I'm trying to build a docker image where the entrypoint can run without the error:
docker: Error response from daemon: OCI runtime create failed: container_linux.go:348: starting container process caused "exec: \"/app\": permission denied": unknown.
my OS: Windows 10
Dockerfile content:
ARG GO_VERSION=1.11
FROM golang:${GO_VERSION}-alpine AS builder
RUN mkdir /user && \
echo 'nobody:x:65534:65534:nobody:/:' > /user/passwd && \
echo 'nobody:x:65534:' > /user/group
RUN apk add --no-cache ca-certificates
ENV CGO_ENABLED=0 GOFLAGS=-mod=vendor
WORKDIR $GOPATH/src/XXXXmyrepoXXXX
COPY ./ ./
RUN go build \
-installsuffix 'static' \
-o /app .
FROM scratch AS final
COPY --from=builder /user/group /user/passwd /etc/
COPY --from=builder /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/
COPY --from=builder /app /app
EXPOSE 8080
USER nobody:nobody
ENTRYPOINT ["/app"]
How should I change the Dockerfile, it should work as well as it does here https://medium.com/#pierreprinetti/the-go-1-11-dockerfile-a3218319d191? There are literally no changes.
The error was that i did not go build the correct path.
Related
I need to read in my application from a file "cert.pem" whose path is a) provided as an argument or b) it is retrieved from the directory of the main application file main.py.
I have created the following dockerfile, but after building and running my application using the image the "cert.pem" file cannot be accessed. Is there a way to read from this file?
FROM golang:1.17-alpine AS builder
RUN apk add --no-cache git
WORKDIR /app
COPY . .
RUN go mod download
RUN go build -o ./bin .
#final stage
FROM alpine:latest
RUN apk --no-cache add ca-certificates
COPY --from=builder /app/bin /app/bin
EXPOSE 3000
CMD ["/app/bin"]
The instruction to load the file is the following:
....
var (
cert_file = flag.String("cert", "./cert.pem", "File name of x509 certificate")
)
...
func main() {
...
_, err := ioutil.ReadFile(*cert_file)
...
you just have to copy your cert.pem file to the location of the binary in the final stage in docker. Assuming you have the cert file in your docker build context, you run a copy command.
FROM golang:1.17-alpine AS builder
RUN apk add --no-cache git
WORKDIR /app
COPY . .
RUN go mod download
RUN go build -o ./bin .
#final stage
FROM alpine:latest
RUN apk --no-cache add ca-certificates
COPY --from=builder /app/bin /app/bin
COPY cert.pem /app/
EXPOSE 3000
CMD ["/app/bin"]
Make sure you set the cert.pem location in your go program as ./cert.pem
The solution is to define an ENTRYPOINT instead CMD and add a WORKDIR instruction:
#build stage
FROM golang:1.17-alpine AS builder
RUN apk add --no-cache git
WORKDIR /app
COPY . .
RUN go mod download
RUN go build -o ./bin .
#final stage
FROM alpine:latest
RUN apk --no-cache add ca-certificates
COPY --from=builder /app/bin /app/bin
COPY --from=builder /app/cert.pem /app/cert.pem
EXPOSE 3000
WORKDIR /app
ENTRYPOINT ["/app/bin"]
I want to spin up a low configuration containerized service for which I created a Dockerfile as below:
docker build -t apache/druid_nano:0.20.2 -f Dockerfile .
FROM ubuntu:16.04
Install Java JDK 8
RUN apt-get update
&& apt-get install -y openjdk-8-jdk
RUN mkdir /app
WORKDIR /app
COPY apache-druid-0.20.2-bin.tar.gz /app
RUN tar xvzf apache-druid-0.20.2-bin.tar.gz
WORKDIR /app/apache-druid-0.20.2
EXPOSE <PORT_NUMBERS>
ENTRYPOINT ["/bin/start/start-nano-quickstart"]
When I start the container using the command "docker run -d -p 8888:8888 apache/druid_nano:0.20.2, I get an error as below:
/bin/start-nano-quickstart: no such file or directory
I removed the ENTRYPOINT command and built the image again just to check if the file exists in the bin directory inside the container. There is a file start-nano-quickstart under the bin directory inside the container.
Am I missing anything here? Please help.
In my CodeBuild step I have an environment variable called VUE_APP_BACKEND defined as a URL. I confirmed that this part is OK by adding echo $VUE_APP_BACKEND to my buildspec.yml.
