finite lifetime private workers

ajbouh · December 1, 2021, 9:27pm

I’m trying to run an ephemeral container against some private services running on fly. I’ve posted about trying to access it via a wireguard tunnel.

Another option is to run that code in a container directly inside of fly.

I need this code to make some HTTP requests and then terminate. Unlike the pattern for sidekiq or celery workers, I don’t need the workers to operate indefinitely. Unlike the release_command pattern, I don’t have anything that it’s supposed to “run before”. It feels a lot like a “remote builder”, except the output is not an image.

For now my plan is to use release_command before starting a trivial webserver. Once the webserver is available, I’ll scale the application to zero. This feels gross. Is there a better way?

kurt · December 1, 2021, 9:47pm

Yep! Try fly machine run --help. This works similarly to Docker, it will run until it exist by default. If you want, you can specify a restart policy that restarts it on failure.

ajbouh · December 2, 2021, 12:03am

I just tried this:

flyctl machine run -a deployment-1638403247 --build-local-only --dockerfile docker/Dockerfile

And I’m getting:

Error: requires at least 1 arg(s), only received 0

According to help, usage should be:

flyctl machine run <image> [command] [flags]

But when I run this:

flyctl machine run deployment-1638403247 -a deployment-1638403247 --build-local-only --dockerfile docker/Dockerfile

I get:

Searching for image 'deployment-1638403247' locally...
Searching for image 'deployment-1638403247' remotely...
Error Could not resolve App

kurt · December 2, 2021, 12:05am

Is deployment-163803247 the app name? Try this:

flyctl machine run . --build-local-only --dockerfile docker/Dockerfile

The argument it wants is an image label or working directory. . should make it build the current working directory.

ajbouh · December 2, 2021, 12:15am

Progress!

It builds now with ., though I’m now seeing

Error error rendering push status stream: name unknown: app repository not found

Do I need to use an app name that already exists?

kurt · December 2, 2021, 12:21am

Ah, yes! That’s not obvious, sorry about that. Machines run within the context of an app. So you either need to create a new app for your one off tasks, or run them within an existing app.

ajbouh · December 2, 2021, 12:35am

Got it, ok I think it’s running.

Is the running machine directly addressable via private and/or public networking?

In flyctl machine run --help I see:

  -p, --port strings                     Exposed port mappings (format: edgePort[:machinePort]/[protocol[:handler]])

This makes me think it should be possible to reach the machine at some sort of unique address or ID.

kurt · December 2, 2021, 2:42pm

That exposes publicly it on <appname>.fly.dev:<port>. If you are connected via wireguard, you can just use the private IPv6 address to talk to the machine, no port argument necessary.

ajbouh · December 2, 2021, 4:14pm

To clarify, are the public ports exposed by flyctl machine run merged with those exposed by the running app (and possibly other flyctl machine runs?)

kurt · December 2, 2021, 10:34pm

Yep! That’s exactly how it works.

Topic		Replies	Views
Run app without a web server or a long running process, just to run tasks via ssh	6	1086	April 27, 2023
fly console --dockerfile and --image flags Fresh Produce flyctl	2	686	October 7, 2023
One-time use containers Questions / Help machines	4	63	December 27, 2024
Running commands within a live fly app	6	2903	July 19, 2023
`fly.toml` for private background worker Questions / Help	4	698	August 30, 2023

finite lifetime private workers

Related topics