LDAP on local domain with Mediawiki - mediawiki

Just got my MediaWiki running on a local domain (running as container on Synology nas). Now I want to configure so only domain users can access the Wiki and are automatically logged in.
This is for the sole purpose of tracking user name with page edits.
My local domain is abc.local and my domain controller is Windows Server 2008 R2.
I've done the following:
Installed extensions LDAPProvider, LDAPAuthentication2, and PluggableAuth.
Added the following to the bottom of my LocalSettings.php.
wfLoadExtension( 'PluggableAuth' );
$wgPluggableAuth_EnabledAutoLogin = true;
wfLoadExtension( 'LDAPAuthentication2' );
wfLoadExtension( 'LDAPProvider' );
$LDAPProviderDomainConfigProvider = function () {
$config = [
'LDAP' => [
'connection' => [
"server" => "abc.local",
"user" => "cn=Administrator,dc=abc,dc=local",
"pass" => 'passwordhere',
"options" => [
"LDAP_OPT_DEREF" => 1
],
"basedn" => "dc=abc,dc=local",
"groupbasedn" => "dc=abc,dc=local",
"userbasedn" => "dc=abc,dc=local",
"searchstring" => "uid=USER-NAME,dc=abc,dc=local",
"emailattribute" => "mail"
"usernameattribute" => "uid",
"realnameattribute" => "cn",
"searchattribute" => "uid",
]
]
];
return new \MediaWiki\Extension\LDAPProvider\DomainConfigProvider\InlinePHPArray( $config );
};
The pluggins are running:
When i go to the main page i'm not automatically logged in, so i try to log in with domain creds and get the following:
I'm pretty green here and not sure how to configure things. Any ideas?
thanks,
russ
EDIT: After adding $wgShowExceptionDetails = true; I'm getting the following error message:
EDIT2: Snip from phpinfo()
EDIT3: Started over with new containers in attempt to get php-ldap extension working and get around the ldap_connect() error.
Here are the steps I took with my last attempt:
REFERENCE: https://wiki.chairat.me/books/docker/page/how-to-setup-mediawiki-with-docker
Enable SSH service from control panel Terminal & SNMP and then open an SSH connection to the Synology box (using Putty). Login as box admin.
Run the following command to create a new docker container named mediawiki based on the latest mediawiki image:
sudo docker container run -d --name mediawiki -p 8080:80 mediawiki
Run the following command to create a new docker container named mediakwiki-mysql based on the latest MySQL image.
Replace <root_pwd> with desired MySQL root password:
sudo docker container run -d --name mediawiki-mysql -v mediawiki-mysql:/var/lib/mysql -e MYSQL_ROOT_PASSWORD=<root_pwd> mysql
Run the following 3 commands to create a docker network and then tie both images into it:
sudo docker network create mediawiki
sudo docker network connect mediawiki mediawiki
sudo docker network connect mediawiki mediawiki-mysql
REFERENCE: https://www.digitalocean.com/community/tutorials/how-to-install-linux-apache-mysql-php-lamp-stack-ubuntu-18-04#step-2-%E2%80%94-installing-mysql
Next, open a bash terminal in the mediawiki-mysql container and set the root plugin to mysql_native_password if necessary:
mysql -uroot -p<root_pwd> (this opens a MySQL prompt where <root_pwd> is what you set up in 3. without the <>)
SELECT user,authentication_string,plugin,host FROM mysql.user; (this lists user attributes)
ALTER USER 'root'#'localhost' IDENTIFIED WITH mysql_native_password BY 'password'; (password is the <root_pwd> set above too)
ALTER USER 'root'#'%' IDENTIFIED WITH mysql_native_password BY 'password';
Add a volume mapping in the mediawiki-mysql container so you can copy files to/from the container and a share you can access with File Station on the Synology.
Stop the container if it is running.
Right-click and select Edit, then click on Volume.
Click "Add Folder" and select the shared volume you will use.
For "Mount path" put /var/lib/mysql
Start the container.
REFERENCE: https://computingforgeeks.com/how-to-install-php-7-3-on-debian-9-debian-8/
Add php-ldap extension to the mediawiki container if you want to enable LDAP authentication (e.g. if you have domain with active directory etc.). Open a bash terminal in the mediawiki container:
php -m (this will list all of the active PHP modules - ldap is not listed if not installed yet)
php -v (this will show you what version of PHP you are running)
apt-get update
apt-get upgrade -y
apt-get install libldb-dev libldap2-dev
cd /usr/local/bin
docker-php-ext-install ldap (this takes a while)
php -m (this shows ldap in the list)
Setup the MediaWiki before going on to the LDAP extension stuff.
Open "http://XXX.XXX.XXX.XXX:8080/" in browser and configure.
Use "mediawiki-mysql" in place of "localhost" for mysql.
Put LocalSettings.php into the /usr/www/html folder.
