container bootlooping

[typia]

Hi,
I can't start the container.

My container is started with rancher 1.2.

here are the logs

` *** CONTAINER_LOG_LEVEL = 3 (info)
*** Search service in CONTAINER_SERVICE_DIR = /container/service :
*** link /container/service/:ssl-tools/startup.sh to /container/run/startup/:ssl-tools
*** failed to link /container/service/:ssl-tools/startup.sh to /container/run/startup/:ssl-tools: [Errno 17] File exists
*** link /container/service/slapd/startup.sh to /container/run/startup/slapd
*** failed to link /container/service/slapd/startup.sh to /container/run/startup/slapd: [Errno 17] File exists
*** link /container/service/slapd/process.sh to /container/run/process/slapd/run
*** directory /container/run/process/slapd already exists
*** failed to link /container/service/slapd/process.sh to /container/run/process/slapd/run : [Errno 17] File exists
*** Set environment for startup files
*** Environment files will be proccessed in this order :
Caution: previously defined variables will not be overriden.
/container/environment/99-default/default.startup.yaml
/container/environment/99-default/default.yaml

To see how this files are processed and environment variables values,
run this container with '--loglevel debug'
*** Running /container/run/startup/:ssl-tools...
*** Running /container/run/startup/slapd...
Start OpenLDAP...
*** /container/run/startup/slapd failed with status 1

*** Killing all processes... `

Could you please help ?

[osixia]

hello,
no idea what's going on sorry.

can you post docker inspect for this container ?
Also run the container with --loglevel trace and show the output

[ghost]

When I use the docker-compose file in the example you provide and try to run it, sort of works but when you go to the webui u get something like:

Parse error: syntax error, unexpected '}' in /container/service/phpldapadmin/assets/config.php on line 68

I hope this helps

[osixia]

@scornea thanks for your feedback, i think your facing this error: osixia/docker-phpLDAPadmin#23 from the phpldapadmin image. If you remove phpldapadmin from the docker-compose file is openldap working ?

@typia error seems to be linked to openldap container only. It would be greate to have more logs to see whats happens with rancher :)

[ghost]

@osixia it worked the way you recommended locally (on my machine), however, if I do the same thing on another machine using Rancher, I will get the same error as @typia reported and I've also reported (and u've closed it as being the same as this one)

I've also run the container using --loglevel trace but as it is on my local machine wouldn't show any problems with it

[ghost]

@osixia oki so i've run the container in Rancher and I've used the --loglevel command and i've discovered this by the end of the initialisation proc:

13/12/2016 10:33:01584fce5d daemon: getaddrinfo() failed: No address associated with hostname
13/12/2016 10:33:01584fce5d slapd stopped.

[typia]

Hi all, thanks a lot for your feedback, sorry did not have time to answer.
Just to say that issue is happening with rancher 1.2 only.
It's ok when I run it with docker run, and it was ok with rancher 1.2pre3.
I think it's due to drastical changes in network mapping and discovering in rancher 1.2 final.

I also raised an issue on rancher github rancher/rancher#7015

[ghost]

@typia i've resolved the problem by having a internal service link from the openldap container to the "hostname" i want such as: openldap -> ldap.example.com

[typia]

@scornea I connect my openldap container by using it as an external service in another stack so I don't want to get an hostname ..

[EugenMayer]

running this image with rancher for over a year now, no issues involved at all: https://github.com/EugenMayer/docker-rancher-extra-catalogs/tree/master/templates/openldap .. pretty sure this one can be closed

[BertrandGouny]

thanks for the feedback

[alexandracretu]

Hello,

i have the same issue in 1.2.3 and i just pass it some environment variabes, and i get the same issue:

docker run -p 389:389 -p 636:636
--name openldap
--env LDAP_ORGANISATION="example"
--env LDAP_DOMAIN="example.com"
--env LDAP_ADMIN_PASSWORD="newadminpass"
--env HOSTNAME="openldap"
--env LDAP_BASE_DN="cn=admin,dc=example,dc=com"
--env LDAP_CONFIG_PASSWORD="newconfigpass"
--env LDAP_READONLY_USER="true"
--env LDAP_READONLY_USER_USERNAME="ionlyread"
--env LDAP_READONLY_USER_PASSWORD="ionlyreadpass"
--volume database:/var/lib/ldap
--volume slapdconfig:/etc/ldap/slapd.d
--detach osixia/openldap:1.2.3

