I will put across my issue as follows :
I want to build a docker image for Hyperledger Indy-sdk
While building docker image it uses docker-compose command to build two images and combine them i.e., indy-pool image and getting-started image. My docker-compose.yml file looks as shown below
version: '2'
services:
indy_pool:
build:
context: ../../ci/
dockerfile: indy-pool.dockerfile
args:
pool_ip: '10.0.0.2'
image: indy_pool
container_name: indy_pool
working_dir: /home/indy
ports:
- "9701:9701"
- "9702:9702"
- "9703:9703"
- "9704:9704"
- "9705:9705"
- "9706:9706"
- "9707:9707"
- "9708:9708"
networks:
pool_network:
ipv4_address: 10.0.0.2
volumes:
- sandbox:/var/lib/indy/sandbox/
jupyter:
build:
context: .
dockerfile: getting-started.dockerfile
command: jupyter notebook --ip=0.0.0.0
image: getting-started
container_name: getting_started
working_dir: /home/indy
volumes:
- ./getting-started.ipynb:/home/indy/getting-started.ipynb
- sandbox:/home/indy/sandbox
ports:
- "8888:8888"
networks:
- pool_network
links:
- indy_pool
networks:
pool_network:
driver: bridge
ipam:
driver: default
config:
-
subnet: 10.0.0.0/24
volumes:
sandbox:
The above docker-compose will initiate the indy-pool.dockerfile to run. The contents of indy-pool.dockerfile is as shown below
FROM ubuntu:16.04
ARG uid=1000
# Install environment
RUN apt-get update -y && apt-get install -y \
git \
wget \
python3.5 \
python3-pip \
python-setuptools \
python3-nacl \
apt-transport-https \
ca-certificates \
supervisor
RUN pip3 install -U \
pip==9.0.3 \
setuptools
RUN apt-key adv --keyserver keyserver.ubuntu.com --recv-keys CE7709D068DB5E88 || \
apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys CE7709D068DB5E88
ARG indy_stream=master
RUN echo "deb https://repo.sovrin.org/deb xenial $indy_stream" >> /etc/apt/sources.list
RUN useradd -ms /bin/bash -u $uid indy
ARG indy_plenum_ver=1.12.1~dev989
ARG indy_node_ver=1.12.1~dev1172
ARG python3_indy_crypto_ver=0.4.5
ARG indy_crypto_ver=0.4.5
ARG python3_pyzmq_ver=18.1.0
ARG python3_orderedset_ver=2.0
ARG python3_psutil_ver=5.4.3
ARG python3_pympler_ver=0.5
RUN apt-get update -y && apt-get install -y \
python3-pyzmq=${python3_pyzmq_ver} \
indy-plenum=${indy_plenum_ver} \
indy-node=${indy_node_ver} \
python3-indy-crypto=${python3_indy_crypto_ver} \
libindy-crypto=${indy_crypto_ver} \
python3-orderedset=${python3_orderedset_ver} \
python3-psutil=${python3_psutil_ver} \
python3-pympler=${python3_pympler_ver} \
vim
RUN echo "[supervisord]\n\
logfile = /tmp/supervisord.log\n\
logfile_maxbytes = 50MB\n\
logfile_backups=10\n\
logLevel = error\n\
pidfile = /tmp/supervisord.pid\n\
nodaemon = true\n\
minfds = 1024\n\
minprocs = 200\n\
umask = 022\n\
user = indy\n\
identifier = supervisor\n\
directory = /tmp\n\
nocleanup = true\n\
childlogdir = /tmp\n\
strip_ansi = false\n\
\n\
[program:node1]\n\
command=start_indy_node Node1 0.0.0.0 9701 0.0.0.0 9702\n\
directory=/home/indy\n\
stdout_logfile=/tmp/node1.log\n\
stderr_logfile=/tmp/node1.log\n\
\n\
[program:node2]\n\
command=start_indy_node Node2 0.0.0.0 9703 0.0.0.0 9704\n\
directory=/home/indy\n\
stdout_logfile=/tmp/node2.log\n\
stderr_logfile=/tmp/node2.log\n\
\n\
[program:node3]\n\
command=start_indy_node Node3 0.0.0.0 9705 0.0.0.0 9706\n\
directory=/home/indy\n\
stdout_logfile=/tmp/node3.log\n\
stderr_logfile=/tmp/node3.log\n\
\n\
[program:node4]\n\
command=start_indy_node Node4 0.0.0.0 9707 0.0.0.0 9708\n\
directory=/home/indy\n\
stdout_logfile=/tmp/node4.log\n\
stderr_logfile=/tmp/node4.log\n"\
>> /etc/supervisord.conf
USER indy
RUN awk '{if (index($1, "NETWORK_NAME") != 0) {print("NETWORK_NAME = \"sandbox\"")} else print($0)}' /etc/indy/indy_config.py> /tmp/indy_config.py
RUN mv /tmp/indy_config.py /etc/indy/indy_config.py
ARG pool_ip=127.0.0.1
