I'm just learning to use Kong and I just created containers for the postgres database, kong-migrations, kong, konga and konga-prepare.
But after I built the containers the following error appeared in the kong container and kong-migrations:
kong | ERROR: /usr/local/share/lua/5.1/kong/tools/dns.lua:39: /etc/hosts: Permission denied kong | stack traceback: kong | /usr/local/share/lua/5.1/kong/tools/dns.lua:39: in function </usr/local/share/lua/5.1/kong/tools/dns.lua:7> kong | /usr/local/share/lua/5.1/kong/globalpatches.lua:590: in function </usr/local/share/lua/5.1/kong/globalpatches.lua:4> kong | /usr/local/bin/kong:6: in function 'file_gen' kong | init_worker_by_lua:50: in function <init_worker_by_lua:48> kong | [C]: in function 'xpcall' kong | init_worker_by_lua:57: in function <init_worker_by_lua:55>
is there any advice on what I should do?
docker-compose files:
#SETUP DATABASE POSTGREE
db:
container_name: db
#image: postgres:9.6
build:
context: postgres
environment:
POSTGRES_USERS: ${KONG_DB_USERNAME}:${KONG_DB_PASSWORD}|${KONGA_DB_USERNAME}:${KONGA_DB_PASSWORD}
POSTGRES_DATABASES: ${KONG_DB_NAME}:${KONG_DB_USERNAME}|${KONGA_DB_NAME}:${KONGA_DB_USERNAME}
#POSTGRES_PASSWORD: ${KONG_DB_SUPERPAS}|${KONG_DB_SUPERPAS}
healthcheck:
test: ["CMD", "pg_isready", "-U", "${KONG_DB_USERNAME}"]
interval: 30s
timeout: 30s
retries: 3
extra_hosts:
- "$DNS_LOCAL : $IP_LOCAL"
restart: on-failure
stdin_open: true
tty: true
volumes:
- ./persist_volume:/var/lib/postgresql/data
networks:
- kong-net
kong-migrations:
container_name: kong-migrations
image: kong:latest
entrypoint: sh -c "sleep 10 && kong migrations bootstrap -v"
environment:
KONG_DATABASE: ${KONG_DATABASE}
KONG_PG_HOST: ${KONG_DB_HOST}
KONG_PG_DATABASE: ${KONG_DB_NAME}
KONG_PG_USER: ${KONG_DB_USERNAME}
KONG_PG_PASSWORD: ${KONG_DB_PASSWORD}
depends_on:
- db
networks:
- kong-net
restart: on-failure
# volumes:
# persist_volume:
# networks:
# kong-net:
# external: true
# SETUP KONG GATEWAY
kong:
container_name: kong
image: kong:latest
environment:
KONG_DATABASE: ${KONG_DATABASE}
KONG_PG_HOST: ${KONG_DB_HOST}
KONG_PG_DATABASE: ${KONG_DB_NAME}
KONG_PG_USER: ${KONG_DB_USERNAME}
KONG_PG_PASSWORD: ${KONG_DB_PASSWORD}
KONG_PROXY_ACCESS_LOG: ${KONG_PROXY_ACCESS_LOG}
KONG_ADMIN_ACCESS_LOG: ${KONG_ADMIN_ACCESS_LOG}
KONG_PROXY_ERROR_LOG: ${KONG_PROXY_ERROR_LOG}
KONG_ADMIN_ERROR_LOG: ${KONG_ADMIN_ERROR_LOG}
KONG_ADMIN_LISTEN: ${KONG_ADMIN_LISTEN}
restart: on-failure
extra_hosts:
- "$DNS_LOCAL : $IP_LOCAL"
- "$DNS_BACKEND : $IP_BACKEND"
ports:
- $KONG_PROXY_PORT:8000
- $KONG_PROXY_SSL_PORT:8443
- $KONG_PROXY_ADMIN_API_PORT:8001
- $KONG_PROXY_ADMIN_SSL_API_PORT:8444
networks:
- kong-net
#SETUP KONGA
konga-prepare:
container_name: konga-prepare
image: pantsel/konga:latest
command: "-c prepare -a postgres -u postgresql://${KONG_DB_USERNAME}:${KONG_DB_PASSWORD}@db:${KONG_DB_PORT}/${KONGA_DB_NAME}"
networks:
