AsmBB

Power
Login Register

Docker support?

#15704 (ツ) ganuonglachanh
Created 03.12.2018, read: 2592 times

Hi John

I'm trying to install AsmBB with Docker, still not sucessful. Does anyone success with Docker? It will be awsome if AsmBB goes with Alpine Linux in Docker or Docker-compose rofl It will be supper fast and lightweight ;-)

#15707 (ツ) johnfound
Created 03.12.2018, read: 2588 times
ganuonglachanh

Hi John

I'm trying to install AsmBB with Docker, still not sucessful. Does anyone success with Docker? It will be awsome if AsmBB goes with Alpine Linux in Docker or Docker-compose rofl It will be supper fast and lightweight ;-)

I know absolutely nothing about Docker. Only that it is somehow related to virtualization... So, I can be of very little help about the Docker issues.

In order to have AsmBB working you need several conditions:

1. 32 or 64bit x86 CPU. 2. Linux 3. Running web server supporting FastCGI and properly tuned to send all the requests to AsmBB engine. 4. Running AsmBB engine.

What actually is not working in your attempts?

#15708 (ツ) ganuonglachanh
Created 03.12.2018, read: 2583 times
johnfound
ganuonglachanh

Hi John

I'm trying to install AsmBB with Docker, still not sucessful. Does anyone success with Docker? It will be awsome if AsmBB goes with Alpine Linux in Docker or Docker-compose rofl It will be supper fast and lightweight ;-)

I know absolutely nothing about Docker. Only that it is somehow related to virtualization... So, I can be of very little help about the Docker issues.

In order to have AsmBB working you need several conditions:

1. 32 or 64bit x86 CPU. 2. Linux 3. Running web server supporting FastCGI and properly tuned to send all the requests to AsmBB engine. 4. Running AsmBB engine.

What actually is not working in your attempts?

Hi, I'm trying to install with Docker, since it is not fully support systemd, can we use it with supervisord ? Any tutorial setting would be appreciated

And with Docker when I run./engine to test, the CPU usage increase and it still failed to access the board in webbrowser (setting in nginx conf is done as the guide)

#15709 (ツ) johnfound
Last edited: 03.12.2018 by johnfound, read: 2581 times
ganuonglachanh

Hi, I'm trying to install with Docker, since it is not fully support systemd, can we use it with supervisord ? Any tutorial setting would be appreciated

And with Docker when I run./engine to test, the CPU usage increase and it still failed to access the board in webbrowser (setting in nginx conf is done as the guide)

Systemd is not required for AsmBB. In my setup it is used only for running ./engine at the server startup. Also to restart on crashes, but AsmBB never crash actually. ;-)

Anyway if there is no systemd, you can run engine in arbitrary way. It only needs to be started.

On the other hand, the CPU usage should not increase when engine is running, but not used. Maybe only for few milliseconds when AsmBB opens the database and create the sockets.

Does the engine create the database file on the first run? ( asmbb/board.sqlite )

Does the engine create the socket on startup? ( asmbb/engine.sock )

Does the engine create the IPC shared memory file? ( asmbb/asmbb_ipc.bin )

What is the user that runs engine? What are the user permissions for the asmbb/ directory? It needs to have writing permissions there.

What returns nginx on the requests?

#15710 (ツ) ganuonglachanh
Created 03.12.2018, read: 2572 times
johnfound
ganuonglachanh

Hi, I'm trying to install with Docker, since it is not fully support systemd, can we use it with supervisord ? Any tutorial setting would be appreciated

And with Docker when I run./engine to test, the CPU usage increase and it still failed to access the board in webbrowser (setting in nginx conf is done as the guide)

Systemd is not required for AsmBB. In my setup it is used only for running ./engine at the server startup. Also to restart on crashes, but AsmBB never crash actually. ;-)

Anyway if there is no systemd, you can run engine in arbitrary way. It only needs to be started.

On the other hand, the CPU usage should not increase when engine is running, but not used. Maybe only for few milliseconds when AsmBB opens the database and create the sockets.

Does the engine create the database file on the first run? ( asmbb/board.sqlite )

Does the engine create the socket on startup? ( asmbb/engine.sock )

Does the engine create the IPC shared memory file? ( asmbb/asmbb_ipc.bin )

What is the user that runs engine? What are the user permissions for the asmbb/ directory? It needs to have writing permissions there.

What returns nginx on the requests?

Hi, I tried install in Virtual Box with Ubuntu then it worked! rofl So my guest is ./engine is not work in docker environment (had 100% CPU usage for 1 core) :'-( No engine.sock, No asmbb_ipc.bin, NO board.sqlite were created!

So with Virtual Box (*full* OS virtualization) it worked, but with Docker/Docker-compose (*semi* virtualization) it won't work :-(

#15714 (ツ) johnfound
Created 03.12.2018, read: 2568 times
ganuonglachanh

So my guest is ./engine is not work in docker environment (had 100% CPU usage for 1 core) :'-( No engine.sock, No asmbb_ipc.bin, NO board.sqlite were created!

It should work. I can't see any reasons to not work actually... Maybe it is some kind of bug related to the docker architecture...

Will probably try to install docker and make some tests...

