Docker port mapping on AWS Elastic Beanstalk - amazon-web-services

I have a Docker container specified through Dockerfile which has to be run with the -p flag in order to function properly. On my local machine, after running
docker run -d -p 5000:5000 blagtagger:v0.4.3
the port mapping is shown as 0.0.0.0:5000->5000/tcp and everything works smoothly.
Now, I need to deploy it on AWS Elastic Beanstalk, so I prepared my Dockerrun.aws.json file as follows:
{
"AWSEBDockerrunVersion": "1",
"Ports": [
{
"ContainerPort": 5000,
"HostPort": 5000
}
]
}
However, the container port does not seem to map to the host port correctly. The port mapping is shown as 5000/tcp.
How can I ask Beanstalk to set the mapping to 0.0.0.0:5000->5000/tcp?

It turns out there is no elegant way to accomplish this. Along the lines of the answers here and here, I added the following in a file named .ebextensions/01-commands.config:
commands:
00001_add_port_mapping:
cwd: /tmp
command: 'sed -i "s/docker run -d/docker run -p 5000:5000 -d/" /opt/elasticbeanstalk/hooks/appdeploy/enact/00run.sh'
and discarded the Dockerrun.aws.json file.

Related

AWS Elastic beanstalk: how to set ulimit when using docker images

I am using docker environment in an Elastic beanstalk cluster but having trouble with open files limit. I verified that on the host my open files limit is 65535, but in the docker container the soft limit is 1024 and hard limit is 4096. I'd like to increase these limits inside the container, but when I tried to do that manually I got error even with root:
root#4020d4faf5fc:/# ulimit -n 20000
bash: ulimit: open files: cannot modify limit: Operation not permitted
A similar thread also shares some ideas but seems like those are related to increasing limit of the host vs container.
You would need the SYS_RESOURCE Linux capability to set ulimit from within the container, which would typically be specified using the --cap-add flag with docker run.
With Elastic Beanstalk this can be accomplished in the following ways:
If you are already using docker-compose, then add it to your compose file as usual (under services.<your service> key)
ulimits:
nofile:
soft: 20000
hard: 20000
If you use Dockerrun.aws.json version 1 for single-container Docker environments, see Task Definition Resource Limits:
{
"AWSEBDockerrunVersion": "1",
.
.
.
"ulimits": [
{
"name": "nofile",
"softLimit": 20000,
"hardLimit": 20000
}
]
}
If you use Dockerrun.aws.json version 2 for multi-container Docker environments, this gist may be useful
{
"AWSEBDockerrunVersion": "2",
"containerDefinitions": [
{
.
.
.
"ulimits": [
{
"hardLimit": 20000,
"name": "nofile",
"softLimit": 20000
}
]
}
]
}
See also the Elastic Beanstalk Docker docs.

Unable to access jarfile - Docker on Elastic Beanstalk

I am trying to deploy a Docker image of a Spring Boot application to AWS Elastic Beanstalk and I'm encountering this error in /var/log/eb-activity.log:
Docker container quit unexpectedly after launch: Docker container quit unexpectedly on Wed Jun 22 11:56:25 UTC 2016:
Error: Unable to access jarfile /home/packedit/app/packed-it.jar. Check snapshot logs for details. (Executor::NonZeroExitStatus)
This is a single container on Elastic Beanstalk with the following Dockerrun.aws.json:
{
"AWSEBDockerrunVersion": "1",
"Image": {
"Name": "packedit/packedit-api",
"Update": "true"
},
"Ports": [
{
"ContainerPort": "8080"
}
],
"Volumes": [
{
"HostDirectory": "/var/app/packedit",
"ContainerDirectory": "/home/packedit/app"
}
],
"Logging": "/home/packedit/app/logs"
}
This is the Dockerfile:
FROM java:8
MAINTAINER my#email.com
VOLUME /tmp
EXPOSE 8080
ENV USER_NAME packedit
ENV APP_HOME /home/$USER_NAME/app
ENV APP_FILENAME packed-it.jar
RUN useradd -ms /bin/bash $USER_NAME
RUN mkdir -p $APP_HOME/data
ADD $APP_FILENAME $APP_HOME/$APP_FILENAME
RUN chown -R $USER_NAME $APP_HOME/
USER $USER_NAME
WORKDIR $APP_HOME
RUN bash -c 'touch $APP_FILENAME'
# Can't use $APP_FILENAME here because ENTRYPOINT does not do ENV replacement
# See: http://stackoverflow.com/a/28854410/336752
ENTRYPOINT ["java","-Djava.security.egd=file:/dev/./urandom","-jar","packed-it.jar"]
I have successfully deployed the Docker image to an EC2 instance using ECS but I have not succeeded with Elastic Beanstalk. My guess is that I am doing something wrong with the volumes but I am struggling to understand the documentation. I originally started with a multicontainer configuration but have simplified to try and isolate my issue.
Thanks for any advice.
You need to remove the line
"ContainerDirectory": "/home/packedit/app"
from your Dockerrun.aws.json.
It seems like the confusion is with how docker volumes work. The volumes are allocated at runtime and persist on consecutive runs on the same machine.
Here is what is happening. The docker image is built with jar in /home/packedit/app but since you have defined a volume in the same location, an empty volume is created when it is run and mounted in that location. Hence, the same directory of the image is ignored.
Here is how you can reproduce the issue locally:
docker build .
docker run -v /home/packedit/app IMAGEID_FROM_OUTPUT_OF_PREVIOUS_COMMAND

