docker-keybox
docker-keybox copied to clipboard
garywiz
run-docker-keybox.sh Does not launch a docker container
Using the run-docker-keybox.sh script with any settings (even the default ones) gives a docker container hash but immediately aborts itself. A call to docker logs provides the following output:
There are no services configured to run, nor is there a command specified on the command line to run as an application. You need to do one or the other.
Docker version 1.11.2 build b9f10c9
Not using daemon mode (-d) allows entering the container shell, but you can't connect to the server, and the docker container kills itself after launch.
Any ideas?
Tried on a second VM with the same version of Docker and all configurations are working. Going to say this is something on my end.
Thanks for the Docker image, great work.
Okay, so the issue seems to be if the docker-keybox-storage folder is created. Not sure why, but launching the script in daemon mode with that folder in the directory causes the whole thing to stop working.
Can you tell me a bit more about your configuration? What host OS? What VM installation? etc. I need a bit more info to help... for example "whole thing stop working" is a bit vague. Just get a prompt back? No errors? No files present in docker-keybox-storage (there should be a var/log directory with more info usually).
The container will act as if it starts, but then immediately kills itself. I'd expect launching it in daemon mode would show the container if you were to type say "docker ps", but it doesn't show anything there.
The docker-keybox-storage directory never gets any files in it. No errors, no log entries, just a missing container.
Again, it works perfectly if the directory hasn't been created already, it just seems to be if it has been that it stops working
Ubuntu 14.04 Docker 1.11.2 The VM is hosted by a professional service but I think it's just VMware.
Hmm. I need to see if I can reproduce this. This is a pretty rare problem. Try running run_docker_keybox.sh with the --debug switch see if there is any console output. If so, it may reveal where the problem lies. This sounds like some kind of filesystem or permission problem.
Steps:
Create directory keyboxTest
cd into keyboxTest
Extract run-docker-keybox.sh via docker run -i --rm garywiz/docker-keybox --task get-launcher | sh
Create docker-keybox-storage directory via mkdir docker-keybox-storage
Use ./run-docker-keybox.sh -d --debug
Console output:
Using attached storage at /root/keyboxTest/docker-keybox-storage 7d6cecef4bbf770fff26052dd1f3b5263c8cd60304cdd722e2853d15c502535e
Immediately following this, the expected behaviour would be seeing a container with that ID/a name of some type when entering docker ps. There is nothing there, and you cannot access the keybox site.
Is there some sort of directory permission that needs to be granted? Any files that need to reside in docker-keybox-storage before hand?
Ahh. The problem is simple. Don't run this as root. The container wasn't designed to run from the root user. If you do this as a normal user, it will work.
If you want to run the run-docker-keybox.sh command itself as root, then you will need to:
chownthedocker-keybox-storagedirectory to another user (it should be empty, the container will create everything).- Modify the
STORAGE_USERvariable inrun-docker-keybox.shto be the same user.
It should then work and all processes inside the container will run as a non-root user, which is more secure.
I am keeping this open, because I need to fix the container so that it can deal with your situation and present better diagnostic information. This container (and another whole family of containers we built for clients) is designed to isolate all processes in the container so they do not run as root, and can assume the storage identity of any user. We did this to make better, more secure containers. However, if you do want to run it as root, in theory, it should let you (perhaps with a warning), and I'll look into this.
It again runs bash script when we run it via normal user why it is not running on docker with the normal user ?