REFERENCE: https://www.mediawiki.org/wiki/Special:ExtensionDistributor?extdistname=LDAPProvider&extdistversion=master
Install the LDAPProvider mediawiki extension needed to support LdapAuthentication2
wget "https://extdist.wmflabs.org/dist/extensions/LDAPProvider-master-04dc101.tar.gz"
tar -xzf LDAPProvider-master-04dc101.tar.gz -C /var/www/html/extensions
rm LDAPProvider-master-04dc101.tar.gz
add "wfLoadExtension( 'LDAPProvider' );" to the LocalSettings.php file.
run "php maintenance/update.php" to create the required databases (takes a few seconds).
wget "https://extdist.wmflabs.org/dist/extensions/PluggableAuth-REL1_34-17fb1ea.tar.gz"
tar -xzf PluggableAuth-REL1_34-17fb1ea.tar.gz -C /var/www/html/extensions
rm PluggableAuth-REL1_34-17fb1ea.tar.gz
add "wfLoadExtension( 'PluggableAuth' );" to the LocalSettings.php file.
wget "https://extdist.wmflabs.org/dist/extensions/LDAPAuthentication2-master-cb07184.tar.gz"
tar -xzf LDAPAuthentication2-master-cb07184.tar.gz -C /var/www/html/extensions
rm LDAPAuthentication2-master-cb07184.tar.gz
add "wfLoadExtension( 'LDAPAuthentication2' );" to the LocalSettings.php file.
copy in the LocalSettings.php file that has the LDAP configuration (item 2 in my original question above).

Based on the comments conversation and the additional step-by-step list above, here some thoughts:
Add php-ldap extension to the mediawiki container if you want to enable ldap authentication (e.g. if you have domain with active directory etc.). Open a bash terminal in the mediawiki container:
php -m (this will list all of the active PHP modules - ldap is not listed if not installed yet)
php -v (this will show you what version of PHP you are running)
apt-get update
apt-get upgrade -y
apt-get install libldb-dev libldap2-dev
cd /usr/local/bin
docker-php-ext-install ldap (this takes a while)
php -m (this shows ldap in the list)
I strongly doubt that this is working both at all and even if it would work, then I doubt it would work in a sustainable way. The problems with this "solution" are:
You're just changing the container state, not the image. Whenever the container is deleted, you've no easy way to reproduce the setup, except by doing all these manual steps again. That's not really what docker containers are about
You're "just" changing the php installation, that requires a restart of the php daemon or the apache daemon, if you're using apache. As you're not doing that, the php process handling your requests does not know about the new extension, whereas the php cli is perfectly fine showing you the ldap extension.
The solution, that will work with your problem, is to create your own image, based on the mediawiki:latest docker image. In this you can then add all the required libraries and use this image instead of the base one. Here're the steps you need to do to achieve that:
Create a new directory on your host where you're running docker as well
Create a Dockerfile in this directory on your host: This file is a set of instructions for docker to know how to build the image.
Fill it with this contents:
# inherit from the official mediawiki image
FROM mediawiki:latest
# Install the required libraries for adding the ldap extension for php
RUN apt-get update && \
apt-get install -y libldb-dev libldap2-dev && \
rm -rf /var/lib/apt/lists/*
RUN docker-php-ext-install ldap
Build the image with docker by navigating into the directory and run this command:
docker build -t mediawiki:local . The -t creates a tag for the resulting image so that you can use this meaningful name instead of the checksum of the image. You can, however, choose whatever name and tag you want.
Run the container with this new image:
docker run -v /path/to/LocalSettings.php:/var/www/html/LocalSettings.php -p 8080:80 --rm=true -d mediawiki:local. The command may be different from what you use, the important bit is the new image name, which is mediawiki:local or whatever tag you used in the build step before.
The resulting container has the ldap plugin installed and it can also be used from the php daemon which handles incoming requests.
Some remarks to your subsequent setup: If I understand it correctly, you're also installing extensions in the container itself, as well, by using a shell in the container and downaloding the extension. This is also not the best idea of doing, as, as I said already, when you recreate the container (which shouldbe possible always and you shouldn't think about that), the extensions are deleted as well. You should inject the extensions directory as a volume to the container and save the extensions on your hosts disk. Or, as an alternative, you can install the MediaWiki extension in the Dockerfile where you install the ldap php extension as well.

Related

How to use external files as arguments in Docker images [duplicate]

I am trying to mount a host directory into a Docker container so that any updates done on the host is reflected into the Docker containers.
Where am I doing something wrong. Here is what I did:
kishore$ cat Dockerfile
FROM ubuntu:trusty
RUN apt-get update
RUN apt-get -y install git curl vim
CMD ["/bin/bash"]
WORKDIR /test_container
VOLUME ["/test_container"]
kishore$ tree
.
├── Dockerfile
└── main_folder
├── tfile1.txt
├── tfile2.txt
├── tfile3.txt
└── tfile4.txt
1 directory, 5 files
kishore$ pwd
/Users/kishore/tdock
kishore$ docker build --tag=k3_s3:latest .
