
PS C:\Users\17293> docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
ubuntu 18.04 4eb8f7c43909 2 weeks ago 63.1MB
PS C:\Users\17293> docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
12910e0535ad ubuntu:18.04 "bash" 2 hours ago Up 2 hours mineos
I tried poweroff, shutdown and halt, but how can I shutdown?
root#12910e0535ad:/# uname -a
Linux 12910e0535ad 5.4.72-microsoft-standard-WSL2 #1 SMP Wed Oct 28 23:40:43 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
root#12910e0535ad:/# poweroff
bash: poweroff: command not found
root#12910e0535ad:/# shutdown
bash: shutdown: command not found
root#12910e0535ad:/# halt
bash: halt: command not found
root#12910e0535ad:/#
From the host you can use stop:
docker stop container_ip/name
From the container itself, if you have an interactive command line, use exit

amazonlinux:2 systemctl Failed to get D-Bus connection

I would like to use this image https://hub.docker.com/_/amazonlinux to script my EC2 machine
Here is my Dockefile :
FROM amazonlinux:2
MAINTAINER "xxxxx" <xxxxx#xxxx.xx>
RUN yum -y update
RUN yum -y install httpd
WORKDIR /var/www/html
CMD [ "/usr/sbin/httpd","-D","FOREGROUND" ]
systemctl do not works :
bash-4.2# systemctl list-units
Failed to get D-Bus connection: Operation not permitted
bash-4.2# systemctl status httpd.service
Failed to get D-Bus connection: Operation not permitted
I cannot restart
bash-4.2# systemctl restart httpd.service
Failed to get D-Bus connection: Operation not permitted
/etc/os-release
bash-4.2# cat /etc/os-release
NAME="Amazon Linux"
VERSION="2"
ID="amzn"
ID_LIKE="centos rhel fedora"
VERSION_ID="2"
PRETTY_NAME="Amazon Linux 2"
ANSI_COLOR="0;33"
CPE_NAME="cpe:2.3:o:amazon:amazon_linux:2"
HOME_URL="https://amazonlinux.com/"
No problem on real ec2 :
[ec2-user#ip-xxxxxxxxx]$ cat /etc/os-release
NAME="Amazon Linux"
VERSION="2"
ID="amzn"
ID_LIKE="centos rhel fedora"
VERSION_ID="2"
PRETTY_NAME="Amazon Linux 2"
ANSI_COLOR="0;33"
CPE_NAME="cpe:2.3:o:amazon:amazon_linux:2"
HOME_URL="https://amazonlinux.com/"
[ec2-user#ip-xxxxxxxxx]$ systemctl status httpd.service
● httpd.service - The Apache HTTP Server
Loaded: loaded (/usr/lib/systemd/system/httpd.service; enabled; vendor preset: disabled)
Drop-In: /usr/lib/systemd/system/httpd.service.d
└─php-fpm.conf
Active: active (running) since mer. 2020-05-20 16:36:19 UTC; 1h 50min ago
Docs: man:httpd.service(8)
Main PID: 3047 (httpd)
Status: "Total requests: 7; Idle/Busy workers 100/0;Requests/sec: 0.00106; Bytes served/sec: 20 B/sec"
CGroup: /system.slice/httpd.service
├─3047 /usr/sbin/httpd -DFOREGROUND
├─3075 /usr/sbin/httpd -DFOREGROUND
├─3076 /usr/sbin/httpd -DFOREGROUND
├─3077 /usr/sbin/httpd -DFOREGROUND
├─3078 /usr/sbin/httpd -DFOREGROUND
├─3079 /usr/sbin/httpd -DFOREGROUND
└─3495 /usr/sbin/httpd -DFOREGROUND
mai 20 16:36:19 xxxxxxxxx.internal systemd[1]: Starting The Apache HTTP Server...
mai 20 16:36:19 xxxxxxxxx.internal systemd[1]: Started The Apache HTTP Server.
It's a famous image, has anyone found a solution ?
The "httpd" is run as PID-1 of the container.
If you do "docker stop (container)" then httpd will get a SIGTERM. If you do "docker restart (container)" then it will cycle through docker-stop / docker-start also recreating the httpd daemon.
https://docs.docker.com/engine/reference/commandline/restart/
Using systemd in a container is not needed here. If you really want to do that then there are multiple options. It could be to run a full systemd in a container or to use another service manager instead.
https://github.com/gdraheim/docker-systemctl-images/blob/master/centos-httpd.dockerfile

