Using Hyperledger fabric, I run make behave-deps then make behave, yet several of the behave test scenarios fail ("Error starting container: cannot connect to Docker endpoint") - how would I go about fixing this?
Typically this problem is encountered when running outside of Vagrant.
Ensure you can run
docker run hello-world
Without sudo
If this fails, this can be resolved by adding he user to the group as in the installation docs
If running the vagrant-based development environment described here, a change was recently made to the Docker port mapping that would manifest itself with these failed tests. Reconstruct your development environment with vagrant destroy and vagrant up from the $GOPATH/src/github.com/hyperledger/fabric/devenv directory.
Related
I am trying to configure a CI job on Bamboo for a Django app, the tests to be run rely on a database (postgres 9.5). It seems that a prudent way to go about is it run the whole test in a docker container, as I do not control the agent environment so I cannot install Postgres there.
Most guides I found recommend running postgres and django in two separate containers and using docker-compose to easily manage them. In this scenario each docker image runs just one service, started with CMD. In Bamboo I cannot use docker-compose however, I need to use just one image, so I am trying to get Postgres and Django to run nicely together in one container but with little success so far.
My problem is that I see no easy way to start Postgres as a service inside docker but NOT as a docker CMD command, official postgre image uses an entrypoint.sh approach, also described in the official docker docs
But it is not clear to me how to implement that. I would appreciate your help!
Well, basically you would start postgres as a background process in the docker-entrypoint shell script that does otherwise start your django application.
The only trick here is that you need to put a 'trap' command in it so that you can send a shutdown/kill to the background process when your master process stops.
Although I have done that a thousand times, I know that it is a good source for programming errors. In general I do just use my docker-systemctl-replacement which takes care of running multiple applications as services, just as if the container is a virtual machine hosting multiple applications.
Your only other option is to add in a startup script in your Dockerfile, or kick it off as part of your docker run ... commands. We don't generally use the "Docker" tasks, as I find them ... distasteful (also why I usually just fall back to running a "Script" task, and directly calling docker run in that script task)
Anyway, you'd have to have your Docker container execute a script that would:
Start up Postgres (like a sudo systemctl start postgresql)
Execute your tests.
Your Dockerfile will have to install Postgresql and do some minor setup work I imagine (like create relevant users and databases with the proper owner). Since we're all good citizens, we remember to never run your containers as root, right?
Note - you can always hack around getting two containers to talk to each other without using docker-compose. It's a bit less convenient, but you could do something like:
docker run --detach --cidfile=db_cidfile --name ci_db postgresql_image
...
docker run --link ci_db testing_image
Make sure that you EXPOSE the right ports on the postgresql image to the testing_image container.
EDIT: I'm looking more at my specific case - we just install Postgresql into a base CentOS host rather than use the postgresql default image (using yum install http://yum.postgresql.org/..../pgdg-centos...rpm and then just install postgresql-server and postgresql-contrib packages from there). There is a CMD [ "/usr/pgsql-ver/bin/postgres", "-D", "/var/lib/pgsql/ver/data"] in our Dockerfile, too. We don't do anything fancy with the docker container, though. NOTE: we don't use this in production at all, this is strictly for local and CI testing.
I'm following this Docker tutorial, which creates a simple Docker-managed Django site, and when I try to run docker-compose up to launch my docker project, I get the ambiguous error:
ERROR: Couldn't connect to Docker daemon at http+docker://localunixsocket - is it running?
The error suggests that the Docker daemon isn't running, but service docker status shows the Docker daemon is running.
If instead I run sudo docker-compose up, then it succeeds, but it chowns a lot of my local development files to the root user, which is easy enough to fix, but annoying.
Why does Docker require root access just to start a local Django development server? How do I fix this?