- kong-net
restart: on-failure
depends_on:
- db
konga:
container_name: konga
image: pantsel/konga:latest
restart: always
networks:
- kong-net
extra_hosts:
- "$DNS_LOCAL : $IP_LOCAL"
- "$DNS_BACKEND : $IP_BACKEND"
environment:
DB_ADAPTER: postgres
DB_URI: postgresql://${KONG_DB_USERNAME}:${KONG_DB_PASSWORD}@db:${KONG_DB_PORT}/${KONGA_DB_NAME}
NODE_ENV: production
volumes:
- ./konga-data:/var/lib/postgresql/data
depends_on:
- db
ports:
- ${KONGA_PORT}:1337
volumes:
persist_volume:
konga-data:
#prometheus_data:
networks:
kong-net:
#external: true
Dockerfiles:
FROM postgres:9.6
COPY docker-entrypoint.sh /usr/local/bin/docker-entrypoint.sh
RUN chmod +x /usr/local/bin/docker-entrypoint.sh
ENTRYPOINT ["docker-entrypoint.sh"]
CMD ["postgres"]
Docker-entrypoint.sh
#!/bin/bash
set -e
# usage: file_env VAR [DEFAULT]
# ie: file_env 'XYZ_DB_PASSWORD' 'example'
# (will allow for "$XYZ_DB_PASSWORD_FILE" to fill in the value of
# "$XYZ_DB_PASSWORD" from a file, especially for Docker's secrets feature)
file_env() {
local var="$1"
local fileVar="${var}_FILE"
local def="${2:-}"
if [ "${!var:-}" ] && [ "${!fileVar:-}" ]; then
echo >&2 "error: both $var and $fileVar are set (but are exclusive)"
exit 1
fi
local val="$def"
if [ "${!var:-}" ]; then
val="${!var}"
elif [ "${!fileVar:-}" ]; then
val="$(< "${!fileVar}")"
fi
export "$var"="$val"
unset "$fileVar"
}
if [ "${1:0:1}" = '-' ]; then
set -- postgres "$@"
fi
# allow the container to be started with `--user`
if [ "$1" = 'postgres' ] && [ "$(id -u)" = '0' ]; then
mkdir -p "$PGDATA"
chown -R postgres "$PGDATA"
chmod 700 "$PGDATA"
mkdir -p /var/run/postgresql
chown -R postgres /var/run/postgresql
chmod g+s /var/run/postgresql
exec gosu postgres "$BASH_SOURCE" "$@"
fi
if [ "$1" = 'postgres' ]; then
mkdir -p "$PGDATA"
chown -R "$(id -u)" "$PGDATA" 2>/dev/null || :
chmod 700 "$PGDATA" 2>/dev/null || :
# look specifically for PG_VERSION, as it is expected in the DB dir
if [ ! -s "$PGDATA/PG_VERSION" ]; then
file_env 'POSTGRES_INITDB_ARGS'
eval "initdb --username=postgres $POSTGRES_INITDB_ARGS"
authMethod=trust
if [ "$POSTGRES_USERS" ]; then
USERS_ARR=$(echo $POSTGRES_USERS | tr "|" "\n")
for USER in $USERS_ARR
do
USER_PASSWORD=`echo $USER | cut -d: -f2`
if [ "$USER_PASSWORD" ]; then
authMethod=md5
fi
done
fi
# check password first so we can output the warning before postgres
# messes it up
file_env 'POSTGRES_PASSWORD'
if [ "$POSTGRES_PASSWORD" ]; then
pass="PASSWORD '$POSTGRES_PASSWORD'"
authMethod=md5
else
pass=
fi
if [ "$authMethod" == "trust" ]; then
cat >&2 <<-'EOWARN'
****************************************************
WARNING: No password has been set for the database.
This will allow anyone with access to the
Postgres port to access your database. In
Docker's default configuration, this is
effectively any other container on the same
system.
Use "-e POSTGRES_PASSWORD=password" to set
it in "docker run".