Getting Read Only Filesystem Error inside a docker container

This command
echo 1 | sudo tee /proc/sys/net/ipv6/conf/all/disable_ipv6
when run inside a CentOS docker container (running on Mac), gives:
echo 1 | sudo tee /proc/sys/net/ipv6/conf/all/disable_ipv6
tee: /proc/sys/net/ipv6/conf/all/disable_ipv6: Read-only file system
1
When run inside a CentOS virtual machine, it succeeds and gives no error.
The directory permissions inside docker container and VM are exactly the same:
VM:
$ ls -ld /proc/sys/net/ipv6/conf/all/disable_ipv6
-rw-r--r-- 1 root root 0 Jan 4 21:09 /proc/sys/net/ipv6/conf/all/disable_ipv6
docker:
$ ls -ld /proc/sys/net/ipv6/conf/all/disable_ipv6
-rw-r--r-- 1 root root 0 Jan 5 05:05 /proc/sys/net/ipv6/conf/all/disable_ipv6
This is a fresh, brand new container.
Docker version:
$ docker --version
Docker version 18.09.0, build 4d60db4
What am I missing?
Try hackish solution and add extended privileges to the container with --privileged:
$ docker run --rm -ti centos \
bash -c "echo 1 | tee /proc/sys/net/ipv6/conf/all/disable_ipv6"
tee: /proc/sys/net/ipv6/conf/all/disable_ipv6: Read-only file system
1
vs
$ docker run --privileged --rm -ti centos \
bash -c "echo 1 | tee /proc/sys/net/ipv6/conf/all/disable_ipv6"
1
You can use --cap-add to add precise privilege instead of --privileged.
However --sysctl looks like the best solution, instead of hacking networking in the container with --privileged:
$ docker run --sysctl net.ipv6.conf.all.disable_ipv6=1 \
--rm -ti centos bash -c "cat /proc/sys/net/ipv6/conf/all/disable_ipv6"
1

Cannot connect to the Docker daemon at unix:///var/run/docker.sock. Is the docker daemon running? inside a Dockerfile