Uploading context 7.168 kB
Uploading context
Step 0 : FROM ubuntu:trusty
---> 99ec81b80c55
Step 1 : RUN apt-get update
---> Using cache
---> 1c7282005040
Step 2 : RUN apt-get -y install git curl vim
---> Using cache
---> aed48634e300
Step 3 : CMD ["/bin/bash"]
---> Running in d081b576878d
---> 65db8df48595
Step 4 : WORKDIR /test_container
---> Running in 5b8d2ccd719d
---> 250369b30e1f
Step 5 : VOLUME ["/test_container"]
---> Running in 72ca332d9809
---> 163deb2b1bc5
Successfully built 163deb2b1bc5
Removing intermediate container b8bfcb071441
Removing intermediate container d081b576878d
Removing intermediate container 5b8d2ccd719d
Removing intermediate container 72ca332d9809
kishore$ docker run -d -v /Users/kishore/main_folder:/test_container k3_s3:latest
c9f9a7e09c54ee1c2cc966f15c963b4af320b5203b8c46689033c1ab8872a0eakishore$ docker run -i -t k3_s3:latest /bin/bash
root#0f17e2313a46:/test_container# ls -al
total 8
drwx------ 2 root root 4096 Apr 29 05:15 .
drwxr-xr-x 66 root root 4096 Apr 29 05:15 ..
root#0f17e2313a46:/test_container# exit
exitkishore$ docker -v
Docker version 0.9.1, build 867b2a9
I don't know how to check boot2docker version
Questions, issues facing:
How do I need to link the main_folder to the test_container folder present inside the docker container?
I need to make this automatically. How do I to do that without really using the run -d -v command?
What happens if the boot2docker crashes? Where are the Docker files stored (apart from Dockerfile)?
There are a couple ways you can do this. The simplest way to do so is to use the dockerfile ADD command like so:
ADD . /path/inside/docker/container
However, any changes made to this directory on the host after building the dockerfile will not show up in the container. This is because when building a container, docker compresses the directory into a .tar and uploads that context into the container permanently.
The second way to do this is the way you attempted, which is to mount a volume. Due to trying to be as portable as possible you cannot map a host directory to a docker container directory within a dockerfile, because the host directory can change depending on which machine you are running on. To map a host directory to a docker container directory you need to use the -v flag when using docker run, e.g.,:
# Run a container using the `alpine` image, mount the `/tmp`
# directory from your host into the `/container/directory`
# directory in your container, and run the `ls` command to
# show the contents of that directory.
docker run \
-v /tmp:/container/directory \
alpine \
ls /container/directory
The user of this question was using Docker version 0.9.1, build 867b2a9, I will give you an answer for docker version >= 17.06.
What you want, keep local directory synchronized within container directory, is accomplished by mounting the volume with type bind. This will bind the source (your system) and the target (at the docker container) directories. It's almost the same as mounting a directory on linux.
According to Docker documentation, the appropriate command to mount is now mount instead of -v. Here's its documentation:
--mount: Consists of multiple key-value pairs, separated by commas. Each key/value pair takes the form of a <key>=<value> tuple. The --mount syntax is more verbose than -v or --volume, but the order of the keys is not significant, and the value of the flag is easier to understand.
The type of the mount, which can be bind, volume, or tmpfs. (We are going to use bind)
The source of the mount. For bind mounts, this is the path to the file or directory on the Docker daemon host. May be specified as source or src.
The destination takes as its value the path where the file or directory will be mounted in the container. May be specified as destination, dst, or target.
So, to mount the the current directory (source) with /test_container (target) we are going to use:
docker run -it --mount src="$(pwd)",target=/test_container,type=bind k3_s3
If these mount parameters have spaces you must put quotes around them. When I know they don't, I would use `pwd` instead:
docker run -it --mount src=`pwd`,target=/test_container,type=bind k3_s3
You will also have to deal with file permission, see this article.
you can use -v option from cli, this facility is not available via Dockerfile
docker run -t -i -v <host_dir>:<container_dir> ubuntu /bin/bash
where host_dir is the directory from host which you want to mount.
you don't need to worry about directory of container if it doesn't exist docker will create it.
If you do any changes in host_dir from host machine (under root privilege) it will be visible to container and vice versa.
2 successive mounts:
I guess many posts here might be using two boot2docker, the reason you don't see anything is that you are mounting a directory from boot2docker, not from your host.
You basically need 2 successive mounts:
the first one to mount a directory from your host to your system
the second to mount the new directory from boot2docker to your container like this:
1) Mount local system on boot2docker
sudo mount -t vboxsf hostfolder /boot2dockerfolder
2) Mount boot2docker file on linux container
docker run -v /boot2dockerfolder:/root/containerfolder -i -t imagename
Then when you ls inside the containerfolder you will see the content of your hostfolder.
Is it possible that you use docker on OS X via boot2docker or something similar.
I've made the same experience - the command is correct but nothing (sensible) is mounted in the container, anyway.
As it turns out - it's already explained in the docker documentation. When you type docker run -v /var/logs/on/host:/var/logs/in/container ... then /var/logs/on/host is actually mapped from the boot2docker VM-image, not your Mac.
You'll have to pipe the shared folder through your VM to your actual host (the Mac in my case).
For those who wants to mount a folder in current directory:
docker run -d --name some-container -v ${PWD}/folder:/var/folder ubuntu
I'm just experimenting with getting my SailsJS app running inside a Docker container to keep my physical machine clean.