RUN generate_indy_pool_transactions --nodes 4 --clients 5 --nodeNum 1 2 3 4 --ips="$pool_ip,$pool_ip,$pool_ip,$pool_ip"
EXPOSE 9701 9702 9703 9704 9705 9706 9707 9708
CMD ["/usr/bin/supervisord"]
Now both Ubuntu 16.04 image and indy-pool image will get created successfully as shown in the image
Ubuntu 16.04 and Indy-pool Success Screenshot
After this when getting-started.dockerfile starts running. getting-staretd.dockerfile looks like this
FROM ubuntu:16.04
RUN useradd -ms /bin/bash indy
# Install environment
RUN apt-get update -y && apt-get install -y \
wget \
python3.5 \
python3-pip \
python-setuptools \
apt-transport-https \
ca-certificates \
software-properties-common
WORKDIR /home/indy
RUN pip3 install -U \
pip \
ipython-notebook \
ipython==7.9 \
setuptools \
jupyter \
python3-indy==1.11.0
RUN apt-key adv --keyserver keyserver.ubuntu.com --recv-keys CE7709D068DB5E88 \
&& add-apt-repository "deb https://repo.sovrin.org/sdk/deb xenial stable" \
&& apt-get update \
&& apt-get install -y \
libindy=1.11.0
USER indy
EXPOSE 8888
The whole issue starts when RUN apt-get update -y gets executed in getting-started.dockerfile. The following lines of error are shown to me
Err:6 http://archive.ubuntu.com/ubuntu xenial InRelease
Could not connect to archive.ubuntu.com:80 (91.189.88.152), connection timed out [IP: 91.189.88.152 80]
Err:7 http://archive.ubuntu.com/ubuntu xenial-updates InRelease
Unable to connect to archive.ubuntu.com:http: [IP: 91.189.88.152 80]
Err:8 http://archive.ubuntu.com/ubuntu xenial-backports InRelease
Unable to connect to archive.ubuntu.com:http: [IP: 91.189.88.152 80]
Fetched 3168 kB in 4min 0s (13.2 kB/s)
Reading package lists...
W: Failed to fetch http://archive.ubuntu.com/ubuntu/dists/xenial/InRelease Could not connect to archive.ubuntu.com:80 (91.189.88.152), connection timed out [IP: 91.189.88.152 80]
W: Failed to fetch http://archive.ubuntu.com/ubuntu/dists/xenial-updates/InRelease Unable to connect to archive.ubuntu.com:http: [IP: 91.189.88.152 80]
W: Failed to fetch http://archive.ubuntu.com/ubuntu/dists/xenial-backports/InRelease Unable to connect to archive.ubuntu.com:http: [IP: 91.189.88.152 80]
Note : My docker engine and docker-compose are installed on top of Ubuntu 20.04
To resolve this issue I went to multiple resources available in internet. From that I can say it is not an issue with DNS lookup and http proxy(as I am not working in proxy network).
As I am new to Docker build and docker compose I strongly believe that it is something to do with image building process. If anyone of you have come across similar issue and resolved it kindly provide me suggestions to solve above one.
Try build with the option --network=host the dependencies got resolved and was able to create image with indy SDK
docker build --network=host -t indy-image .
Related
I tried
curl -fsSL https://deb.nodesource.com/setup_lts.x | sudo -E bash -
got error
W: GPG error: http://nginx.org/packages/ubuntu focal InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY ABF5BD827BD9BF62
I added pub key still get the same
sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys ABF5BD827BD9BF62
Didn't help also
wget https://nginx.org/keys/nginx_signing.key -O - | sudo apt-key add -
--2022-05-10 08:02:28-- https://nginx.org/keys/nginx_signing.key
Resolving nginx.org (nginx.org)... 52.58.199.22, 3.125.197.172, 2a05:d014:edb:5702::6, ...
Connecting to nginx.org (nginx.org)|52.58.199.22|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 1561 (1.5K) [application/octet-stream]
Saving to: ‘STDOUT’
Why?
I'm studying about docker, node and graphql and would like to make my project available in HTTPS.
I found this tutorial (https://techsparx.com/nodejs/docker/express-https.html) that explains how to do this, but I ran into an error and couldn't find a solution that works.
