Building the docker image from scratch

[scientronic92]

I made a docker file to run Odoo, but the problem is that Odoo container can't find DB container even if ping by IP is working.

##Odoo Dockerfile

FROM ubuntu:19.04

WORKDIR /

COPY odoo13-enterprise.deb .

Copy wkhtmltox_0.12.5-1.bionic_amd64.deb .

USER root

CMD ["bash"]

ENV LANG=C.UTF-8

RUN apt-get update         && apt-get install -y --no-install-recommends             ca-certificates             curl             dirmngr             fonts-noto-cjk             gnupg             libssl-dev             nodejs             npm             python3-num2words             python3-pip             python3-phonenumbers             python3-pyldap             python3-qrcode             python3-renderpm             python3-setuptools             python3-slugify             python3-vobject             python3-watchdog             python3-xlrd             python3-xlwt             xz-utils		apt-utils

RUN npm install -g rtlcss

RUN apt-get update          && apt-get install -y postgresql-client

RUN adduser odoo

RUN mkdir /var/lib/odoo

VOLUME [/var/lib/odoo /mnt/extra-addons]

RUN apt install ./wkhtmltox_0.12.5-1.bionic_amd64.deb -y

RUN apt install ./odoo13-enterprise.deb -y

RUN chown odoo /etc/odoo/odoo.conf     && mkdir -p /mnt/extra-addons     && chown -R odoo /mnt/extra-addons

EXPOSE 8069 8071

USER odoo

CMD ["odoo"]

##Commands used:

docker run -d --network=bridge --hostname db --domainname db -e POSTGRES_USER=odoo -e POSTGRES_PASSWORD=odoo -e POSTGRES_DB=postgres --name db postgres

docker run -d --hostname=odoo13 -p 8069:8069 --network="bridge" --name odoo13 odoo13-e:1.0

docker network create odoo

docker network connect odoo odoo13
docker network connect odoo db

should I use --link property? This is what appears on web browser:

Internal Server Error

The server encountered an internal error and was unable to complete your request. Either the server is overloaded or there is an error in the application.

[kovacs-andras]

If you take some advice:

• Your question doesn't look like an issue.
• This Dockerfile is ugly. Un-indented, unnecessary layers, 2 CMD in it, no logic.
• Use a smaller base image.
• Use compose or sg. which makes it easier for you instead of long docker run commands.
• If you put those containers on the default or same nat network, than they should find each other via your docker daemon's DNS server.

And here is my very personal advice: don't use docker. Use podman. ;) Regards,

[scientronic92]

Thank you @kovacs-andras for your feedback. actually. I tried to run an official Odoo docker container in Kubernetes but it didn't work, I am still new to this stuff, so I tried to build the container from scratch to find the real issue, then moving to Kubernetes. by the way, I copied some of the lines from the official Dockerfile.

[kovacs-andras]

IMHO this project is not suitable for that. They usually scale it vertically and you want horizontal scaling at the end, am I right? I'm not familiar with 13, but I am with 12. The documentation is/was quite useless but there are some books for the previous versions and those can be helpful: Odoo Development Cookbook/Essentials, Working with Odoo/OpenERP. There was also a "hidden" .pdf only for the paid partners which is a bunch of bad practices - mostly in Spanish language and some English. I think you can find all of them with Google and maybe those can help. Good luck! :)

[scientronic92]

That's right. What I already tried, I made two odoo containers with one postgres container, I connected them to it, the problem was, they couldn't read each other's database, I think the problem is in the static files, I am thinking about making shared static files dir. Yes, I am thinking about following Odoo standards, I don't think horizontal scaling is fit with Odoo, but how can we achieve HA for a big number of users? I think if we can make the first case working, kubernetes is possible.

[codeagencybe]

@scientronic92 We are trying to achieve exactly the same thing. I'm currently exploring options with Portainer which makes it easier to handle the Docker environment. It's an open source GUI for Docker and Swarm. The idea we have is running a seperate PSQL container and enable swarm and setup DB replication over 3 nodes. That should do the trick I think. For the filestore, we are looking into using offloading into amazon S3/WASABI so that means, nothing is put locally on the servers anymore, and makes it much easier to migrate to other machines And for the sessions, we already use the MUK redis session app (it's a free OCA one) and fix the problem that connections are dropped for users.

