phusion / baseimage-docker Goto Github PK
View Code? Open in Web Editor NEWA minimal Ubuntu base image modified for Docker-friendliness
Home Page: http://phusion.github.io/baseimage-docker/
License: MIT License
A minimal Ubuntu base image modified for Docker-friendliness
Home Page: http://phusion.github.io/baseimage-docker/
License: MIT License
Your sample sh with chmod +x
#In logtime.sh (make sure this file is chmod +x):
#!/bin/bash
/bin/date > /tmp/boottime.txt
RUN mkdir -p /etc/my_init.d
ADD logtime.sh /etc/my_init.d/logtime.sh
docker run -i -t kunthar/middleware /sbin/my_init -- /bin/bash
*** Running /etc/my_init.d/00_regen_ssh_host_keys.sh...
*** Running /etc/my_init.d/logtime.sh...
*** /etc/my_init.d/logtime.sh failed with status 127
*** Killing all processes...
Whenever i comment out
ADD logtime.sh /etc/my_init.d/logtime.sh
everything is fine.
This is the explanation of status 127= http://is.gd/eKCtRI
I've used
/bin/date > /tmp/boottime.txt
but no luck.
Any comments?
Hi,
I think there is a problem with the setuser tool... I used it to start a redis server, and some other services, but after updating to latest baseimage it won't work anymore.
root@0aebe605108e:/# /sbin/setuser redis /usr/bin/redis-server /etc/redis/redis.conf
setuser: cannot execute /usr/bin/redis-server: [Errno 13] Permission denied
permissions look good for me .. and using su
to change the user and start the server manually works.
Since processes such as Nginx nuke environment variables, we will want to provide an easy way for processes to query what the original environment variables are. my_init should store the original environment variable in files, ideally in multiple formats so that applications can easily parse them:
export KEY=value
). We can use the shlex.quote function from Python 3.3: https://github.com/bendmorris/static-python/blob/master/Lib/shlex.py#L279-L290We should also allow init scripts in the startup pipeline to modify the environment for subsequent scripts. They can write to the flat files in /etc/container_environment. My_init will then import them, and export them to the bash and json formats before continuing.
the memcached log might flood the container, no?
It looks like the environment variables set when linking a container are not available when using your image. Information on the docker site:
http://docs.docker.io/en/latest/use/working_with_links_names/
I use these in my rails app container database.yml script.
e.g.
defaults: &defaults
adapter: postgresql
host: <%= ENV['POSTGRES_PORT_5432_TCP_ADDR'] %>
port: <%= ENV['POSTGRES_PORT_5432_TCP_PORT'] %>
username: docker
password: docker
development:
<<: *defaults
database: db_development
test:
<<: *defaults
database: db_test
production:
<<: *defaults
database: db_production
When i run my Dockerfile, i have this message
sudo docker run -rm -t -i -p 27017:27017 -v /var/data:/D -v /var/data/log:/L ng2/mongodb
Invalid command: /sbin/my_init
If i try to launch with
sudo docker run -rm -t -i -p 27017:27017 -v /var/data:/D -v /var/data/log:/L --entrypoint bash ng2/mongodb
/sbin/my_init: line 2: import: command not found
/sbin/my_init: line 4: KILL_PROCESS_TIMEOUT: command not found
/sbin/my_init: line 5: KILL_ALL_PROCESSES_TIMEOUT: command not found
/sbin/my_init: line 7: LOG_LEVEL_ERROR: command not found
/sbin/my_init: line 8: LOG_LEVEL_WARN: command not found
/sbin/my_init: line 9: LOG_LEVEL_INFO: command not found
/sbin/my_init: line 10: LOG_LEVEL_DEBUG: command not found
/sbin/my_init: line 12: log_level: command not found
/sbin/my_init: line 14: syntax error near unexpected token `('
/sbin/my_init: line 14: `class AlarmException(Exception):'
Docker version :
sudo docker version
Client version: 0.8.1
Go version (client): go1.2
