Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Can't run docker on OpenShift #1134

Open
DataOps7 opened this issue May 30, 2024 · 3 comments · May be fixed by #1499
Open

Can't run docker on OpenShift #1134

DataOps7 opened this issue May 30, 2024 · 3 comments · May be fixed by #1499
Assignees
@CorentinTh
Labels
bug Something isn't working triage

Comments

@DataOps7
Copy link

Describe the bug

Because the docker uses nginx, it's unable to run on OpenShift kubernetes.
To solve, we can use nginxinc/nginx-unprivileged as the Docker base image.

What happened?

Got permission denied when accessing /var/cache/nginx/client_temp

System information

not applicable

Where did you encounter the bug?

A self hosted
@DataOps7 DataOps7 added bug Something isn't working triage labels May 30, 2024
@Sevenlive
Copy link

Any information regarding it? I'm happy to contribute if we go this route.

@toastbrotch
Copy link

we struggled also but came up with that solution:

kind: Deployment
apiVersion: apps/v1
metadata:
  name: ittools
  labels:
    app: ittools
spec:
  strategy:
    type: Recreate
  replicas: 1
  selector:
    matchLabels:
      app: ittools
  template:
    metadata:
      labels:
        app: ittools
    spec:
      containers:
        - name: ittools
          imagePullPolicy: Always
          image: corentinth/it-tools:latest
          ports:
            - containerPort: 8080
              protocol: TCP
          volumeMounts:
          - name: nginxconf
            mountPath: /etc/nginx/conf.d/default.conf
            subPath: default.conf
            readOnly: true
          - name: nginxconf
            mountPath: /etc/nginx/nginx.conf
            subPath: nginx.conf
            readOnly: true
          - name: nginx-cache
            mountPath: /var/cache/nginx
          resources:
            limits:
              cpu: 1
              memory: 1Gi
            requests:
              cpu: 200m
              memory: 128Mi
          readinessProbe:
            httpGet:
              path: /favicon.ico
              port: 8080
              scheme: HTTP
            timeoutSeconds: 1
            periodSeconds: 10
            successThreshold: 1
            failureThreshold: 3
      volumes:
      - name: nginxconf
        configMap:
            name: nginxconf
      - name: nginx-cache
        emptyDir: {}
      restartPolicy: Always
---
kind: ConfigMap
apiVersion: v1
metadata:
  name: nginxconf
data:
  default.conf: |+
    server {
        listen 8080;
        server_name localhost;
        root /usr/share/nginx/html;
        index index.html;

        location / {
            try_files $uri $uri/ /index.html;
        }
    }

  nginx.conf: |+
    user  nginx;
    worker_processes  auto;

    error_log  /var/log/nginx/error.log notice;
    pid        /var/cache/nginx/nginx.pid;


    events {
        worker_connections  1024;
    }


    http {
        include       /etc/nginx/mime.types;
        default_type  application/octet-stream;

        log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                          '$status $body_bytes_sent "$http_referer" '
                          '"$http_user_agent" "$http_x_forwarded_for"';

        access_log  /var/log/nginx/access.log  main;

        sendfile        on;
        #tcp_nopush     on;

        keepalive_timeout  65;

        #gzip  on;

        include /etc/nginx/conf.d/*.conf;
    }

good luck

@ombre8 ombre8 linked a pull request Feb 14, 2025 that will close this issue
Open
@sharevb
Copy link
Contributor

sharevb commented Feb 23, 2025

Hi @toastbrotch, @Sevenlive, @DataOps7 , solution by @ombre8 implemented in my fork, if you arr interested in up to date version of it-tools, I made kind of a fork here : https://github.com/sharevb/it-tools (https://sharevb-it-tools.vercel.app/ and docker images https://github.com/sharevb/it-tools/pkgs/container/it-tools)

@sharevb sharevb mentioned this issue Feb 23, 2025
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@CorentinTh CorentinTh

Labels
bug Something isn't working triage
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

use nginx-unpriviledged ombre8/it-tools
5 participants
@toastbrotch @Sevenlive @CorentinTh @sharevb @DataOps7