Docker

Magento 2.4.x, Elastic Search 7.9.1 on Alpine Linux 3.12, jdk/bin/java: No such file or directory

While setting up a new local test environment specifically for Magento 2.4.x with Elastic Search on Alpine Linux ( Docker ) I had some problems with getting elastic search up and running.

# Use Alpine Linux
FROM alpine:3.12

# Other stuff

ENV ELASTICSEARCH_VERSION 7.9.1

RUN mkdir -p /opt/ && \
  cd /opt && \
  curl -Ls -O https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-$ELASTICSEARCH_VERSION-linux-x86_64.tar.gz && \
  tar -xvf elasticsearch-$ELASTICSEARCH_VERSION-linux-x86_64.tar.gz && \
  cd elasticsearch-$ELASTICSEARCH_VERSION/bin

# Use Alpine Linux

FROM alpine:3.12

# Other stuff

ENV ELASTICSEARCH_VERSION 7.9.1

RUN mkdir -p /opt/ && \

cd /opt && \

curl -Ls -O https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-$ELASTICSEARCH_VERSION-linux-x86_64.tar.gz && \

tar -xvf elasticsearch-$ELASTICSEARCH_VERSION-linux-x86_64.tar.gz && \

cd elasticsearch-$ELASTICSEARCH_VERSION/bin

The first issue I had was related to a missing home path of JAVA. Because of that, I wasn’t able to start Elastic Search at all.

bash-5.0# ./elasticsearch
./elasticsearch-env: line 77: /opt/elasticsearch-7.9.1/jdk/bin/java: No such file or directory

1 2	bash-5.0# ./elasticsearch ./elasticsearch-env: line 77: /opt/elasticsearch-7.9.1/jdk/bin/java: No such file or directory

I’ve fixed it by setting the missing path for JAVA_HOME which I have added later to my profile settings. https://stackoverflow.com/questions/35325856/where-to-set-system-default-environment-variables-in-alpine-linux

bash-5.0# which java
/usr/bin/java

1 2	bash-5.0# which java /usr/bin/java

export JAVA_HOME=/usr

1	export JAVA_HOME=/usr

The second issue was related to the JAVA version inside the docker container.

bash-5.0# ./elasticsearch
future versions of Elasticsearch will require Java 11; your Java version from [/usr/lib/jvm/java-1.8-openjdk/jre] does not meet this requirement

1 2	bash-5.0# ./elasticsearch future versions of Elasticsearch will require Java 11; your Java version from [/usr/lib/jvm/java-1.8-openjdk/jre] does not meet this requirement

Alpine Linux has the required version in the repository, which made it easy to install the missing package with apk.

bash-5.0# apk add openjdk11-jre
(1/2) Installing openjdk11-jre-headless (11.0.8_p10-r0)
(2/2) Installing openjdk11-jre (11.0.8_p10-r0)
Executing java-common-0.2-r0.trigger
OK: 649 MiB in 157 packages

bash-5.0# apk add openjdk11-jre

(1/2) Installing openjdk11-jre-headless (11.0.8_p10-r0)

(2/2) Installing openjdk11-jre (11.0.8_p10-r0)

Executing java-common-0.2-r0.trigger

OK: 649 MiB in 157 packages

GCE – Open Up Port 8025 in VPC for MailHog

If you want to use MailHog ( https://github.com/mailhog/MailHog ) on your Google Compute Engines (GCE) you probably have to create a new VPC firewall rule in your project. In this post, I will skip the installation and configuration part of MailHog with Supervisord, because there are so many different ways to set up MailHog.

# Mailhog
wget -q https://github.com/mailhog/MailHog/releases/download/v0.2.0/MailHog_linux_amd64 -O /usr/local/bin/mailhog && chmod a+x /usr/local/bin/mailhog
wget -q https://github.com/mailhog/mhsendmail/releases/download/v0.2.0/mhsendmail_linux_amd64 -O /usr/local/bin/mhsendmail && chmod a+x /usr/local/bin/mhsendmail

# Mailhog

wget -q https://github.com/mailhog/MailHog/releases/download/v0.2.0/MailHog_linux_amd64 -O /usr/local/bin/mailhog && chmod a+x /usr/local/bin/mailhog

wget -q https://github.com/mailhog/mhsendmail/releases/download/v0.2.0/mhsendmail_linux_amd64 -O /usr/local/bin/mhsendmail && chmod a+x /usr/local/bin/mhsendmail

By default, the MailHog interface is running on port 8025.

