so i have the following scenario to create my docker image and container. the question is: how can I have my process up at container start up ?
1. create image
cat /var/tmp/mod_sm.tar | docker import - mod_sm_39
2. see images
[root#sl1cdi151 etc]# docker images
REPOSITORY TAG IMAGE ID CREATED VIRTUAL SIZE
mod_sm_39 latest 1573470bfa06 2 hours ago 271 MB
mod_site_m0305 latest c029826a2253 4 days ago 53.8 MB
<none> <none> ee67b9aec2d3 4 days ago 163.4 MB
mod_site_soft latest 0933a386d56c 6 days ago 53.8 MB
mod_site_vm151 latest 4461c32e4772 6 days ago 53.8 MB
3. create container
docker run -it --net=host -v /root:/root -v /usr/share/Modules:/usr/share/Modules -v /usr/libexec:/usr/libexec -v /var:/var -v /tmp:/tmp -v /bin:/bin -v /cgroup:/cgroup -v /dev:/dev -v /etc:/etc -v /home:/home -v /lib:/lib -v /lib64:/lib64 -v /sbin:/sbin -v /usr/lib64:/usr/lib64 -v /usr/bin:/usr/bin --name="mod_sm_39_c2" -d mod_sm_39 /bin/bash
4. now in container i go to my application and start the following:
[root#sl1cdi151 ven]# ./service.sh sm_start
5. check if it's up
[root#sl1cdi151 etc]# ps -ef | grep http
root 33 1 0 11:15 ? 00:00:00 ./httpd -k start -f /usr/local/clo/ven/mod_web/httpd/conf/httpd.conf
daemon 34 33 0 11:15 ? 00:00:00 ./httpd -k start -f /usr/local/clo/ven/mod_web/httpd/conf/httpd.conf
daemon 36 33 0 11:15 ? 00:00:00 ./httpd -k start -f /usr/local/clo/ven/mod_web/httpd/conf/httpd.conf
daemon 37 33 0 11:15 ? 00:00:00 ./httpd -k start -f /usr/local/clo/ven/mod_web/httpd/conf/httpd.conf
daemon 39 33 0 11:15 ? 00:00:00 ./httpd -k start -f /usr/local/clo/ven/mod_web/httpd/conf/httpd.conf
daemon 41 33 0 11:15 ? 00:00:00 ./httpd -k start -f /usr/local/clo/ven/mod_web/httpd/conf/httpd.conf
daemon 43 33 0 11:15 ? 00:00:00 ./httpd -k start -f /usr/local/clo/ven/mod_web/httpd/conf/httpd.conf
daemon 45 33 0 11:15 ? 00:00:00 ./httpd -k start -f /usr/local/clo/ven/mod_web/httpd/conf/httpd.conf
daemon 47 33 0 11:15 ? 00:00:00 ./httpd -k start -f /usr/local/clo/ven/mod_web/httpd/conf/httpd.conf
root 80 1 0 13:32 pts/2 00:00:00 grep http
So i need to have that up "./service.sh sm_start" when container is started. how can i implement that. Thank you in advance
Either specify the command as part of the docker run command:
docker run [options] mod_sm_39 /path/to/service.sh sm_start
or specify the command as part of the image's Dockerfile so that it will be run whenever the container is started without an explicit command:
# In the mod_sm_39 Dockerfile:
CMD ["/path/to/service.sh", "sm_start"]
Related
I am trying to create a private docker registry.
Following is the certificate directory and contents:
vignesh#vignesh-ThinkPad-E470:~/certs$ pwd
/home/vignesh/certs
vignesh#vignesh-ThinkPad-E470:~/certs$ ls -l
total 16
drwxr-xr-x 2 vignesh vignesh 4096 Jul 21 08:41 certs
-rwxrwxr-x 1 vignesh vignesh 920 Jul 21 08:41 localregistry.crt
-rwxrwxr-x 1 vignesh vignesh 712 Jul 21 08:41 localregistry.csr
-rwxrwxr-x 1 vignesh vignesh 963 Jul 21 08:41 localregistry.key
When I create the container it gets killed soon after create and status goes from "up" to "restarting"
docker run -d \
--restart=always \
--name registry3 \
-v /home/vignesh/certs:/certs \
-e REGISTRY_HTTP_ADDR=0.0.0.0:443 \
-e REGISTRY_HTTP_TLS_CERTIFICATE=/home/vignesh/certs/localregistry.crt \
-e REGISTRY_HTTP_TLS_KEY=/home/vignesh/certs/localregistry.key \
-p 443:443 \
registry:2
vignesh#vignesh-ThinkPad-E470:~/certs$ docker container ls
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
5e165c1c3b08 registry:2 "/entrypoint.sh /etc…" 18 seconds ago Up 1 second 0.0.0.0:443->443/tcp, :::443->443/tcp, 5000/tcp registry3
vignesh#vignesh-ThinkPad-E470:~/certs$ docker container ls
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
5e165c1c3b08 registry:2 "/entrypoint.sh /etc…" 19 seconds ago Restarting (1) 2 seconds ago registry3
vignesh#vignesh-ThinkPad-E470:~/certs$
On checking the logs, I see following fatal error saying .crt file not found (several other non fatal messages also seen). But I am able to find the .crt file at path shown in message:
vignesh#vignesh-ThinkPad-E470:~/certs$ docker logs 5e165c1c3b08
time="2021-07-21T03:33:03.10806134Z" level=fatal msg="open /home/vignesh/certs/localregistry.crt: no such file or directory"
vignesh#vignesh-ThinkPad-E470:~/certs$ ls -l /home/vignesh/certs/localregistry.crt
-rwxrwxr-x 1 vignesh vignesh 920 Jul 21 08:41 /home/vignesh/certs/localregistry.crt
Could you please help me here.