Git commit (client): a1598d1
Server version: 0.8.1
Git commit (server): a1598d1
Go version (server): go1.2
Last stable version: 0.8.1
Let's get docker images :
sudo docker images
REPOSITORY TAG IMAGE ID CREATED VIRTUAL SIZE
ng2/mongodb latest 09d620ea830d 3 minutes ago 595.5 MB
<none> <none> 0abb320eaa5c 7 minutes ago 595.5 MB
<none> <none> b45ee8b7c78a 36 minutes ago 595.5 MB
<none> <none> 53d8f8bf98a5 2 days ago 595.2 MB
crosbymichael/dockerui latest 1364a90139c5 2 days ago 467.4 MB
<none> <none> 374e0657b5cc 2 days ago 595.2 MB
<none> <none> 8d8a71e48513 2 days ago 595.2 MB
<none> <none> ee5d2de85091 2 days ago 467.4 MB
phusion/baseimage 0.9.6 f4e6f8a8ae28 7 days ago 352.8 MB
phusion/baseimage latest f4e6f8a8ae28 7 days ago 352.8 MB
phusion/baseimage 0.9.5 a96ad6a18c43 2 weeks ago 352.8 MB
ubuntu 12.04 9cd978db300e 2 weeks ago 204.4 MB
phusion/baseimage 0.9.4 f2e32dd503b7 2 weeks ago 403.8 MB
phusion/baseimage 0.9.1 a9f93affd469 3 months ago 346.9 MB
phusion/baseimage 0.9.0 99e64f286549 3 months ago 346.9 MB
And my Dockerfile is :
FROM phusion/baseimage:latest
MAINTAINER [email protected]
ENV HOME /root
ENV MONGO_VERSION 2.4.8
RUN /etc/my_init.d/00_regen_ssh_host_keys.sh
RUN apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv 7F0CEB10
RUN echo 'deb http://downloads-distro.mongodb.org/repo/ubuntu-upstart dist 10gen' | tee /etc/apt/sources.list.d/mongodb.list
RUN apt-get -qq -y update
RUN rm /usr/sbin/policy-rc.d
RUN apt-get install -qq -y mongodb-10gen=$MONGO_VERSION
VOLUME ["/D", "/L"]
EXPOSE 27017
CMD ["/sbin/my_init"]
ENTRYPOINT ["mongod","-f","/D/mongodb.conf"]
Works fine with direct phusion/baseimage
sudo docker run -rm -t -i phusion/baseimage bash -l
root@86ff86b5cdc1:/#
Let's say I have a running service using the directory /etc/service/foo
. Now I delete that directory. Runit will start showing a message (which can be seen with ps aux
) saying it can't find that directory. But that message isn't logged anywhere. How can I do that? I couldn't find anything about this in runit's docs.
Btw, thanks for this great image, I'm loving it.
I just updated my Dockerfile to use baseimage-docker v0.9.7 instead of v0.9.6 (you can check the source here: https://github.com/StudioMelipone/docker-ruby-2.0.0-p353 and the image is available on the docker index) and now the script executed by my_init does not work anymore.
The problem seems to be a wrong environment since when bundler run, it complains about not finding git and other executables. Indeed when doing an env
there are only two variables (PWD and OLD_PWD).
I want to use 0.9.9 because with 0.9.10 a program that I use gives fatal error on compilation. With 0.9.9 it sure worked, I installed in about 3 moths ago.
Now I made some changes in my Dockerfile, tried to build it, but it gives me "Failed to fetch" errors.
Step 8 : RUN apt-get install -y --fix-missing mysql-server
---> Running in a68e51246702
Reading package lists...
Building dependency tree...
Reading state information...
The following extra packages will be installed:
libdbd-mysql-perl libdbi-perl libhtml-template-perl libmysqlclient18
libnet-daemon-perl libplrpc-perl libterm-readkey-perl mysql-client-5.5
mysql-client-core-5.5 mysql-common mysql-server-5.5 mysql-server-core-5.5
Suggested packages:
libipc-sharedcache-perl tinyca mailx
The following NEW packages will be installed:
libdbd-mysql-perl libdbi-perl libhtml-template-perl libmysqlclient18
libnet-daemon-perl libplrpc-perl libterm-readkey-perl mysql-client-5.5
mysql-client-core-5.5 mysql-common mysql-server mysql-server-5.5
mysql-server-core-5.5
0 upgraded, 13 newly installed, 0 to remove and 10 not upgraded.
Need to get 27.2 MB of archives.
After this operation, 97.5 MB of additional disk space will be used.
