-
Notifications
You must be signed in to change notification settings - Fork 1.8k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Dockerfile: use correct VOLUMEs #23
Conversation
I haven't digged into this topic, but is this the reason why there are additional files left after updating and the integrity check fails? For example:
I just ignored it in the past. |
@SnowMB It's possible, though I assume that the "upgrade path" for Docker images is the same (you run the upgrader, and you don't start a new image with the new code). So unless you're restarting into a new image with |
@cyphar different remarks:
What do you think? |
After reading a bit further into the docker documentation and fooling around a little bit, I think can explain in more detail what the problem is. Correct me if I'm wrong. Since in the Dockerfile the whole I think this is not a desireable behaviour. I would suggest, just as cyphar said to ditch the For upgrading it means that using the updater app will not cause a persistent change, but you have to use the "Docker way". That means killing the old container and mounting a new one with newer nextcloud installation. Another possibility would be recommending to save the whole nextcloud installation and all data on the host. It means changing the documentation and deleting the "fine grained" approach. With running the container one should always mount the whole /var/www/html folder. Then upgrading with the updater app is possible and always persistent. |
Possible related: #24 |
So, @SnowMB already explained this for me while I was on holidays. 😉
Odd. That means they have the same issue as us.
Sure, that can be done.
I'd need to test how |
Just adding a little info:
That is not entirely correct. The source code is present inside the container in The source code from inside the container will be copied to the volume, if the version.php file is missing. (I' don't know why this file was chosen). See https://github.com/nextcloud/docker/blob/master/docker-entrypoint.sh#L4 . |
Rebased atop |
The persistent data is just the contents of config/ (configuration), apps/ (installed apps), and data/ (user data). The source code should not be made into a volume because it will cause persistence issues when you try to update an image. Currently the existing setup means that standard Docker-style updates (where you start a new Docker image) won't actually update the source code -- causing confusion and other issues. This matches how ownCloud's setup works as well. Signed-off-by: Aleksa Sarai <cyphar@cyphar.com>
I have run with this kind of separation for a while, or rather the "fine grained data persistence" from the current README. I have seen the same issues that @SnowMB saw specifically for a lot of files from the apps/ tree after an update from 10 to 11. I found that when /var/www/html/apps were persisted while /var/www/html wasn't the entrypoint script would extract the tar file, but it doesn't remove files from the core apps that shouldn't exist anymore. While this change would mean that updating the container "the docker way" would become possible, I'm not sure what the impact of possibly leaving old files could be in the long run. Preferably all code should be updated at the same time, but as long as core and 3rd party code is mixed in a volume this will become tricky. Either way the correct update procedure must be correctly documented. Currently the default is to have /var/www/html as a volume but the documented update procedure is to spin up a new container, so the code will not actually be updates as version.php still exists. |
@Gusson Both upgrade methods would actually work with this PR applied. You could start up a new container with the new version and do Currently the first method does not work with the current images, and changing images doesn't actually help the situation. Sure, you can do the "fine grained" method, but declaring |
I just recently updated to 11.0.1 (started with 10.0.0) an it's annoying how much leftover files i've got in my apps folder now. The "docker way" to upgrade is definetly running in problems over there. I ignored the integrity check in the past, because it just shows a few files, but this time it went nuts ;) Does anyone know any easy cleanup methods? |
When you say "docker way" what are your referring to? Do you mean that you have In that case, the integrity check failing outside of those directories shouldn't be caused by the volumes being there. Is there some process that happens during "official" upgrade which involves anything other than swapping out the source code -- is there some change to |
Sorry for the confusion. My configuration is set this way: Dockerfile contains line:
When I upgade, I stop and delete the docker-container, then pull or build the new image and run the new configuration.
When I next access the site I go through the upgrade dialoge for my data.
Hmm, I just realised that this way I might omit changes to the system(default or whatever you would call them) apps completely. 😟 |
Does this all also mean that you are not going to release patches (like 11.0.1->11.0.2) to the Nextcloud docker hub image? I've been anxiously waiting for a 11.0.2 tag. But do you guys think the updater is a the correct way to update? Personally, I'm completely with everyone here suggesting /var/www/html is NOT a volume. Using docker completely removes the need to have an updater in the first place. And my updater does not even work because of this https://github.com/nextcloud/server/issues/3663 |
Like I said in another issue, just make a quick PR and change the version number from 11.0.1 to 11.0.2 and it will get merged. Someone just has to do it ;) |
In the mean time, I remembered why https://github.com/indiehosters/nextcloud/blob/master/docker-compose.yml#L14-L15 It allows us and people in general to mount assets into nginx from the fpm image. So let's go back to the problem space. |
@pierreozoux From my point of view, the problem that I was trying to fix this is that the upgrade process for Docker containers is not well-defined. Either you want to say that we should always be running the upgrade process in the same way as you would on a normal server, at which point you're not really using Docker "properly" (you're treating the container as a VM) -- which is fine but it needs to be documented properly. On the other hand, if you want to embrace the "Docker way" of doing management of version upgrades, then it needs to be possible to restart a container with a newer version of NextCloud and then be able to simply do The second option is currently broken because all of the source code is currently stored in the volume, so changing the image you're using doesn't change the source code (but this will break eventually if you start upgrading libraries or other things that become too new for older NextCloud versions). |
@cyphar, @pierreozoux : There is a problem remaining. The upgrade process (before upgrading data) also makes changes to the But mounting at least the It's a problem where the implementation wasn't designed for docker and thus is a little edgy 😕 . I don't know how this would effect the solution @pierreozoux suggested. Maybe you have a word on that? Right now the best solution I see, is sticking with the web-updater. |