And aside, we have our production Kubernetes cluster (with Rancher) running and ready to adopt for Odoo.

The only problem we are now trying to solve, it finding or creating a decent Dockerfile/image so we stay in control what is getting deployed. The official Docker image is way too slow in terms of bugfixes. every once in a 3~4 months is not enough. We often need extra dependencies for custom modules and it's always kind of a hacky thing to get things working.

If you want exchange ideas, learn, help each other with this, please let me know as I'm in the same boat as you it seems.

[codeagencybe]

@scientronic92 PS, with Portainer we are experimenting currently with Traefik v2.x + Let's Encrypt to handle as load balancer. It's very nice solution for creating HA environments

[scientronic92]

Sure, I like to help and learn, I will be happy to join the group. I think we can use Jenkins to create a pipeline to build the image and then deploy it inside Kubernetes, in my opinion, this could help companies to fix bugs, and adding custom modules more easily in similar CI/CD of any other software.

[scientronic92]

Thank you @codeagencybe, I will check that.

[kovacs-andras]

I think both of you are watching this whole project from a very high level. Be careful with you expectations!

@codeagencybe

I'm currently exploring options with Portainer which makes it easier to handle the Docker environment.

The docker environment is quite easy (and insecure) as it is. And they have their own UI-stuff control plane too. But ofc, it's your personal reference.

For the filestore, we are looking into using offloading into amazon S3/WASABI so that means, nothing is put locally on the servers anymore, and makes it much easier to migrate to other machines

You will be on your own. On every update Odoo will push all the stuff even the files to PostgreSQL. But I remember there is a way to serve at least some of them without Odoo. You just need to make some smart rules in your webserver config. You will not be able to handle files and db separately. Odoo will work fine only if you save, move, etc things always together. If you make a mistake than files, pictures, other content will be missing and errors will fill up your logs.

And for the sessions, we already use the MUK redis session app (it's a free OCA one) and fix the problem that connections are dropped for users.

Thank you for the info! All the redis plugins I've tried were pretty buggy. The Odoo team made a demo once about storing user sessions in postresql but it's undocumented and not supported.

And aside, we have our production Kubernetes cluster (with Rancher) running and ready to adopt for Odoo.

The only problem we are now trying to solve, it finding or creating a decent Dockerfile/image so we stay in control what is getting deployed. The official Docker image is way too slow in terms of bugfixes. every once in a 3~4 months is not enough. We often need extra dependencies for custom modules and it's always kind of a hacky thing to get things working.

I really don't get it now... do you want to use Swarm or Kubernetes? I don't get the Dockerfile part either. Why don't you make your own? It's quite easy to make a better one which fits more to your needs. But be careful with daily builds/updates! I had quite a few cases when an update (even with the paid version of Odoo) reverted language to the default one, etc. So be careful when you are building a ci/cd! Always test things properly. Also watch fixes for all the Odoo versions because they forgot sometimes to merge them. Modules are hacky for sure but check the dependencies. Anyways, maybe this can help: https://bitnami.com/stack/odoo

If you take an advice: focus on backup. Regards,

[scientronic92]

I personally faced this problem of session interruptions, and error in loading for a strict environment. One of the reasons was opening two different Odoo servers on the same browser, even though, when we solved this issue we still get this issue for some devices, in your opinion, could firewall and security software or hardware cause this type of interruptions?

[scientronic92]

Could you recommend a document about Odoo security and architecture, please? we still have a gap to make the right decision about containerization design.

[kovacs-andras]

I don't know the first one and I don't know the environment of yours.

Could you recommend a document about Odoo security and architecture, please? we still have a gap to make the right decision about containerization design.

I think there is no documentation for that. Try those which I've mentioned before and basically that's the best what you can get. (If you have anything else, I'm interested too!) But it's python so easy to read the code itself.