I'm using the following command to mount my SailsJS/NodeJS application under /app:
cd my_source_code_folder
docker run -it -p 1337:1337 -v $(pwd):/app my_docker/image_with_nodejs_etc
[UPDATE] As of ~June 2017, Docker for Mac takes care of all the annoying parts of this where you have to mess with VirtualBox. It lets you map basically everything on your local host using the /private prefix. More info here. [/UPDATE]
All the current answers talk about Boot2docker. Since that's now deprecated in favor of docker-machine, this works for docker-machine:
First, ssh into the docker-machine vm and create the folder we'll be mapping to:
docker-machine ssh $MACHINE_NAME "sudo mkdir -p \"$VOL_DIR\""
Now share the folder to VirtualBox:
WORKDIR=$(basename "$VOL_DIR")
vboxmanage sharedfolder add "$MACHINE_NAME" --name "$WORKDIR" --hostpath "$VOL_DIR" --transient
Finally, ssh into the docker-machine again and mount the folder we just shared:
docker-machine ssh $MACHINE_NAME "sudo mount -t vboxsf -o uid=\"$U\",gid=\"$G\" \"$WORKDIR\" \"$VOL_DIR\""
Note: for UID and GID you can basically use whatever integers as long as they're not already taken.
This is tested as of docker-machine 0.4.1 and docker 1.8.3 on OS X El Capitan.
Using command-line :
docker run -it --name <WHATEVER> -p <LOCAL_PORT>:<CONTAINER_PORT> -v <LOCAL_PATH>:<CONTAINER_PATH> -d <IMAGE>:<TAG>
Using docker-compose.yaml :
version: '2'
services:
cms:
image: <IMAGE>:<TAG>
ports:
- <LOCAL_PORT>:<CONTAINER_PORT>
volumes:
- <LOCAL_PATH>:<CONTAINER_PATH>
Assume :
IMAGE: k3_s3
TAG: latest
LOCAL_PORT: 8080
CONTAINER_PORT: 8080
LOCAL_PATH: /volume-to-mount
CONTAINER_PATH: /mnt
Examples :
First create /volume-to-mount. (Skip if exist)
$ mkdir -p /volume-to-mount
docker-compose -f docker-compose.yaml up -d
version: '2'
services:
cms:
image: ghost-cms:latest
ports:
- 8080:8080
volumes:
- /volume-to-mount:/mnt
Verify your container :
docker exec -it CONTAINER_ID ls -la /mnt
docker run -v /host/directory:/container/directory -t IMAGE-NAME /bin/bash
docker run -v /root/shareData:/home/shareData -t kylemanna/openvpn /bin/bash
In my system I've corrected the answer from nhjk, it works flawless when you add the -t flag.
On Mac OS, to mount a folder /Users/<name>/projects/ on your mac at the root of your container:
docker run -it -v /Users/<name>/projects/:/projects <container_name> bash
ls /projects
If the host is windows 10 then instead of forward slash, use backward slash -
docker run -it -p 12001:80 -v c:\Users\C\Desktop\dockerStorage:/root/sketches
Make sure the host drive is shared (C in this case). In my case I got a prompt asking for share permission after running the command above.
For Windows 10 users, it is important to have the mount point inside the C:/Users/ directory. I tried for hours to get this to work. This post helped but it was not obvious at first as the solution for Windows 10 is a comment to an accepted answer. This is how I did it:
docker run -it -p 12001:80 -v //c/Users/C/Desktop/dockerStorage:/root/sketches \
<your-image-here> /bin/bash
Then to test it, you can do echo TEST > hostTest.txt inside your image. You should be able to see this new file in the local host folder at C:/Users/C/Desktop/dockerStorage/.
As of Docker 18-CE, you can use docker run -v /src/path:/container/path to do 2-way binding of a host folder.
There is a major catch here though if you're working with Windows 10/WSL and have Docker-CE for Windows as your host and then docker-ce client tools in WSL. WSL knows about the entire / filesystem while your Windows host only knows about your drives. Inside WSL, you can use /mnt/c/projectpath, but if you try to docker run -v ${PWD}:/projectpath, you will find in the host that /projectpath/ is empty because on the host /mnt means nothing.
If you work from /c/projectpath though and THEN do docker run -v ${PWD}:/projectpath and you WILL find that in the container, /projectpath will reflect /c/projectpath in realtime. There are no errors or any other ways to detect this issue other than seeing empty mounts inside your guest.
You must also be sure to "share the drive" in the Docker for Windows settings.
Jul 2015 update - boot2docker now supports direct mounting. You can use -v /var/logs/on/host:/var/logs/in/container directly from your Mac prompt, without double mounting
I've been having the same issue.
My command line looked like this:
docker run --rm -i --name $NAME -v `pwd`:/sources:z $NAME
The problem was with 'pwd'. So I changed that to $(pwd):
docker run --rm -i --name $NAME -v $(pwd):/sources:z $NAME
How do I link the main_folder to the test_container folder present inside the docker container?
Your command below is correct, unless your on a mac using boot2docker(depending on future updates) in which case you may find the folder empty. See mattes answer for a tutorial on correcting this.
docker run -d -v /Users/kishore/main_folder:/test_container k3_s3:latest
I need to make this run automatically, how to do that without really
using the run -d -v command.
You can't really get away from using these commands, they are intrinsic to the way docker works. You would be best off putting them into a shell script to save you writing them out repeatedly.
What happens if boot2docker crashes? Where are the docker files stored?
If you manage to use the -v arg and reference your host machine then the files will be safe on your host.