Err http://archive.ubuntu.com/ubuntu/ precise-updates/main mysql-common all 5.5.35-0ubuntu0.12.04.2
404 Not Found [IP: 91.189.92.200 80]
Err http://archive.ubuntu.com/ubuntu/ precise-updates/main libmysqlclient18 amd64 5.5.35-0ubuntu0.12.04.2
404 Not Found [IP: 91.189.92.200 80]
Get:1 http://archive.ubuntu.com/ubuntu/ precise/main libnet-daemon-perl all 0.48-1 [43.1 kB]
Get:2 http://archive.ubuntu.com/ubuntu/ precise/main libplrpc-perl all 0.2020-2 [36.0 kB]
Get:3 http://archive.ubuntu.com/ubuntu/ precise/main libdbi-perl amd64 1.616-1build2 [849 kB]
Get:4 http://archive.ubuntu.com/ubuntu/ precise/main libdbd-mysql-perl amd64 4.020-1build2 [106 kB]
Err http://archive.ubuntu.com/ubuntu/ precise-updates/main mysql-client-core-5.5 amd64 5.5.35-0ubuntu0.12.04.2
404 Not Found [IP: 91.189.92.200 80]
Get:5 http://archive.ubuntu.com/ubuntu/ precise/main libterm-readkey-perl amd64 2.30-4build3 [28.6 kB]
Err http://archive.ubuntu.com/ubuntu/ precise-updates/main mysql-client-5.5 amd64 5.5.35-0ubuntu0.12.04.2
404 Not Found [IP: 91.189.92.200 80]
Err http://archive.ubuntu.com/ubuntu/ precise-updates/main mysql-server-core-5.5 amd64 5.5.35-0ubuntu0.12.04.2
404 Not Found [IP: 91.189.92.200 80]
Err http://archive.ubuntu.com/ubuntu/ precise-updates/main mysql-server-5.5 amd64 5.5.35-0ubuntu0.12.04.2
404 Not Found [IP: 91.189.92.200 80]
Get:6 http://archive.ubuntu.com/ubuntu/ precise/main libhtml-template-perl all 2.10-1 [65.0 kB]
Err http://archive.ubuntu.com/ubuntu/ precise-updates/main mysql-server all 5.5.35-0ubuntu0.12.04.2
404 Not Found [IP: 91.189.92.200 80]
Failed to fetch http://archive.ubuntu.com/ubuntu/pool/main/m/mysql-5.5/mysql-common_5.5.35-0ubuntu0.12.04.2_all.deb 404 Not Found [IP: 91.189.92.200 80]
Failed to fetch http://archive.ubuntu.com/ubuntu/pool/main/m/mysql-5.5/libmysqlclient18_5.5.35-0ubuntu0.12.04.2_amd64.deb 404 Not Found [IP: 91.189.92.200 80]
Failed to fetch http://archive.ubuntu.com/ubuntu/pool/main/m/mysql-5.5/mysql-client-core-5.5_5.5.35-0ubuntu0.12.04.2_amd64.deb 404 Not Found [IP: 91.189.92.200 80]
Failed to fetch http://archive.ubuntu.com/ubuntu/pool/main/m/mysql-5.5/mysql-client-5.5_5.5.35-0ubuntu0.12.04.2_amd64.deb 404 Not Found [IP: 91.189.92.200 80]
Failed to fetch http://archive.ubuntu.com/ubuntu/pool/main/m/mysql-5.5/mysql-server-core-5.5_5.5.35-0ubuntu0.12.04.2_amd64.deb 404 Not Found [IP: 91.189.92.200 80]
Failed to fetch http://archive.ubuntu.com/ubuntu/pool/main/m/mysql-5.5/mysql-server-5.5_5.5.35-0ubuntu0.12.04.2_amd64.deb 404 Not Found [IP: 91.189.92.200 80]
Failed to fetch http://archive.ubuntu.com/ubuntu/pool/main/m/mysql-5.5/mysql-server_5.5.35-0ubuntu0.12.04.2_all.deb 404 Not Found [IP: 91.189.92.200 80]
Fetched 1127 kB in 0s (1588 kB/s)
Unable to correct missing packages.
E: Aborting install.
2014/06/02 09:14:26 The command [/bin/sh -c apt-get install -y --fix-missing mysql-server] returned a non-zero code: 100
does this library has a dependency on python2?
i get when i try to run this docker run --rm -t -i phusion/baseimage /sbin/my_init -- bash -l
/usr/bin/python2: error while loading shared libraries: libz.so.1: cannot open shared object file: No such file or directory
Not really an issue here but as many people where yelling for a trusted build on the page https://index.docker.io/u/phusion/baseimage/ , I created one on https://index.docker.io/u/gissehel/phusion-baseimage/ .
I named it "phusion-baseimage" because "phusion's baseimage" is the most meaningfull title I found. On the other hand, it contains the term "phusion" in it, which you may not like.
If this is a problem, I can delete the docker index's repo and github repo (for that reason or any other reason like you provided trusted builds, or you just don't like the idea).
Hi. When I run a baseimage-based container on docker 0.9 and try to ssh to it, I get the error:
PTY allocation request failed on channel 0
stdin: is not a tty
It seems like I still have a bash, but without prompt or anything. The same image worked as expected under docker-0.8.0. Nothing in syslog or docker -D output in response to the connection attempts.
ssh -v: (ssh -vvvv at http://bpaste.net/show/188386/)
voyd@kanne> ssh [email protected] -v
OpenSSH_6.5, OpenSSL 1.0.1f 6 Jan 2014
debug1: Reading configuration data /home/voyd/.ssh/config
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Connecting to 172.17.0.4 [172.17.0.4] port 22.
debug1: Connection established.
