I am trying to build Docker image using Habitus, so that I can securely pass build time secrets (github ssh keys) to docker.
My Habitus build file:
build:
version: 2016-03-14
steps:
builder:
name: search/poirot
dockerfile: Dockerfile
secrets:
id_rsa:
type: file
value: _env(HOME)/.ssh/id_rsa
cleanup:
commands:
- rm -rf /root/.ssh/
I have the latest Docker for Mac installed on my machine. I am running this command to build:
sudo ./habitus
--certs=$HOME/.docker/machine/certs/ --host=192.168.99.100:59124
I am using the IP and port from "~/.docker/machine/machines/default/config.json"
Content:
"Driver": {
"IPAddress": "192.168.99.100",
"MachineName": "default",
"SSHUser": "docker",
"SSHPort": 59124,
"SSHKeyPath": "/Users/shiladityamandal/.docker/machine/machines/default/id_rsa",
"StorePath": "/Users/shiladityamandal/.docker/machine",
"SwarmMaster": false,
"SwarmHost": "tcp://0.0.0.0:3376",
"SwarmDiscovery": "",
"VBoxManager": {},
"HostInterfaces": {},
"CPU": 1,
"Memory": 2048,
"DiskSize": 20000,
"NatNicType": "82540EM",
"Boot2DockerURL": "",
"Boot2DockerImportVM": "",
"HostDNSResolver": false,
"HostOnlyCIDR": "192.168.99.1/24",
"HostOnlyNicType": "82540EM",
"HostOnlyPromiscMode": "deny",
"NoShare": false,
"DNSProxy": true,
"NoVTXCheck": false
},
I keep getting the following error during build:
Build for step test/test failed due to Post
https://192.168.99.100:59124/build?dockerfile=Dockerfile.generated&rm=1&t=search%2Fservice:
dial tcp 192.168.99.100:59124: i/o timeout
What am I doing wrong?
I was following this process- https://dzone.com/articles/using-ssh-private-keys-securely-in-docker-build
Solved it myself. Had to connect to 192.168.99.100:2376
Related
have a container that failed after a long setup and i want to log in (exec bash) at that point instead of executing the slow setup again. Is there any way?
The container is a left over from a docker build process, it is still the FROM ... AS builder stage.
if i try to start it, it will fail right away.
$ docker start -ai 3d35a7f7a7b4
/bin/sh: mvn: command not found
trying to exec anything right away doesn't work either
$ docker start 3d35a7f7a7b4 & docker exec 3d35a7f7a7b4 -it /bin/sh
[1] 403273
3d35a7f7a7b4
unable to upgrade to tcp, received 500
[1]+ Done docker start 3d35a7f7a7b4
more info:
$ docker inspect 3d35a7f7a7b4
[
{
"Id": "3d35a7f7a7b4018ebbbd9aa59356714d7fed291a43752cbcb86dd852c946cc1e",
"Created": "2022-07-06T23:56:37.001004587Z",
"Path": "/bin/sh",
"Args": [
"-c",
"mvn --version"
],
"State": {
"Status": "exited",
"Running": false,
"Paused": false,
"Restarting": false,
"OOMKilled": false,
"Dead": false,
"Pid": 0,
"ExitCode": 127,
"Error": "",
"StartedAt": "2022-07-07T00:02:35.755444447Z",
"FinishedAt": "2022-07-07T00:02:35.75741167Z"
},
"Image": "sha256:4819e2469963fdf531ec5bce5401b7ae7d28cd403528c0109512b5170ef61752",
...
this is not an optimal answer. Here just for documentation (and for people to vote up if it is the best one can do with docker)
docker run can be used on the image of the stopped container, and you can pass the CMD parameter right away. But any other peculiarity of the stopped container will also have to be repeated. e.g. network.
for the example on the question:
host$ docker run -it sha256:4819e2469963fdf531ec5bce5401b7ae7d28cd403528c0109512b5170ef61752 /bin/bash
container# _
I am building and deploying an application via Docker and ECS Fargate. I have my entrypoint command defined in the ECS Task definition. Upon pushing the image into a private ECR repository, I am getting this error when ECS Fargate attempts to deploy the docker image. Any advice would be helpful. Below is the dockerfile, Task Definition, and the error.