I have the following Dockerfile:
FROM ubuntu
ENV NPM_CONFIG_LOGLEVEL warn
ENV admin_user="PeerAdmin" network_name=$1 version=$2 hversion=hlfv1 fabrik_path=/fabric-tools project_dir=$(pwd)
ENV card_store_dir=$project_dir/.card-store stage_dir=$project_dir/.stage env_dir=$project_dir/env is_ok=1 FABRIC_VERSION=hlfv1
WORKDIR /app
COPY . /app
USER root
# RUN chown -R ubuntu:ubuntu .
WORKDIR /app
RUN apt-get update && \
mkdir "$fabrik_path" && \
cd "$fabrik_path" && \
export FABRIC_VERSION=hlfv1 && \
apt-get -y install apt-transport-https ca-certificates curl software-properties-common && \
apt-get -y install curl && \
apt-get -y install unzip && \
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | apt-key add - && \
apt-get -y install docker.io && \
curl -O https://raw.githubusercontent.com/hyperledger/composer-tools/master/packages/fabric-dev-servers/fabric-dev-servers.zip && \
unzip fabric-dev-servers.zip && \
service docker start && \
./downloadFabric.sh && \
./startFabric.sh
Attempting to execute it, I am receiving an error:
Cannot connect to the Docker daemon at unix:///var/run/docker.sock. Is the docker daemon running?
Commands like service docker start or systemctl do not work.
Try this cmd:
sudo service docker restart
You can't (*) run Docker inside Docker containers or images. You can't (*) start background services inside a Dockerfile. As you say, commands like systemctl and service don't (*) work inside Docker anywhere. And in any case you can't use any host-system resources, including the host's Docker socket, from anywhere in a Dockerfile.
You need to redesign this Dockerfile so that it only installs the software and makes no attempt to start it. Ideally a container would start only a single server, and would run it in the foreground as its CMD; otherwise you might depend on things like supervisord to have multiple servers if you must. If your application heavily relies on being able to start things in Docker, you might find it much easier to install in a virtual machine.
(*) Technically there are ways to do all of these things, but they're all tricky and complicated and have implications (up to potentially giving your container unrestricted root access over the host, and your container startup actively reconfiguring some low-level host details).
Launch the Terminal and execute the commands below:
$ sudo service --status-all
$ sudo service docker start
https://appuals.com/cannot-connect-to-the-docker-daemon-at-unix-var-run-docker-sock/
Solution 4: Start Docker with the Service command
1. Check the docker.service
sudo systemctl status docker
output is something like this:
● docker.service - Docker Application Container Engine
Loaded: loaded (/lib/systemd/system/docker.service; enabled; vendor preset: enabled)
Drop-In: /lib/systemd/system/docker.service.d
└─http-proxy.conf
Active: active (running) since Sat 2021-12-04 19:11:03 +0330; 2min 59s ago
Docs: https://docs.docker.com
Main PID: 28223 (dockerd)
Tasks: 29
CGroup: /system.slice/docker.service
└─28223 /usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock
Dec 04 19:11:03 elitedesk dockerd[28223]: time="2021-12-04T19:11:03.813464635+03:30" level=info msg="New memberlist node - Node:elitedesk will use memberlist nodeID:57d6b077dc1b with config:&{NodeID:57d6b077dc1b Hostname:elitedesk BindAddr:0.0.0.0 AdvertiseAddr:192.168.1.45 BindPort:0 Keys:[[214 188 67 83 106 206 215 54 212 222 237 172 208 101 235 219] [232 26 246 100 135 196 113 220 147 95 50 132 140 206 7 126] [236 55 254 140 107 62 111 184 64 103 33 77 246 154 26 50]] PacketBufferSize:1400 reapEntryInterval:1800000000000 reapNetworkInterval:1825000000000 StatsPrintPeriod:5m0s HealthPrintPeriod:1m0s}"
Dec 04 19:11:03 elitedesk dockerd[28223]: time="2021-12-04T19:11:03.813277123+03:30" level=info msg="Daemon has completed initialization"
Dec 04 19:11:03 elitedesk dockerd[28223]: time="2021-12-04T19:11:03.813269814+03:30" level=info msg="initialized VXLAN UDP port to 4789 "
Dec 04 19:11:03 elitedesk dockerd[28223]: time="2021-12-04T19:11:03.814239176+03:30" level=info msg="Node 57d6b077dc1b/192.168.1.45, joined gossip cluster"
Dec 04 19:11:03 elitedesk dockerd[28223]: time="2021-12-04T19:11:03.814424565+03:30" level=info msg="Node 57d6b077dc1b/192.168.1.45, added to nodes list"
Dec 04 19:11:03 elitedesk systemd[1]: Started Docker Application Container Engine.
Dec 04 19:11:03 elitedesk dockerd[28223]: time="2021-12-04T19:11:03.891119330+03:30" level=info msg="API listen on /var/run/docker.sock"
Dec 04 19:11:03 elitedesk dockerd[28223]: time="2021-12-04T19:11:03.964000220+03:30" level=error msg="error reading the kernel parameter net.ipv4.vs.conn_reuse_mode" error="open /proc/sys/net/ipv4/vs/conn_reuse_mode: no such file or directory"
Dec 04 19:11:03 elitedesk dockerd[28223]: time="2021-12-04T19:11:03.964029536+03:30" level=error msg="error reading the kernel parameter net.ipv4.vs.expire_nodest_conn" error="open /proc/sys/net/ipv4/vs/expire_nodest_conn: no such file or directory"
Dec 04 19:11:03 elitedesk dockerd[28223]: time="2021-12-04T19:11:03.964042003+03:30" level=error msg="error reading the kernel parameter net.ipv4.vs.expire_quiescent_template" error="open /proc/sys/net/ipv4/vs/expire_quiescent_template: no such file or directory"
If seemed to have an error, restart it:
sudo systemctl restart docker
And check the status again. If did not solve, next
2. Request to the daemon's socket, see if it is up:
curl --unix-socket /var/run/docker.sock http://localhost/_ping; echo
Output is just OK message
OK
If did not get OK and got something like this:
curl: (7) Couldn't connect to server
3. Check the socket service
sudo systemctl status docker.socket
And a fine output will be:
● docker.socket - Docker Socket for the API
Loaded: loaded (/lib/systemd/system/docker.socket; enabled; vendor preset: enabled)
Active: active (running) since Sat 2021-12-04 19:10:57 +0330; 6min ago
Listen: /var/run/docker.sock (Stream)
Tasks: 0 (limit: 4915)
CGroup: /system.slice/docker.socket
Dec 04 19:10:57 elitedesk systemd[1]: Starting Docker Socket for the API.
Dec 04 19:10:57 elitedesk systemd[1]: Listening on Docker Socket for the API.
And restart it even if it looked good. Because after stopping the daemon and start it again, it does not work and we should (as long as I know) restart docker.socket.
sudo systemctl restart docker.socket
Yet you were not able to fix it? next:
4. Run the daemon directly in debug mode
sudo dockerd -D -l debug
I had this same issue, run this command in your terminal. This fixed the problem.
sudo apt-get install docker-ce docker-ce-cli containerd.io
The error may come from "service docker start". If you want to follow the installation instructions from the upstream vendor for a docker container then you need to prepare the environment for that. I can run these commands easily by using the dockers-systemctl-replacement script.
It might be the case that the user with which you have logged in to docker engine is not having the correct permission. You can add the user to docker group with below command:
sudo usermod -a -G docker $USER
$USER is the username of the currently logged in user.
if you install docker with deb files, probably not install docker cli. So after install docker, install docker cli, #Jayanth's answer