Once the MailHog process is up and running, you probably won’t be able to access your server on port 8025. This is because those ports are not defined in VPC. In order to get access from outside, you must create a new firewall rule in your GCE project. This can be done in the Google console or simply via the command-line. Here is how I created a new rule ” custom-allow-mailhog ” for port 8025.

gcloud compute firewall-rules create custom-allow-mailhog --allow tcp:8025 --priority=65534 --description="Mailhog on port 8025" --direction=INGRESS
Creating firewall...⠶Created [https://www.googleapis.com/compute/v1/projects/tobiasforkel/global/firewalls/custom-allow-mailhog].            
Creating firewall...done.                                                                                                                
NAME                  NETWORK  DIRECTION  PRIORITY  ALLOW     DENY  DISABLED
custom-allow-mailhog  default  INGRESS    65534     tcp:8025        False

gcloud compute firewall-rules create custom-allow-mailhog --allow tcp:8025 --priority=65534 --description="Mailhog on port 8025" --direction=INGRESS

Creating firewall...⠶Created [https://www.googleapis.com/compute/v1/projects/tobiasforkel/global/firewalls/custom-allow-mailhog].

Creating firewall...done.

NAME NETWORK DIRECTION PRIORITY ALLOW DENY DISABLED

custom-allow-mailhog default INGRESS 65534 tcp:8025 False

Once the rule has been created, you should be able to open the interface of MailHog.

GCE – SSH Directly Into Your Docker Container

In this article, I am going to change the SSH port from 22 to 52241 and create a new firewall rule in VPC. Please do your own research and make sure you understand the impact, especially on a production environment.

When you deploy a new docker container on GCE, you can SSH into the host machine ( VM ). This is simply because the IP address is pointing to the host machine. But what about the docker container that runs on it? In this case, you must use docker exec or the gcloud command-line tool in order to get access to the container, which can be pretty time consuming over time.

docker exec -ti {docker-container} bash

1	docker exec -ti {docker-container} bash

I am working on a project where I need direct access to my alpine docker container on port 22 or any other port. As you can see in the below output, no ports are exposed for my container.

CONTAINER ID        IMAGE                                                                COMMAND                  CREATED             STATUS              PORTS               NAMES
36a7b16b17dc        gcr.io/tobiasforkel/magento2:latest                                   "/usr/bin/supervisor…"   15 minutes ago      Up 15 minutes                           klt-tobiasforkel-2-kwkm
4597512dd812        gcr.io/stackdriver-agents/stackdriver-logging-agent:0.2-1.5.33-1-1   "/entrypoint.sh /usr…"   16 minutes ago      Up 16 minutes                           stackdriver-logging-agent

CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES

36a7b16b17dc gcr.io/tobiasforkel/magento2:latest "/usr/bin/supervisor…" 15 minutes ago Up 15 minutes klt-tobiasforkel-2-kwkm

4597512dd812 gcr.io/stackdriver-agents/stackdriver-logging-agent:0.2-1.5.33-1-1 "/entrypoint.sh /usr…" 16 minutes ago Up 16 minutes stackdriver-logging-agent

This is mainly because the docker container shares the network with the host. Source

Containerized VMs launch containers with the network set to host mode. A container shares the host network stack, and all interfaces from the host are available to the container.