Building certbot
[+] Building 2.8s (9/11)
=> [internal] load build definition from Dockerfile 0.0s
=> => transferring dockerfile: 840B 0.0s
=> [internal] load .dockerignore 0.0s
=> => transferring context: 2B 0.0s
=> [internal] load metadata for docker.io/library/debian:jessie 1.9s
=> [auth] library/debian:pull token for registry-1.docker.io 0.0s
=> [1/7] FROM docker.io/library/debian:jessie#sha256:32ad5050caffb2c7e969dac873bce2c370015c2256ff984b70c1c08b3a2816a0 0.0s
=> CACHED [2/7] RUN apt-get update && apt-get install -y cron bash wget 0.0s
=> CACHED [3/7] RUN mkdir -p /webroots/bgl8700.com.br/.well-known /scripts 0.0s
=> CACHED [4/7] WORKDIR /scripts 0.0s
=> ERROR [5/7] RUN wget https://dl.eff.org/certbot-auto 0.7s
------
> [5/7] RUN wget https://dl.eff.org/certbot-auto:
#11 0.347 converted 'https://dl.eff.org/certbot-auto' (ANSI_X3.4-1968) -> 'https://dl.eff.org/certbot-auto' (UTF-8)
#11 0.347 --2021-10-24 20:20:12-- https://dl.eff.org/certbot-auto
#11 0.361 Resolving dl.eff.org (dl.eff.org)... 151.101.176.201, 2a04:4e42:2a::201
#11 0.569 Connecting to dl.eff.org (dl.eff.org)|151.101.176.201|:443... connected.
#11 0.640 ERROR: The certificate of 'dl.eff.org' is not trusted.
#11 0.640 ERROR: The certificate of 'dl.eff.org' has expired.
------
executor failed running [/bin/sh -c wget https://dl.eff.org/certbot-auto]: exit code: 5
ERROR: Service 'certbot' failed to build : Build failed
This is the Dockerfile:
FROM debian:jessie
# Install cron, certbot, bash, plus any other dependencies
RUN apt-get update \
&& apt-get install -y cron bash wget
RUN mkdir -p /webroots/bgl8700.com.br/.well-known /scripts
WORKDIR /scripts
RUN wget https://dl.eff.org/certbot-auto
RUN chmod a+x ./certbot-auto
# Run certbot-auto so that it installs itself
RUN /scripts/certbot-auto -n certificates
# /webroots/DOMAIN.TLD/.well-known/... files go here
VOLUME /webroots
VOLUME /etc/letsencrypt
# This installs a Crontab entry which
# runs "certbot renew" on several days of each week at 03:22 AM
#
# RUN echo "22 03 * * 2,4,6,7 root /scripts/certbot-auto renew" >/etc/cron.d/certbot
CMD [ "cron", "-f" ]
This is the register:
#!/bin/sh
/scripts/certbot-auto certonly --webroot -w /webroots/$1 -d $1
Folder Structure:
certbot/
- Dockerfile
- register
You need to take a closer look at the SSL certificate that is used in your setup. After all you have the messages
#11 0.640 ERROR: The certificate of 'dl.eff.org' is not trusted.
#11 0.640 ERROR: The certificate of 'dl.eff.org' has expired.
So check where in your process the certificate is created - and if it is not, then you need to add that part.
I've installed mongodb for the very first time on my Debian 8, following this mongodb install guide. The goal is to use mongodb for rocket.chat, for which I follow this guide.
So far, all I did was:
$sudo apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv 0C49F3730359A14518585931BC711F9BA15703C6
$echo "deb http://repo.mongodb.org/apt/debian jessie/mongodb-org/3.4 main" | sudo tee /etc/apt/sources.list.d/mongodb-org-3.4.list
$sudo apt-get update
$sudo apt-get install mongodb-org
$sudo systemctl enable mongod
$sudo vi /etc/mongod.conf
<insert>
replication:
oplogSizeMB: 1
replSetName: rs0
$sudo systemctl restart mongod
$export LC_ALL=C
$sudo mongo
MongoDB shell version v3.4.0
connecting to: mongodb://127.0.0.1:27017
2016-12-14T10:21:55.356+0100 W NETWORK [main] Failed to connect to 127.0.0.1:27017 after 5000 milliseconds, giving up.
2016-12-14T10:21:55.356+0100 E QUERY [main] Error: couldn't connect to server 127.0.0.1:27017, connection attempt failed :
connect#src/mongo/shell/mongo.js:234:13
#(connect):1:6
exception: connect failed
I'm monitoring the log file, when attempting to access the mongo shell, but nothing shows up.
The mongod service is running, configured to listen on 127.0.0.1 and I'm working on the server locally.
How do I access the mongo shell from the localhost?
edit Solved. The issue was an iptables rule, that disallowed local connections to the mongodb.