$ docker logs openldap
*** CONTAINER_LOG_LEVEL = 3 (info)
*** Search service in CONTAINER_SERVICE_DIR = /container/service :
*** link /container/service/:ssl-tools/startup.sh to /container/run/startup/:ssl-tools
*** link /container/service/slapd/startup.sh to /container/run/startup/slapd
*** link /container/service/slapd/process.sh to /container/run/process/slapd/run
*** Set environment for startup files
*** Environment files will be proccessed in this order :
Caution: previously defined variables will not be overriden.
/container/environment/99-default/default.yaml
/container/environment/99-default/default.startup.yaml

To see how this files are processed and environment variables values,
run this container with '--loglevel debug'
*** Running /container/run/startup/:ssl-tools...
*** Running /container/run/startup/slapd...
No certificate file and certificate key provided, generate:
/container/service/slapd/assets/certs/ldap.crt and /container/service/slapd/assets/certs/ldap.key
2019/02/15 10:17:59 [INFO] generate received request
2019/02/15 10:17:59 [INFO] received CSR
2019/02/15 10:17:59 [INFO] generating key: ecdsa-384
2019/02/15 10:17:59 [INFO] encoded CSR
2019/02/15 10:17:59 [INFO] signed certificate with serial number 28968434644992672452068990075112075521836839542
Link /container/service/:ssl-tools/assets/default-ca/default-ca.pem to /container/service/slapd/assets/certs/ca.crt
Start OpenLDAP...
Waiting for OpenLDAP to start...
Add TLS config...
Disable replication config...
*** /container/run/startup/slapd failed with status 49

*** Killing all processes...

What am i doing wrong?

[ilovemysillybanana]

@alexandracretu did you ever resolve this issue? I'm having it now

[obourdon]

@alexandracretu @ilovemysillybanana seems related to the usage of LDAP_READONLY_USER="true"

Using this option, OpenLDAP container startup fails with the following trace:

Processing file /container/service/slapd/assets/config/bootstrap/ldif/readonly-user/readonly-user.ldif
5d3d7a9d conn=1024 fd=12 ACCEPT from PATH=/var/run/slapd/ldapi (PATH=/var/run/slapd/ldapi)
5d3d7a9d conn=1024 op=0 BIND dn="" method=163
5d3d7a9d conn=1024 op=0 BIND authcid="gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth" authzid="gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth"
5d3d7a9d conn=1024 op=0 BIND dn="gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth" mech=EXTERNAL sasl_ssf=0 ssf=71
5d3d7a9d conn=1024 op=0 RESULT tag=97 err=0 text=
5d3d7a9d conn=1024 op=1 ADD dn="cn=ionlyread,cn=admin,dc=example,dc=com"
5d3d7a9d conn=1024 op=1 RESULT tag=105 err=50 text=no write access to parent
5d3d7a9d conn=1024 op=2 UNBIND
5d3d7a9d conn=1024 fd=12 closed
5d3d7a9d conn=1025 fd=12 ACCEPT from IP=127.0.0.1:44018 (IP=127.0.0.1:389)
5d3d7a9d conn=1025 op=0 BIND dn="cn=admin,cn=admin,dc=example,dc=com" method=128
5d3d7a9d conn=1025 op=0 RESULT tag=97 err=49 text=
5d3d7a9d conn=1025 op=1 UNBIND
5d3d7a9d conn=1025 fd=12 closed
ldap_add: Insufficient access (50)
	additional info: no write access to parent
adding new entry "cn=ionlyread,cn=admin,dc=example,dc=com"

ldap_bind: Invalid credentials (49)
*** /container/run/startup/slapd failed with status 49

[obourdon]

In fact another piece of the error is due to this line of the startup script which implies that your environment variable

--env LDAP_BASE_DN="cn=admin,dc=example,dc=com" 

should be

--env LDAP_BASE_DN="dc=example,dc=com" 

as cn=admin, will be added

But this seems also related to the following issues #307, #172 and the corresponding PR #238