nats-io / nats-streaming-docker Goto Github PK

Official Docker image for the NATS Streaming server

License: Apache License 2.0

Shell 9.19% Dockerfile 38.58% PowerShell 13.07% Python 39.16%

nats-streaming-docker's Introduction

nats-streaming-docker

This is the repo for building the official NATS Streaming Server Docker images. If you just want to use NATS Streaming server, then head over to Docker Hub. You don't need this repo.

The rest of this readme is for image maintainers.

Directory structure

The directories are structured in a way such that each NATS server release has a directory. Each release version has a number of base image variants, such as scratch on Linux or nanoserver on Windows.

nats-streaming-docker/
├── 1.2.3
│   ├── image variant
└───└── image variant

For the most part, image variant Dockerfiles will download the official NATS Streaming server release binaries when building the server image and COPY a default configuration file.

The Linux scratch image is a little special. It copies a server binary from the Alpine image because the scratch image doesn't come with any tools to download and untar binaries.

Updating NATS Streaming server version

First, make sure you've published a new NATS server git tag and make sure the release binaries and SHASUMS are ready to download.

Next, run the command below. This will update the version and hash of the NATS server.

usage: ./update.py <server version>
       ./update.py 0.22.1

You can check what changed with git diff.

Manual updates

This script doesn't update everything. Here are some other things you may or may not want to update.

The Ubuntu host version used for CI.
The Windows host versions used for CI.
The Alpine version

After you've updated everything that needs updating. Submit a PR to this repo. Make sure CI passes.

Publishing on Docker Hub

To publish your new changes to Docker Hub. Head over to docker-library/official-images. You'll need to update the nats-streaming IMF file.

IMF stands for Internet Message Format. It's the format that Docker chose to declare images, instead of something like YAML.

You'll need to update the git commit in this file.

GitCommit: 9716618a61deba8a7e28b69d53d95d698bde5117

Also handy to know, if you're testing and haven't merged your PR in nats-io/nats-streaming-docker. You can tell Docker to pull a commit from a different branch like this.

GitFetch: refs/heads/mybranch
GitCommit: 9716618a61deba8a7e28b69d53d95d698bde5117

Docker images will be built in the order they're specified in the IMF file. This detail is very important because Windows images and the scratch image depend on this behavior. Nanoserver images must be built after servercore images. Scratch must be built after Alpine.

Tags: 0.17.0-windowsservercore-1809, windowsservercore-1809
Architectures: windows-amd64
Directory: 0.17.0/windowsservercore-1809
Constraints: windowsservercore-1809

Tags: 0.17.0-nanoserver-1809, nanoserver-1809
Architectures: windows-amd64
Directory: 0.17.0/nanoserver-1809
Constraints: nanoserver-1809, windowsservercore-1809

The names of the images also have to be consistent with the rest of the official images. Make sure the names match existing image names. For example, it should be 0.17.0-windowsservercore-1809, not 0.17.0-windowsservercore1809, not 0.17.0-servercore-1809.

nats-streaming-docker's People

Contributors

Stargazers

Watchers

Forkers

bcatlin appcelerator-archive altairsix neuroidss rockymadden barmaglot123 alianza-dev ccorley mcuadros wzhliang dllehr81 shakahl isabella232 georgenicoll andriisoldatenko positive-spaces-io webclinic017 oncicaradupopovici jaybraker

nats-streaming-docker's Issues

404 on docker hub

Hi,

Getting not found on the link to docker hub.

failed to copy file from "nats-streaming:0.22.1" image when create new image

Because of security issue, I can't use nats-streaming:0.22.1 image directly
So, I'm trying to create new image using "nats-streaming:0.22.1"

# Default image
# https://github.com/nats-io/nats-streaming-docker
FROM nats-streaming:0.17.0 as base

# build image using n2c base image
FROM <MY-BASE-IMAGE>
COPY --from=base /usr/local/bin/nats-streaming-server /usr/local/bin/nats-streaming-server
COPY --from=base /usr/local/bin/docker-entrypoint.sh /usr/local/bin/docker-entrypoint.sh
ENTRYPOINT ["docker-entrypoint.sh"]
CMD ["nats-streaming-server", "-m", "8222"]

But, when I trying to build docker image, below error occurs.

