-
Notifications
You must be signed in to change notification settings - Fork 347
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Build all MPMs as shared modules #87
Conversation
@@ -127,6 +127,7 @@ RUN set -eux; \ | |||
--build="$gnuArch" \ | |||
--prefix="$HTTPD_PREFIX" \ | |||
--enable-mods-shared=reallyall \ | |||
--enable-mpms-shared=all \ |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Alpine needs this too. 😉
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Updated!
- `golang`: `1.10rc1` bump - `httpd` drop 2.2 eol docker-library/httpd#88, add MPMs docker-library/httpd#87 - `mongo` remove windows variants docker-library/mongo#241
Thanks for the configuration fix, @oskapt - this unexpected change took us offline as well. |
Arg whoops, thanks @oskapt -- will look into a fix ASAP. |
Hmm, this appears to already be there in the image-provided configuration: 😕 $ docker pull httpd
Using default tag: latest
latest: Pulling from library/httpd
Digest: sha256:b77059f169e57fb4046813127cf4bc75b5a67ed6021ad85f1abf318e0324fcfe
Status: Image is up to date for httpd:latest
$ docker run --rm httpd grep mod_mpm conf/httpd.conf
LoadModule mpm_event_module modules/mod_mpm_event.so
#LoadModule mpm_prefork_module modules/mod_mpm_prefork.so
#LoadModule mpm_worker_module modules/mod_mpm_worker.so 😞 |
Anyone who's running with that configuration modified will be probably impacted by this tag rerelease. |
It's certainly not unprecedented for an official image to have a change like this in an already-released image tag. Folks looking for maximum stability image references should probably be using image digests instead of tags (https://github.com/docker-library/repo-info is probably useful here), since by their nature tags are mutable. Point taken that this is an unfortunate change though. What would you recommend the fix be? By now, we've got quite a few consumers who've updated their configuration with the appropriate It seems like our best option now is to soldier through, and recommend that folks use the opportunity to update their CI/CD pipeline to at least fire up the container temporarily and verify that it runs and responds to connections before deploying it. |
@tianon agreed that you shouldn't revert now. what's done is done. i don't know what the best course of action might have been - with the foresight to see the potential impact, perhaps no change at all? if i install apache from source, i expect it to have a sane set of defaults that i can modify with my own config. if apache changes the defaults, they'll do it on a release, possibly add some error checking (a little sed love and a big fat deprecation warning to stderr) to make sure that the change is backwards-compatible, and then give it some time to bake before removing the sed munging a few releases later. it's normal for a child image to modify regarding the "not unprecedented" comment and suggestion that consumers use specific digest instead of a tag, you might be right...but i don't think it's a realistic expectation. by using the the change to make mpms shared was not required for anything other than convenience. if i want to change the defaults from upstream, i'll copy your Dockerfile and roll my own image. i know i sound snarky, and i don't mean to. it's an uncomfortable situation where both of us have merit in our arguments. you thought you were doing the right thing, and maybe i shouldn't trust your image in the way that i did. to that end, perhaps you can take my earlier suggestion and update the image with some sed to make sure that the appropriate |
If you look at the contents of this PR, we didn't modify the configuration at all. All we did was adjust the flags used to compile Apache, and it was upstream's code which changed that default configuration. We intentionally do not supply any modifications from upstream's default-supplied configurations except to point logs to stdout/stderr by default, and let Apache upstream's defaults ride straight through. It's definitely unfortunate that changing upstream's build flags will change the default configuration that they generate, but that's where we're at. To be clear, you're suggesting that we add an additional entrypoint to the image which modifies a user-supplied configuration file in order to add a Honestly, that seems pretty complicated to get right, and not accidentally break someone who's intentionally loading some other MPM, which might not even happen in their |
Upstream is smart. It dynamically generates config files so that they work. If you have (I built your image twice from source, changing only that line in This means that by changing your compile-time flags, you changed But let's stop discussing the why and wherefore, because it doesn't solve anything. Let's look at how you can fix it. You already have an entrypoint that's a shell script. It's trivial for you to modify it. You can run Maybe you don't want to modify a user's config - that makes sense. In that case run the checks and output some useful data to stderr like, "Hey - sorry for the inconvenience, but you're missing a At least then when people check the container logs, they're not baffled by why their MPM suddenly went for a walk. |
I love the suggestion of a warning to help guide users to the appropriate
fix to their configuration -- do you have some example code which does that
in a clean way? A PR would be really great, but otherwise just a blurb of
code which does the appropriate detection would be really helpful.
|
FWIW, thanks for maintaining these official containers. Even with today's hiccup, your work is greatly appreciated by a lot of developers. |
@tianon i'll work on this today. |
The following will test the apache config. If the MPM issue is present, it will report how to solve it. If a different error is present, it will report that instead. It will then sleep for X seconds before exiting. If there are no issues with the test, it will start the container. The message output is configurable in the heredocs at the top - I have the MPM message pointing to this URL, but it should probably point to an issue or a snippet or something that explains what happened. I removed I changed the
|
There was a change in the upstream reference httpd image for apache that changed how modules were built for apache. This change adds the required fix to accomodate the change. See isssue here docker-library/httpd#87 The Elasticsearch image tag was updated to accomodate the kernel versions used in the gate as part of the kernel update playbook See elastic/elasticsearch#28349 (comment) The openstack-exporter binary was changed to reflect changes made to the openstack-exporter image Change-Id: I1deb9e7cde794421dd33fade566c2a9fdb5007e6
I want to add that also here builds and continuous integration broke. The result was that several teams have been searching for hours for the root cause. I suggest that in such cases the tag of the docker image is modified, e.g. to "2.4.29.1" whereas the last digit would indicate changes to the Docker image's infrastructure, but not to the containerized application. Has there been a decision on the way forward? |
fix after changes in docker-library/httpd#87
- `golang`: `1.10rc1` bump - `httpd` drop 2.2 eol docker-library/httpd#88, add MPMs docker-library/httpd#87 - `mongo` remove windows variants docker-library/mongo#241
- `golang`: `1.10rc1` bump - `httpd` drop 2.2 eol docker-library/httpd#88, add MPMs docker-library/httpd#87 - `mongo` remove windows variants docker-library/mongo#241
Closes #11
Closes #63