That one will output
[Container] 2020/11/26 13:22:25 Running command echo $VUE_APP_BACKEND
https://my-url-here
However when I try to forward this argument into the docker build it is lost. Am I doing it incorrectly?
I have a Dockerfile that looks like this. The echo part outputs nothing.
#build stage
FROM node:12.18.2-alpine3.10 as build-stage
ARG VUE_APP_BACKEND
ENV VUE_APP_BACKEND $VUE_APP_BACKEND
RUN echo $VUE_APP_BACKEND
# Create app directory
RUN mkdir -p /app
WORKDIR /app
# Bundle app source
COPY package*.json ./
COPY .npmrc ./
RUN npm install
COPY . .
RUN npm run build
#production stage
FROM nginx:1.14.1-alpine as production-stage
COPY --from=build-stage /app/dist/spa /usr/share/nginx/html
COPY nginx.conf /etc/nginx/conf.d/default.conf
EXPOSE 80
CMD [ "nginx", "-g", "daemon off;" ]
Am trying to run Dgoss(server validation tool) on my Docker image but It's not working. Container is getting deleted automatically. Please help me !!
snippet of my Dockerfile:
FROM node:4-alpine
ENV NODE_ENV "production"
ENV PORT 8079
RUN addgroup mygroup && adduser -D -G mygroup myuser && mkdir -p
/usr/src/app && chown -R myuser /usr/src/app
# Prepare app directory
WORKDIR /usr/src/app
COPY package.json /usr/src/app/
COPY yarn.lock /usr/src/app/
RUN chown myuser /usr/src/app/yarn.lock
USER myuser
RUN yarn install
COPY . /usr/src/app
# Start the app
CMD ["/usr/local/bin/npm", "start"]
Command:
> dgoss edit test-1
Error:
INFO: Starting docker container
INFO: Container ID: 4a631969
INFO: Run goss add/autoadd to add resources
/goss $ INFO: Deleting container
I have a Docker container with this Dockerfile:
FROM node:8.1
RUN rm -fR /var/lib/apt/lists/*
RUN echo "deb http://ppa.launchpad.net/webupd8team/java/ubuntu trusty main" | tee /etc/apt/sources.list.d/webupd8team-java.list
RUN echo "deb-src http://ppa.launchpad.net/webupd8team/java/ubuntu trusty main" | tee -a /etc/apt/sources.list.d/webupd8team-java.list
RUN apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys EEA14886
RUN apt-get update
RUN echo debconf shared/accepted-oracle-license-v1-1 select true | \
debconf-set-selections
RUN echo debconf shared/accepted-oracle-license-v1-1 seen true | \
debconf-set-selections
RUN apt-get install -y oracle-java8-installer
RUN apt-get install -y openssh-server
RUN mkdir /var/run/sshd
RUN mkdir -p /app
WORKDIR /app
# Install app dependencies
COPY package.json /app/
RUN npm install
# Bundle app source
COPY . /app
# Environment Variables
ENV PORT 8080
# start the SSH daemon service
RUN service ssh start
# create a non-root user & a home directory for them
RUN useradd --create-home --shell /bin/bash tunnel-user
# set their password
RUN echo 'tunnel-user:93wcBjsp' | chpasswd
# Copy the SSH key to authorized_keys
COPY tunnel.pub /app/
RUN mkdir -p /home/tunnel-user/.ssh
RUN cat tunnel.pub >> /home/tunnel-user/.ssh/authorized_keys
# Set permissions
RUN chown -R tunnel-user:tunnel-user /home/tunnel-user/.ssh
RUN chmod 0700 /home/tunnel-user/.ssh
RUN chmod 0600 /home/tunnel-user/.ssh/authorized_keys
# allow the tunnel-user to SSH into this machine
RUN echo 'AllowUsers tunnel-user' >> /etc/ssh/sshd_config
EXPOSE 8080
EXPOSE 22
CMD [ "npm", "start" ]
My ECS task has this definition. I'm using a role which has AmazonEC2ContainerServiceforEC2Role.
When I try to start it as a task in my ECS cluster I get this error:
CannotStartContainerError: API error (500): driver failed programming external connectivity on endpoint ecs-ssh-4-ssh-8cc68dbfaa8edbdc0500 (387e024a87752293f51e5b62de9e2b26102d735e8da500c8e7fa5e1b4b4f0983): Error starting userland proxy: listen tcp 0.0.0
How do I fix this?