Dockerfile icon indicating copy to clipboard operation
Dockerfile copied to clipboard

Published 20 hours ago verified publisher icon webdevops

Container fails to start on google cloud run

Open atymic opened this issue 4 years ago • 9 comments

Issue seems to be with this line in /opt/docker/provision/entrypoint.d/20-nginx.sh:

# Prevent startup of nginx (ubuntu 16.04 needs it)
ln -f -s /var/lib/nginx/logs /var/log/nginx

image

Any ideas?

atymic avatar Jun 29 '20 00:06 atymic

After removing that line, nginx fails to start because it can't write logs 🤔 image

atymic avatar Jun 29 '20 00:06 atymic

Ok, got around that but now FPM doesn't seem to be running or responding 🙃 image

atymic avatar Jun 29 '20 00:06 atymic

I'm seeing this issue too:

2020-07-14 08:00:07.404 EDT -> Executing /opt/docker/provision/entrypoint.d/05-permissions.sh
2020-07-14 08:00:07.437 EDT -> Executing /opt/docker/provision/entrypoint.d/20-nginx.sh
2020-07-14 08:00:07.484 EDT ln: /var/log/nginx: Operation not permitted
2020-07-14 08:00:07.761 EDT Container called exit(1).

I'm not sure what's special about Cloud Run because my image runs fine locally. I'm wondering what user is 20-nginx.sh supposed to run under, and what are the expected permissions of /var/log

trotterdylan avatar Jul 14 '20 12:07 trotterdylan

I'm also facing this issue. Going here and there but still can't solve.

ibnu-wartek avatar Jan 17 '21 13:01 ibnu-wartek

I have just run into the same exact problem. Is there any fix or workaround that anybody knows about?

spire-mike avatar Apr 27 '21 12:04 spire-mike

@atymic did you ever figure this out?

spire-mike avatar Apr 27 '21 12:04 spire-mike

Nope, no luck. Am running apache container instead.

atymic avatar Apr 28 '21 03:04 atymic

@atymic - yup, same here. I would really like to understand why this issue occurs with the nginx image.

spire-mike avatar Apr 28 '21 09:04 spire-mike

@atymic I managed to solve this problem yesterday by adding few lines to the RUN command in my Dockerfile that extends the webdevops/php-nginx base image:

RUN ln -f -s /var/lib/nginx/logs /var/log/nginx \
    && sed -i 's|ln -f -s /var/lib/nginx/logs /var/log/nginx|#ln -f -s /var/lib/nginx/logs /var/log/nginx (Already hardcoded in dockerfile RUN command)|g' /opt/docker/provision/entrypoint.d/20-nginx.sh

How it works: First command creates a symlink needed for nginx and second command edits 20-nginx.sh entrypoint script before it is executed and comments out the line that fails in attempt to create symlink.

Why does this work in Cloud Run and why it doesn't work with 20-nginx.sh entrypoint: My theory is that it has something to do with permissions but I am not 100% sure, while I was debugging this I found out that there is only one difference in permissions between folders involved in symlink creation. Symlink permissions for creation in the RUN command: lrwxrwxrwx 1 root root 19 Mar 3 16:04 nginx -> /var/lib/nginx/logs Symlink permissions for creation in the 20-nginx.sh entrypoint script: lrwxrwxrwx 1 root applicat 19 Mar 3 16:00 nginx -> /var/lib/nginx/logs This difference is consistent locally (on the Cloud Run I am only sure about permissions of symlink created by RUN command), both users for RUN command and 20-nginx.sh entrypoint script are root so I don't know why entrypoint does not work on Cloud Run...

5imun avatar Mar 04 '22 07:03 5imun