The solution space is full of hope once the problem space is well defined :) I've been using this to track how to update ownCloud/Nextcloud with different versions: And so the conclusion would be in pseudo code, Replace this block with:
We have to make sure that the Then, we are as good as the web updater:
What do you think? |
Sounds great. The only thing could go bad is the following:
We should actually check if version is greater, because... you know... downgrades are not supported 😉 |
I would personally like to see that upgrading Nextcloud is as simple as stepping the image version, and I think @pierreozoux proposal looks good. I do however still have my doubts whether keeping the source extracted to a volume is a good idea in the long run. Things I've thought about:
|
Wouldn't custom app directories help there? Putting the original apps dir in read-only mode and allowing the user to install own apps in another directory (mounted as volume). Wonderfall/Nextcloud does the same thing as far as I can tell here. don't know if that addition can be made without incorporating the whole bootstrapping/installation. Maybe using an autoconfig.php? |
I love the idea of splitting the app folder. However it would only be easy to implement this for new installations where the config.php does not exist yet. People that switch to docker and have existing config and data folders would have to edit their config file by hand (which might be a bit inconvenient). Or someone writes a script that checks and manipulates the config file. |
How about a simple "How to migrate your installation to a Docker container" tutorial? Maybe to the docker hub page? I think the gain here is much greater than the small trouble to those migrating from an installation into Docker containers. If that even happens that often? |
Just my 5 cent to this topic. If I update my docker image It's absolutely clear, that I can't start a previous image and access the data directory again and everything is as before. That can not work. Also the database schema has potentially been updated. So in my opinion a docker update must automatically remove all old files that are not data, means user content, and replace it with new versions. The image documentation should point this out, that everybody is aware of that. If possible it would be nice, if manually installed/activated apps like "Two Factor Totp" are not deactivated... |
in the mean time, pretty, pretty please just remove any and all VOLUME declarations in the Dockerfile and just let the docker-compose or the docker run command fix it. This gives 100% control to the user, and doesnt give any unexpected behavior if someone is doing something silly as trying to have his fpm-container start/run as www-data instead of the default root (and then dropping privs). This now fails because www-data tries to unpack into the VOLUME declared /var/www/html, which is owned by root, and thus fails. Also it prevents me from unpacking it myself and properly setting the permissions (everything readonly except for the dynamic stuff like data directory) in my own Dockerfile because everything is gone when the container starts, as at that point the VOLUME takes over... (Tbh I dont understand why I cannot undo the VOLUME declaration in my Dockerfile) |
I started to work on this in #65. |
Absoutely, most definitely, not. This would break |
About volumes_from, e.g. in Docker Compose 3 they removed that syntax with a good reason. Generally you only want specific volumes from a different container. E.g. mount the volume with only the static files (css, js, etc) as readonly in your nginx. As opposed to also mounting the volumes with php-config files. I'm not really sure what your second argument is. But if you're arguing against putting control in the hands of the users then I do oppose it. I do agree with the underlying argument of changing critical behavior of the container without properly informing the users is a really bad idea. But the fact remains that the VOLUME declaration is used for source files. AFAIK is that against the best practices of Docker, which states that user-data should be in dynamic volumes. They state that a new container should be created when the source code changes. Or at least that's how I interpreted it. At the moment I have these problems with this official Nextcloud repository:
Anyway I'm not just ranting because of ranting. I'm willing to help & be part of the solution :). |
@ChessSpider what do you think about the changes in #65 ? |
@tilosp thx ill have a look tomorrow |
Okay, but there's also Docker's volume drivers which require the image to contain
Your change will restrict users from being able to use features of Docker. My suggestion will make it so that they don't do something they shouldn't be doing (snapshotting their data into a container image rather than having it persistently stored external to the image -- which is a horrible practice to encourage).
Yes, that is correct. And I would love it if we could split up the data into separate places so we can just create volumes for the non-source code bits. And trust me, I tried. However, that's now how NextCloud works at the moment. Apps are source code that you want to be persistent because they're (mostly) not shipped as part of the image because they are additions to the image. In addition, the updating process for apps is entirely separate to the process for the core server. And also there is some weirdness that happens if you run the upgrader app (it doesn't appear to upgrade everything that needs to be upgraded). This might be because it uses
... You can chmod the folder you're connecting the volume to. If you want we can also just add a
If you actually use the volume you won't have this problem (mount the entire
Yes, I would love if we did that but as I mentioned above, I don't know if NextCloud would allow us to do that in a sane way. I've run into a lot of issues with splitting up the volumes and upgrading. It's not as simple as it sounds to fix. |
@cyphar of course I trust you 👍
Where did it say in the documentation that Docker's volume drivers requires te Dockerfile to contain VOLUME declarations? This is new to me. To my knowledge a volume can be mounted with
Please see my docker-compose examples in 65 the functionality I'd like to have from nextcloud.
Which is why I propose to disable the update process for the apps in #65 so that you force users to do a docker --pull to upgrade. This ensures users will both get the latest version of Nexcloud and the latest version of all (host) dependancies (and their security fixes!)
Maybe a chown to www-data is better? Would be helpful definitely <3 but not a main issue.
I'm beginning to notice that as well! If Nextcloud still had asset pipelining it wouldve been a lot easier; just do a VOLUME on /assets and re-run the asset pipeline on upgrade and done! But I still think keeping the VOLUME on /var/www/html is a bad thing. You don't need it, and you want users to not in-place upgrade the app but always do a |
The persistent data is just the contents of config/ (configuration),
apps/ (installed apps), and data/ (user data). The source code should
not be made into a volume because it will cause persistence issues when
you try to update an image.
This matches how ownCloud's setup works as well.
Signed-off-by: Aleksa Sarai cyphar@cyphar.com