Thanks,
Vignesh
The process inside the container sees files in the container's mount namespace, not your host. Since you mapped the directory to a different name in the container, you need to use that path:
docker run -d \
--restart=always \
--name registry3 \
-v /home/vignesh/certs:/certs \
-e REGISTRY_HTTP_ADDR=0.0.0.0:443 \
-e REGISTRY_HTTP_TLS_CERTIFICATE=/certs/localregistry.crt \
-e REGISTRY_HTTP_TLS_KEY=/certs/localregistry.key \
-p 443:443 \
registry:2
I am trying to learn Docker volumes, and I am using centos:latest as my base image. When I try to run a Docker command, I am unable to access the attached volume inside the container:
Command:
sudo docker run -it --name test -v /home/user/Myhostdir:/mydata centos:latest /bin/bash
Error:
[user#0bd1bb78b1a5 mydata]$ ls
ls: cannot open directory .: Permission denied
When I try to ls to find the folder permission, it says 1001. What's happening, and how can to solve this?
drwxrwxr-x. 2 1001 1001 38 Jun 2 23:12 mydata
My local machine:
[user#xxx07012 Myhostdir]$ pwd
/home/user/Myhostdir
[user#swathi07012 Myhostdir]$ ls -al
total 12
drwxrwxr-x. 2 user user 38 Jun 2 23:12 .
drwx------. 18 user user 4096 Jun 2 23:11 ..
-rw-rw-r--. 1 user user 15 Jun 2 23:12 text.2.txt
-rw-rw-r--. 1 user user 25 Jun 2 23:12 text.txt
This is partially a Docker issue, but mostly an SELinux issue. I am assuming you are running an old 1.x version of Docker.
You have a couple of options. First, you could take a look at this blog post to understand the issue a bit more and possibly use the fix mentioned there.
Or you could just upgrade to a newer version of Docker. I tested mounting a simple volume on Docker version 18.03.1-ce:
docker run -it --name test -v /home/chris/test:/mydata centos:latest /bin/bash
[root#bfec7af20b99 /]# cd mydata/
[root#bfec7af20b99 mydata]# ls
test.txt.txt
[root#bfec7af20b99 mydata]# ls -l
total 0
-rwxr-xr-x 1 root root 0 Jun 3 00:40 test.txt.txt
Supposing my container is named fluentd, I'd expect this command to reload the config:
sudo docker kill -s HUP fluentd
Instead it kills the container.
Seems there is some spawning of a few processes from the entrypoint:
PID USER TIME COMMAND
1 root 0:00 {entrypoint.sh} /usr/bin/dumb-init /bin/sh /bin/entrypoint.sh /bin/sh -c fluentd -c /fluentd/etc/${FLUENTD_CONF} -p /fluentd/pl
5 root 0:00 /bin/sh /bin/entrypoint.sh /bin/sh -c fluentd -c /fluentd/etc/${FLUENTD_CONF} -p /fluentd/plugins $FLUENTD_OPT
13 fluent 0:00 /bin/sh -c fluentd -c /fluentd/etc/${FLUENTD_CONF} -p /fluentd/plugins $FLUENTD_OPT
14 fluent 0:00 {fluentd} /usr/bin/ruby /usr/bin/fluentd -c /fluentd/etc/fluentd.conf -p /fluentd/plugins
16 fluent 0:00 {fluentd} /usr/bin/ruby /usr/bin/fluentd -c /fluentd/etc/fluentd.conf -p /fluentd/plugins
Tried HUPping from inside the container pid 13 and it seems to work.
Docker is sending the signal to the entrypoint. If I inspect the State.Pid, I see 4450. Here's the host ps:
root 4450 4432 0 18:30 ? 00:00:00 /usr/bin/dumb-init /bin/sh /bin/entrypoint.sh /bin/sh -c fluentd -c
/fluentd/etc/${FLUENTD_CONF} -p /fluentd/plugins $FLUENTD_OPT
root 4467 4450 0 18:30 ? 00:00:00 /bin/sh /bin/entrypoint.sh /bin/sh -c fluentd -c /fluentd/etc/${FLUENTD_CONF} -p /fluentd/plugins $FLUENTD_OPT
ubuntu 4475 4467 0 18:30 ? 00:00:00 /bin/sh -c fluentd -c /fluentd/etc/${FLUENTD_CONF} -p /fluentd/plugins $FLUENTD_OPT
ubuntu 4476 4475 0 18:30 ? 00:00:00 /usr/bin/ruby /usr/bin/fluentd -c /fluentd/etc/fluentd.conf -p /fluentd/plugins
ubuntu 4478 4476 0 18:30 ? 00:00:00 /usr/bin/ruby /usr/bin/fluentd -c /fluentd/etc/fluentd.conf -p /fluentd/plugins
Any ideas how do reload the conf without a custom script to find the correct process to HUP?
