Docker: Dockerfile oddities

I have been itching for a reason to create a project using docker. I wanted to get more hands on experience than the [well] documented tutorials from docker, because stuff always, always is left off. A few weeks ago I was asked to give a demo of Jboss Data Virtualization to some system integrators. Anybody familiar with JDV knows it is an extremely powerful tool with many use cases and almost immediately I’m thinking leveraging docker containers to isolate each use case. This would allow me to spin up these demos in a matter of seconds and don’t really have to worry about issues that always happen when running demos on host box.

Reason to use Docker…Check

Know how of Docker…ehhh Check

Use Cases… Check . It turns out Teiid, our community project of JDV has a slew of quickstarts that hit more or less all the use cases I would want to show and quite thoroughly documented. I start here trying to dockerize these quickstarts for the community.

Great! Things are going well and I’m working with our technical marketing team leveraging all their knowledge and minimizing the amount of rework.

Then, there is an oddity. Part of our instructions calls a script to configure the server, however the server needs to be running first before it can be configured. Clearly this is easy start the server then execute the script against the running server…

snippet of my project


RUN $DV_HOME/jboss-eap-6.1/bin/standalone.sh -c standalone.xml -b 0.0.0.0 -bmanagement 0.0.0.0 && \
$DV_HOME/jboss-eap-6.1/bin/jboss-cli.sh --connect --file=$DV_HOME/jboss-eap-6.1/teiidfiles/scripts/setup.cli

WRONG.

AFAIK, this will not work, Dockerfile layers (execution commands) are run in isolation and can’t have concurrent process running. Which kind of makes sense if there is unneeded complexity and whomever is pulling and building the image may be time and resource hog. But really who cares. Once the image is built its not like it has to be be built again and again once it is in your repository. Basically, due to this limitation I first need to run the server externally to create my custom server configurations then take that file and simply replace the current configurations.

Now it isn’t a big deal, but now instead of putting the burden on the container to do I now need to do an additional step of preparation, maintenance, documentation for this docker image.

With that said, once the image is built it is super nice to spin up a container on the fly and fast.

Advertisements

exportfs errors using a dir with encryptfs: Ubuntu

I’ve had quite the experience. As in my earlier posts I have recently started using Ubuntu because of some unforeseen support issues with Fedora 21, which is not end of world (I’m actually enjoying it). There are quarks here and there as I am going to explain.

On my fedora box I had nfs mount points exposed for my vm’s to read/write to so I can keep a homogeneous files system. NFS is really easy to set up… usually.

Well I started my adventure on Ubuntu by setting up the server and there are some minor differences between how Fedora does it and Ubuntu; somewhat annoying differences, but not insurmountable (e.g. trying to figure out which package to download).

Got past all that nonsense and set up my nfs server per these instructions (good stuff, thanks!). Then I set up my exports via


$ sudo cat /etc/exports

/home/jmarley/export/project/ 192.168.*(rw,fsid=0,nohide,insecure,no_subtree_check,no_root_squash,async)

Cool, now I should be able to export no problem.


$ sudo exportfs -av
exporting 192.168.*:/home/jmarley/export/project
exportfs: /home/jmarley/export/project does not support NFS export

If you see the error above, you’re probably trying to export an encrypted file system with nfs and it is not possible. Based on thisĀ  article and many others I read. I tested it by creating a new directory /exports/project and then copying my contents of /home/jmarley/export/project to said dir and everything was exported as expected.

Next I am going to decrypt my home directory and create a separate folder under my home for encrypted files, because for me it will be less work than trying to maintain my file system outside of my home directory.

Fortunately someone has already done the dirty work for me and this one too (Thanks!)

Soooo, after herculean effort I was able to get this to work. First off what they don’t tell is if your hard drive is large, it will take eons, because the system first decrypts all the files before putting them on the unencrytped drive. Then I ran into issues when I tried to move them back to my account and to do some shifty linux admin stuff as in creating a separate user then relabellings every file then removing my old user account then adding it back in then moving all the files in the appropriate areas then ensuring all my settings were migrated correctly…

I don’t recommend ^^^ . If I were to do it again, I think I would set up a separate directory and then move the directories I wanted to expose via nfs, even though I would break the homogeneity of my file system I could have saved a bunch of time and stress of having to reconfigure my OS (yet again).