debug1: identity file /home/voyd/.ssh/id_rsa type 1
debug1: identity file /home/voyd/.ssh/id_rsa-cert type -1
debug1: identity file /home/voyd/.ssh/id_dsa type -1
debug1: identity file /home/voyd/.ssh/id_dsa-cert type -1
debug1: identity file /home/voyd/.ssh/id_ecdsa type -1
debug1: identity file /home/voyd/.ssh/id_ecdsa-cert type -1
debug1: identity file /home/voyd/.ssh/id_ed25519 type -1
debug1: identity file /home/voyd/.ssh/id_ed25519-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_6.5
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.9p1 Debian-5ubuntu1.1
debug1: match: OpenSSH_5.9p1 Debian-5ubuntu1.1 pat OpenSSH_5* compat 0x0c000000
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-md5 none
debug1: kex: client->server aes128-ctr hmac-md5 none
debug1: sending SSH2_MSG_KEX_ECDH_INIT
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: ECDSA cd:e9:52:a5:e3:61:51:11:e7:2d:77:89:39:c3:eb:d4
debug1: Host '172.17.0.4' is known and matches the ECDSA host key.
debug1: Found key in /home/voyd/.ssh/known_hosts:26
debug1: ssh_ecdsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: Roaming not allowed by server
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,password
debug1: Next authentication method: publickey
debug1: Offering RSA public key: /home/voyd/.ssh/id_rsa
debug1: Server accepts key: pkalg ssh-rsa blen 277
debug1: Authentication succeeded (publickey).
Authenticated to 172.17.0.4 ([172.17.0.4]:22).
debug1: channel 0: new [client-session]
debug1: Requesting [email protected]
debug1: Entering interactive session.
debug1: Sending environment.
debug1: Sending env COLORTERM = xfce4-terminal
debug1: Sending env TERM = screen-256color
debug1: Sending env LANG = en_US.UTF-8
debug1: Sending env LC_COLLATE = C
debug1: Sending env LC_NUMERIC = de_DE.UTF-8
debug1: Sending env LC_TIME = de_DE.UTF-8
debug1: Sending env LC_MONETARY = de_DE.UTF-8
debug1: Sending env LC_PAPER = de_DE.UTF-8
debug1: Sending env LC_NAME = de_DE.UTF-8
debug1: Sending env LC_ADDRESS = de_DE.UTF-8
debug1: Sending env LC_TELEPHONE = de_DE.UTF-8
debug1: Sending env LC_MEASUREMENT = de_DE.UTF-8
debug1: Sending env LC_IDENTIFICATION = de_DE.UTF-8
debug1: Sending env LC_MESSAGES = en_US.UTF-8
PTY allocation request failed on channel 0
stdin: is not a tty
At http://phusion.github.io/baseimage-docker/ this paragraph
setuser
A custom tool for running a command as another user. Easier to use than su, has a smaller attack vector than sudo, and unlike chpst this tool sets $HOME correctly. Available as /sbin/setuser.
and this example
### In memcached.sh (make sure this file is chmod +x):
#!/bin/sh
# `chpst` is part of running. `chpst -u memcache` runs the given command
# as the user `memcache`. If you omit this, the command will be run as root.
exec chpst -u memcache /usr/bin/memcached >>/var/log/memcached.log 2>&1
look a bit in contrast. I suspect the example is outdated.
(And does runit
kick in automatically?)
Is not so simple ...
...
RUN echo "deb https://download.sernet.de/packages/samba/4.1/ubuntu trusty main" >> /etc/apt/source.list
RUN apt-get update
...
apt-get update
fail cause can´t fetch https urls.
curl or wget any https://... fail too.
if not a good behaviour remember add: apt-get install ca-certificates
for basis thing like add/download secured content. Today everywhere is moving to secures URL´s
Is was OK on precise
by default.
Environment variables passed into the container via the -e option of docker run are not preserved through the runit launch process. I have confirmed that the variables are available to the /sbin/my_init process, but on line 75, you call /usr/sbin/runsvdir-start
which clears the environment before calling runsvdir
. My recommendation is to bypass runsvdir-start
and call runsvdir
directly in order to preserve the environment.
As the docker containers aren't always up all time, particularly on the dev side, I find it convenient to have anacron making sure that cronjobs are executed once in a while, for example for log rotations, etc.
I've modified image/system_services.sh to add "$minimal_apt_get_install anacron" in my "Debian fork" (https://github.com/olberger/baseimage-docker/tree/debian).
Or maybe this is only useful in Debian environment, and not applying to the base Ubuntu system ?
Hope this helps.
14.04 is the new LTS release. IWBN to upgrade the base to it.
Hi,
I’m quite new to docker and I’m trying to create an example image to work with ruby on rails.
But when I’m trying to execute my script with my_init it doesn’t work.
I have the following entries in my Dockerfile:
ENTRYPOINT ["/sbin/my_init"]
CMD ["/root/rails.sh"]
When I try to run my image with docker run
without any argument, I have the following error:
my_init: error: unrecognized arguments: -c #(nop) ADD file:19aa57293c80cb2b84047fcfcbc89cd75ded94e5841cc8062e282dca6e5e680e in /etc/service/redis/run
I tried to add "--"
to CMD but with no luck. I don’t understand what’s the matter here?