If you've used 'docker build -t myimage .' with a Dockerfile then your files will be baked into the image.
Your docker images, i believe, are stored in the boot2docker-vm. I found this out when my images disappeared when i delete the vm from VirtualBox. (Note, i don't know how Virtualbox works, so the images might be still hidden somewhere else, just not visible to docker).
Had the same problem. Found this in the docker documentation:
Note: The host directory is, by its nature, host-dependent. For this reason, you can’t mount a host directory from Dockerfile, the VOLUME instruction does not support passing a host-dir, because built images should be portable. A host directory wouldn’t be available on all potential hosts.
So, mounting a read/write host directory is only possible with the -v parameter in the docker run command, as the other answers point out correctly.
I found that any directory laying under system directive like /var, /usr, /etc could not be mount under the container.
The directive should be at user's space -v switch instructs docker daemon to mount local directory to the container, for example:
docker run -t -d -v /{local}/{path}:/{container}/{path} --name {container_name} {imagename}
Here's an example with a Windows path:
docker run -P -it --name organizr --mount src="/c/Users/MyUserName/AppData/Roaming/DockerConfigs/Organizr",dst=/config,type=bind organizrtools/organizr-v2:latest
As a side note, during all of this hair pulling, having to wrestle with figuring out, and retyping paths over and over and over again, I decided to whip up a small AutoHotkey script to convert a Windows path to a "Docker Windows" formatted path. This way all I have to do is copy any Windows path that I want to use as a mount point to the clipboard, press the "Apps Key" on the keyboard, and it'll format it into a path format that Docker appreciates.
For example:
Copy this to your clipboard:
C:\Users\My PC\AppData\Roaming\DockerConfigs\Organizr
press the Apps Key while the cursor is where you want it on the command-line, and it'll paste this there:
"/c/Users/My PC/AppData/Roaming/DockerConfigs/Organizr"
Saves a lot to time for me. Here it is for anyone else who may find it useful.
; --------------------------------------------------------------------------------------------------------------
;
; Docker Utility: Convert a Windows Formatted Path to a Docker Formatter Path
; Useful for (example) when mounting Windows volumes via the command-line.
;
; By: J. Scott Elblein
; Version: 1.0
; Date: 2/5/2019
;
; Usage: Cut or Copy the Windows formatted path to the clipboard, press the AppsKey on your keyboard
; (usually right next to the Windows Key), it'll format it into a 'docker path' and enter it
; into the active window. Easy example usage would be to copy your intended volume path via
; Explorer, place the cursor after the "-v" in your Docker command, press the Apps Key and
; then it'll place the formatted path onto the line for you.
;
; TODO:: I may or may not add anything to this depending on needs. Some ideas are:
;
; - Add a tray menu with the ability to do some things, like just replace the unformatted path
; on the clipboard with the formatted one rather than enter it automatically.
; - Add 'smarter' handling so the it first confirms that the clipboard text is even a path in
; the first place. (would need to be able to handle Win + Mac + Linux)
; - Add command-line handling so the script doesn't need to always be in the tray, you could
; just pass the Windows path to the script, have it format it, then paste and close.
; Also, could have it just check for a path on the clipboard upon script startup, if found
; do it's job, then exit the script.
; - Add an 'all-in-one' action, to copy the selected Windows path, and then output the result.
; - Whatever else comes to mind.
;
; --------------------------------------------------------------------------------------------------------------
#NoEnv
SendMode Input
SetWorkingDir %A_ScriptDir%
AppsKey::
; Create a new var, store the current clipboard contents (should be a Windows path)
NewStr := Clipboard
; Rip out the first 2 chars (should be a drive letter and colon) & convert the letter to lowercase
; NOTE: I could probably replace the following 3 lines with a regexreplace, but atm I'm lazy and in a rush.
tmpVar := SubStr(NewStr, 1, 2)
StringLower, tmpVar, tmpVar
; Replace the uppercase drive letter and colon with the lowercase drive letter and colon
NewStr := StrReplace(NewStr, SubStr(NewStr, 1, 2), tmpVar)
; Replace backslashes with forward slashes
NewStr := StrReplace(NewStr, "\", "/")
; Replace all colons with nothing
NewStr := StrReplace(NewStr, ":", "")
; Remove the last char if it's a trailing forward slash
NewStr := RegExReplace(NewStr, "/$")
; Append a leading forward slash if not already there
if RegExMatch(NewStr, "^/") == 0
NewStr := "/" . NewStr
; If there are any spaces in the path ... wrap in double quotes
if RegExMatch(NewStr, " ") > 0
NewStr := """" . NewStr . """"
; Send the result to the active window
SendInput % NewStr
To get this working in Windows 10 I had to open the Docker Settings window from the system tray and go to the Shared Drives section.
I then checked the box next to C. Docker asked for my desktop credentials to gain authorisation to write to my Users folder.