Delete files in offline docker container

I am working with the following docker files: https://github.com/zanata/zanata-docker-files
After I ran the ./zanata-server/runapp.sh, It started two docker containers:
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
654580794e7c zanata/server:latest "/opt/jboss/wildfl..." 18 seconds ago Up 17 seconds 0.0.0.0:8080->8080/tcp zanata
311f3379635e mariadb:10.1 "docker-entrypoint..." 2 weeks ago Up 2 weeks 3306/tcp zanatadb
After a blackout, the zanata server container broke, it left some Lock files around and I cannot start it again:
org.zanata.exception.ZanataInitializationException: Lucene lock files found. Check if Zanata is already running. Otherwise, Zanata was not shut down cleanly: delete the lock files: [/var/lib/zanata/indexes/org.zanata.model.
HTextFlowTarget/write.lock, /var/lib/zanata/indexes/org.zanata.model.HProjectIteration/write.lock, /var/lib/zanata/indexes/org.zanata.model.HProject/write.lock]
How can I delete the lock files?
Okay, I thought I need to delete the files while the container is offline, but indeed I needed to run the container, after I could connect to it and run commands on like I was on a normal server.
The main solution:
sudo docker exec -it 654580794e7c bash
This allows me to execute commands on the container:
[jboss#654580794e7c ~]$ ls
wildfly
The whole process, if you would like to see:
zanata#zanata:~/docker/zanata-docker-files-platform-4.1.1/zanata-server$ sudo docker ps
[sudo] password for zanata:
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
654580794e7c zanata/server:latest "/opt/jboss/wildfl..." 17 minutes ago Up 17 minutes 0.0.0.0:8080->8080/tcp zanata
311f3379635e mariadb:10.1 "docker-entrypoint..." 2 weeks ago Up 2 weeks 3306/tcp zanatadb
zanata#zanata:~/docker/zanata-docker-files-platform-4.1.1/zanata-server$ sudo docker exec -it 654580794e7c bash
[jboss#654580794e7c ~]$ ls
wildfly
[jboss#654580794e7c ~]$ cd /var/lib
[jboss#654580794e7c lib]$ ls
alternatives games machines rpm systemd zanata
dbus initramfs misc rpm-state yum
[jboss#654580794e7c lib]$ cd zanata/indexes
[jboss#654580794e7c indexes]$ ls -lh
total 28K
drwxr-xr-x 2 jboss jboss 4.0K Mar 2 13:14 org.zanata.model.HAccount
drwxr-xr-x 2 jboss jboss 4.0K Mar 2 13:14 org.zanata.model.HGlossaryEntry
drwxr-xr-x 2 jboss jboss 4.0K Mar 2 13:14 org.zanata.model.HGlossaryTerm
drwxr-xr-x 2 jboss jboss 4.0K Mar 2 13:30 org.zanata.model.HProject
drwxr-xr-x 2 jboss jboss 4.0K Mar 2 13:30 org.zanata.model.HProjectIteration
drwxr-xr-x 2 jboss jboss 4.0K Mar 3 07:23 org.zanata.model.HTextFlowTarget
drwxr-xr-x 2 jboss jboss 4.0K Mar 2 13:14 org.zanata.model.tm.TransMemoryUnit
[jboss#654580794e7c indexes]$ cd org.zanata.model.HTextFlowTarget/
[jboss#654580794e7c org.zanata.model.HTextFlowTarget]$ ls
_0.cfe _0.cfs _0.si segments_2 write.lock
[jboss#654580794e7c org.zanata.model.HTextFlowTarget]$ rm write.lock
[jboss#654580794e7c org.zanata.model.HTextFlowTarget]$ ls
_0.cfe _0.cfs _0.si segments_2
[jboss#654580794e7c org.zanata.model.HTextFlowTarget]$ cd .
[jboss#654580794e7c org.zanata.model.HTextFlowTarget]$ cd ..
[jboss#654580794e7c indexes]$ cd org.zanata.model.HProject
[jboss#654580794e7c org.zanata.model.HProject]$ ls
_0.cfe _0.cfs _0.si segments_2 write.lock
[jboss#654580794e7c org.zanata.model.HProject]$ rm write.lock
[jboss#654580794e7c org.zanata.model.HProject]$ cd ..
[jboss#654580794e7c indexes]$ cd org.zanata.model.HProjectIteration/
[jboss#654580794e7c org.zanata.model.HProjectIteration]$ ls
_0.cfe _0.cfs _0.si segments_2 write.lock
[jboss#654580794e7c org.zanata.model.HProjectIteration]$ rm write.lock
[jboss#654580794e7c org.zanata.model.HProjectIteration]$ ^C
[jboss#654580794e7c org.zanata.model.HProjectIteration]$ exit
zanata#zanata:~/docker/zanata-docker-files-platform-4.1.1/zanata-server$

Resources