I’m deploying a KeystoneJS app. It has successfully deployed before, using a multi-stage build I copied from somewhere, simplified:
FROM node:16-alpine3.14 AS build
WORKDIR /app
COPY . .
RUN npm run build
FROM node:16-alpine3.14
WORKDIR /app
COPY --from=build /app /app
EXPOSE 3000
CMD ["npm", "run", "start"]
And this is fine, with fly.toml
having release_command = "npx keystone prisma migrate deploy"
, it runs migrations as part of deploy just great.
However, that two-stage build is wasteful, it flattens everything into a single layer which prevents layer reuse and forces a 1 GB network transfer on the smallest change.
Switching the container to either
FROM node:16-alpine3.14
WORKDIR /app
COPY . .
RUN npm run build
EXPOSE 3000
CMD ["npm", "run", "start"]
or (trying to stay closer to the original)
FROM node:16-alpine3.14 AS build
WORKDIR /app
COPY . .
RUN npm run build
FROM build
WORKDIR /app
EXPOSE 3000
CMD ["npm", "run", "start"]
both make private networking at deploy time fail:
Configuring firecracker
Starting virtual machine
Starting init (commit: 252b7bd)...
Preparing to run: `docker-entrypoint.sh npx keystone prisma migrate deploy` as node
2022/04/19 18:49:44 listening on [fdaa:0:57f1:a7b:8aeb:c46d:2b74:2]:22 (DNS: [fdaa::3]:53)
Prisma schema loaded from schema.prisma
Datasource "postgresql": PostgreSQL database "postgres", schema "cms" at "foo-postgres.internal:5432"
Error: P1001: Can't reach database server at `foo-postgres.internal`:`5432`
Please make sure your database server is running at `foo-postgres.internal`:`5432`.
Startihild exited normally with code: 1
Starting clean up.
Error release command failed, deployment aborted
I don’t understand how my changes to the container could break private networking like that. Going back to the two-stage build with COPY --from=build /app /app
makes the deploy work, without fail so far. What on earth is going on here?