Then I ran the docker container following examples above and also the example on that settings page, attaching to /data in the container.
docker run -v c:/Users/<user.name>/Desktop/dockerStorage:/data -other -options
boot2docker together with VirtualBox Guest Additions
How to mount /Users into boot2docker
https://medium.com/boot2docker-lightweight-linux-for-docker/boot2docker-together-with-virtualbox-guest-additions-da1e3ab2465c
tl;dr Build your own custom boot2docker.iso with VirtualBox Guest
Additions (see link) or download
http://static.dockerfiles.io/boot2docker-v1.0.1-virtualbox-guest-additions-v4.3.12.iso
and save it to ~/.boot2docker/boot2docker.iso.
Note that in Windows you'll have to provide the absolute path.
Host: Windows 10
Container: Tensorflow Notebook
Below worked for me.
docker run -t -i -v D:/projects/:/home/chankeypathak/work -p 8888:8888 jupyter/tensorflow-notebook /bin/bash
i had same issues , i was trying to mount C:\Users\ folder on docker
this is how i did it Docker Toolbox command line
$ docker run -it --name <containername> -v /c/Users:/myVolData <imagename>
You can also do this with Portainer web application for a different visual experience.
First pull the Portainer image:
docker pull portainer/portainer
Then create a volume for Portainer:
docker volume create portainer_data
Also create a Portainer container:
docker run -d -p 8000:8000 -p 9000:9000 --name=portainer --restart=always -v /var/run/docker.sock:/var/run/docker.sock -v portainer_data:/data portainer/portainer
You will be able to access the web app with your browser at this URL: "http://localhost:9000". At the first login, you will be prompted to set your Portainer admin credentials.
In the web app, follow these menus and buttons: (Container > Add container > Fill settings > Deploy Container)
I had trouble to create a "mount" volume with Portainer and I realized I had to click "bind" when creating my container's volume. Below is an illustration of the volume binding settings that worked for my container creation with a mounted volume binded to the host.
P.S.: I'm using Docker 19.035 and Portainer 1.23.1
I had the same requirement to mount host directory from container and I used volume mount command. But during testing noticed that it's creating files inside container too but after some digging found that they are just symbolic links and actual file system used form host machine.
Quoting from the Official Website:
Make sure you don’t have any previous getting-started containers running.
Run the following command from the app directory.
x86-64 Mac or Linux device:
docker run -dp 3000:3000 \
-w /app -v "$(pwd):/app" \
node:12-alpine \
sh -c "yarn install && yarn run dev"
Windows (PowerShell):
docker run -dp 3000:3000 `
-w /app -v "$(pwd):/app" `
node:12-alpine `
sh -c "yarn install && yarn run dev"
Aple silicon Mac or another ARM64 device:
docker run -dp 3000:3000 \
-w /app -v "$(pwd):/app" \
node:12-alpine \
sh -c "apk add --no-cache python2 g++ make && yarn install && yarn run dev"
Explaining:
dp 3000:3000 - same as before. Run in detached (background) mode and create a port mapping
w /app - sets the “working directory” or the current directory that the command will run from
v "$(pwd):/app" - bind mount the current directory from the host into the /app directory in the container
node:12-alpine - the image to use.
Note that this is the base image for our app from the Dockerfile sh -c "yarn install && yarn run dev" - the command.
We’re starting a shell using sh (alpine doesn’t have bash) and running yarn install to install all dependencies and then running yarn run dev. If we look in the package.json, we’ll see that the dev script is starting nodemon.

How to install sudo and nano command in MySql docker image

I am trying to connect Django application with MySql docker container. I am using the latest version of MySql i.e MySql 8.0 to build a container. I was able to build the MySql container successfully but I am not able to connect it using Django's default MySql Connector. When I run the docker-compose up command I get the error mentioned below.
django.db.utils.OperationalError: (1045, 'Plugin caching_sha2_password could not be loaded: /usr/lib/x86_64-linux-gnu/mariadb19/plugin/caching_sha2_password.so: cannot open shared object file: No such file or directory')
I started looking for the solution and got to know that MySql has released a major change in its default authentication plugin which is not support by most of the MySql Connectors.
To fix this issue I will have to set the default-authentication-plugin to mysql_native_password in my.cnf file of MySql container.
I logged into container using command docker exec -it <conatiner id> /bin/bash and was also able to locate the my.cnf file inside the container.
To edit the my.cnf file I will have to use the nano command as stated below.
nano my.cnf
But unfortunately nano command is not installed in MySql Container. To install nano I will need sudo installed in container.
I tried installing sudo using below mentioned command but it did not work.
apt-get install sudo
error -
Reading package lists... Done
Building dependency tree
Reading state information... Done
What are the possible solutions to fix this issue.
In general you shouldn't try to directly edit files in containers. Those changes will get lost as soon as the container is stopped and deleted; this happens extremely routinely since many Docker options can only be set at startup time, and the standard way to update the software in a container is to recreate it with a newer image. In your case, you also can't live-edit a configuration file the main container process needs at startup time, because it will have already read the configuration file by the time you're able to edit it.
The right way to do this is to inject the modified configuration file at container startup time. If you haven't already, get the default configuration file out of the image
docker run --rm mysql:8 cat /etc/mysql/my.cnf > my.cnf
and edit it, directly, on your host, using your choice of text editor. When you launch the container, inject the modified file
docker run -v $PWD/my.cnf:/etc/mysql/my.cnf ... mysql:8
or, in Docker Compose,
volumes:
- ./my.cnf:/etc/mysql/my.cnf
The Docker Hub mysql image documentation has some more suggestions on ways to set this; see "Using a custom MySQL configuration file" there.
