How to run gerrit cookbook inside docker containers?

Question

I'm running community gerrit cookbook in docker using chef-solo.

If I run the cookbook in a Dockerfile as a build step, it throws an error (check the log). But if I run the image and go inside the container and run the same command, it works fine.

Any idea what's going on? Its complaining about sudo, yet continues and creates symbolic link. 'target_mode = nil' should not be a problem since it complains about same thing when I run the command inside the container as well but works fine. It ends up complaining about init.d script which does not make sense.

chef-solo as a build step:

RUN chef-solo --log_level debug -c /resources/solo.rb -j /resources/node.json

Logs:

[ :08+01:00] INFO: Processing ruby_block[gerrit-init] action run (gerrit::default line 225)
sudo: sorry, you must have a tty to run sudo
[ :08+01:00] INFO: /opt/gerrit/war/gerrit-2.7.war exist....initailizing gerrit
[ :08+01:00] INFO: ruby_block[gerrit-init] called
[ :08+01:00] INFO: Processing link[/etc/init.d/gerrit] action create (gerrit::default line 240)
[ :08+01:00] DEBUG: link[/etc/init.d/gerrit] created symbolic link from /etc/init.d/gerrit -> /opt/gerrit/install/bin/gerrit.sh
[ :08+01:00] INFO: link[/etc/init.d/gerrit] created
[ :08+01:00] DEBUG: found target_mode == nil, so no mode was specified on resource, not managing mode
[ :08+01:00] DEBUG: found target_uid == nil, so no owner was specified on resource, not managing owner
[ :08+01:00] DEBUG: found target_gid == nil, so no group was specified on resource, not managing group
[ :08+01:00] INFO: Processing link[/etc/rc3.d/S90gerrit] action create (gerrit::default line 244)
[ :08+01:00] DEBUG: link[/etc/rc3.d/S90gerrit] created symbolic link from /etc/rc3.d/S90gerrit -> ../init.d/gerrit
[ :08+01:00] INFO: link[/etc/rc3.d/S90gerrit] created
[ :08+01:00] DEBUG: found target_mode == nil, so no mode was specified on resource, not managing mode
[ :08+01:00] DEBUG: found target_uid == nil, so no owner was specified on resource, not managing owner
[ :08+01:00] DEBUG: found target_gid == nil, so no group was specified on resource, not managing group
[ :08+01:00] INFO: Processing service[gerrit] action enable (gerrit::default line 248)
[ :08+01:00] DEBUG: service[gerrit] supports status, running

================================================================================
Error executing action `enable` on resource 'service[gerrit]'
================================================================================

Chef::Exceptions::Service
-------------------------
service[gerrit]: unable to locate the init.d script!

Resource Declaration:
---------------------
# In /var/chef/cookbooks/gerrit/recipes/default.rb

248: service 'gerrit' do
249:   supports :status => false, :restart => true, :reload => true
250:   action [ :enable, :start ]
251: end
252:

Compiled Resource:
------------------
# Declared in /var/chef/cookbooks/gerrit/recipes/default.rb:248:in `from_file'

service("gerrit") do
  action [:enable, :start]
  supports {:status=>true, :restart=>true, :reload=>true}
  retries 0
  retry_delay 2
  guard_interpreter :default
  service_name "gerrit"
  pattern "gerrit"
  cookbook_name :gerrit
  recipe_name "default"
end

score 0 · Answer 1 · answered Sep 27 '14 at 08:57

0

Containers are not virtual machines, meaning they run single processes and not have process managers running.This explains why chef-solo will have issues creating service resources.

I would suggest reading about some of the emerging support that chef is designing for containers:

I don't pretend it makes lots of sense at first read. I am yet to be convinced that chef is the best way to build a container.

answered Sep 27 '14 at 08:57

Mark O'Connor

76,015
10
139
185

Interesting. Are you saying while building the Dockerfile, it runs on single process and when container is up it can have multiple processes? I'm certainly not using fancy stuffs like supervisord. I dont get any issues when I run the chef-solo command inside a running container. – Sushan Ghimire Sep 27 '14 at 09:21
@SushanGhimire Not quite. I'm saying that you cannot assume that supervisord is setup and running, explaining your error starting a non-existent service using chef-solo. Nothing stopping you from explicitly a process manager like supervisord or runit, but it requires a little more docker configuration. From what I've read the new "chef-init" process is designed to understand this restricted environment so that chef resources function as we would expect them to run. – Mark O'Connor Sep 27 '14 at 19:56

score 0 · Accepted Answer · edited Apr 13 '17 at 12:36

0

The actually error was sudo: sorry, you must have a tty to run sudo, linux terminal not assigned due to security reasons, more info in this link here.

By default Docker runs as root, there is no need to do sudo. The cookbook I was running created 'gerrit' user which was causing me to do sudo. I removed the user and ran everything as root. Solved!

edited Apr 13 '17 at 12:36

Community

1
1

answered Jan 13 '15 at 18:16

Sushan Ghimire

7,307
16
38
65

How to run gerrit cookbook inside docker containers?

2 Answers2