#docker (2020-02)

docker

All things docker Archive: https://archive.sweetops.com/docker/

2020-02-25

dan avatar

Has anyone ever seen a memory leak from dockerd? It seems to scale with our number of requests, so I am thinking it is something to do with capturing stdout - this is the aws version of docker

Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)

did you try raising the memory higher to see if there was an upper limit? For example, with prometheus, we thought we’d given it an ungodly amount (10G) of memory, but it still got reaped. We bumped it to 14G, and it was happy and stayed within the limits.

Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)

we also thought there was a problem at first…

2020-02-24

2020-02-23

2020-02-21

Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)

@scorebot help keep tabs!

scorebot avatar
scorebot
05:47:02 PM

@scorebot has joined the channel

scorebot avatar
scorebot
05:47:03 PM

Thanks for adding me emojis used in this channel are now worth points.

scorebot avatar
scorebot
05:47:04 PM

Wondering what I can do? try @scorebot help

rohit avatar
rohit

Does anyone know to hot deploy java spring mvc project code to docker container ?

johncblandii (Cloud Posse) avatar
johncblandii (Cloud Posse)

I wouldn’t call all of this best practice, but this is a generalized one we used before:

FROM openjdk:8-jre

RUN \
    apt update && \
    apt upgrade -y && \
    apt install -y libtcnative-1

WORKDIR /

RUN mkdir -p /usr/share/java-app/lib/

ARG JAR

ARG GIT_COMMIT
ARG PROJECT_VERSION
ARG BUILD_NUMBER

LABEL GIT_COMMIT=${GIT_COMMIT}
LABEL PROJECT_VERSION=${PROJECT_VERSION}
LABEL BUILD_NUMBER=${BUILD_NUMBER}
LABEL VERSION=${PROJECT_VERSION}.${BUILD_NUMBER}

COPY target/${JAR} /usr/share/java-app/lib/java-app.jar
COPY src/main/newrelic /usr/share/java-app/lib/newrelic

EXPOSE 8080

USER nobody:nogroup

ENTRYPOINT exec java \
	-javaagent:/usr/share/java-app/lib/newrelic/newrelic.jar \
	-jar /usr/share/java-app/lib/java-app.jar

HEALTHCHECK CMD curl --fail --silent <http://localhost:8080/actuator/health/> || exit 1
johncblandii (Cloud Posse) avatar
johncblandii (Cloud Posse)
spotify/docker-maven-plugin

INACTIVE: A maven plugin for Docker. Contribute to spotify/docker-maven-plugin development by creating an account on GitHub.

johncblandii (Cloud Posse) avatar
johncblandii (Cloud Posse)

POM file specifics:

<?xml version="1.0" encoding="UTF-8"?>
<project...>
	<properties>
		[my.docker.registry.com/${project.artifactId}:${project.version}.${env.BUILD_NUMBER}-${env.GIT_COMMIT}></docker.imageName](docker\.imageName><http://my\.docker\.registry\.com/\$\{project\.artifactId\}:\$\{project\.version\}\.\$\{env\.BUILD_NUMBER\}\-\$\{env\.GIT_COMMIT\})
	</properties>
...
	<profiles>
		<profile>
			<id>docker-profile</id>
			<activation>
				<property>
					<name>env.GIT_COMMIT</name>
				</property>
			</activation>
			<build>
				<plugins>
					<plugin>
						<groupId>com.spotify</groupId>
						<artifactId>dockerfile-maven-plugin</artifactId>
						<executions>
							<execution>
								<id>default</id>
								<goals>
									<goal>build</goal>
									<goal>tag</goal>
								</goals>
							</execution>
							<execution>
								<id>tag</id>
								<goals>
									<goal>tag</goal>
								</goals>
								<configuration>
									<tag>latest</tag>
								</configuration>
							</execution>
						</executions>
						<configuration>
							[my.docker.registry.com/java-app></repository](repository><http://my\.docker\.registry\.com/java\-app)
							<tag>${project.version}.${env.BUILD_NUMBER}-${env.GIT_COMMIT}</tag>
							<buildArgs>
								<JAR>${project.build.finalName}.jar</JAR>
								<GIT_COMMIT>${env.GIT_COMMIT}</GIT_COMMIT>
								<PROJECT_VERSION>${project.version}</PROJECT_VERSION>
								<BUILD_NUMBER>${env.BUILD_NUMBER}</BUILD_NUMBER>
							</buildArgs>
						</configuration>
					</plugin>
				</plugins>
			</build>
		</profile>
	</profiles>
...
</project>
johncblandii (Cloud Posse) avatar
johncblandii (Cloud Posse)