This is very convenient because it allows you to access your docker container from pretty much any port. However, only a few ports are actually open and configured in the VPC Network > Firewall settings for security reasons. For the SSH connection I decided to open a custom port 52241. You can do this in your GCP Console under VPC Network > Firewall or with the following gcloud command-line tool.

gcloud compute firewall-rules create custom-allow-ssh --allow tcp:52241 --priority=65534 --description="Allow SSH connections on port 52241" --direction=INGRESS

1	gcloud compute firewall-rules create custom-allow-ssh --allow tcp:52241 --priority=65534 --description="Allow SSH connections on port 52241" --direction=INGRESS

gcloud compute firewall-rules create custom-allow-ssh --allow tcp:52241 --priority=65534 --description="Allow SSH connections on port 52241" --direction=INGRESS
Creating firewall...⠹Created [https://www.googleapis.com/compute/v1/projects/tobiasforkel/global/firewalls/custom-allow-ssh].
Creating firewall...done.                                                                        
NAME              NETWORK  DIRECTION  PRIORITY  ALLOW      DENY  DISABLED
custom-allow-ssh  default  INGRESS    65534     tcp:52241        False

gcloud compute firewall-rules create custom-allow-ssh --allow tcp:52241 --priority=65534 --description="Allow SSH connections on port 52241" --direction=INGRESS

Creating firewall...⠹Created [https://www.googleapis.com/compute/v1/projects/tobiasforkel/global/firewalls/custom-allow-ssh].

Creating firewall...done.

NAME NETWORK DIRECTION PRIORITY ALLOW DENY DISABLED

custom-allow-ssh default INGRESS 65534 tcp:52241 False

Once completed, here is how the new firewall rule looks like in the console. If you scroll down, you will also see all affected instances.

Before you can SSH into your container on port 52241 you must change the port in the sshd configuration /etc/ssh/sshd_config within your container or container image. Not on the VM.

Port 52241
PermitRootLogin no
PermitEmptyPasswords no
ChallengeResponseAuthentication no
PrintMotd yes
AcceptEnv LANG LC_*

Port 52241

PermitRootLogin no

PermitEmptyPasswords no

ChallengeResponseAuthentication no

PrintMotd yes

AcceptEnv LANG LC_*

You may have to restart your ssh service before you can use the new port. Once this is done, you can SSH into your docker container.

ssh tobias@34.73.237.216 -p 52241
tobias@34.73.237.216's password: 
Welcome to Alpine!

The Alpine Wiki contains a large amount of how-to guides and general
information about administrating Alpine systems.
See <http://wiki.alpinelinux.org/>.

You can setup the system with the command: setup-alpine

You may change this message by editing /etc/motd.

ssh tobias@34.73.237.216 -p 52241

tobias@34.73.237.216's password:

Welcome to Alpine!

The Alpine Wiki contains a large amount of how-to guides and general

information about administrating Alpine systems.

See <http://wiki.alpinelinux.org/>.

You can setup the system with the command: setup-alpine

You may change this message by editing /etc/motd.

AWS – ECS Keeps Recreating Docker Container

Today was a strange day. I’ve launched a new version of my docker image within an ECS cluster, which usually worked fine. However, today my container always got recreated every 5 minutes for no reason.

The new docker image that I have pushed to the repository had no significant changes, except a redirect from non-SSL ( 80 ) to SSL ( 443 ) for all loaded virtual hosts. So, when I had a look at the processes, everything looked fine. There was nothing that could put the container into an unhealthy status.

PID   USER     TIME  COMMAND
    1 root      0:02 {supervisord} /usr/bin/python2 /usr/bin/supervisord -c /etc/supervisord.conf
    8 root      0:00 nginx: master process /usr/sbin/nginx -g daemon off;
    9 root      0:00 {mysqld.sh} /bin/sh /scripts/mysqld.sh
   10 root      0:00 /usr/sbin/crond -f
   13 nginx     0:13 nginx: worker process
   35 root      0:00 {php-fpm7.1} php-fpm: master process (/etc/php/7.1/php-fpm.conf)
   90 root      0:00 {mysqld_safe} /bin/sh /usr/bin/mysqld_safe --datadir=/var/lib/mysql
  288 mysql     0:08 /usr/bin/mysqld --basedir=/usr --datadir=/var/lib/mysql --plugin-dir=/usr/lib/mariadb/plugin --user=mysql --log-error=/var/lib/mysql/f817894c1752.err --pid-file=f817894c1752.pid --socket=/var/run/my
 3620 www-data  0:06 {php-fpm7.1} php-fpm: pool www
 3621 www-data  0:05 {php-fpm7.1} php-fpm: pool www
 3668 www-data  0:02 {php-fpm7.1} php-fpm: pool www
 3795 root      0:00 bash
 3807 root      0:00 ps aux