Can not connect to Kafka with port 9092

I created a topic with replica=2 in kafka, and kafka is running in my docker machine.
Usually, I should be able to connect to docker with port 9092. but I can't
While, I am able to connect using 32783. Not sure what's the reason?
It's the Docker run command (which is not shown in the question). 9092 internally is being mapped out to 32783,32784,32785. I am guessing the three docker run commands were -p 32783:9092 etc.
You should run it with -p 9092:9092 if you want it to be 9092 on your local machine.
On my Mac, I run Kafka in a container like this (note ADVERTISED_HOST env var):
docker run --name st-kafka -p 2181:2181 -p 9092:9092 --add-host=dockerhost:`docker-machine ip dev-st` -e ADVERTISED_HOST=`docker-machine ip dev-st` -e ADVERTISED_PORT=9092 -d spotify/kafka
I like spotify/kafka because it contains both ZK and Kafka in the same container (nice for local dev environment). The latest version is 0.8.2 I think, so you should use a different image or make your own Dockerfile with version 0.9, if that's the one you need.

docker container port mapping issue

I think I am missing something obvious but I can't seem to crack this one. I am trying to map a port from a django application running uwsgi in a docker container to my local Macintosh host. Here is the setup.
Mac 10.11 running docker-machine 0.5.1 with virtualbox 5.0.10 and docker 1.9.1
I created a server with docker-machine setup my docker file and successfully built my docker container. In the container I have the following command
# Port to expose
EXPOSE 8000
Which maps to the port used via uwsgi inside the container. When I runt he container via
eval "$(docker-machine env dev)"
docker-machine ip dev
192.168.99.100
docker run -P launch
The container starts properly. If I enter the container and perform a
curl http://localhost:8000
I get my HTML as I would expect. On the outside a docker inspect container_id gets me a
"Ports": {
"8000/tcp": [
{
"HostIp": "0.0.0.0",
"HostPort": "32768"
}
]
},
So i can see the mapping to 32768 on the docker-machine host of 192.168.99.100 as from the above commands. However whenever I try and curl http://192.168.99.100:32768
curl http://192.168.99.100:32768
curl: (7) Failed to connect to 192.168.99.100 port 32768: Connection refused
So any thoughts on this?? Everything should work as I understand docker.
Thanks
Craig
Since you are running through a VirtualBox VM, I would still recommend mapping the port on the VirtualBox level, as I mention in "How to connect mysql workbench to running mysql inside docker?"
VBoxManage controlvm "boot2docker-vm" --natpf1 "tcp-port8000 ,tcp,,8000,,8000"
VBoxManage controlvm "boot2docker-vm" --natpf1 "udp-port8000 ,udp,,8000,,8000"
And run the container with an explicit port mapping (instead of the random -P)
docker run -p 8000:8000 launch

Error deploying Play Framework on AWS Beanstalk Docker

Im running a Play Framework app on AWS Beanstalk with Docker (64bit Amazon Linux 2015.03 v1.4.1 running Docker 1.6.0).
Docker File:
FROM relateiq/oracle-java8
MAINTAINER XXXX
EXPOSE 9000
ADD files /
WORKDIR /opt/docker
RUN ["chown", "-R", "daemon", "."]
RUN ["chmod", "+x", "bin/app"]
USER daemon
ENTRYPOINT ["bin/app"]
CMD []
Dockerrun.aws.json
{
"AWSEBDockerrunVersion": "1",
"Ports": [{
"ContainerPort": "9000"
}]
}
When the instance first starts I get about 1 minute where its deployed as normal, then after I browse a few pages the error shows:
502 Bad Gateway
nginx/1.6.2
The error in the ElasticBeanstalk logs is:
Play server process ID is 1 This application is already running (Or delete /opt/docker/RUNNING_PID file).
I also get in the /var/log/docker-events.logthe following messages every 30 seconds:
2015-05-30T20:07:58.000000000Z d0425e47095e5e2637263a0fe9b49ed759f130f31c041368ea48ce3d99d1e947: (from aws_beanstalk/current-app:latest) start
2015-05-30T20:08:15.000000000Z d0425e47095e5e2637263a0fe9b49ed759f130f31c041368ea48ce3d99d1e947: (from aws_beanstalk/current-app:latest) die
2015-05-30T20:08:16.000000000Z d0425e47095e5e2637263a0fe9b49ed759f130f31c041368ea48ce3d99d1e947: (from aws_beanstalk/current-app:latest) start
2015-05-30T20:08:31.000000000Z d0425e47095e5e2637263a0fe9b49ed759f130f31c041368ea48ce3d99d1e947: (from aws_beanstalk/current-app:latest) die
Can anyone see my issue? Cheers.
Adding the following to build.sbt should resolve the issue:
javaOptions in Universal ++= Seq("-Dpidfile.path=/dev/null")