Dockerfile
FROM centos:7
COPY /src/main/build/application.zip /tmp/application.zip
COPY /src/main/residual-container-setup/application/init.sh /tmp/init.sh
#Environment variables and Entry point being defined via task definition
Task Definition
{
"containerDefinitions": [
{
"logConfiguration": {
"logDriver": "awslogs",
"options": {
"awslogs-group": "/ecs/application",
"awslogs-region": "us-east-2",
"awslogs-stream-prefix": "ecs"
}
},
"entryPoint": [
"[\"/bin/sh -c\"",
"\"/tmp/init.sh\"]"
],
"portMappings": [
{
"hostPort": 9003,
"protocol": "tcp",
"containerPort": 9003
}
],
"cpu": 0,
"environment": [
{
"name": "HOST",
"value": "dev.application.com"
},
{
"name": "REST_PORT",
"value": "8003"
}
],
"mountPoints": [],
"volumesFrom": [],
"image": "xxxxxxxxxxxx.dkr.ecr.us-east-2.amazonaws.com/application:latest",
"essential": true,
"name": "application"
}
]
Error
container_linux.go:380: starting container process caused: exec: "[\"/bin/sh -c\"": stat ["/bin/sh -c": no such file or directory
I attempted running the container locally with the following command: `docker run -it $docker_image /bin/sh
I was unable to even exec into the container. I believe I may need to install additionally in the image to get this to work. Any advice would be helpful.
Update
I have updated the dockerfile to update the permissions on the init script using the following command: chmod +x /tmp/init.sh
I have also update the task definition entrypoint attribute to ["/bin/sh", "-c", "/tmp/init.sh"]
After making these changes I am now being presented with the following:
container_linux.go:380: starting container process caused: exec: "-c": executable file not found in $PATH
Your entrypoint is defined wrongly.
The way you did it Linux thinks the path to the binary is "/bin/sh -c". If you check the container image I'm pretty sure you do not find that file either.
I am trying to run a simple ansible operation which should update a line in /etc/hosts:
- hosts: localhost
become: true
vars:
master_host: "ansible-master"
tasks:
- hostname: name="{{master_host}}"
- name: Add master host to /etc/hosts
lineinfile: dest=/etc/hosts line="{{ ansible_default_ipv4.address}} {{master_host}}"
regexp=".*{{master_host}}\s*$"
When I run this in virtualbox with ubuntu 16, it works fine.
When I run it in my ubuntu 16 Docker container, I get:
fatal: [localhost]: FAILED! => {"failed": true, "msg": "the field
'args' has an invalid value, which appears to include a variable that
is undefined. The error was: 'ansible_default_ipv4' is
undefined\n\nThe error appears to have been in
'/home/user/ansible/manage-ansible-master.yml': line 11, column 5, but
may\nbe elsewhere in the file depending on the exact syntax
problem.\n\nThe offending line appears to be:\n\n - hostname:
name=\"{{master_host}}\"\n - name: Add master host to /etc/hosts\n
^ here\n"}
Where is ansible trying to pull the local ip from and why can't it do so in docker?
BTW I have installed net-tools in my docker container and it has an eth0 ip.
On virtualbox and in docker I have a line in /etc/hosts
ansible-master 127.0.1.1
UPDATE:
I run
ansible all --connection=local -m setup | less
on virtualbox ubuntu and Docker ubuntu.
On Virtualbox I get a lot of network-related info that I don't get on Docker:
"ansible_facts": {
"ansible_all_ipv4_addresses": [
<ip>,
<another ip>
],
"ansible_all_ipv6_addresses": [
<ipv6>,
<another ipv6>
],
Also in virtualbox I get
"ansible_default_ipv4": {
"address": <value>,
"alias": <value>,
"broadcast": <value>,
"gateway": <value>,
"interface": <value>,
"macaddress": <value>,
"mtu": <value>,
"netmask": <value>,
"network": <value>,
"type": <value>
},
None of this appears in Docker.