Another java app used the following dockerfile:

FROM [gcr.io/distroless/java:11](http://gcr\.io/distroless/java:11)

ARG SENTRY_RELEASE="local"

ENV SENTRY_RELEASE=$SENTRY_RELEASE

EXPOSE 5000

\# Override the maximum and initial heap sizes at runtime by setting the

\# JAVA_MAXHEAP and JAVA_STDHEAP environment variables.

\#

\# Other arbitrary Java command arguments can be specified free form

\# by setting the JAVA_XVAR environment variable.
ENV JAVA_TOOL_OPTIONS="-javaagent:newrelic/newrelic.jar -XX:+UseConcMarkSweepGC -Dfile.encoding=UTF-8"

HEALTHCHECK CMD curl --fail <http://localhost:5000/api/actuator/health> || exit 1

VOLUME /tmp


\# If there are ever more than one jar produced and available in build/libs

\# then this directive will create a directory named `app.jar` in the

\# current working directory and copy all of the jar files into that

\# directory. If that becomes the case then change `*.jar` to the

\# name of the target jar file.
COPY build/libs/*.jar app.jar
COPY libs/newrelic ./newrelic

CMD ["/app.jar"]
rohit avatar
rohit

I am not sure this approach helps with hot deploys to docker container

johncblandii (Cloud Posse) avatar
johncblandii (Cloud Posse)

Man…I completely missed that part. LMBO

johncblandii (Cloud Posse) avatar
johncblandii (Cloud Posse)
04:57:47 PM

2020-02-18

Juan Soto avatar
Juan Soto

Hello!

Juan Soto avatar
Juan Soto

Anybody here with experience working with docker registry v2 api ? I need to delete an image from docker hub but I still get an error

Santiago Campuzano avatar
Santiago Campuzano

What is your issue ??

2020-02-17

dlrush avatar
dlrush

Looking for a workaround for the apparent half-baked support for remote docker hosts in docker-compose

We have remote host configured via DOCKER_HOST=<ssh://user>@server

docker CLI works fine. docker-compose cannot connect. I see 27 issues on docker-compose related which does not instill confidence. https://github.com/docker/compose/search?q=DOCKER_HOST+ssh+user&unscoped_q=DOCKER_HOST+ssh+user&type=Issues

What are the workarounds?

Also worth noting we’re using certificate/key auth not password.

docker/compose

Define and run multi-container applications with Docker - docker/compose

dlrush avatar
dlrush

UPDATE: Solved.

docker-compose is dead. Long ling docker stack …

https://vsupalov.com/difference-docker-compose-and-docker-stack/

The Difference Between Docker Compose And Docker Stack

Both seem to do the same thing, what do I have to know about them?

1
Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)

I haven’t dealt with this bug, but looks like some recent movement:

dlrush avatar
dlrush

Have you used docker-compose successfully with remote docker instances?

Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)

We run Docker compose as part of our pipelines inside of Codefresh

Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)

Codefresh takes care if that for us so we don’t have to manage the Docker swarm

dlrush avatar
dlrush

Right, so they may use tcp://.. connections rather than ssh://… where this may not be an issue.

dlrush avatar
dlrush

So far best options seems to establish a tunnel to the target prior to running the docker-compose commands.

Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)
docker-compose ssh exception: No authentication methods available · Issue #6655 · docker/compose

Description of the issue While I am trying to utilize ssh socket for deploying docker services with docker-compose, I find out the error in the console. When I deploy the docker services with docke…

    keyboard_arrow_up