I’m just looking at the quickest cheapest way to do this but it would be good if I could have multiple sites so I can work on multiple versions of sites or multiple sites at the same time.

or are you thinking of not using k8s for your prod and just falling back to your existing stack?

in k8s each deployment is separate and if you wanted you could use a namespace for further segmentation if you want, but as a demo its probably not needed

I could just install Apache, MySQL and PHP with vitual hosts directly on this old Mac but doing it this way with Rancher Desktop seemed more useful and an opportunity to start learning Kubernetes.

I have just run the LAMP image with nerdctl run -it lamp -d sh

Aah, well I did say I was a newb.

its not like an OS image? you are looking at Docker… so you would be using that image as a FROM in a Dockerfile and adding all of your other bits via standard Dockerfile statements

i mean you could shell into the container and start installing bits and pieces, but it wouldn’t be reproducible

just your call to nerdctl. I would avoid k8s completely till you have the container stuff down or i think you will hit a wall

nerdctl run -d -p 80:80 lamp sh seems to exit straight away.

It does throw up a huge string on the screen though.

So I guess nothing is running. I tried it with -a and I get a bunch of lines.

they don’t come w RD?

you are pulling the userspace from docker hub

“docker image ls”

sorry

nerdctl image ls

well they are as RO images that will be used to spawn a ephemeral instance

Silly question but if I learn docker instead of containerd will the knowledge easily migrate over to using containerd?

as you think about moving to containers and container orchestration do some research on the what and why it came to be and not just the how. stuff moves quickly and having a bit of context on how we got to where we are today I believe will help you make that best decision for your customers as an advisor and not just a service provider. sometimes jamstack can get things done and a CMS isn’t needed, sometimes a CMS is needed but it doesn’t need to be crazy complicated, and sometimes you need that full stack.

I just watched it. If I had a fiver for every version of that clip that’s been used… 😅

Well I found a great tutorial that allowed me to run a docker image and spin up three containers. One with Wordpress on port 80, another with MariaDB on 3306 but my machine doesn;t seem to want to give port 80 to Containerd. Even though I have the following when I run “nerdctl container ls”:

CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 225dd24f880c docker.io/library/wordpress:latest “docker-entrypoint.s…” 4 minutes ago Up 0.0.0.0:80->80/tcp wp1_wp_1 6a1219c09d09 docker.io/library/mysql:latest “docker-entrypoint.s…” 4 minutes ago Up 127.0.0.1:3306->3306/tcp wp1_db_1

Oh hang on. It says 0.0.0.0:80. Maybe I need to change the IP address in the yaml file to 127.0.0.1

the 0.0.0.0 should be localhost/default route as well

This is the whole yml file:

version: ‘3’ services: wp: image: wordpress:latest # https://hub.docker.com/_/wordpress/ ports: - 80:80 # change ip if required volumes: - ./config/php.conf.ini:/usr/local/etc/php/conf.d/conf.ini - ./wp-app:/var/www/html # Full wordpress project #- ./plugin-name/trunk/:/var/www/html/wp-content/plugins/plugin-name # Plugin development #- ./theme-name/trunk/:/var/www/html/wp-content/themes/theme-name # Theme development environment: WORDPRESS_DB_HOST: db WORDPRESS_DB_NAME: “${DB_NAME}” WORDPRESS_DB_USER: root WORDPRESS_DB_PASSWORD: “${DB_ROOT_PASSWORD}” depends_on: - db wpcli: image: wordpress:cli volumes: - ./config/php.conf.ini:/usr/local/etc/php/conf.d/conf.ini - ./wp-app:/var/www/html depends_on: - db - wp db: image: mysql:latest # https://hub.docker.com/_/mysql/ - or mariadb https://hub.docker.com/_/mariadb ports: - ${IP}33063306 # change ip if required command: [ ‘--default_authentication_plugin=mysql_native_password’, ‘--character-set-server=utf8mb4’, ‘--collation-server=utf8mb4_unicode_ci’ ] volumes: - ./wp-data:/docker-entrypoint-initdb.d - db_data:/var/lib/mysql environment: MYSQL_DATABASE: “${DB_NAME}” MYSQL_ROOT_PASSWORD: “${DB_ROOT_PASSWORD}” volumes: db_data:

It’s just an old Intel Mac Mini and I have turned off Apple Web Sharing which usually just takes you to an Apple installed Apache server for port 80.