I have had a similar problem with fedora; the solution was to install the package that provides the 'ip' command (which is used to generate the fact your looking for). in the case of fedora 'dnf install iproute'.
For Ubuntu, you have to install the iproute2 package in your pre_tasks. Don't forget to gather facts again in another task with - setup: afterwards.
Use hostname flag to put your local container hostname in /etc/hosts:
docker run --hostname=my_hostname
I'm running a docker container with the following command:
docker run -it -e CustomEnvVariable="val123" -p 80:80 imagename
The image has supervisor running with the following conf file for my app:
[program:myapp]
command=/usr/bin/dotnet /root/myapp/myapp.dll
directory=/root/myapp/
autostart=true
autorestart=true
stderr_logfile=/var/log/myapp.err.log
stdout_logfile=/var/log/myapp.out.log
environment=ASPNETCORE__ENVIRONMENT=Production
stopsignal=INT
user=root
How can I access CustomEnvVariable from within myapp after supervisor launches it?
I tried the following value in the conf file environment value:
environment=ASPNETCORE__ENVIRONMENT=Production,CustomEnvVariable=%(ENV_CustomEnvVariable)s
but I would received this error when restarting supervisor:
Restarting supervisor: Error:
Format string 'ASPNETCORE__ENVIRONMENT=Production,CustomEnvVariable="%(ENV_CustomEnvVariable)s"'
for 'environment' contains names which cannot be expanded
Some more information:
Using supervisor version: 3.0 (install via apt-get install supervisor -y).
I confirmed that the value of CustomEnvVariable is reaching the container by checking the output of echo $CustomEnvVariable.
I did a quick scan of all the environment variables available to from the app, here are the results:
{
"LC_ADDRESS": "",
"SUPERVISOR_PROCESS_NAME": "myapp",
"LC_MONETARY": "",
"LC_MESSAGES": "",
"LC_NAME": "",
"SUPERVISOR_ENABLED": "1",
"SUPERVISOR_SERVER_URL": "unix:///var/run/supervisor.sock",
"LC_COLLATE": "",
"ASPNETCORE__ENVIRONMENT": "Production",
"SUPERVISOR_GROUP_NAME": "myapp",
"LANG": "",
"LC_NUMERIC": "",
"LANGUAGE": "",
"LC_PAPER": "",
"LC_IDENTIFICATION": "",
"LC_CTYPE": "",
"LC_MEASUREMENT": "",
"TERM": "xterm",
"LC_TIME": "",
"LC_ALL": "",
"PATH": "/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin",
"LC_TELEPHONE": "",
"PWD": "/"
}
The syntax is correct, but environment expansion is only available in version > 3.2 of supervisor, as per this github issue.
I am trying to start a docker container using the following POST request:
Content-Type: application/json
{
"Hostname":"",
"Domainname": "",
"User":"",
"Memory":0,
"MemorySwap":0,
"CpuShares": 512,
"Cpuset": "0,1",
"AttachStdin":true,
"AttachStdout":true,
"AttachStderr":true,
"PortSpecs":6002,
"Tty":false,
"OpenStdin":false,
"StdinOnce":false,
"Env":null,
"Cmd":
[
"python",
"app.py"
],
"Image":"jobinar/smile_webapp",
"Volumes":{
"/tmp": {}
},
"WorkingDir":"",
"NetworkDisabled": false,
"ExposedPorts":{
"5000/tcp": {}
}
}
However, the container immediately stops after starting. How do I configure my request to prevent it from exiting?
I would appreciate a POST request which does this instead of the command-line way.
EDIT: I get a 201 CREATED response with the id of the created container and I can see that the container is created by running by using the docker ps -a command.
If you have upgraded you docker version you habe to delete /var/lib/docker/network on ubuntu