docker-registry-frontend
docker-registry-frontend copied to clipboard
kwk
Flakey Apache startup and broken restart
Expected behavior
Starting the container with docker-compose configuration (below) should cleanly start Apache:
Starting container:
docker-compose up
Restarting Container:
docker-compose restart
Actual behavior
For Starting
It appears Apache attempts to initialize twice, but is accessible even though it says stopping apache2:
Module auth_kerb disabled.
To activate the new configuration, you need to run:
service apache2 restart
Considering dependency setenvif for ssl:
Module setenvif already enabled
Considering dependency mime for ssl:
Module mime already enabled
Considering dependency socache_shmcb for ssl:
Enabling module socache_shmcb.
Enabling module ssl.
See /usr/share/doc/apache2/README.Debian.gz on how to configure SSL and create self-signed certificates.
To activate the new configuration, you need to run:
service apache2 restart
Enabling module rewrite.
To activate the new configuration, you need to run:
service apache2 restart
Stopping web server: apache2.
AH00558: apache2: Could not reliably determine the server's fully qualified domain name, using 172.18.0.4. Set the 'ServerName' directive globally to suppress this message
Module auth_kerb already disabled
Considering dependency setenvif for ssl:
Module setenvif already enabled
Considering dependency mime for ssl:
Module mime already enabled
Considering dependency socache_shmcb for ssl:
Module socache_shmcb already enabled
Module ssl already enabled
Module rewrite already enabled
Stopping web server: apache2.
AH00558: apache2: Could not reliably determine the server's fully qualified domain name, using 172.18.0.5. Set the 'ServerName' directive globally to suppress this message
For Restart
Presumably because it can't start up correctly, it's also not shutting down correctly, and kills the container:
Module auth_kerb already disabled
Considering dependency setenvif for ssl:
Module setenvif already enabled
Considering dependency mime for ssl:
Module mime already enabled
Considering dependency socache_shmcb for ssl:
Module socache_shmcb already enabled
Module ssl already enabled
Module rewrite already enabled
Stopping web server: apache2.
AH00558: apache2: Could not reliably determine the server's fully qualified domain name, using 172.18.0.5. Set the 'ServerName' directive globally to suppress this message
httpd (pid 30) already running
Steps to reproduce the problem
Entire docker-compose.yml configuration
version: '2'
services:
docker_registry:
image: registry:2
restart: always
ports:
- 5000:5000
environment:
REGISTRY_HTTP_TLS_CERTIFICATE: /certs/domain.crt
REGISTRY_HTTP_TLS_KEY: /certs/domain.key
REGISTRY_STORAGE_DELETE_ENABLE: "true"
volumes:
- ./docker/volume:/var/lib/registry
- ./docker/certs:/certs
docker_registry_web:
image: konradkleine/docker-registry-frontend:v2
environment:
- ENV_DOCKER_REGISTRY_HOST=docker_registry
- ENV_DOCKER_REGISTRY_PORT=5000
- ENV_DOCKER_REGISTRY_USE_SSL=1
ports:
- 5001:80
TLS only, no auth.
Specifications
-
[x] Which version of docker (
docker version) are you running? Docker version 1.12.5, build 7392c3b docker-compose version 1.9.0, build 2585387 -
[x] Which operating system do you use? Tested on Linux Mint 18.3, Ubuntu Server, and boot2linux
-
[x] Which version of the docker-registry-frontend are you running? 3ad864b as provided by dockerhub
I also see this problem- starting the registry and registry-frontend through docker-compose, then stopping and starting the registry_frontend through docker stop / docker start sometimes causes it to go into it's infinite restart cycle.
Running a new registry-frontend container (rather than restarting the existing one) works fine:
docker stop registry_frontend_1
docker rm registry_frontend_1
docker-compose up
My suspicion is that it's related to the /var/run/apache.pid file not being deleted when the container is stopped, so apache then refuses to start (https://github.com/docker-library/php/issues/53, https://groups.google.com/forum/#!topic/docker-user/2dP09wrq5Qk, ). This is probably exacerbated by using docker-compose since registry_frontend might come up before the registry is accepting connections, causing the initial failure and unclean-shutdown that begins the restart cycle.
A fix is probably to delete /var/run/apache2/apache2.pid in the apache-start.sh script.
While investigating I found some weird behavior when running the script through docker from the command line. Starting with registry_frontend_1 in it's reboot cycle:
docker stop registry_frontend_1
docker commit registry_frontend_1 rf_broken #Creates a new image in the "broken" state.
docker run rf_broken #Runs & exits
docker run rf_broken /root/start-apache.sh #Runs and keeps running - registry frontend works corerctly and is accessible from a browser
docker run rf_broken /bin/bash -c /root/start-apache.sh #Runs and keeps running
docker run rf_broken /bin/sh -c /root/start-apache.sh #Runs and exits (This is the default command)
I don't know enough about the differences between sh and bash to know why, can anyone shed some light on this? Also casts some doubt on my pid theory- presumably that file exists whether we run sh or bash, so I don't know why the bash commands work.
I forked and was going to test & submit a PR to delete /var/run/apache2/apache2.pid, but I can't build due to #160.
I've been able to workaround by overriding the command and deleting /var/run/apache2/apache2.pid when it exists.
In docker-compose.yml:
ui:
image: konradkleine/docker-registry-frontend:v2
environment:
ENV_DOCKER_REGISTRY_HOST: registry
ENV_DOCKER_REGISTRY_PORT: 5000
depends_on:
- registry
ports:
- 9003:80
volumes:
- registry_store:/var/registry
- ./docker-registry-frontend:/docker-registry-frontend
command: /docker-registry-frontend/issue-159-workaround.sh
…and then in docker-registry-frontend/issue-159-workaround.sh:
#!/usr/bin/env bash
# Workaround for https://github.com/kwk/docker-registry-frontend/issues/159
# Remove apache2.pid left over from previous dirty exit
if [ -f /var/run/apache2/apache2.pid ]
then
echo "Removing /var/run/apache2/apache2.pid"
rm /var/run/apache2/apache2.pid
fi
# Now run start command from https://github.com/kwk/docker-registry-frontend/blob/v2/Dockerfile
$START_SCRIPT