PID USER TIME COMMAND

1 root 0:02 {supervisord} /usr/bin/python2 /usr/bin/supervisord -c /etc/supervisord.conf

8 root 0:00 nginx: master process /usr/sbin/nginx -g daemon off;

9 root 0:00 {mysqld.sh} /bin/sh /scripts/mysqld.sh

10 root 0:00 /usr/sbin/crond -f

13 nginx 0:13 nginx: worker process

35 root 0:00 {php-fpm7.1} php-fpm: master process (/etc/php/7.1/php-fpm.conf)

90 root 0:00 {mysqld_safe} /bin/sh /usr/bin/mysqld_safe --datadir=/var/lib/mysql

288 mysql 0:08 /usr/bin/mysqld --basedir=/usr --datadir=/var/lib/mysql --plugin-dir=/usr/lib/mariadb/plugin --user=mysql --log-error=/var/lib/mysql/f817894c1752.err --pid-file=f817894c1752.pid --socket=/var/run/my

3620 www-data 0:06 {php-fpm7.1} php-fpm: pool www

3621 www-data 0:05 {php-fpm7.1} php-fpm: pool www

3668 www-data 0:02 {php-fpm7.1} php-fpm: pool www

3795 root 0:00 bash

3807 root 0:00 ps aux

Even the log output of the docker container didn’t show any error. After a little bit of research, I ended up on the following AWS developer guide page https://docs.aws.amazon.com/AmazonECS/latest/developerguide/update-service.html

When the service scheduler replaces a task during an update, the service first removes the task from the load balancer (if used) and waits for the connections to drain. Then, the equivalent of docker stop is issued to the containers running in the task. This results in a SIGTERM signal and a 30-second timeout, after which SIGKILL is sent and the containers are forcibly stopped. If the container handles the SIGTERM signal gracefully and exits within 30 seconds from receiving it, no SIGKILL signal is sent. The service scheduler starts and stops tasks as defined by your minimum healthy percent and maximum percent settings.

When the service scheduler replaces a task during an update, the service first removes the task from the load balancer (if used) and waits for the connections to drain. Then, the equivalent of docker stop is issued to the containers running in the task. This results in a SIGTERM signal and a 30-second timeout, after which SIGKILL is sent and the containers are forcibly stopped. If the container handles the SIGTERM signal gracefully and exits within 30 seconds from receiving it, no SIGKILL signal is sent. The service scheduler starts and stops tasks as defined by your minimum healthy percent and maximum percent settings.

It was not exactly what I was looking for, but it pretty much explained the problem I had. One of my colleagues said I should maybe have a look at the health checks of the load balancer.

Indeed, when I had a look at the settings in EC2 > Load Balancing > Target Groups > Health Checks the health check expected a success code 200 instead of 301 on port 80. Because of that, the container has been marked unhealthy every 5 minutes.

I hope this will point someone in the right direction.

Octopus – Couldn’t find a valid ICU package installed on the system

This morning I created a new ECS environment and tried to deploy a Laravel project on it.

   __|  __|  __|
   _|  (   \__ \   Amazon Linux 2 (ECS Optimized)
 ____|\___|____/

For documentation, visit http://aws.amazon.com/documentation/ecs
4 package(s) needed for security, out of 18 available

__| __| __|

_| ( \__ \ Amazon Linux 2 (ECS Optimized)

____|\___|____/

For documentation, visit http://aws.amazon.com/documentation/ecs

4 package(s) needed for security, out of 18 available

So far so good, until one of the deployment steps got stuck in Octopus because of the following error.

