How to understand differences between docker and fly?

moxbox · May 31, 2022, 8:32am

I ran this image on a local docker, and it worked fine: https://hub.docker.com/r/trafex/php-nginx

Running it unmodified in fly gave some errors the seem to be related to permissions when supervisord is starting up nginx and php-fpm:

2022-05-28T14:51:39Z app[2013add4] lhr [info]Preparing to run: `/usr/bin/supervisord -c /etc/supervisor/conf.d/supervisord.conf` as nobody
2022-05-28T14:51:39Z app[2013add4] lhr [info]2022/05/28 14:51:39 listening on [fdaa:0:6561:a7b:aa9c:2013:add4:2]:22 (DNS: [fdaa::3]:53)
2022-05-28T14:51:40Z app[2013add4] lhr [info]2022-05-28 14:51:40,320 INFO supervisord started with pid 515
2022-05-28T14:51:41Z app[2013add4] lhr [info]2022-05-28 14:51:41,322 INFO spawnerr: unknown error making dispatchers for 'nginx': EACCES
2022-05-28T14:51:41Z app[2013add4] lhr [info]2022-05-28 14:51:41,322 INFO spawnerr: unknown error making dispatchers for 'php-fpm': EACCES

The Dockerfile had USER nobody and removing this and fixing things up made it run in fly.

How can I understand what the differences between docker and fly are here?

ignoramous · May 31, 2022, 9:16am

Fly transmogrifies runc containers into Firecracker VMs supervised by its own init which in addition to other things is fussy at letting any other process read from stdout.

root is the safest bet to have everything running smoothly, apparently, even if it needn’t be the case.

The specific issue you’re seeing has been discussed a number of times on this very forum. Here’s a recent discussion: Allow non-root users to write to stdout/stderr - #13 by ignoramous

As you (and others) found out Dockerfiles on Fly aren’t the same as Dockerfiles everywhere else. For Fly, Dockerfiles are a convinient way to hook into the existing ecosystem: Early look: "fly launch" That said, it works almost all of the time, until it doesn’t.

jenstandstad · December 1, 2022, 2:07pm

Yes, it’s not good that Fly.io doesn’t detect this during the ‘transmogrification’ process and gives a proper error message. It’s not that hard to see if a process is started. This made me lose horus of work due to poor log visibility. I’d say find another cloud provider if you need to run docker containers that have supervisord. This i s not worth the hassle

Topic		Replies	Views
Can't change permissions on /run directory Build debugging	2	814	April 15, 2021
Difference between Fly VM and an app deployed with Docker container?	11	556	November 24, 2022
multi container apps?	4	1686	August 22, 2022
Docker in "Docker" on Fly	2	1547	October 14, 2023
Allow non-root users to write to stdout/stderr Questions / Help	15	3315	January 26, 2023

How to understand differences between docker and fly?

Related Topics