While docker exec is an extremely useful debugging tool, it shouldn't be part of your core workflow, and I'd recommend trying to avoid it in cases like this. (With the bind-mount approach, you can add the modified config file to your source control system and blindly docker-compose up like normal without knowing this detail; a docker exec approach you'd have to remember and repeat by hand every time you started the container stack.)
Also note that you don't need sudo in Docker at all. Every context where you can run something (Dockerfiles, docker run, docker exec) has some way to explicitly specify the user ID, so you can docker exec -u root .... sudo generally depends on things like users having passwords and interactive prompting, which works well for administering a real Linux host but doesn't match a typical Docker environment.
The issue is not with sudo because you've already permissions to install pacakegs.
You should instead update package manager before to install new packages in order to update package repositories:
RUN apt-get update
RUN apt-get install nano
Mysql build the image with oracle linux, run the commands to install nano:
microdnf update
microdnf install nano sudo -y
And edit the my.cnf with nano

registry URL and process for installing an external docker image on openshift online (v3)

I am using the Openshift Online platform. I am trying to build a custom docker image locally (on my mac) and push it to the registry of my project on Openshift online.
I am unable to do that. Can someone please advise what the registry URL should be?
I have tried using the following:
registry.starter-us-east-1.openshift.com
registry.access.redhat.com
The full command I am trying to use to login is below however I am not getting a response. The screen just waits.
docker login -u username -e any_email_address -p token_value registry_service_host:port
My intent, after completing above, is to then try and push the image that I have built locally.
Any advice on the above or else alternate approaches would be appreciated. Thank you.
For to discover Openshift Online URL registry, use the following steps bellow:
After you clicked "Copy Login Command" buttom, you copy oc login command;
Run oc login command in the terminal;
Afterwards login, run oc registry info in the terminal.
The registry is at --> registry.<cluster-id>.openshift.com.
For starter tier US East region, the cluster id is --> starter-us-east-1.
So, the registry can be found at --> registry.starter-us-east-1.openshift.com.
Once you know the docker registry endpoint, you can follow the instructions at:
https://docs.openshift.com/online/dev_guide/managing_images.html#accessing-the-internal-registry
to login and pull/push images from/to the registry.
In short, use:
docker login -u `oc whoami` -e `oc whoami` -p `oc whoami -t` \
https://registry.starter-us-east-1.openshift.com
For future reference, the details for accessing the registry will appear in the About page from the help drop down menu, albeit right now for Online that change hasn't managed to propogate into production, although already visible in newer versions of OpenShift.
The OpenShift internal registry is used internally by default to import images from external repositories. If you need to use it as a repository to pull and push images from your machine, you have to run the following command to allow the default route.
oc patch config.imageregistry cluster -n openshift-image-registry --type merge -p '{"spec": {"defaultRoute": true}}'
Then run
oc get route -n openshift-image-registry
to find the registry URL.
When pushing an image, use the following way to push it to the required project.
[URL]/[project]/[image]:[tag]
To login using docker or podman.
TOKEN = $(oc whoami -t)
podman login -u anything -p ${TOKEN} [URL]

dockerfile - Unable to connect error

So here's what i have to do: i need to set up some containers automatically using docker. One of them is liek this: Debian Squeeze with limited CPU shares and limited memory (1 cpu share and 512 mb memory),preinstalled apache2,build-essential,php5,mysql-server-5.5,openssh-server and with some ports opened (8000 for Apache and 1500 for MySQL). So i created the following dockerfile :
FROM debian:squeeze
MAINTAINER Name < email : >
# Update the repository sources list
RUN apt-get update
# Install apache, PHP, and supplimentary programs. curl and lynx-cur are for debugging the container.
RUN DEBIAN_FRONTEND=noninteractive apt-get -y install apache2 build-essential php5 mysql-server openssh-server libapache2-mod-php5 php5-mysql php5-gd php-pear php-apc php5-curl curl lynx-cur
# Enable apache mods.
RUN a2enmod php5
RUN a2enmod rewrite
# Manually set up the apache environment variables
ENV APACHE_RUN_USER www-data
ENV APACHE_RUN_GROUP www-data
ENV APACHE_LOG_DIR /var/log/apache2
ENV APACHE_LOCK_DIR /var/lock/apache2
ENV APACHE_PID_FILE /var/run/apache2.pid
EXPOSE 80
# Copy site into place.
ADD www /var/www/site
# Update the default apache site with the config we created.
ADD apache-config.conf /etc/apache2/sites-enabled/000-default.conf
# By default, simply start apache.
CMD /usr/sbin/apache2ctl -D FOREGROUND
#CMD [ "mysqladmin -u root password mysecretpasswordgoeshere"]
EXPOSE 3306
the content of apache-config.conf is this:
<VirtualHost *:80>
ServerAdmin me#mydomain.com
DocumentRoot /var/www/site
<Directory /var/www/site/>
Options Indexes FollowSymLinks MultiViews
AllowOverride All
Order deny,allow
Allow from all
</Directory>
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
and in www folder i put a php file with this code:
<?php
$connect=mysql_connect("localhost:1500","root","") or die("Unable to Connect");
?>
to test the connection to the mysql server
then
i build all this into an image like this:
sudo docker build --rm --tag="tag_name" .
and then i run the image like this
sudo docker run -c=1 -m="512m" --net=bridge -p 8000:80 -p 1500:3306 -d --name="container_name" tag_name
It seems to work,the apache server works when i access localhost:8000/site in my browser but is shows "Unable to connect". what am i doing wrong?