Aha!!! I now get the Wordpress installer page. Thanks.

That’s insane. “Welcome to Wordpress 6.0.1” And the DB and Wordpress are running in different containers. This is simply awesome. Now how do I then run two sets of containers. Just create another directory for the files, copy them over to it and put a different port number 8081:80 etc for each install (different Wordpress/MySQL instance?

Or is it more complicated than that?

Here is the error:

FATA[0000] failed to create shim: OCI runtime create failed: runc create failed: unable to start container process: error during container init: error mounting “/Users/paulrandall/nginxproxymanager/data/mysql” to rootfs at “/var/lib/mysql”: stat /Users/paulrandall/nginxproxymanager/data/mysql: no such file or directory: unknown FATA[0000] failed to create shim: OCI runtime create failed: runc create failed: unable to start container process: error during container init: error mounting “/Users/paulrandall/nginxproxymanager/data” to rootfs at “/data”: stat /Users/paulrandall/nginxproxymanager/data: no such file or directory: unknown FATA[0000] error while creating container nginxproxymanager_db_1: exit status 1

AAh ok.

I’ll try it now. One sec

stateful apps and containers can be an interesting challenge and things get more interesting as you look at multi-node deployments like k8s.

So I just switched to Dockerd and it again built OK but I got these following errors

Error response from daemon: error while creating mount source path ‘/Users/paulrandall/nginxproxymanager/data/mysql’: chown /Users/paulrandall/nginxproxymanager/data/mysql: permission denied

I understand FQDN “fully qualified domain name” but as I started a couple of days ago on containering just think of me as an idiot 😉

I’m guessing the reason that it wants to save data external from the container is to save you actually having to enter in reverse proxy settings every time you start up the containered app.

Error response from daemon: error while creating mount source path ‘/Users/paulrandall/nginxproxymanager/data/mysql’: chown /Users/paulrandall/nginxproxymanager/data/mysql: permission denied

Just checked.

drwxr-xr-x 3 paulrandall staff 96 26 Jul 17:52 data/ -rw-r--r-- 1 paulrandall staff 586 26 Jul 16:57 docker-compose.yml drwxr-xr-x 2 paulrandall staff 64 26 Jul 17:52 letsencrypt/

maybe the mysql side is the issue. and remember likely that was intended for use on linux and not wsl2

I’m on an old 2012 Intel Mac Mini for all this. It’s the only non Apple Silicon Mac I have and the reason I’m using it for this.

ohh sorry i may be getting conused. i thought you were doing this on windows

similar problems, but contributes to why i couldn’t repro

I see.

Makes sense then.

So is it the original image that they created. Set up specifically so that it won’t save persistent data on a Mac or Linux

Maybe this is different enough to work. I’ll have a go 😉

on my mac

thats using dockerd about to try containerd

yeah nerdctl shim is still having issues on my machine when it comes to pwd

Really?

i created my compose folder in /tmp which exists in Alpine

so in the VM you can see the folders in /tmp

relative directories are also weird

i have done almost zero on volume mounts in RD (or docker solo) for a while so needed to repro to see what the issue might be

Ooh finished and built without errors.

i wouldn’t do the relative pathing though because it tries to take the path of your compose and inject it into Alpine

514d8c870ea1 docker.io/jlesage/nginx-proxy-manager:latest “/init” 7 minutes ago Up 0.0.0.0:80->80/tcp, 0.0.0.0:81->81/tcp, 0.0.0.0:443->443/tcp nginxproxymanager_app_1 bbcd0507092a docker.io/library/mariadb:latest “docker-entrypoint.s…” 7 minutes ago Up nginxproxymanager_db_1

But I still can’t see it if I type http:// 127.0.0.1:81/login

Or localhost:81

Maybe I need to open that port. D’oh!!!

i get a clean start from the above and I can get the “successfully started” on 80 on my machine fwiw

Dockerd or Containerd?

Dude I’m in 🙂 Thanks. That seemed to work. In Dockerd though

Wow. I’m logged in and everything. OK food time before divorce papers are passed to me 😉 Thanks again and I’ll report back when I’ve got things working (if I do) 🙂 Have a great day.

Bind for 0.0.0.0:443 failed: port is already allocated

Anyway. Have a great day. Thanks again Justin.

