Examples: Change Dockerfile ENTRYPOINT/CMD commands to exec format.#12889
Examples: Change Dockerfile ENTRYPOINT/CMD commands to exec format.#12889mattklein123 merged 6 commits intoenvoyproxy:masterfrom
Conversation
baremaximum
force-pushed
the
master
branch
2 times, most recently
from
b204c02 to
69fa7f8
Compare
|
@baremaximum thanks. Could you fix DCO? https://github.com/envoyproxy/envoy/blob/master/CONTRIBUTING.md#fixing-dco |
There was a problem hiding this comment.
Is this explicit "/bin/bash" required?
There was a problem hiding this comment.
Unfortunately it is. It appears that the CRLF obscures the shebang at the top of the script somehow. Without this explicit instruction, the container immediately exits with error 1 exec user process caused "no such file or directory", as opposed to error 127 when the ENTRYPOINT is in non-exec format.
I know it's ugly, but it works, and at no meaningful cost.
As an alternative, I could also rewrite the Dockerfiles and move the contents of the shell scripts into them. The scripts are only a couple lines long, and I don't really understand why they're there. A Dockerfile is ultimately a shell script wrapped in a bunch of additional features. It makes more sense to me if they actually contain the shell instructions they run, instead of containing references to their instructions.
There was a problem hiding this comment.
i think moving the scripts into the Dockerfiles would simplify things and make recipe more explicit. It would also remove the need to ADD and chmod these.
if you do go with execing i would consider using /bin/sh rather than bash as its more portable
|
cc. @phlax |
|
im thinking it would probably be best to land #12491 before refactoring the examples to ensure they dont break |
@baremaximum I don't think so. I think @lizan will review that PR and if that one is landed, then you can merge main. |
|
@baremaximum #12491 landed |
Several examples did not work on Windows due to the CRLF line endings breaking the entrypoint declarations specified in the Dockerfiles. This PR both fixes that issue, and brings the Dockerfiles more in line with recommended Dockerfile best practices by changing the entrypoint declarations to exec format for the affected examples. Signed-off-by: Charles Desbiens <therealcharlesdesbiens@gmail.com>
Signed-off-by: Charles Desbiens <therealcharlesdesbiens@gmail.com>
Signed-off-by: Charles Desbiens <therealcharlesdesbiens@gmail.com>
|
@phlax I made the changes to the CMD and ENDPOINTS. While I was at it I updated some docker-compose versions, just because why not? However, I didn't move all the scripts into the Dockerfile. In the end it causes problems because unix signals get passed from the envoy process to the flask process, causing an interrupt of some kind (at least that is what I think happens, not totally sure about that). Either way though, you can't have two ongoing running processes in a Dockerfile. You have to use a script to start 2 or more processes. This PR still fixes the CRLF issue though. |
|
@baremaximum im trying to clarify the problem i read this https://nickjanetakis.com/blog/fixing-exec-format-errors-with-docker-entrypoint-scripts-on-windows - and so i followed the suggested fix there - ie running switching from i guess my concern, apart from a little confusion, is if that this is breaking on windows, we want to ensure that it stays fixed - or that we can detect what would break. I guess it would be helpful to have the verify-examples run on windows too - i have no way to test this locally.
can you tell me which examples break specificallly ? |
|
i guess im also trying to figure if its a problem only locally - reading here https://willi.am/blog/2016/08/11/docker-for-windows-dealing-with-windows-line-endings/ - it suggests a cli flag to git when you checkout (see: "Cloning Git Projects With Unix Line Endings") |
| COPY ./front-envoy.yaml /etc/front-envoy.yaml | ||
| RUN chmod go+r /etc/front-envoy.yaml | ||
| CMD ["/usr/local/bin/envoy", "-c", "/etc/front-envoy.yaml", "--service-cluster", "front-proxy"] | ||
| CMD ["/usr/local/bin/envoy", "-c", "/etc/front-envoy.yaml", "--service-cluster", "front-proxy"] No newline at end of file |
There was a problem hiding this comment.