Related to: #37
I read that too but here work flawless without any delay.
Test your self.
Unless I'm misunderstanding something, the final line of this output should read 42
:
$ docker run --rm phusion/baseimage:0.9.9 /sbin/my_init --skip-runit -- bash -c 'exit 42'
*** Running /etc/my_init.d/00_regen_ssh_host_keys.sh...
No SSH host key available. Generating one...
Creating SSH2 RSA key; this may take some time ...
Creating SSH2 DSA key; this may take some time ...
Creating SSH2 ECDSA key; this may take some time ...
*** Running /etc/rc.local...
*** Running bash -c exit 42...
*** bash exited with exit code 10752.
*** Killing all processes...
$ echo $?
0
The description of the image on the Docker Index is outdated and still refers to 12.04.
debconf: unable to initialize frontend: Dialog
debconf: (Dialog frontend will not work on a dumb terminal, an emacs shell buffer, or without a controlling terminal.)
debconf: falling back to frontend: Readline
debconf: unable to initialize frontend: Readline
debconf: (Can't locate Term/ReadLine.pm in @INC (@INC contains: /etc/perl /usr/local/lib/perl/5.14.2 /usr/local/share/perl/5.14.2 /usr/lib/perl5 /usr/share/perl5 /usr/lib/perl/5.14 /usr/share/perl/5.14 /usr/local/lib/site_perl .) at /usr/share/perl5/Debconf/FrontEnd/Readline.pm line 7, <> line 19.)
debconf: falling back to frontend: Teletype
dpkg-preconfigure: unable to re-open stdin:
Is it still possible to use upstart services with this baseimage? I'd like to orchestrate/setup docker containers with ansible playbooks that already rely on upstart services.
Would that work oob or do I have to install/fix stuff in the image first?
I am using the baseimage to create a bioinformatics analysis images that we can run on bare metal, vms, or in the cloud. I have added the core users in the dockerfile and now I would like to allow these users to log in without a key -- you know, with just their password
everytime I try to do this I get this
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that a host key has just been changed.
The fingerprint for the ECDSA key sent by the remote host is
cd:3a:28:db:45:d7:43:de:9f:37:6a:4a:8e:34:39:85.
Please contact your system administrator.
Add correct host key in /home/tlaurent/.ssh/known_hosts to get rid of this message.
Offending ECDSA key in /home/tlaurent/.ssh/known_hosts:17
remove with: ssh-keygen -f "/home/tlaurent/.ssh/known_hosts" -R 172.17.0.2
ECDSA host key for 172.17.0.2 has changed and you have requested strict checking.
Host key verification failed.
Is there a good way I can make the system just be a container we can ssh into without
using key files?
I'm having some trouble with phusion/baseimage
resulting in "Permission denied" errors. Here's an example:
docker run --rm -it phusion/baseimage:0.9.9 /sbin/my_init -- bash
*** Running /etc/my_init.d/00_regen_ssh_host_keys.sh...
No SSH host key available. Generating one...
Creating SSH2 RSA key; this may take some time ...
Creating SSH2 DSA key; this may take some time ...
Creating SSH2 ECDSA key; this may take some time ...
*** Running /etc/rc.local...
*** Booting runit daemon...
*** Runit started as PID 74
*** Running bash...
root@993e4c770d14:/# addgroup --gid 9999 app && adduser --uid 9999 --gid 9999 --disabled-password --gecos "Application" app && usermod -L app
Adding group `app' (GID 9999) ...
Done.
Adding user `app' ...
Adding new user `app' (9999) with group `app' ...
Creating home directory `/home/app' ...
Copying files from `/etc/skel' ...
root@993e4c770d14:/# setuser app touch /tmp/foo
touch: cannot touch `/tmp/foo': Permission denied
root@993e4c770d14:/# setuser app bash -c 'echo foo > /dev/null'
bash: /dev/null: Permission denied
As you can see, after booting a container, a new non-root user is unable to create a file in /tmp
or write to /dev/null
.
Any ideas? Thanks.
Probably not a baseimage bug in the line of ca-certificates
missings but fail ...
# nas
# VERSION 0.1.9
FROM phusion/baseimage:0.9.10
MAINTAINER bySabi <[email protected]>
RUN \
apt-get update 1>/dev/null && apt-get upgrade -y -q --no-install-recommends && \
apt-get install -y --no-install-recommends python-software-properties ca-certificates
RUN add-apt-repository -y ppa:nginx/stable
Fail with:
/bin/sh: 1: add-apt-repository: not found
Any sugesstion to solved?
Any plans to provide baseimage-docker based on newer Ubuntu versions, e.g. the currently latest 13.10? I don't find the benefits of LTS compelling for containers.
Would forking this repo be the simplest path? And would you anticipate any major issues building this image based on ubuntu:13.10
?
Thanks!
I feel uncomfortable publishing a docker image based on baseimage with the insecure key enabled. However I would like end users to be able to easily enable the insecure key.