My versions:
Docker version 18.06.1-ce, build e68fc7a
docker-compose version 1.11.1, build 7c5d5e4
Ubuntu 16.04.5 LTS
If you can run any Docker command at all, you can trivially root the host:
docker run --rm -v /:/host busybox \
cat /host/etc/shadow
Additionally, Docker containers frequently run as root within their own container space, which means that whatever parts of the host filesystem you choose to expose into them, they can make arbitrary changes as arbitrary user IDs. You can use a docker run -u option to pick a different user ID, but you can pick any user ID, even one that belongs to another user on a shared system.
It is very reasonable to use sudo as a way to get root privileges for things that need it, and this is a typical out-of-the-box Docker configuration.
At the end of the day the only real gate on this is the Unix permissions on the file /var/run/docker.sock. This is often mode 0660 owned by a dedicated docker group. If you don’t mind your normal user being able to read and write arbitrary host files without much of a control at all, you can add yourself to that group. That’s frequently appropriate for something like a developer laptop; but on anything like a production system it deserves some real consideration of its security implications.
While following the tutorial on this link, I encontered the following error under the section "Deploy to the running Hyperledger Fabric". My Hyperledger Fabric is not running and I do not know why. The error I get is shown below:
tom#tom:~/hyperledger/my-network/dist$ composer network deploy -a my-network.bna -p hlfv1 -i PeerAdmin -s randomString
Deploying business network from archive: my-network.bna
Business network definition:
Identifier: my-network#0.1.6
Description: My Commodity Trading network
✖ Deploying business network definition. This may take a minute...
Error: Error trying deploy. Error: Error trying install composer runtime. Error: Connect Failed
Command failed
When I use docker ps -a, no hyperledger containers are shown to have run. Where could I have gone wrong?
I just realized I needed to install docker-compose which deals with running multiple docker containers instead of just using docker client.
For docker-compose installation, I consulted the manual
I think you did not start your fabric, if you are developing locally. Please look at https://hyperledger.github.io/composer/installing/development-tools.html for the environment setup and the scripts you need to run inorder to have a local fabric.
When you run docker ps you should see something like this docker list of containers
I'm trying to setup Hyperledger Fabric chaincode development setup in my MAC machine. I already have the development environment setup, but my end goal is to just develop a blockchain application on top of Hyperledger Fabric. So I am moving towards the docker chaincode developement and test environment. I'm following the instructions given here (following the Option 2). The docker-compose up command is throwing the following error :
himanshus-mbp:fabric himanshutyagi$ docker-compose up
Recreating fabric_membersrvc_1
Creating fabric_vp_1
ERROR: for vp driver failed programming external connectivity on endpoint fabric_vp_1 (98887f3aa674ed269b3bf9cae87f28d7686920343a9cb2aac5f2715b1a945da8): Error starting userland proxy: write /port/tcp:0.0.0.0:5000:tcp:172.17.0.2:5000/ctl: errno 526
ERROR: Encountered errors while bringing up the project.
There is nothing related to this on the github issues. Can anyone explain what might be going wrong ?
If you know what process is running at port 5000 then try with sudo lsof -i tcp:5000 then note the process id and run sudo kill -15 <PROCESS_ID_HERE>. After that retry running docker commad
The port is probably already in use by another process. Has it already been started or is another program using the port. Use lsof to help find the process.
My deployment process is missing one important piece. To push the code up to the server.
I'm banging my head whether to:
1 - Create/Build the Docker image on Travis and then somehow push it to AWS
OR
2 - Try to ssh (from travis script) into my AWS and run a command set there, including the Docker image build and initialization.
I'm definitively in doubt and I see problems in both solutions proposed above. What would be the usual mechanism here?
I will answer myself here:
1 is not a good idea, it's definitively wrong. If you build the Docker container on the Travis side, and (think you can) transfer it to AWS, you'd be overkilling the network and your deployment could take ages.
2 is more or less the way to follow (there could be others). In my case I ssh'd from travis into my server and executed a set of commands remotely, among them docker build, docker run.
It's good to mention that whatever command you remotely execute in your server, the output is beautifully transferred into your Travis output.