#15717 (ツ) ganuonglachanh
Last edited: 03.12.2018 by ganuonglachanh , read: 2563 times
johnfound
ganuonglachanh

So my guest is ./engine is not work in docker environment (had 100% CPU usage for 1 core) :'-( No engine.sock, No asmbb_ipc.bin, NO board.sqlite were created!

It should work. I can't see any reasons to not work actually... Maybe it is some kind of bug related to the docker architecture...

Will probably try to install docker and make some tests...

Hi, good to here you are interested in docker rofl

I attached my test docker-compose for you. It is pretty simple to get start. Make sure you check to source code of it first, just text, no binary.

1. install docker and docker compose (google tutorial for your Linux distro)

2. cd to asmbb, which have the docker-compose.yml

3. run command: docker-compose up -d

4. to get to bash of docker machine:

docker exec -it asmbb_ubuntu /bin/bash

5. play around:

start nginx: nginx &

cd / var / www/html

./engine

log file: varlog/nginx/ nginx conf file: etcnginx/ and etcnginx/sites-enabled/

I don't now how to debug asm in this docker machine, so just install tools like real machine and you are good to go.

6. to stop docker: docker-compose stop

7. to re-create docker machine : docker-compose down then docker-compose up -d

Have fun rofl

Attached files:
FileSizeUploadedDownloadsMD5 hash
asmbb.zip2960 bytes03.12.2018186ff0d3b35372f5df278dfef22c814de59
#15719 (ツ) johnfound
Created 03.12.2018, read: 2560 times

Well, I have some results now.

The problem is actually that the program running in docker can't use the kernel API personality with the needed options.

There are different solutions to this issue. First to include the following option in the docker-compose.yml:

        security_opt:
          - seccomp:unconfined

This solution works (I was able to run AsmBB this way) but it is not the best solution, because it allows all kernel API to be exposed to the container (some are usually disabled for security reasons).

The second option is to allow only the needed personality options by changing the docker security profile.

This procedure (not very clear for me) is described here.

The default .json profile is here and there are several elements with the allowed variants of personality. One more have to be added:

{
  "names": [
    "personality"
  ],
  "action": "SCMP_ACT_ALLOW",
  "args": [
    {
      "index": 0,
      "value": 134217736,
      "valueTwo": 0,
      "op": "SCMP_CMP_EQ"
    }
  ],
  "comment": "",
  "includes": {},
  "excludes": {}
}

But as I already said this second procedure is a little bit out of my competence and understanding...

But I am confident, that this very API call can't bring any security issues. And I am not very sure why it is excluded from the default security profile of Docker. It actually switches the address space of a 32bit program to 3GB (instead of 4GB by default).

#15720 (ツ) ganuonglachanh
Created 04.12.2018, read: 2555 times
johnfound

Well, I have some results now.

But I am confident, that this very API call can't bring any security issues. And I am not very sure why it is excluded from the default security profile of Docker. It actually switches the address space of a 32bit program to 3GB (instead of 4GB by default).

Thank you very much johnfound

I edited my Asmbb docker with your suggestions and it worked rofl

I attached it below and you can use it as a starter guide for users who want to try AsmBB with Docker ;-)

Attached files:
FileSizeUploadedDownloadsMD5 hash
asmbb.zip5777 bytes04.12.2018187c0bd02e76bfdf2874c4498ce812b759e
#15721 (ツ) johnfound
Created 04.12.2018, read: 2544 times
ganuonglachanh

I attached it below and you can use it as a starter guide for users who want to try AsmBB with Docker ;-)

Thanks. It works for me too.

Maybe you will write later some short tutorial explaining step-by-step how to install and manage AsmBB with Docker? And what are the advantages (and disadvantages) of this approach.

Honestly, it seems to be an over-complicated way to run nginx+asmbb. But it is probably my ignorance. :-)

#15744 (ツ) logicfish
Created 23.01.2019, read: 2324 times
johnfound

... And what are the advantages (and disadvantages) of this approach.

Honestly, it seems to be an over-complicated way to run nginx+asmbb. But it is probably my ignorance. :-)

I would say that the obvious advantages are, being able to run asmbb on the cloud, and also on non-x86 systems. Also, you could run on a stripped down kernel, and you would be able to run this very cheaply on a cloud VM - especially if you used rwasa.

#15745 (ツ) johnfound
Created 24.01.2019, read: 2320 times
logicfish
johnfound

... And what are the advantages (and disadvantages) of this approach.

Honestly, it seems to be an over-complicated way to run nginx+asmbb. But it is probably my ignorance. :-)

I would say that the obvious advantages are, being able to run asmbb on the cloud, and also on non-x86 systems. Also, you could run on a stripped down kernel, and you would be able to run this very cheaply on a cloud VM - especially if you used rwasa.

Well, running on non-x86 is possible, but definitely totally pointless. But well, maybe you are right about running on some ultralight stripped down kernel on a cloud. I simply know almost nothing about such technologies. :-)

Docker support?

AsmBB v2.9 (check-in: 6d407831308ba556); SQLite v3.31.1 (check-in: 3bfa9cc97da10598);
©2016..2020 John Found; Licensed under EUPL. Powered by Assembly language Created with Fresh IDE