Process terminated. Couldn't find a valid ICU package installed on the system. Set the configuration flag System.Globalization.Invariant to true if you want to run with no globalization support.

1	Process terminated. Couldn't find a valid ICU package installed on the system. Set the configuration flag System.Globalization.Invariant to true if you want to run with no globalization support.

While looking for a solution, I’ve noticed that I forgot to install the package libicu on the new ECS machine that was required during the deployment process.

$ sudo yum install libicu
Loaded plugins: priorities, update-motd, upgrade-helper
Package libicu-50.2-4.amzn2.x86_64 already installed and latest version

$ sudo yum install libicu

Loaded plugins: priorities, update-motd, upgrade-helper

Package libicu-50.2-4.amzn2.x86_64 already installed and latest version

After installing the missing package, I was able to deploy again without errors.

October CMS – How To Fix Broken Thumbnails

I recently started setting up a dockerized October CMS environment based on Alpine Linux, MariaDB and PHP-FPM which was actually a very straightforward process. However, for some reason the integrated image resizer didn’t create thumbnails of uploaded images.

Unfortunately there was nothing in the log files which could help me to identify the cause of the problem. After checking the file permissions, I decided to trace back the issue and found the reason in file vendor/october/rain/src/Database/Attach/Resizer.php.

The method getMimeType() returned always null, which broke the entire image manipulation process.

// Get the file extension
$this->extension = $file->guessExtension();
$this->mime = $file->getMimeType();

// Get the file extension

$this->extension = $file->guessExtension();

$this->mime = $file->getMimeType();

After a quick research I found out that getMimeType requires php_fileinfo which I simply forgot to set in my Dockerfile. After adding php7-fileinfo and rebuilding the container, the issue was finally fixed.

Notice: Use of undefined constant T_CURLY_OPEN – assumed ‘T_CURLY_OPEN’ in /var/www/src/setup/src/ Magento/Setup/Module/ Di/Code/Reader/FileClassScanner.php on line 72

Today I finally had some time to cleaned up my Dockerfile for Magento 2. I am using Alpine Linux for most of my Magento 2 projects which usually includes NGINX, PHP-FPM and MariaDB.

# Use Alpine Linux
FROM alpine:3.7

# Declare maintainer
MAINTAINER Tobias Forkel <tobias@forkel.me>

# Timezone
ENV TIMEZONE Australia/Melbourne

RUN addgroup -g 1000 www && \
    adduser -S www -G www -s /sbin/nologin -D

ADD https://repos.php.earth/alpine/phpearth.rsa.pub /etc/apk/keys/phpearth.rsa.pub
RUN echo "https://repos.php.earth/alpine/v3.7" >> /etc/apk/repositories

RUN apk --no-cache add \
    bash \
    git \
	openssl \
	nginx \
	supervisor \
	curl \
	mariadb \
	mariadb-client \
	libxml2-utils \
	php7.1-common \
	php7.1-fpm \
	php7.1-json \
....

# Use Alpine Linux

FROM alpine:3.7

# Declare maintainer

MAINTAINER Tobias Forkel <tobias@forkel.me>

# Timezone

ENV TIMEZONE Australia/Melbourne

RUN addgroup -g 1000 www && \

adduser -S www -G www -s /sbin/nologin -D

ADD https://repos.php.earth/alpine/phpearth.rsa.pub /etc/apk/keys/phpearth.rsa.pub

RUN echo "https://repos.php.earth/alpine/v3.7" >> /etc/apk/repositories

RUN apk --no-cache add \

bash \

git \

openssl \

nginx \

supervisor \

curl \

mariadb \

mariadb-client \

libxml2-utils \

php7.1-common \

php7.1-fpm \

php7.1-json \

....

While testing my updated Dockerfile I came across the following PHP notice which prevented the deployment scripts from finishing the Magento 2 setup.