What about adding a new argument to my_init
, let say --enable-insecure-key
that would take care of that ?
I'm intermittently seeing this error:
++ docker run --rm image_name_here /sbin/my_init --quiet --skip-runit -- true
*** An error occurred. Aborting.
Traceback (most recent call last):
File "/sbin/my_init", line 311, in <module>
main(args)
File "/sbin/my_init", line 259, in main
exit_code = waitpid_reap_other_children(pid)
File "/sbin/my_init", line 108, in waitpid_reap_other_children
this_pid, status = os.waitpid(-1, 0)
OSError: [Errno 10] No child processes
I'm trying to use /etc/container_environment
as a way to bake "default" values for environment variables into a Docker image. I then want to optionally override these values using docker run --env=...
.
Consider the following Dockerfile
:
FROM phusion/baseimage
RUN echo "foo" >/etc/container_environment/FOO
I use this to produce an image named env-test
:
$ docker build -t env-test .
Then I can see that an env FOO is set within the container:
$ docker run --rm env-test my_init --skip-runit --quiet -- env 2>/dev/null | grep FOO
FOO=foo
When I attempt to provide a different value of FOO
using the --env
option for docker run
, it doesn't override the original value:
$ docker run --rm --env FOO=bar env-test my_init --skip-runit --quiet -- env 2>/dev/null | grep FOO
FOO=foo
Is this expected? It seems incorrect to me.
Hi,
I have a problem that's puzzling me: although I can ping and resolve smtp.office365.com
from inside a container, using netcat
just hangs indefinitely, apparently because it cannot resolve the domain name. This problem seems to occur only with that specific domain name. To reproduce:
docker run --rm -t -i ubuntu /bin/bash
ping smtp.office365.com # Ok
netcat smtp.office365.com 587 # Hangs, no messages
netcat 132.245.211.249 587 # (One of the IPs smtp.office365.com resolves to) Ok
netcat smtp.gmail.com # (for example) Ok
I can reach smtp.office365.com
from the host or from a machine on a different network.
Can you reproduce this? What's going on? I don't even know how to debug this. Using Docker version 0.11.1, build fb99f99.
I'm getting the following error:
2014/05/16 20:39:02 Tag 0.9.11 not found in repository phusion/baseimage
What am I doing wrong?
apt-get update pulls files with over 80 MByte into the directory /var/lib/apt/lists/.
After building the image those files could be removed (in cleanup.sh):
rm -rf /var/lib/apt/lists/*
hello,
do you guys got a plan to migrate this base image to newest Ubuntu LTS version ?
Apart from that - well done. This image is exactly what I was looking for.
Regards,
Robert
There is a problem that's causing syslog-ng failing to start since it can not access the kernel messages. I'm currently on the move and I can't make the change now but I'm posting the issue so I don't forget.
The solution is here: http://www.carrier-lost.org/syslog-ng-on-vserver-with-debian-lenny/
If when I'm back at my house you haven't fixed it yet I'll make a pull request.
I'm having around 300 images based on baseimage-docker and I'm running a script that will run a command on each of those (with /sbin/my_init --
as an entry point), wait for it to finish, do stuff, run next...
Several times, container hang with this message as last thing in log:
warning: /etc/service/cron: unable to open supervise/ok: file does not exist
except any of the cron / syslog / ssh could fail with this message.
I'm not having a reliable way to reproduce this.
OK so I am provisioning an analysis image and I have just hit an error :
➜ cloudbiolinux sudo docker build -t szbifx/ai:0.1 .
Uploading context 43.01 kB
Uploading context
Step 0 : FROM phusion/baseimage
---> 745d3ac92697
Step 1 : MAINTAINER Timothy Laurent
---> Using cache
---> 5a3ca3a81560
Step 2 : RUN apt-get update && apt-get install -y -q git build-essential autotools-dev automake pkg-config curl wget && apt-get clean
---> Using cache
---> 4dab4dcba94d
Step 3 : RUN mkdir /install && cd install ; apt-get update ; apt-get install python-setuptools python-dev -y -q && apt-get clean
2014/04/30 09:54:25 Insertion failed because database is full: database or disk is full
docker info shows :
➜ cloudbiolinux sudo docker info
Containers: 54
Images: 80
Storage Driver: devicemapper
Pool Name: docker-8:21-656129-pool
Data file: /var/lib/docker/devicemapper/devicemapper/data
Metadata file: /var/lib/docker/devicemapper/devicemapper/metadata
Data Space Used: 0.0 Mb
Data Space Total: 0.0 Mb
Metadata Space Used: 0.0 Mb
Metadata Space Total: 0.0 Mb
Execution Driver: native-0.1
Kernel Version: 3.8.0-39-generic
WARNING: No swap limit support
OK so what happened to the devicemapper space?