This command should work I believe
sudo docker exec fluentd pkill -1 -x fluentd
I tested it on sleep command inside fluentd container and it works.
In my case fluentd is running as a pod on kubernetes.
The command that works for me is:
kubectl -n=elastic-system exec -it fluentd-pch5b -- kill --signal SIGHUP 7
Where the number 7 is the process id of fluentd inside the container
as you can see below:
root#fluentd-pch5b:/home/fluent# ps -elf
F S UID PID PPID C PRI NI ADDR SZ WCHAN STIME TTY TIME CMD
4 S root 1 0 0 80 0 - 2075 - 14:42 ? 00:00:00 tini -- /fluentd/entrypoint.sh
4 S root 7 1 0 80 0 - 56225 - 14:42 ? 00:00:02 ruby /fluentd/vendor/bundle/ruby/2.6.0/bin/fluentd -c /fluentd/etc/fluent.co
4 S root 19 7 0 80 0 - 102930 - 14:42 ? 00:00:06 /usr/local/bin/ruby -Eascii-8bit:ascii-8bit /fluentd/vendor/bundle/ruby/2.6.
4 S root 70 0 0 80 0 - 2439 - 14:52 pts/0 00:00:00 bash
0 R root 82 70 0 80 0 - 3314 - 14:54 pts/0 00:00:00 ps -elf
I am new to docker concept and trying to copy some file from my host to the container. Assuming that my docker name is my_docker when I run the following:
docker cp my_docker:/usr/local/src/test.txt test.txt
It copies the test.txt file from my container to the local host. But doing it the other way around is not working. Here is the command:
docker cp test.txt my_docker:/usr/local/src
Is there something that I am doing run? Any help would be much appreciated.
Thanks
As ahajib mentioned in the comments, you're looking for the file you copied in a different container.
$ docker run --name my_container alpine
$ docker cp test.txt my_container:/tmp/test.txt
$ docker run alpine ls -l /tmp
total 0
$ docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
6224c947fbbd alpine "ls -l /tmp" 11 seconds ago Exited (0) 10 seconds ago brave_neumann
22951689a3e4 alpine "/bin/sh" About a minute ago Exited (0) About a minute ago my_container
You copied the file into my_container, but you ran the ls -l /tmp command in brave_neumann.
If you want to copy files into a container and then use those files in the container, you either have to copy the files while the container is still running, or you copy them to a docker volume.
Mounting that volume in a new container then lets it see the files you copied in.
$ docker volume create my_volume
my_volume
$ docker run --name my_container2 -v my_volume:/data alpine echo OK
OK
$ docker cp test.txt my_container2:/data/test.txt
$ docker run -v my_volume:/data alpine ls -l /data
total 4
-rw-r--r-- 1 1006 1006 29 Oct 6 19:43 test.txt
$ docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
15b36ccd535f alpine "ls -l /data" 7 seconds ago Exited (0) 6 seconds ago agitated_khorana
b9d4c9e0902f alpine "echo OK" 54 seconds ago Exited (0) 53 seconds ago my_container2
6224c947fbbd alpine "ls -l /tmp" 2 minutes ago Exited (0) 2 minutes ago brave_neumann
22951689a3e4 alpine "/bin/sh" 3 minutes ago Exited (0) 3 minutes ago my_container
$
In your second command you appear to be trying to copy test.txt into /usr/local with the name src. Try adding a / to the end of the destination path:
docker cp test.txt my_docker:/usr/local/src/
to copy with the file name or: docker cp test.txt my_docker:/usr/local/src/newname.txt to rename it in the container.
I am running Docker on Windows. I have succesfully build an image with command:
docker build -t my/tag /c/Users/user/Docker/docker-php/image/
docker images result:
REPOSITORY TAG IMAGE ID CREATED VIRTUAL SIZE
my/tag latest 763a2f01c832 28 minutes ago 445.8 MB
php 5.6-cli 32d2bd1d7a19 6 days ago 444.5 MB
Unfortunately I have a problem, when I am trying to mount data volume to image. I run:
docker run --rm -it -v /``pwd``:/src -w /src my/tag bash
(There is single backtick on pwd, but I don't knwo how to escape it.)
But files aren't visible in docker:
root#3e91981ef517:/src# ls -al
total 4
drwxr-xr-x 2 root root 40 Aug 31 18:59 .
drwxr-xr-x 47 root root 4096 Aug 31 19:15 ..
I have tried with different approach, such as:
docker run --rm -it -v /``pwd``:/src -w /src my/tag bash
(There is single backtick on pwd, but I don't knwo how to escape it.)
docker run --rm -it -v /full/path/to/sources:/src -w /src my/tag bash
docker run --rm -it -v //full/path/to/sources:/src -w /src my/tag bash
But every time the same result.