Notice: Use of undefined constant T_CURLY_OPEN - assumed 'T_CURLY_OPEN' in /var/www/src/setup/src/Magento/Setup/Module/ Di/Code/Reader/FileClassScanner.php on line 72

1	Notice: Use of undefined constant T_CURLY_OPEN - assumed 'T_CURLY_OPEN' in /var/www/src/setup/src/Magento/Setup/Module/ Di/Code/Reader/FileClassScanner.php on line 72

The problem was simply a missing PHP extension php7.1-tokenizer which has resolved the issue after re-creating the container with –build.

docker-compose up -d --build

1	docker-compose up -d --build

PHP message: PHP Fatal error: Interface ‘SessionHandlerInterface’ not found in /var/www/src/vendor/ laravel/framework/src/Illuminate/Session/FileSessionHandler.php on line 10

Today I successfully installed my first October CMS project locally via composer / command line. The installation was pretty straightforward and worked surprisingly well on my Alpine Linux docker container which includes NGINX, PHP-FPM and MariaDB.

October.Demo
- v1.0.1:  First version of Demo
Seeded System 
Seeded Backend 
.=========================================.
                ,@@@@@@@,                  
        ,,,.   ,@@@@@@/@@,  .oo8888o.      
     ,&%%&%&&%,@@@@@/@@@@@@,8888\88/8o     
    ,%&\%&&%&&%,@@@\@@@/@@@88\88888/88'    
    %&&%&%&/%&&%@@\@@/ /@@@88888\88888'    
    %&&%/ %&%%&&@@\ V /@@' `88\8 `/88'     
    `&%\ ` /%&'    |.|        \ '|8'       
        |o|        | |         | |         
        |.|        | |         | |         
`========= INSTALLATION COMPLETE ========='

October.Demo

- v1.0.1: First version of Demo

Seeded System

Seeded Backend

.=========================================.

,@@@@@@@,

,,,. ,@@@@@@/@@, .oo8888o.

,&%%&%&&%,@@@@@/@@@@@@,8888\88/8o

,%&\%&&%&&%,@@@\@@@/@@@88\88888/88'

%&&%&%&/%&&%@@\@@/ /@@@88888\88888'

%&&%/ %&%%&&@@\ V /@@' `88\8 `/88'

`&%\ ` /%&' |.| \ '|8'

|o| | | | |

|.| | | | |

`========= INSTALLATION COMPLETE ========='

However, when I tried to open the front-end I got the following error.

PHP message: PHP Fatal error:  Interface 'SessionHandlerInterface' not found in /var/www/src/vendor/laravel/framework/src/Illuminate/Session/FileSessionHandler.php on line 10

1	PHP message: PHP Fatal error: Interface 'SessionHandlerInterface' not found in /var/www/src/vendor/laravel/framework/src/Illuminate/Session/FileSessionHandler.php on line 10

After a quick research I found the solution on Stackoverflow. I basically forgot to install the PHP extension php7-session inside my docker container. I manually installed the missing extension, but also updated my Dockerfile in case I have to rebuild my container.

bash-4.4# apk add php7-session
fetch http://dl-cdn.alpinelinux.org/alpine/v3.7/main/x86_64/APKINDEX.tar.gz
fetch http://dl-cdn.alpinelinux.org/alpine/v3.7/community/x86_64/APKINDEX.tar.gz
(1/1) Installing php7-session (7.1.33-r0)
OK: 291 MiB in 87 packages

bash-4.4# apk add php7-session

fetch http://dl-cdn.alpinelinux.org/alpine/v3.7/main/x86_64/APKINDEX.tar.gz

fetch http://dl-cdn.alpinelinux.org/alpine/v3.7/community/x86_64/APKINDEX.tar.gz

(1/1) Installing php7-session (7.1.33-r0)

OK: 291 MiB in 87 packages

After that I manually killed all PHP processes to make sure php-fpm loads the new extension with the next page reload.

pkill php

pkill php

Nginx Docker Container and getpwnam(“www-data”) problem

I am using nginx:1.10.1-alpine to run Nginx as a docker container. Today I have replaced the Nginx container and always got the status Restarting (1) Less than a second ago after starting the container.