Yesterday I hit the 10GB limit for devicemapper. I can't wait until that limit is gone. But not it looks like I don't have any space.
What is going on here??
Possibly a docker index issue, I don't know. I'm running docker on ubuntu 13.10 on esxi 5.1 on a speedy fiber connection in canada
"docker pull phusion/baseimage" fails over and over
Pulling repository phusion/baseimage
65e9dbc42589: Error pulling image (latest) from phusion/baseimage, link /opt/docker_runtime/docker/devicemapper/mnt/444041ffab2cdeced4f5254da0680282055f768e64cc6e77c31b921160e980e2/rootfs/.wh..wh.plnk/317.929004a9f93affd469: Download complete
99e64f286549: Download complete
8dbd9e392a96: Download complete
15fda1f601cb: Download complete
a092c0d9e4a9: Download complete
5ba4bd3b42b5: Download complete
87081acac42d: Download complete
444041ffab2c: Error downloading dependent layers
8b4daf651a99: Download complete
27a4ee5782fb: Download complete
b45f1125208a: Download complete
1430b0dcd3fc: Download complete
816b6817e295: Download complete
0112363aa85e: Download complete
a19f2a8d5b34: Download complete
b1f6df7052a1: Download complete
dc5551da37ca: Download complete
7be9d12a2177: Download complete
afe99d7ac3c2: Download complete
7228d468b63c: Download complete
2014/01/15 17:45:14 Could not find repository on any of the indexed registries.
My_init's waitpid algorithm currently involves waiting for any child process, until the requested child process is waited for. This normally works well, but not when my_init has to wait for multiple processes, such as when shutting down Runit. The wait for a non-Runit process could have reaped Runit, causing a future wait for Runit to fail.
FROM phusion/baseimage:0.9.9
ENV LANG en_US.UTF-8
ENV LANGUAGE en_US.UTF-8
ENV LC_ALL en_US.UTF-8
RUN /etc/my_init.d/00_regen_ssh_host_keys.sh && \
rm /etc/my_init.d/00_regen_ssh_host_keys.sh
RUN /usr/sbin/enable_insecure_key
CMD ["/sbin/my_init"]
docker run
$ docker run -i e38194b7ec6f my_init -- env
*** Running /etc/rc.local...
*** Booting runit daemon...
*** Runit started as PID 8
*** Running env...
LANG=en_US.UTF-8
LANGUAGE=en_US.UTF-8
HOSTNAME=97b73766a684
PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
INITRD=no
LC_ALL=en_US.UTF-8
HOME=/root
*** env exited with exit code 0.
*** Shutting down runit daemon (PID 8)...
*** Killing all processes...
$ ssh [email protected] env
SHELL=/bin/bash
SSH_CLIENT=172.17.42.1 37381 22
USER=root
MAIL=/var/mail/root
PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/bin/X11
PWD=/root
SHLVL=1
HOME=/root
LOGNAME=root
SSH_CONNECTION=172.17.42.1 37381 172.17.0.2 22
_=/usr/bin/env
$ ssh [email protected]
Welcome to Ubuntu 12.04.4 LTS (GNU/Linux 3.8.0-35-generic x86_64)
* Documentation: https://help.ubuntu.com/
root@83fc7ad57eaf:~# env
TERM=xterm-256color
SHELL=/bin/bash
SSH_CLIENT=172.17.42.1 37382 22
SSH_TTY=/dev/pts/0
USER=root
LS_COLORS=rs=0:di=01;34:ln=01;36:mh=00:pi=40;33:so=01;35:d... <cut>
MAIL=/var/mail/root
PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/bin/X11
PWD=/root
SHLVL=1
HOME=/root
LOGNAME=root
SSH_CONNECTION=172.17.42.1 37382 172.17.0.2 22
LESSOPEN=| /usr/bin/lesspipe %s
LESSCLOSE=/usr/bin/lesspipe %s %s
_=/usr/bin/env
Env variables set via Dockerfile or container environments.
I have yet no experience with long running container based on phusion/baseimage, but I wonder if some of the log files might grow beyond reasonable.
Would not installing logrotate by default be wise ?
