I created a basic LAPP stack which runs flawlessly on localhost with docker-compose. When I try to make it run with Swarm on production server (1 manager only, no workers), all services go up and get replicated (1/1) but the php-fpm one which keeps restarting with no apparent error.
docker service ls
ID NAME MODE REPLICAS IMAGE PORTS
p0rdrdfmso6x traefik_reverse-proxy replicated 1/1 traefik:v2.4 *:80->80/tcp, *:443->443/tcp
e6vwlo9iw2ny my_stack_apache replicated 1/1 apache:latest *:8000->80/tcp
qy5yigbcjryr my_stack_ftp replicated 1/1 fauria/vsftpd:latest *:20-21->20-21/tcp, *:22100-22110->22100-22110/tcp
n5f9v6bd2854 my_stack_php replicated 0/1 php:latest
rcnbq4vnoz1j my_stack_postgres replicated 1/1 postgres:9.5.24
If we focus on php-fpm container :
docker service ps my_stack_php
ID NAME IMAGE NODE DESIRED STATE CURRENT STATE ERROR PORTS
j6mp3ka40cyo my_stack_php.1 php:latest node.address Ready Ready 2 seconds ago
ezztpsjoglwy \_ my_stack_php.1 php:latest node.address Shutdown Complete 3 seconds ago
gnqjhwpi5y72 \_ my_stack_php.1 php:latest node.address Shutdown Complete 9 seconds ago
0agr3tw0bb9g \_ my_stack_php.1 php:latest node.address Shutdown Complete 15 seconds ago
9a6wsdp4tqqn \_ my_stack_php.1 php:latest node.address Shutdown Complete 21 seconds ago
If I look to the logs :
docker service logs my_stack_php
[email protected] | Interactive shell
[email protected] | Interactive shell
[email protected] | Interactive shell
[email protected] |
[email protected] |
[email protected] | Interactive shell
[email protected] |
[email protected] |
It behaves like a container running a command which would end with succes in a few seconds. Swarm launches then an new container to keep the restart contract. However, my php-fpm Dockerfile provide the -F argument that should keep the process running :
PHP Dockerfile
FROM centos:7.4
# ... all installs from Centos to add PHP 7.2 from Remi Collet repositories
RUN mkdir -p /run/php-fpm
RUN usermod -a -G ftp apache
WORKDIR /var/www/html
EXPOSE 9000
# Run in foreground as root (in container POV)
CMD ["php-fpm", "-R", "-F"]
docker-compose.yaml
version: '3.9'
services:
postgres:
image: "postgres:9.5.24"
environment:
POSTGRES_DB: /run/secret/postgres_db
POSTGRES_USER: /run/secret/postgres_user
POSTGRES_PASSWORD: /run/secret/postgres_password
volumes:
- database:/var/lib/postgresql/data
secrets:
- postgres_db
- postgres_user
- postgres_password
deploy:
resources:
limits:
cpus: '0.15'
memory: 128m
networks:
- internal
apache:
env_file: .env
image: apache:latest
build:
context: ./docker/images/apache2.4
dockerfile: prod.Dockerfile
ports:
- 8000:80
environment:
FPM_HOST: php:9000
volumes:
- ./docker/logs/apache/:/var/log/httpd/
networks:
- traefik-public
- internal
deploy:
labels:
- "traefik.enable=true"
- "traefik.http.routers.my_stack.rule=Host(`my-host.com`)"
- "traefik.http.routers.my_stack.entrypoints=websecure"
- "traefik.http.routers.my_stack.tls.certresolver=letsencryptresolver"
- "traefik.http.services.my_stack.loadbalancer.server.port=80"
- "traefik.port=80"
resources:
limits:
cpus: '0.15'
memory: 128m
php:
env_file: .env
image: php:latest
# links:
# - ftp
# - apache
build:
context: ./docker/images/php
dockerfile: prod.Dockerfile
# args:
# TIMEZONE: 'Europe/Paris'
volumes:
- ftp_data:/var/www/ftp:rw
networks:
- internal
deploy:
resources:
limits:
cpus: '0.20'
memory: 512m
ftp:
env_file: .env
image: "fauria/vsftpd:latest"
ports:
- "20:20"
- "21:21"
- "22100-22110:22100-22110"
environment:
FTP_USER: apache
FTP_PASS: /run/secret/automation_client_password
PASV_ADDRESS: 127.0.0.1
PASV_MIN_PORT: 22100
PASV_MAX_PORT: 22110
volumes:
- ftp_data:/home/vsftpd/apache:rw
networks:
- traefik-public
- internal
deploy:
resources:
limits:
cpus: '0.15'
memory: 128m
volumes:
ftp_data:
database:
secrets:
postgres_db:
external: true
postgres_user:
external: true
postgres_password:
external: true
automation_client_password:
external: true
networks:
traefik-public:
external: true
internal:
external: false
Anyone got a clue about this? Any helps/tips will be appreciated.
I don't like this kind of answer, but replica's all went live after complete reboot.