[antonionardella]

Hello @codeagencybe,

I am trying to deploy odoo 12 with postgres 12 using traefik2 on a arm64v8 docker swarm cluster. This is my yml file for the Stack

version: '3.7'

services:
  web:
    image: arm64v8/odoo:12
    networks:
      - traefik-public
    deploy:
      placement:
        constraints:
          - node.labels.arch == arm64
      labels:
        - 'traefik.enable=true'
        - 'traefik.tags=public'
        - 'traefik.docker.network=traefik-public'
      
        - 'traefik.http.routers.odoo-http.rule=Host(`odoo.mydomain.com`)'
        - 'traefik.http.routers.odoo-http.entrypoints=web'
        - 'traefik.http.routers.odoo-http.middlewares=odoo-redirect'

        - 'traefik.http.routers.odoo-https.rule=Host(`odoo.mydomain.com`)'
        - 'traefik.http.routers.odoo-https.entrypoints=websecure'
        - 'traefik.http.services.odoo-https.loadbalancer.server.port=8069'
        - 'traefik.http.routers.odoo-https.tls=true'
        - 'traefik.http.routers.odoo-https.tls.certResolver=letsencrypt'
        - 'traefik.http.routers.odoo-https.tls.domains[0].main=odoo.mydomain.com'
        - 'traefik.http.middlewares.odoo-redirect.redirectscheme.scheme=https'
        - 'traefik.http.middlewares.odoo-redirectscheme.redirectscheme.permanent=true'
    volumes:
      - vol_odoo_webdata:/var/lib/odoo
      - vol_odoo_config:/etc/odoo
      - vol_odoo_addons:/mnt/extra-addons
  db:
    image: postgres:12
    environment:
      - POSTGRES_DB=postgres
      - POSTGRES_PASSWORD=odoo
      - POSTGRES_USER=odoo
      - PGDATA=/var/lib/postgresql/data/pgdata
    volumes:
      - vol_odoo_postgres:/var/lib/postgresql/data/pgdata
      
volumes:
  vol_odoo_webdata:
    driver: local
    driver_opts:
      type: nfs
      o: addr=NASIP,nolock,soft,rw
      device: ":/docker/data/odoo/webdata"
  vol_odoo_config:
    driver: local
    driver_opts:
      type: nfs
      o: addr=NASIP,nolock,soft,rw
      device: ":/docker/data/odoo/config"
  vol_odoo_addons:
    driver: local
    driver_opts:
      type: nfs
      o: addr=NASIP,nolock,soft,rw
      device: ":/docker/data/odoo/extra-addons"
  vol_odoo_postgres:
    driver: local
    driver_opts:
      type: nfs
      o: addr=NASIP,nolock,soft,rw
      device: ":/docker/data/odoo/postgres"
      
networks:
  traefik-public:
    external: true

So far the DB starts but odoo gives this error:

2020-05-21 09:41:53,496 1 INFO ? odoo: Odoo version 12.0-20181109 ,
2020-05-21 09:41:53,498 1 INFO ? odoo: Using configuration file at /etc/odoo/odoo.conf ,
2020-05-21 09:41:53,498 1 INFO ? odoo: addons paths: ['/mnt/extra-addons', '/usr/lib/python3/dist-packages/odoo/addons'] ,
2020-05-21 09:41:53,499 1 INFO ? odoo: database: odoo@db:5432 ,  
2020-05-21 09:41:53,865 1 INFO ? odoo.addons.base.models.ir_actions_report: You need Wkhtmltopdf to print a pdf version of the reports. ,
Traceback (most recent call last):,
  File "/usr/bin/odoo", line 8, in <module>, odoo.cli.main(),
  File "/usr/lib/python3/dist-packages/odoo/cli/command.py", line 60, in main, o.run(args),  
  File "/usr/lib/python3/dist-packages/odoo/cli/server.py", line 176, in run, main(args),  
  File "/usr/lib/python3/dist-packages/odoo/cli/server.py", line 170, in main, rc = odoo.service.server.start(preload=preload, stop=stop),
  File "/usr/lib/python3/dist-packages/odoo/service/server.py", line 1107, in start, rc = server.run(preload, stop),
  File "/usr/lib/python3/dist-packages/odoo/service/server.py", line 420, in run, self.start(stop=stop),  
  File "/usr/lib/python3/dist-packages/odoo/service/server.py", line 361, in start, set_limit_memory_hard(),  
  File "/usr/lib/python3/dist-packages/odoo/service/server.py", line 72, in set_limit_memory_hard, soft, hard = resource.getrlimit(rlimit),
PermissionError: [Errno 1] Operation not permitted,

Looks like setting the parameters like set_limit_memory_hard do not work because the user in the container does not have the rights to set them.

I even tried to set user: '0:0'. What changes is that the logfile additionally prints Running as user 'root' is a security risk.

Could you or someone point me towards a possible solution??