this should have a newline at the end
|
The affected examples are:
The shebang thing is a bit confusing to me as well. It's some issue arising from how docker deals with these commands. But I don't understand that process well enough to guess at what the issue might be. When I googled the error message I ended up on this stack overflow question which led me to the answer: If I go in to my editor and change the line endings of the .sh files manually to LF, the issue gets resolved. So it's, definitely the line endings causing the problem. While there is a flag to preserve line endings when cloning, it's easy to forget. I thought I had it set to always preserve line endings. I would argue that it's best to make the change to spare anybody else that happens to forget the headache of figuring out what might be going wrong. It's not totally immediately obvious. |
hmm - not easy to spot a pattern there also im noticing that the zipkin example fails, and your PR fixes it by switching after reading the stackoverflow article that you posted, i think i ~understand why the explicit
perhaps - im not a regular windows user, so im not sure whether this problem is a "misconfiguration" in setup, or whether most windows users would hit this problem following the docs etc. i would have no objections to adding the explicit shebang - this PR seems to do a bit more - ie switch cmds to exec format also - which is also not a bad thing, but is confusing the problem/fix |
|
@envoyproxy/windows-dev im wondering if the fix proposed here is necessary in the general case of windows users getting started with the examples |
|
The zipkin example is failing because it uses the services from the front-proxy example that were failing. The same thing is true for the jaeger examples. I made the changes in those examples mostly because it's recommended best practice to write CMD statements in this form. From the Dockerfile best practices:
https://docs.docker.com/develop/develop-images/dockerfile_best-practices/ However, in the case of this repo, these changes don't have any impact. |
| @@ -1,4 +1,4 @@ | |||
| version: '2' | |||
| version: '3.7' | |||
There was a problem hiding this comment.
can i suggest making this change in a separate PR
There was a problem hiding this comment.
@baremaximum - i think this is a good change - but we probs want to check other files etc - please do PR if you get chance
| - SERVICE_NAME=2 | ||
| expose: | ||
| - "8000" | ||
|
|
There was a problem hiding this comment.
also this - if its not necessary then i would separate out the change
There was a problem hiding this comment.
Oh that was an accident. That change shouldn't be in there. I'll take it out.
|
@baremaximum thanks for explanation - i see now can i suggest changing the title/description to reflect that it updates it would be good to get another opinion on adding the |
These examples are being run in Linux containers on Windows, which is not something the Regardless, it seems valuable to support cloning Envoy source code with different line endings regardless of development platform if the change fixes that If it is a priority for the project to support Linux development on Windows/Windows Subsystem for Linux to widen the potential developer pool, that sounds great, though we should be clear what we say when we mean Windows support etc. I don't know if we want to run the Linux examples on Windows in CI, I was hoping we end up building the equivalent Windows-native examples/containers etc. and run validation on those in CI |
lets keep them then
thanks for clarifying that |
baremaximum
changed the title
Signed-off-by: Charles Desbiens <therealcharlesdesbiens@gmail.com>
| - SERVICE_NAME=2 | ||
| expose: | ||
| - "8000" | ||
|
|
Signed-off-by: Charles Desbiens <therealcharlesdesbiens@gmail.com>
phlax
left a comment
phlax
left a comment
There was a problem hiding this comment.
thanks - looks good - one last newline needs to be added/back
| RUN chmod go+r -R /etc/envoy-config \ | ||
| && chmod go+rx /run_envoy.sh /etc/envoy-config /etc/envoy-config/* | ||
| CMD /run_envoy.sh | ||
| CMD ["/bin/sh", "/run_envoy.sh"] No newline at end of file |
There was a problem hiding this comment.
theres still a missing newline here
Signed-off-by: Charles Desbiens <therealcharlesdesbiens@gmail.com>
5 participants
Commit Message:
Examples: Fixes issue where some examples were not working on systems with CRLF line endings.
Additional Description:
Several examples did not work on Windows due to the CRLF line endings
breaking the entrypoint declarations specified in the Dockerfiles.
Affected containers would immediately exit with error 127 file not found.
This PR both fixes that issue, while at the same time bringing the Dockerfiles more in line
with recommended Dockerfile best practices by changing the
entrypoint declarations to exec format for the affected examples.
Fixes issue #7712.
Risk Level:
Low
Testing:
Manual. Ran docker-compose up --build on affected examples to see if they worked now.
Docs Changes: None
Release Notes: N/A
Issues: #7712