Run the following command :
sudo rm /var/lib/mongodb/mongod.lock
sudo service mongod restart
Credit: Failed to connect to 127.0.0.1:27017, reason: errno:111 Connection refused
You can access the mongodb shell by changing directory to your MongoDb installation and entering ./bin/mongo. See this guide: enter link description here
To recover from an unclean shutdown run these in a terminal
killall mongod
cd ~
./mongod --repair
rm -rfv data/mongod.lock
./mongod
If you want to remove the --httpinterface warning then run, try this :
echo 'mongod --bind_ip=$IP --dbpath=data --nojournal --rest --httpinterface "$#"' > mongod
(it only needs running once) before you run
./mongod
I hope this helps. Cheers!
I have the following Dockerfile
FROM ubuntu:14.04
EXPOSE 8000
# Install nginx
RUN apt-get update -q \
&& apt-get install --no-install-recommends --no-install-suggests -y -q \
nginx \
&& rm -rf /var/lib/apt/lists/*
COPY ./nginx.conf /etc/nginx/
COPY ./index.html /usr/share/nginx/test/
RUN groupadd -r webgroup \
&& useradd -r -m -g webgroup webuser \
&& touch /run/nginx.pid \
&& chown -R webuser:webgroup /var/log/nginx /var/lib/nginx /run/nginx.pid
USER webuser
CMD nginx
When I run it I get Permission denied on /var/log/nginx:
mikhails-mbp:test-docker-nginx mkuleshov$ docker run -p 8000:8000 mytest
nginx: [alert] could not open error log file: open() "/var/log/nginx/error.log" failed (13: Permission denied)
2016/10/02 17:02:51 [emerg] 5#0: open() "/var/log/nginx/access.log" failed (13: Permission denied)
If I get into the container with bash I see:
webuser#d190146a0e8d:/var/log/nginx$ ls -la
total 8
drwxr-x--- 2 webuser webgroup 4096 Jun 2 15:16 .
drwxrwxr-x 8 root syslog 4096 Oct 2 17:02 ..
How is it possible? During the above session I also cannot create files under that user.
Thing that helped: Removing the /var/log/nginx and recreating it again. But I have no idea why this happens.
There is no SELinux.
Has anyone encountered anything like that or is there anything I'm doing wrong?
P.S. Here is docker info if it can help
mikhails-mbp:test-docker-nginx mkuleshov$ docker info
Containers: 179
Running: 0
Paused: 0
Stopped: 179
Images: 901
Server Version: 1.11.2
Storage Driver: aufs
Root Dir: /mnt/sda1/var/lib/docker/aufs
Backing Filesystem: extfs
Dirs: 1109
Dirperm1 Supported: true
Logging Driver: json-file
Cgroup Driver: cgroupfs
Plugins:
Volume: local
Network: bridge null host
Kernel Version: 4.4.12-boot2docker
Operating System: Boot2Docker 1.11.2 (TCL 7.1); HEAD : a6645c3 - Wed Jun 1 22:59:51 UTC 2016
OSType: linux
Architecture: x86_64
CPUs: 1
Total Memory: 1.955 GiB
Name: default
ID: 3K5S:3QBN:BXGY:FASS:VG6P:D4CS:UXRK:GYXB:HJQG:SIQH:F6KQ:N4BN
Docker Root Dir: /mnt/sda1/var/lib/docker
Debug mode (client): false
Debug mode (server): true
File Descriptors: 15
Goroutines: 32
System Time: 2016-10-02T17:08:51.355144074Z
EventsListeners: 0
Username: mkuleshov
Registry: https://index.docker.io/v1/
Labels:
provider=virtualbox
P.P.S. Here is a test repo with configs for that case: https://github.com/aides/test-docker-nginx
Most likely adding your user into adm group will solve your issue.
Try sudo usermod -aG adm webuser
More details: https://askubuntu.com/questions/421684/cant-access-apache-error-logs
I am attempting to update my Ubuntu/Debian system and I am getting an error:
GPG error: http://deb.opera.com stable InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY E585066A30C18A2B
What does it mean, and how can I resolve it?
Try following approach, is from there
The error NO_PUBKEY E585066A30C18A2B is the key for the Opera web
browser. To correct the error, run the following code.
wget -O - http://deb.opera.com/archive.key | apt-key add -
sudo wget -O - http://deb.opera.com/archive.key | apt-key add
--2016-09-24 09:42:48-- http://deb.opera.com/archive.key
Resolving deb.opera.com (deb.opera.com)... 185.26.183.130
Connecting to deb.opera.com (deb.opera.com)|185.26.183.130|:80... connected.
HTTP request sent, awaiting response... ERROR: This command can only be used by root.
200 OK
Length: 3152 (3,1K) [application/pgp-keys]
Saving to: ‘STDOUT’
- 0%[ ] 0 --.-KB/s in 0s
Cannot write to ‘-’ (Broken pipe).
Newer versions of apt also support
apt-key adv --fetch-keys https://deb.opera.com/archive.key
instead of
wget -qO - https://deb.opera.com/archive.key | apt-key add -
Additionally, you should always use https when loading the key.