Quan Tong
Docker rootless keeps restarting?
2023-07-12
As some of you may know, this blog is hosted on Raspberry Pi. To monitor its status, I wrote a script, which you can find here.
Recently, I decided to switch the Docker daemon to run in rootless mode. However, after making this change, I started receiving notifications indicating that the blog was frequently going offline.
Whenever this happens, I ssh into my Pi and run the command docker ps to list the running containers.
Docker Compose healthcheck
2021-09-09
The most important thing when running integration test using docker-compose is ensured that one container is started completely before others.
Sometime wait-for-it is not enough:
cassandra:
image: bitnami/cassandra:latest
ports:
- '7000:7000'
- '9042:9042'
volumes:
- /path/to/init-scripts:/docker-entrypoint-initdb.d
wait-for-cassandra:
image: willwill/wait-for-it
command: cassandra:9042 -t 60
depends_on:
- cassandra:
condition form of depends_on in docker-compose version 3
2021-03-05
As version 3 no longer supports the condition form of depends_on, what is the alternative way to wait for a container to be started completely?
From 1.27.0, 2.x and 3.x are merged with COMPOSE_SPEC schema.
version is now optional. So, you can just remove it and specify a condition as before:
services:
web:
build: .
depends_on:
redis:
condition: service_healthy
redis:
image: redis
healthcheck:
test: ["CMD", "redis-cli", "ping"]
interval: 1s
timeout: 3s
retries: 30
Let's Encrypt too many certificates already issued
2021-02-04
Traefik is configured to use Let’s Encrypt to generate certificate for my blog (and other services) automatically. One day after restarting, I cannot access to my blog via HTTPS anymore (NET::ERR_CERT_AUTHORITY_INVALID). Why?
By looking at the Traefik logs, I found this:
time=“2021-02-04T01:54:33Z” level=error msg=“Unable to obtain ACME certificate for domains \“quantonganh.com\”: unable to generate a certificate for the domains [quantonganh.com]: acme: error: 429 :: POST :: https://acme-v02.api.letsencrypt.org/acme/new-order :: urn:ietf:params:acme:error:rateLimited :: Error creating new order :: too many certificates already issued for exact set of domains: quantonganh.com: see https://letsencrypt.org/docs/rate-limits/, url: “ providerName=le.acme routerName=blog-secured@docker rule=“Host(
quantonganh.com)”
plugins/docker failed to resolve Keycloak hostname?
2021-01-27
After integrating Docker registry with Keycloak, the publishing step failed to authenticate with Docker Registry.
The full error message is:
time="2021-01-26T13:44:18.485121053Z" level=error msg="Handler for POST /v1.40/auth returned error: Get https://docker.domain.com/v2/: Get https://sso.domain.com/auth/realms/application/protocol/docker-v2/auth?account=******&client_id=docker&offline_token=true&service=aws-docker-registry: dial tcp: lookup sso.domain.com on 127.0.0.11:53: no such host"
sso.domain.com is a local hostname which can be resolved on the host. How can I make it resolvable inside the plugins/docker container?
I found some similar issues:
- https://discourse.drone.io/t/dns-lookup-fails-inside-plugins-docker-build/501/5
- https://github.com/drone-plugins/drone-docker/issues/193
but they are slightly differences.
Look at this: http://plugins.drone.io/drone-plugins/drone-docker/
Why my golang docker container exits immediately (code 127)?
2019-10-30
To trim the binary size, I used LDFLAGS='-w -s', pack with upx, then build from scratch. The thing is when starting, it exited immediately with code 127. Why?
My Dockerfile:
FROM scratch
WORKDIR /app
COPY build/linux/<binary> .
ENTRYPOINT [ "/app/<binary>" ]
When starting:
0fbce782a9bd quantonganh/<binary>:T276-dockerize "/app/<binary>" 6 seconds ago Exited (127) 4 seconds ago relaxed_thompson