Sending build context to Docker daemon   5.12kB
Step 1/7 : FROM nats-streaming:0.17.0 as base
 ---> 411737a82b95
Step 2/7 : FROM fin.reg.navercorp.com/fdc/alpine-base:latest
 ---> 43516049b8eb
Step 3/7 : COPY --from=base /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/ca-certificates.crt
COPY failed: stat etc/ssl/certs/ca-certificates.crt: file does not exist

If I trying to exec docker image, then it raise error too

[irteam@ahdpcp011-npay image]$ docker run -it --name nats -d  nats-streaming:0.22.1

[irteam@ahdpcp011-npay image]$ docker exec -it nats /bin/bash
OCI runtime exec failed: exec failed: container_linux.go:367: starting container process caused: exec: "/bin/bash": stat /bin/bash: no such file or directory: unknown
[irteam@ahdpcp011-npay image]$ docker exec -it nats /bin/sh
OCI runtime exec failed: exec failed: container_linux.go:367: starting container process caused: exec: "/bin/sh": stat /bin/sh: no such file or directory: unknown
[irteam@ahdpcp011-npay image]$ docker exec -it nats sh
OCI runtime exec failed: exec failed: container_linux.go:367: starting container process caused: exec: "sh": executable file not found in $PATH: unknown
[irteam@ahdpcp011-npay image]$ docker exec -it nats bash
OCI runtime exec failed: exec failed: container_linux.go:367: starting container process caused: exec: "bash": executable file not found in $PATH: unknown

[irteam@ahdpcp011-npay image]$ docker run -it nats-streaming:0.22.1 bash
unrecognized command: "bash"
[irteam@ahdpcp011-npay image]$ docker run -it nats-streaming:0.22.1 sh
unrecognized command: "sh"

How could I use shell in this image?

max_payload can this be an environment variable

We can keep max_payload value in a file and provide via --stan_config. Is it possible to provide it as an environment variable. That facility will be neat if possible

0.15.x Tags missing from Docker Hub Repository

I'm not sure if this is supposed to happen automatically with a new release, but the new 0.15.1-tagged image is not available on Docker Hub currently.

NATS Streaming docker image don't ship with Root CA certificates

Hi,

Thanks for the amazing work on NATS.

We are trying to use NATS Streaming with TLS using a Let's Encrypt certificate.

It took quite some time to figure out that NATS streaming is failing to connect to a remote NATS server over TLS because the image don't ship with CA Certificates.

The Docker image of NATS server is based on Alpine and installs the CA certificates.

The following is a sample of a modified NATS image that uses the releases of NATS streaming.

FROM alpine:3.11

ENV NATS_SERVER 0.17.0

RUN set -eux; \
	apkArch="$(apk --print-arch)"; \
	case "$apkArch" in \
		arm64) natsArch='arm64' ;; \
		armhf) natsArch='arm6' ;; \
		armv7) natsArch='arm7' ;; \
		x86_64) natsArch='amd64' ;; \
		x86) natsArch='386' ;; \
		*) echo >&2 "error: $apkArch is not supported!"; exit 1 ;; \
	esac; \
	\
	wget -O nats-streaming-server.zip "https://github.com/nats-io/nats-streaming-server/releases/download/v${NATS_SERVER}/nats-streaming-server-v${NATS_SERVER}-linux-${natsArch}.zip"; \
	\
	apk add --no-cache ca-certificates; \
	apk add --no-cache --virtual buildtmp unzip; \
	\
	unzip nats-streaming-server.zip "nats-streaming-server-v${NATS_SERVER}-linux-${natsArch}/nats-streaming-server"; \
	rm nats-streaming-server.zip; \
	mv "nats-streaming-server-v${NATS_SERVER}-linux-${natsArch}/nats-streaming-server" /usr/local/bin; \
	rmdir "nats-streaming-server-v${NATS_SERVER}-linux-${natsArch}"; \
	\
	apk del --no-cache --no-network buildtmp

COPY stan.conf /etc/nats/nats-server.conf
EXPOSE 4222 8222 6222
CMD ["nats-streaming-server"]

Does it make sense to homogenize both images and add CA certificates to avoid failing TLS connections?

Please create official HA Docker compose file the supports Service Fabric

Would be great if the windows version came first then the linux version as a close 2nd. Should support easily scaling up and down.

Thanks.

Stop using deprecated Windows 2016 hosted runners

Per email from GitHub:

On March 15, 2022, Windows 2016 hosted runners will be removed from GitHub Actions.

In preparation for the deprecation, there are two scheduled brownout periods for our team to perform maintenance:

December 1, 2021: 4:00pm–10:00pm UTC

February 7, 2022: 4:00pm–10:00pm UTC

Jobs that use Windows 2016 scheduled to run during this time will temporarily fail.

What you need to do
We recommend you change jobs using runs-on: windows-2016 to use runs-on: windows-latest which will ensure you're always running on the latest version of Windows Server.

File .github/workflows/main.yaml defines a Job windows-2016 which is runs-on: windows-2016.

Can we change the docker image base to busybox?

When running nats in production kuberenetes cluster it's difficult to see what's happening inside of it. For example, I'm fairly certain that we're hitting a memory constraint when running the container but it's hard to tell because the scratch base doesn't have a shell or ps to be able to dig deeper. Running containers in kubernetes in the same cgroup is also difficult.

Not sure if it is still relevant, but worth to double check.

Add multi-platform support (ARM, Windows?)

Similar to what we did for NATS Server.