****************************************************
EOWARN
fi
{ echo; echo "host all all all $authMethod"; } | tee -a "$PGDATA/pg_hba.conf" > /dev/null
# internal start of server in order to allow set-up using psql-client
# does not listen on external TCP/IP and waits until start finishes
PGUSER="${PGUSER:-postgres}" \
pg_ctl -D "$PGDATA" \
-o "-c listen_addresses='localhost'" \
-w start
file_env 'POSTGRES_USER' 'postgres'
file_env 'POSTGRES_DB' "$POSTGRES_USER"
psql=( psql -v ON_ERROR_STOP=1 )
if [ "$POSTGRES_DB" != 'postgres' ]; then
"${psql[@]}" --username postgres <<-EOSQL
CREATE DATABASE "$POSTGRES_DB" ;
EOSQL
echo
fi
if [ "$POSTGRES_USER" = 'postgres' ]; then
op='ALTER'
else
op='CREATE'
fi
"${psql[@]}" --username postgres <<-EOSQL
$op USER "$POSTGRES_USER" WITH SUPERUSER $pass ;
EOSQL
echo
psql+=( --username "$POSTGRES_USER" --dbname "$POSTGRES_DB" )
# If you want to create more than one user, please use that variable
# Variable example: POSTGRES_USERS="user1:user1pass|user2:user2pass|user3:user3password"
if [ "$POSTGRES_USERS" ]; then
USERS_ARR=$(echo $POSTGRES_USERS | tr "|" "\n")
for USER in $USERS_ARR
do
USER_NAME=`echo $USER | cut -d: -f1`
USER_PASSWORD=`echo $USER | cut -d: -f2`
if [ "$USER_NAME" = 'postgres' ]; then
op='ALTER'
else
op='CREATE'
fi
"${psql[@]}" --username postgres <<-EOSQL
$op USER "$USER_NAME" WITH SUPERUSER PASSWORD '$USER_PASSWORD' ;
EOSQL
done
fi
# If you want to create more than one database, please use that variable
# Variable example: POSTGRES_DATABASES="database1:user1|database2:user2|database3:user3"
if [ "$POSTGRES_DATABASES" ]; then
DATABASES_ARR=$(echo $POSTGRES_DATABASES | tr "|" "\n")
for DATABASE in $DATABASES_ARR
do
DATABASE_NAME=`echo $DATABASE | cut -d: -f1`
DATABASE_OWNER=`echo $DATABASE | cut -d: -f2`
if [ "$DATABASE_NAME" != 'postgres' ]; then
if [ "$DATABASE_OWNER" ]; then
"${psql[@]}" --username postgres <<-EOSQL
CREATE DATABASE "$DATABASE_NAME" owner "$DATABASE_OWNER" ;
EOSQL
echo
else
"${psql[@]}" --username postgres <<-EOSQL
CREATE DATABASE "$DATABASE_NAME" ;
EOSQL
echo
fi
fi
done
fi
# If you want to set up initial postgresql.conf parameters, please use that variable
# Variable example: POSTGRES_CONFIGS="work_mem:15MB|fsync:off|full_page_writes:off"
if [ "$POSTGRES_CONFIGS" ]; then
CONFIGS_ARR=$(echo $POSTGRES_CONFIGS | tr "|" "\n")
for CONFIG in $CONFIGS_ARR
do
CONFIG_NAME=`echo $CONFIG | cut -d: -f1`
CONFIG_VALUE=`echo $CONFIG | cut -d: -f2`
"${psql[@]}" --username postgres <<-EOSQL
ALTER SYSTEM SET $CONFIG_NAME = "$CONFIG_VALUE" ;
EOSQL
done
fi
echo
for f in /docker-entrypoint-initdb.d/*; do
case "$f" in
*.sh) echo "$0: running $f"; . "$f" ;;
*.sql) echo "$0: running $f"; "${psql[@]}" -f "$f"; echo ;;
*.sql.gz) echo "$0: running $f"; gunzip -c "$f" | "${psql[@]}"; echo ;;
*) echo "$0: ignoring $f" ;;
esac
echo
done
PGUSER="${PGUSER:-postgres}" \
pg_ctl -D "$PGDATA" -m fast -w stop
echo
echo 'PostgreSQL init process complete; ready for start up.'
echo
fi
fi
exec "$@"