-
-
Notifications
You must be signed in to change notification settings - Fork 647
Make geerlingguy/drupal-vm Docker image easy to use for single-site installations #1366
Comments
For the first issue, with FPM not running on container start:
For some reason it's not set as |
Same thing inside a Vagrant/VirtualBox VM with the Debian 8 base box:
Testing on Ubuntu 16.04:
So it is enabled on Ubuntu 16.04. But not on Debian 8. Ah, systemd... I can't pin it on being the |
Not sure if you're still looking at this but I was curious to see what was done. In case you haven't seen it it looks to be that there's no entrypoint and the cmd is just bash. The systemd service isn't running since there's no entrypoint and the cmd is bash so you're just pretty much starting the process manually. |
@derimagia - In this image's case, the I'm working on that issue (which seems to not be exclusive to Drupal VM) over in geerlingguy/ansible-role-php#191 — Ansible's |
I see, I'm not used to those being flipped (shell being default, having to overwrite the process) but that's my fault for finding the compose. I know you're trying to do MVP now and if there's anything that needs to be done there let me know. Is running using systemd a permanent solution or was there a thought to eventually separate it out? |
Also making a note since I didn't see it above, there were logs in the docker file for when it was created, we should probably clean those up (php-fpm said it started 2-3 days before I started the container) |
@derimagia - Yeah, the intention right now is just to get Drupal VM 'tricked' into thinking a Docker container is a normal VM, using systemd or sysvinit to manage processes. At some point in the future, components of Drupal VM will be parceled out and put in separate containers—however, I am not planning on doing all of that until the point where the end-to-end UX of Docker gets nearer the UX of a tool like Vagrant—and without me building (and having to maintain) layers upon layers of all the shims needed to do it today. (For example, I'm not interested in building a UI like Kalabox, or shipping everything inside VirtualBox using Docker Machine. If I start using Docker for Drupal VM, by golly, I'm not going to wrap Docker inside even more layers of virtualization! For an example of one of the images I've started playing around with separately, see docker-image-solr. But note that I am still not following what I believe is the mainline/conventional container approach there, as I'm working to make the transitional state from full VMs to containers more sustainable (e.g. I don't want people building ugly-as-all-get-out shell scripts inside Dockerfiles inside other shell scripts to do basic configuration management). Hopefully |
Makes sense, a little disappointing but I understand not having time for it. I'll need to mess around with this. I know a lot of it is a bit different from what I've seen ansible being used for. One thing that would need to be done would be to move a lot of the configuration into the entrypoint as opposed to baked in, so the ansible scripts would essentially need to separate out the "installation" part and the "configuration" part. Although I'm not sure if docker will ever evolve into what you're looking for exactly. For better or worse Docker doesn't really have any tools to help provision / create docker images, it just gives you lower level tools for it. docker-compose helps if you already have the images provisioned obviously but that's about it. They leave it out to third parties to make these (Which makes sense from their perspective I think) but makes it harder for people to learn how to actually do things like this. I do agree docker's UX is to be desired. If you didn't see yet, https://github.com/moby/moby/releases/tag/v17.05.0-ce adds multi-build support which will definitely help with what you want. It's actually pretty neat. |
One way to solve the virtualhost issue could be to integrate with https://github.com/jwilder/nginx-proxy — it's still hackier than I'd like, though. Throwing an additional proxy in front of Apache (or potentially Nginx) is a recipe for pain, in terms of little things that could go wrong with the request routing from host to nginx to container (for things like bigpipe, varnish, streaming requests, etc.). |
Another possibility could be adding something like I just don't want to go too far down that route and diverge the Docker configuration setup from the Drupal VM proper configuration setup. |
Grr... that first issue might not yet be solved...
|
Not sure if this is a problem but to help simplify config the ansible provision for building the container there could be 2 (mental) types of configuration - the ones that are configurable by drupalvm and the ones which are not. It changes some of the values and the other ones are left alone (or slightly modified if need be). Then on the entrypoint it just runs the templater (e.g. gotpl) to replace the remaining values. |
Strangely, using the new |
Yeah, there's a big difference between
So for example you can't set an environment var in Same goes for running services. |
I think I might be hitting moby/moby#1916 :/ |
Hmm, honestly you shouldn't ever really need privilege in |
@derimagia a lot of things, like iptables configuration, requires certain privileges... if you're looking at Docker from the perspective of a crazy person who wants to make Docker work like a VM, then it's nice to be able to have privileged access :) I'm not saying that's a good thing, mind you (though I don't consider it as bad and evil as Docker purists would paint it)... just that it makes things work identically between a full fledged VM and a Docker container. There's a reason why that issue has been open for 4+ years and has ~300 comments—it's a #dockerWTF imo that you can do more with |
Having that would mess with portability, like you're doing right now. Running iptables goes past userspace and you're messing with things that expand it. Even if docker build supported the flag you would need to run it on each invocation of the container when running it, otherwise it wouldn't persist anyway. |
Somewhat... right now my solution is to disable the security/networking modifications Drupal VM would normally make, since it's assumed Docker will handle things like container networking. |
I just got my local test site running and happy during a Drupal meetup tonight, so at least there's that—just pushed a commit which gets FPM to actually be running on container start, yay! But this is definitely going to be 'experimental' for some time. It's a little clunky... but it's nice enough that I've already switched one of my other local sites from using Drupal VM with Vagrant to using a |
Also reading through https://www.vagrantup.com/docs/docker/configuration.html ... could be possible to make the bridge to native Docker easier with Vagrant to layer itself between things. I'll see if it could be simpler/easier to go that route (even though one would need both Docker and Vagrant in this scenario). |
I might want to split out into a separate issue the work of trying to use Docker + Vagrant, though... @thom8 what do you think? Since we're in the 'experimental' phase, I'm happy to work on a few different angles (but want to get it working with just Docker first, as a POC). |
Yeah probably a good idea to split that out, I'd like to get to a stage where Docker was a drop in replacement for vbox in the current stack so it can be enabled in existing config. But still think it would be best to get a Docker only solution stable then look at adding Vagrant support for backwards compatibility. It's also important for advanced use cases to make sure it all works standalone. |
For the last two items:
I'll leave them off for now, in order to get the already-working stuff 'shipped' in 4.5.0. I've been using the Docker setups described in the updated docs for a few of my sites locally the past couple weeks, and those two issues haven't been as big of annoyances as I thought they'd be, so I figure we can wait for others to highlight things that aren't working great or could be low-hanging fruit. |
Issue Type
Summary
In #1356, I built a base
drupal-vm
Docker image, and so far it does a lot of things nicely, but there are a few issues that prevent me from saying "yes, this is a good start". I want to fix those issues before I start actually advertising the base image / Docker image build functionality from #1356. Namely:php7.1-fpm
service is dead when youdocker-compose up
. (Workaround for now is to run:docker exec drupal-vm service php7.1-fpm restart
)drupalvm.dev
) is embedded in the image and isn't able to be changed unless you do anansible-provision
(really heavyweight), or log in and manually swap it out yourself./var/www/drupalvm/drupal/web
—kinda verbose).docker-compose.yml
file inside, then I ran commands X, Y, and Z and it was working...). I have it working with a couple of my small D8 sites right now, but it's a little janky.All in all, it performs pretty well so far. Maybe I could wrap a few shell scripts inside the container so users could use like
docker exec drupal-vm drush cr
or something like that (and then power users could alias thedocker exec drupal-vm
part for ease of use).The text was updated successfully, but these errors were encountered: