Simple Docker Image

urrtag · April 9, 2021, 9:39am

yeap, you can install libraries as you like, those (like libc) communicate with the host kernel through syscalls for things like IO, memory management, etc. You could even build a docker image with only one file in it, the executable you would like to run. If the executable is doing all the syscalls itself (i think go apps are doing that?! or build with a statically linked musl).

edit: And you can pass host resources into the container, like a X11 socket for example, possibly without namespacing tho (Wayland shouldn’t be as bad as X11, as it doesn’t allow access to other windows, doesn’t pass keyboard/mouse events to all windows/apps etc).

Im running steam, thus all steam games (native or through proton) in a flatpak container. flatpak is very similar to docker, it uses the same “namespacing” primitives docker is using, but manages “images” in a different way (there is also ubuntus “snap”, which is also similar to docker). I guess as long as you are using apis (like graphics) that the kernel supports (and the according namespacing of said apis. graphics might not even be properly namespaced, i have no clue… X11 is also quite “leaky”) there is no limit.

One difference is that you’re still relying on proper kernel namespacing, if there is a kernel bug some data might leak from one container or the host to an other container. VMs are more closed up at the cost of having a complete OS with its own kernel running.

WE DO NOT BREAK USERSPACE!

– Linus Torvalds

You have new features added to a newer kernel, but old apis never change!

folaht · April 9, 2021, 9:26pm

I can’t seem to run this.

Step 12/15 : RUN safe node install
 ---> Running in 1bc4663e1945
/bin/bash: line 1: /root/.safe/cli/safe: cannot execute binary file: Exec format error
The command '/bin/bash --login -c safe node install' returned a non-zero code: 126

wydileie · April 9, 2021, 9:13pm

Can you post your whole docker file? Usually that error exists when you try to run something on the wrong architecture (ARM vs x86_64), but if you got all the way to this step, that seems unlikely.

folaht · April 9, 2021, 9:23pm

It’s the same docker file as in the top.
Although, I have just changed the first line to include arm64v8/ 5 minutes ago, which gave me the same error:

$ cat dockerfile 
# Build SafeNetwork Docker container
FROM arm64v8/alpine:latest
LABEL version="0.1"
LABEL maintainer="DeusNexus"
LABEL release-date="2021-01-31"

# Update and install dependencies
RUN apk update
RUN apk add bash #unix shell to run install script
RUN apk add curl #cUrl to transfer data

#Make profile file with exported PATH and refresh the shell (while building)
SHELL ["/bin/bash", "--login", "-c"]
RUN echo 'export PATH=$PATH:/root/.safe/cli' > ~/.profile && source ~/.profile

#Set ENV PATH (after build will be used to find 'safe')
ENV PATH=$PATH:/root/.safe/cli

#Installation Script - MaidSafe installation script
RUN curl -so- https://sn-api.s3.amazonaws.com/install.sh | bash

#Install Safe - During Build
RUN safe node install
RUN safe auth install

#Expose PORT of the node 
EXPOSE 12000

#Run command on Docker launch
CMD ["safe"]

wydileie · April 9, 2021, 9:27pm

This is your problem. The script provided by Maidsafe is hardcoded to install x86 tools, so if you are running on an ARM system, it will not work.

folaht · April 9, 2021, 9:29pm

Oh right!
I forgot all about that.
I’m gonna have to edit the dockerfile or see if someone has made one already.

bzee · April 19, 2021, 8:39am

I’ve worked on a container file for a bit. I opted to download pre-built binaries for ~~ARM~~ x64.

github.com

b-zee/sn_container/blob/master/Dockerfile

FROM docker.io/library/alpine:3.13

ADD https://sn-api.s3.amazonaws.com/sn_authd-0.4.0-x86_64-unknown-linux-musl.tar.gz                               /sn_tars/sn_authd.tar.gz
ADD https://github.com/maidsafe/sn_api/releases/download/v0.22.0/sn_cli-0.22.0-x86_64-unknown-linux-musl.tar.gz   /sn_tars/sn_cli.tar.gz
ADD https://github.com/maidsafe/sn_node/releases/download/v0.34.1/sn_node-0.34.1-x86_64-unknown-linux-musl.tar.gz /sn_tars/sn_node.tar.gz