The dockerfile below crashes after I uncomment these 4 lines shown below in the docker file:
#RUN touch "/etc/php5/fpm/conf.d/20-mongo.ini"
#RUN touch "/etc/php5/cli/conf.d/20-mongo.ini"
#RUN echo "extension=mongo.so" >> /etc/php5/fpm/conf.d/20-mongo.ini
#RUN echo "extension=mongo.so" >> /etc/php5/cli/conf.d/20-mongo.ini
here:
FROM phusion/baseimage:0.9.9
ENV HOME /root
RUN /etc/my_init.d/00_regen_ssh_host_keys.sh
CMD ["/sbin/my_init"]
# Some Environment Variables
ENV DEBIAN_FRONTEND noninteractive
# Nginx-PHP Installation
RUN apt-get update
RUN apt-get install -y vim curl wget build-essential python-software-properties
RUN add-apt-repository -y ppa:ondrej/php5
RUN add-apt-repository -y ppa:nginx/stable
RUN apt-get update
RUN apt-get install -y php-pear php5-dev php5-cli php5-fpm php5-mysql php5-pgsql \
php5-sqlite php5-curl php5-gd php5-mcrypt php5-intl php5-imap php5-tidy
RUN yes '' | pecl install mongo
RUN touch "/etc/php5/fpm/conf.d/20-mongo.ini"
RUN touch "/etc/php5/cli/conf.d/20-mongo.ini"
RUN echo "extension=mongo.so" >> /etc/php5/fpm/conf.d/20-mongo.ini
RUN echo "extension=mongo.so" >> /etc/php5/cli/conf.d/20-mongo.ini
RUN sed -i "s/;date.timezone =.*/date.timezone = UTC/" /etc/php5/fpm/php.ini
RUN sed -i "s/;date.timezone =.*/date.timezone = UTC/" /etc/php5/cli/php.ini
RUN apt-get install -y nginx
RUN echo "daemon off;" >> /etc/nginx/nginx.conf
RUN sed -i -e "s/;daemonize\s*=\s*yes/daemonize = no/g" /etc/php5/fpm/php-fpm.conf
RUN sed -i "s/;cgi.fix_pathinfo=1/cgi.fix_pathinfo=0/" /etc/php5/fpm/php.ini
RUN mkdir /var/www
ADD build/default /etc/nginx/sites-available/default
RUN mkdir /etc/service/nginx
ADD build/nginx.sh /etc/service/nginx/run
RUN chmod +x /etc/service/nginx/run
RUN mkdir /etc/service/phpfpm
ADD build/phpfpm.sh /etc/service/phpfpm/run
RUN chmod +x /etc/service/phpfpm/run
EXPOSE 80
EXPOSE 81
# End Nginx-PHP
RUN apt-get clean && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
why when running such a container would crash? can someone please explain?
Hey!
I use this base image for most docker stuff - I was wondering if there were plans for a base image for 14.04?
Thanks
Running my_init
on Mac OS 10.9.2 crashes the entire system, dumping it to a blank grey screen and requiring a reboot.
Warning, by the nature of this issue, running the examples may crash your system.
This first happened when I invoked my_init
from Mac OS to test exit status fixes for #45:
python my_init --skip-runit -- bash -c "exit 42"
A simpler and more universal test-case:
URL="https://raw.githubusercontent.com/phusion/baseimage-docker/master/image/my_init"
curl $URL | /usr/bin/python
I get the same crash with:
/usr/bin/python
/usr/local/bin/python
I realize Mac OS isn't the target system for this program, but it'd be nice to be able to test e.g. exit status bugs on any python-capable system, and the crash is very strange.
I think, in some point 0.9.10 image lost ca-certificates. Now I have to add:
apt-get install ca-certificates
to Dockerfile for properly fetch https urls.
I was just trying baseimage for the first time and I keep hitting this error, any thoughts?
Step 0 : FROM phusion/baseimage:0.9.8
Pulling repository phusion/baseimage
83bc4d21347b: Error pulling image (0.9.8) from phusion/baseimage, flate: read error at offset 42110970: unexpected EOF : read error at offset 42110970: unexpected EOF
``
I wonder why are ports 80
and 443
exposed in the Dockerfile.
Is this a mistake or is there any undocumented feature behind those ports ?
I tried this and it works:
docker run -i -t myimage my_init -- echo 'lol'
But then I tried this and didn't work:
$ docker run -i -t myimage my_init -- cd /srv
cd exited with exit code 32512
What I really want to do is go to certain directory and then execute certain script (the script uses relative paths so I can't execute it directly, I have to cd to the directory first). The cd part already is supposed to happen in ~/.bashrc, but apparently it hasn't been executed yet. Is there a way to make my command execute after ~/.bashrc? If that's not possible, I would like to simply run two commands: cd into that directory and then execute the script.
I may be being utterly stupid here, as I'm struggling to get to grips with Docker on OSX and am having to use Vagrant to do so. I think this'd be much easier with Vagrant out of the mix, but that isn't an option for me.
I assumed that I could just download this repository, navigate into the directory, and run
vagrant up --provider=docker
As there's a Vagrantfile included in the repo. But if I do I get the following output:
Bringing machine 'default' up with 'docker' provider...
There are errors in the configuration of this machine. Please fix
the following errors and try again:
docker provider:
* One of "build_dir" or "image" must be set
I'm running Vagrant 1.6.3.
I'd originally tried following the Vagrant blog post ( http://www.vagrantup.com/blog/feature-preview-vagrant-1-6-docker-dev-environments.html ) but that doesn't work either, it appears that the phusion.key isn't something that 'just exists' and I've not been able to follow how to get any Docker environment up and running via Vagrant with SSH support.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.