vhttpd

User avatar
John
Site Admin
Posts: 2580
Joined: Mon Apr 24, 2000 3:18 pm
Location: Cleveland, OH
Contact:

Re: vhttpd

Post by John »

I did try the container in kubernetes, and seemed to work. I did install texis in the normal location though. This was my Dockerfile:

Code: Select all

ROM centos
# Add a texis user
# Install ncurses (ltest)
# Hopefully can do away with ncurses in future
RUN useradd -ms /bin/bash texis ; yum -y install ncurses-compat-libs perl
COPY usr /usr
ENV PATH="/usr/local/morph3/bin:${PATH}"
# Fix up perms
RUN chown -R texis.texis /usr/local/morph3 ; chmod u+s /usr/local/morph3/bin/monitor ; texis -license ; rm /usr/local/morph3/bin/vhttpd ; cp /usr/local/morph3/bin/monitor /usr/local/morph3/bin/vhttpd ; chmod u+s /usr/local/morph3/bin/vhttpd

FROM centos
# Add a texis user
# Install ncurses (ltest)
# Hopefully can do away with ncurses in future
RUN useradd -ms /bin/bash texis ; yum -y install ncurses-compat-libs perl
COPY --from=0 /usr /usr
ENV PATH="/usr/local/morph3/bin:${PATH}"
# Launch script that starts monitor, and fixes up resolv.conf if it doesn't end with newline
ENTRYPOINT vhttpd -D
EXPOSE 80
John Turnbull
Thunderstone Software
User avatar
mark
Site Admin
Posts: 5495
Joined: Tue Apr 25, 2000 6:56 pm

Re: vhttpd

Post by mark »

Did you install under /home in the working one?

Also, selinux will appear disabled inside the container. Check the host's audit log.
aitchon
Posts: 106
Joined: Mon Jan 22, 2007 10:30 am

Re: vhttpd

Post by aitchon »

Yes I installed under /home on the working one. What should I be looking for in the host audit.log? I ran the install in the Dockerfile.

Code: Select all

FROM centos:7

ARG version=7.06

ENV TEXISVERSION=$version PATH=$PATH:/home/txusr/morph3/bin

RUN adduser -u 1002 txusr
USER txusr

RUN mkdir /home/txusr/morph3
RUN mkdir /tmp/texis7-setup
RUN mkdir /home/txusr/morph3/cgi-bin

COPY texis7-setup.tar.gz /tmp/texis7-setup
COPY start_vhttpd.sh /

RUN cd /tmp/texis7-setup && \
    tar -xzf texis7-setup.tar.gz && \
    sed -i.bak 's/.*TX_DEFINSTALLDIR=.*/TX_DEFINSTALLDIR="\/home\/txusr\/morph3"/' install-non-interactive && \
    ./install-non-interactive --use-defaults --webinator-password=password && \
    rm -rf /tmp/texis7-setup

# copy vortex file here /home/txusr/morph3/texis/scripts
COPY getuniqueid /home/txusr/morph3/texis/scripts

USER root
RUN ["chmod", "+x", "/start_vhttpd.sh"]
EXPOSE 80
ENTRYPOINT "/start_vhttpd.sh"
This is start_vhttpd.sh:

Code: Select all

/home/txusr/morph3/bin/vhttpd -d /home/txusr/morph3
sleep infinity
User avatar
mark
Site Admin
Posts: 5495
Joined: Tue Apr 25, 2000 6:56 pm

Re: vhttpd

Post by mark »

aitchon wrote: Thu May 13, 2021 1:12 pm Yes I installed under /home on the working one. What should I be looking for in the host audit.log?
Messages with "denied" or "vhttpd"
aitchon
Posts: 106
Joined: Mon Jan 22, 2007 10:30 am

Re: vhttpd

Post by aitchon »

I'm not seeing any messages related to those words. I'll try installing under /usr using your commands from your Dockerfile.
aitchon
Posts: 106
Joined: Mon Jan 22, 2007 10:30 am

Re: vhttpd

Post by aitchon »

I tried using your dockerfile, but still installing Texis in the dockerfile. Again, it worked fine in docker, but I'm seeing this in kubernetes logs:

[Thu May 13 18:10:55 2021] (1) 002 Cannot open error log /usr/local/morph3/logs/error.log: Permission denied
[Thu May 13 18:10:55 2021] (1) 002 Cannot open transfer log /usr/local/morph3/logs/transfer.log: Permission denied
[Thu May 13 18:10:55 2021] (1) 102 Cannot open error log file `/usr/local/morph3/logs/vortex.log': Permission denied
[Thu May 13 18:10:55 2021] (1) Server exiting abnormally
User avatar
John
Site Admin
Posts: 2580
Joined: Mon Apr 24, 2000 3:18 pm
Location: Cleveland, OH
Contact:

Re: vhttpd

Post by John »

Odd, thought at least it looks like vhttpd started up, but there are still permission problems. It might make sense in your situation to have vhttpd listen on a different port (above 1024, e.g. 8080) so that it doesn't need root permissions, and then it can do everything as an ordinary user. You should still be able to configure kubernetes to have the service available on port 80 if you prefer.
John Turnbull
Thunderstone Software
aitchon
Posts: 106
Joined: Mon Jan 22, 2007 10:30 am

Re: vhttpd

Post by aitchon »

That worked. Thanks for your help!
aitchon
Posts: 106
Joined: Mon Jan 22, 2007 10:30 am

Re: vhttpd

Post by aitchon »

Now that I have vhttpd working in kubernetes, I've noticed that memory has been rising while doing a load test on a vortex script. I emptied out the script so that it does nothing, and still noticed that memory still rises as seen in the attached pic. Do you know of any memory leaks within vhttpd?
Attachments
Screen Shot 2021-05-24 at 8.54.46 AM.png
Screen Shot 2021-05-24 at 8.54.46 AM.png (30.95 KiB) Viewed 131 times
User avatar
John
Site Admin
Posts: 2580
Joined: Mon Apr 24, 2000 3:18 pm
Location: Cleveland, OH
Contact:

Re: vhttpd

Post by John »

No known memory leaks. How many requests would have occurred in that time frame?
Post Reply