And another problem is that,the contaienr is running but i can't attach to it.I run this command
sudo docker attach CONTAINER_ID
and then nothing happens,can't do anythign else from there,What am i doing wrong?
I have to build few more dockerfiles similar to this to create containers.All those must be hosted on a ZFS file system and i have to configure a container repository of 50gb based on it,what does this mean and how do i do that?
I'm sorry for my english,it's not my native language :(
Thank you in advance
MySQL issue
in the PHP code
$connect=mysql_connect("localhost:1500","root","") or die("Unable to Connect");
localhost refers to the container IP address. Since there is no MySQL server running in that container the connection will fail.
In this gist, I've changed a bit your example to have the container start both MySQL and Apache (I assume this was your first intent) using the following instruction: CMD bash -c '(mysqld &); /usr/sbin/apache2ctl -D FOREGROUND' and changed the PHP code to connect to the MySQL server on localhost:3306.
Docker attach
The docker attach command is meant to allow you to interact with the process currently running in the foreground of a container. Unless that process is a shell, it won't provide you with a shell in that container.
Take this example:
Start a container running a shell process
docker run -it --rm base bash
You are now in interactive mode in your container and can play around with the shell running in the foreground in that container:
root#de8f16a13571:/# ls
bin boot dev etc home lib lib64 media mnt opt proc root run sbin selinux srv sys tmp usr var
if you now exit the shell by typing exit the shell process will end, and as that was the process running in the foreground in the container, that container will stop.
root#de8f16a13571:/# exit
exit
$ docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
Now start a new container named test running bash again:
docker run -it --name test base bash
verify you can interact with it and detach from it by hitting keys Ctrl+p+q. You end up back in the docker host shell.
verify that the container named test is still running:
$ docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
81f0f1094f4a base:latest "bash" 6 seconds ago Up 5 seconds test
You can then use the docker attach command to attach to the bash program in the container:
docker attach test
root#81f0f1094f4a:/# ls
bin boot dev etc home lib lib64 media mnt opt proc root run sbin selinux srv sys tmp usr var
ZSH
And regarding ZSH, I don't know what all that means either. Also note that having 3 questions at once makes it difficult for the community to come up with a single answer that would answer all 3 ; maybe consider posting a new question for those.
Please comment if my assumptions about how you run MySQL or what your intent is with docker attach are wrong.

How to install MySQL 5.5 using Source from non-root linux user?

I need a generic way to install MySQL 5.5 in almost any Linux OS from non-root User. Hence I thought to install MySQL from its source and install it where ever I need.
Is it really possible to install MySQL in non-root user home?
Anybody have any idea for this? Please do share your expertise for the same.
Major constraint here is that, I need to install MySQL 5.5 from any non-root User in a Generic way And possibly for almost any Linux OS.
Any suggestion would be appreciated.
Thanks.
CONCLUSION
I've tried with Ubuntu-11.10, finally I was able to install MySQL-5.5 from non-root user with the constraint that MySQL is not accessible from console/command prompt. As mysqld is up and running fine hence MySQL was easily accessible via any GUI tool which connects to MySQL via JDBC connectors. If you try to access mysql from command prompt using
mysql -u root -p
command it was giving segmentation fault problem. One more thing I tried for Fedora Linux also from Non-Root user, in that mysqld was failing and can't access mysql anyway :( .
You should customize this three variables:
MYSQL_DATADIR
SYSCONFDIR
CMAKE_INSTALL_PREFIX
Example:
$ cd <mysql_src_dir>
$ cmake -i .
Would you like to see advanced options? [No]:Yes
Please wait while cmake processes CMakeLists.txt files....
...
Variable Name: CMAKE_INSTALL_PREFIX
Description: install prefix
Current Value: /usr/local/mysql
New Value (Enter to keep current value): /home/user/mysql
...
Variable Name: MYSQL_DATADIR
Description: default MySQL data directory
Current Value: /usr/local/mysql/data
New Value (Enter to keep current value): /home/user/mysql/data
...
Variable Name: SYSCONFDIR
Description: config directory (for my.cnf)
Current Value: /usr/local/mysql/etc
New Value (Enter to keep current value): /home/user/mysql/etc
$ make
$ make install
Instead of cmake -i . you can use cmake -D MYSQL_DATADIR=/home/user/mysql/data -D SYSCONFDIR=/home/user/mysql/etc -D CMAKE_INSTALL_PREFIX=/home/user/mysql .
I imagine this should be possible but not necessarily easy to do. You would need to build from source and change the Makefile so that the install target points to the user's local directory; additionally, I would think that you'd need to mess around with other default configuration options in MySQL, which can also be changed from configuration files. In the end, you should be able to launch mysqld as long as you don't bind to any port below 1000 (which is the case anyway since MySQL runs by default on port 3306).