CONTAINER ID        IMAGE                          COMMAND                  CREATED             STATUS                                  PORTS                         NAMES
aadc6336a026        docker_nginx                   "nginx -g 'daemon off"   10 minutes ago      Restarting (1) Less than a second ago   0.0.0.0:80->80/tcp, 443/tcp   nginx

1 2	CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES aadc6336a026 docker_nginx "nginx -g 'daemon off" 10 minutes ago Restarting (1) Less than a second ago 0.0.0.0:80->80/tcp, 443/tcp nginx

With the command docker logs nginx I got the following error logs.

2016/09/10 22:58:49 [emerg] 1#1: getpwnam("www-data") failed in /etc/nginx/nginx.conf:1
nginx: [emerg] getpwnam("www-data") failed in /etc/nginx/nginx.conf:1
2016/09/10 22:58:50 [emerg] 1#1: getpwnam("www-data") failed in /etc/nginx/nginx.conf:1
nginx: [emerg] getpwnam("www-data") failed in /etc/nginx/nginx.conf:1
2016/09/10 22:58:50 [emerg] 1#1: getpwnam("www-data") failed in /etc/nginx/nginx.conf:1
nginx: [emerg] getpwnam("www-data") failed in /etc/nginx/nginx.conf:1

2016/09/10 22:58:49 [emerg] 1#1: getpwnam("www-data") failed in /etc/nginx/nginx.conf:1

nginx: [emerg] getpwnam("www-data") failed in /etc/nginx/nginx.conf:1

2016/09/10 22:58:50 [emerg] 1#1: getpwnam("www-data") failed in /etc/nginx/nginx.conf:1

nginx: [emerg] getpwnam("www-data") failed in /etc/nginx/nginx.conf:1

2016/09/10 22:58:50 [emerg] 1#1: getpwnam("www-data") failed in /etc/nginx/nginx.conf:1

nginx: [emerg] getpwnam("www-data") failed in /etc/nginx/nginx.conf:1

The error message basically means that the user www-data which I have defined in /etc/nginx/nginx.conf doesn’t exists in /etc/passwd. That makes sense, because nginx:1.10.1-alpine comes with a minimal setup. I my case I need the user www-data for other linked php-fpm containers. To fix the problem I just added the missing user during the container build.

FROM nginx:1.10.1-alpine
RUN addgroup -g 1000 -S www-data \
 && adduser -u 1000 -D -S -G www-data www-data

FROM nginx:1.10.1-alpine

RUN addgroup -g 1000 -S www-data \

&& adduser -u 1000 -D -S -G www-data www-data

Voilà.

Building nginx
Step 1 : FROM nginx:1.10.1-alpine
 ---> c07e2bb859e2
Step 2 : RUN addgroup -g 1000 -S www-data         && adduser -u 1000 -D -S -G www-data www-data
 ---> Running in c1cd75c7dc52
 ---> 83528539d9c9
Removing intermediate container c1cd75c7dc52
Successfully built 83528539d9c9

Building nginx

Step 1 : FROM nginx:1.10.1-alpine

---> c07e2bb859e2

Step 2 : RUN addgroup -g 1000 -S www-data && adduser -u 1000 -D -S -G www-data www-data

---> Running in c1cd75c7dc52

---> 83528539d9c9

Removing intermediate container c1cd75c7dc52

Successfully built 83528539d9c9

Reload Nginx Inside Docker Container

I am using docker for Nginx which is running with multiple virtual hosts. Sometimes I have to reload my updated nginx configurations, but I don’t want restart the container each time. Here is how you can reload your nginx without any downtime and without interrupting any connections.

1. Find your container name

Use docker ps to find your nginx container.

2. Reload Nginx

With docker exec -it {container_name} {command} you can directly access your container and execute commands. In my case the name of the container is nginx-server.

$ docker exec -it nginx-server nginx -s reload
2016/08/18 09:52:38 [notice] 19#19: signal process started

1 2	$ docker exec -it nginx-server nginx -s reload 2016/08/18 09:52:38 [notice] 19#19: signal process started