Docker rootless keeps restarting?
As some of you may know, this blog is hosted on Raspberry Pi. To monitor its status, I wrote a script, which you can find here.
Recently, I decided to switch the Docker daemon to run in rootless mode. However, after making this change, I started receiving notifications indicating that the blog was frequently going offline.
Whenever this happens, I ssh into my Pi and run the command
docker ps to list the running containers.
Docker Compose healthcheck
The most important thing when running integration test using docker-compose is ensured that one container is started completely before others.
Sometime wait-for-it is not enough:
1 cassandra: 2 image: bitnami/cassandra:latest 3 ports: 4 - '7000:7000' 5 - '9042:9042' 6 volumes: 7 - /path/to/init-scripts:/docker-entrypoint-initdb.d 8 9 wait-for-cassandra: 10 image: willwill/wait-for-it 11 command: cassandra:9042 -t 60 12 depends_on: 13 - cassandra:
condition form of depends_on in docker-compose version 3
As version 3 no longer supports the
condition form of
depends_on, what is the alternative way to wait for a container to be started completely?
From 1.27.0, 2.x and 3.x are merged with COMPOSE_SPEC schema.
version is now optional. So, you can just remove it and specify a condition as before:
1services: 2 web: 3 build: . 4 depends_on: 5 redis: 6 condition: service_healthy 7 redis: 8 image: redis 9 healthcheck: 10 test: ["CMD", "redis-cli", "ping"] 11 interval: 1s 12 timeout: 3s 13 retries: 30
Let's Encrypt too many certificates already issued
Traefik is configured to use Let’s Encrypt to generate certificate for my blog (and other services) automatically. One day after restarting, I cannot access to my blog via HTTPS anymore (NET::ERR_CERT_AUTHORITY_INVALID). Why?
By looking at the Traefik logs, I found this:
time=“2021-02-04T01:54:33Z” level=error msg=“Unable to obtain ACME certificate for domains \“quantonganh.com\”: unable to generate a certificate for the domains [quantonganh.com]: acme: error: 429 :: POST :: https://acme-v02.api.letsencrypt.org/acme/new-order :: urn:ietf:params:acme:error:rateLimited :: Error creating new order :: too many certificates already issued for exact set of domains: quantonganh.com: see https://letsencrypt.org/docs/rate-limits/, url: “ providerName=le.acme routerName=blog-secured@docker rule=“Host(
plugins/docker failed to resolve Keycloak hostname?
After integrating Docker registry with Keycloak, the publishing step failed to authenticate with Docker Registry.
The full error message is:
1time="2021-01-26T13:44:18.485121053Z" level=error msg="Handler for POST /v1.40/auth returned error: Get https://docker.domain.com/v2/: Get https://sso.domain.com/auth/realms/application/protocol/docker-v2/auth?account=******&client_id=docker&offline_token=true&service=aws-docker-registry: dial tcp: lookup sso.domain.com on 127.0.0.11:53: no such host"
sso.domain.com is a local hostname which can be resolved on the host. How can I make it resolvable inside the
I found some similar issues:
but they are slightly differences.
Look at this: http://plugins.drone.io/drone-plugins/drone-docker/
Why my golang docker container exits immediately (code 127)?
To trim the binary size, I used
LDFLAGS='-w -s', pack with
upx, then build from scratch. The thing is when starting, it exited immediately with code 127. Why?
1FROM scratch 2 3WORKDIR /app 4 5COPY build/linux/<binary> . 6 7ENTRYPOINT [ "/app/<binary>" ]
10fbce782a9bd quantonganh/<binary>:T276-dockerize "/app/<binary>" 6 seconds ago Exited (127) 4 seconds ago relaxed_thompson