Nearly there now. I have NGINX Proxy Manager running and Wordpress running at the same time and I can get into the Wordpress install on 8080 and the proxy manager on 81. See below: paulrandall@Pauls-Mac-mini wp1 % docker container ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 6933589374ef wordpress:latest “docker-entrypoint.s…” 58 seconds ago Up 54 seconds 0.0.0.0:8080->80/tcp, :::8080->80/tcp wp1-wp-1 3bde41d6b5f1 mysql:latest “docker-entrypoint.s…” 58 seconds ago Up 56 seconds 127.0.0.1:3306->3306/tcp, 33060/tcp wp1-db-1 5c2465e4c0da jc21/nginx-proxy-manager:latest “/init” 14 hours ago Up 14 hours 0.0.0.0:80-81->80-81/tcp, :::80-81->80-81/tcp, 0.0.0.0:443->443/tcp, :::443->443/tcp nginxproxymanager-app-1 618ed5e5cea5 jc21/mariadb-aria:latest “/scripts/run.sh” 14 hours ago Up 14 hours 3306/tcp nginxproxymanager-db-1 52fdcec65293 72463d8000a3 “/entrypoint.sh --gl…” 14 hours ago Up 14 hours k8s_traefik_traefik-7cd4fcff68-lns28_kube-system_100b515c-01c0-4b83-b237-9359068f37b2_2 308cc2f83643 fb9b574e03c3 “local-path-provisio…” 14 hours ago Up 14 hours k8s_local-path-provisioner_local-path-provisioner-7b7dc8d6f5-nd52t_kube-system_89cacf18-4239-43b7-a772-a02f2b78daaa_2 517b9d69ab41 dbd43b6716a0 “entry” 14 hours ago Up 14 hours k8s_lb-tcp-443_svclb-traefik-aedb3f7c-rn9bg_kube-system_edc84ae6-6cdd-4aae-a03b-7827108c411f_2 3f845381f75b k8s.gcr.io/pause:3.6 “/pause” 14 hours ago Up 14 hours k8s_POD_traefik-7cd4fcff68-lns28_kube-system_100b515c-01c0-4b83-b237-9359068f37b2_2 9e63f437f9be dbd43b6716a0 “entry” 14 hours ago Up 14 hours k8s_lb-tcp-80_svclb-traefik-aedb3f7c-rn9bg_kube-system_edc84ae6-6cdd-4aae-a03b-7827108c411f_2 1e7a99d7f102 f73640fb5061 “/metrics-server --c…” 14 hours ago Up 14 hours k8s_metrics-server_metrics-server-668d979685-hpcc2_kube-system_d75b8dfc-a9e2-4544-a663-c021442918f8_2 1564154115c2 k8s.gcr.io/pause:3.6 “/pause” 14 hours ago Up 14 hours k8s_POD_local-path-provisioner-7b7dc8d6f5-nd52t_kube-system_89cacf18-4239-43b7-a772-a02f2b78daaa_2 66193378d9ce 99376d8f35e0 “/coredns -conf /etc…” 14 hours ago Up 14 hours k8s_coredns_coredns-b96499967-fl5wj_kube-system_84112cd7-a9b7-4c3c-a7de-798a1a0d324c_2 e2e4e0c2b0cb k8s.gcr.io/pause:3.6 “/pause” 14 hours ago Up 14 hours k8s_POD_metrics-server-668d979685-hpcc2_kube-system_d75b8dfc-a9e2-4544-a663-c021442918f8_2 ad6779f1f03b k8s.gcr.io/pause:3.6 “/pause” 14 hours ago Up 14 hours k8s_POD_coredns-b96499967-fl5wj_kube-system_84112cd7-a9b7-4c3c-a7de-798a1a0d324c_2 57dcf3183626 k8s.gcr.io/pause:3.6 “/pause” 14 hours ago Up 14 hours k8s_POD_svclb-traefik-aedb3f7c-rn9bg_kube-system_edc84ae6-6cdd-4aae-a03b-7827108c411f_2

Only issue left now is that if I look the IP address with a local browser without specifying a port (i.e. port 80) I get “It Works!” and that is the built in web server Apple provides. So it basically seems to get priority for listening on port 80 without any obvious way of disabling it. However I obviously want to use the web server in the container that is running NGINX proxy manager on port 80. So any idea how to move forward on that? I’m so close as you can see to displaying one website that is protected by reverse proxy. D’oh!!!