RUN sh -c 'for i in /sn_tars/*; do tar --extract --gzip --directory=/usr/local/bin --file $i; done' && \
  rm -r /sn_tars

COPY entrypoint.sh /usr/local/bin/entrypoint
RUN chmod +x /usr/local/bin/entrypoint
ENTRYPOINT ["/usr/local/bin/entrypoint"]

folaht · April 19, 2021, 8:33am

There are pre-built ARM binaries?

bzee:

ADD https://sn-api.s3.amazonaws.com/sn_authd-0.4.0-x86_64-unknown-linux-musl.tar.gz                               /sn_tars/sn_authd.tar.gz
ADD https://github.com/maidsafe/sn_api/releases/download/v0.22.0/sn_cli-0.22.0-x86_64-unknown-linux-musl.tar.gz   /sn_tars/sn_cli.tar.gz
ADD https://github.com/maidsafe/sn_node/releases/download/v0.34.1/sn_node-0.34.1-x86_64-unknown-linux-musl.tar.gz /sn_tars/sn_node.tar.gz

Those look like x86_64 binaries.

bzee · April 19, 2021, 8:39am

Woops, my mistake… There are no pre-built binaries for ARM. Don’t know how I got confused. I do remember I built the binaries manually for a while, but building the image on the Raspberry Pi took very long, of course. I guess the best would be to make an image specific for ARM that cross-builds the binaries outside of the Dockerfile and then copies them…

That version of the Dockerfile is here:

github.com

b-zee/sn_container/blob/b61ec4c1218203a2c1236944291bd43dfa842349/Containerfile

FROM docker.io/library/rust:1.50-alpine AS builder

WORKDIR /usr/local/src

# Download sources at specific version from GitHub.
ADD https://github.com/maidsafe/sn_api/archive/v0.20.0.tar.gz         sn_api.tar.gz
ADD https://github.com/maidsafe/sn_node/archive/v0.28.2.tar.gz        sn_node.tar.gz
ADD https://github.com/maidsafe/sn_launch_tool/archive/v0.0.19.tar.gz sn_launch_tool.tar.gz

# Extract archives into their own directories (without top level directory including version).
RUN mkdir sn_api         && tar --extract --gzip --strip-components=1 --file sn_api.tar.gz         --directory sn_api/
RUN mkdir sn_node        && tar --extract --gzip --strip-components=1 --file sn_node.tar.gz        --directory sn_node/
RUN mkdir sn_launch_tool && tar --extract --gzip --strip-components=1 --file sn_launch_tool.tar.gz --directory sn_launch_tool/

# Apparently needed for some dependencies to link with musl.
RUN apk add --update musl-dev

# Shared cache for all builds.
ENV CARGO_TARGET_DIR=/usr/local/src/target

This file has been truncated. show original

folaht · April 19, 2021, 8:52am

I’m guessing either team Maidsafe or we ourselves need to create an application that automatically downloads a maidsafe release at release and then builds and uploads it back to github.

happybeing · April 19, 2021, 9:23am

I think the way it was done in the past was along those lines, but for Linux was also delivered by MaidSafe hosting their own distro server. So by adding that server to to your package manager you could just do a package update for the Safe apps.

urrtag · April 19, 2021, 9:31am

yeap, only amd64 official builds. Wouldn’t be enough to install just the sn_node bin for running the node. The sn_node binary logs to stdout (instead of a file) thus causing the logs go into the proper docker logs (which i would prefer) and spawns to the foreground.

folaht · April 20, 2021, 6:46am

I’m not sure what exactly to do to automate this best.
I’m thinking of a cron job that will check the github and compile it,
but to be honest,
I really feel like this shouldn’t be on the community’s shoulders and that this is a job for the maidsafe team.

I found a little script that could help.

happybeing · April 20, 2021, 1:48pm

The way to do it is with a github action. I’m sure MaidSafe will do this but not for a while yet. In the mean time the community can provide instructions on how to cross compile and individuals can share builds on GitHub.