I try to use supervisord in order to link PHP & Nginx, my container runs locally but once pushed to Cloud Run, I go a 502 error which informs me that the PHP socket can't be found.
I have a non-Alpine image which runs with the same configuration and everything goes right, I've tried to use the PHP default port (9000) and everything works but I've seen that using Unix socket can be a better idea.
Here's the Dockerfile used:
FROM php:7.3.5-alpine3.9 as base
ARG REVISION
LABEL org.opencontainers.image.authors=contact@guillaumeloulier.fr
LABEL org.opencontainers.image.source=https://gitlab.com/Guikingone/Portfolio
LABEL org.opencontainers.image.revision=$REVISION
ENV APP_DIR=/srv/app \
APP_ENV=prod \
APP_FRONT_CONTROLLER=index.php \
APP_LOCALE=fr \
APP_USER=portfolio-user \
APP_USER_GROUP=portfolio \
APP_PORT=8080 \
COMPOSER_DIR=/opt/composer \
COMPOSER_ALLOW_SUPERUSER=1 \
NGINX_DIR=/etc/nginx \
NGINX_VERSION=1.14.2-r1 \
PHP_FPM_CONF_DIR=/usr/local/etc/php-fpm.d/ \
SUPERVISORD_CONF_DIR=/etc/supervisor \
SUPERVISOR_VERSION=3.3.4-r1 \
BUILD_SCRIPTS_DIR=/build-scripts
# Supervisord conf to be copied at the end.
COPY docker/prod/php/scripts/*.sh $BUILD_SCRIPTS_DIR/
# Core dependencies installation (installed as a virtual package in order to remove it later)
RUN apk add --no-cache --virtual .build-deps $PHPIZE_DEPS \
&& apk add --no-cache --virtual .bash bash=4.4.19-r1 \
&& apk add --no-cache --virtual .core-php-deps icu-dev=62.1-r0 \
&& rm -rf /var/cache/apk/* \
&& docker-php-ext-install \
intl \
opcache \
&& docker-php-ext-configure intl \
&& docker-php-ext-enable opcache \
&& apk del .build-deps .phpize-deps-configure
# User creation
RUN apk add --no-cache --repository http://dl-3.alpinelinux.org/alpine/edge/testing/ --allow-untrusted --virtual .user-deps gosu=1.10-r0 \
&& rm -rf /var/cache/apk/* \
&& addgroup $APP_USER_GROUP \
&& adduser -D -h /home/portfolio -s /bin/bash -G $APP_USER_GROUP $APP_USER \
&& chown -R $APP_USER $BUILD_SCRIPTS_DIR \
&& apk del .user-deps
# Nginx & Supervisor installation
RUN apk add --no-cache --virtual .http-deps nginx=$NGINX_VERSION supervisor=$SUPERVISOR_VERSION \
&& rm -rf /var/cache/apk/* \
&& ln -sf /dev/stdout /var/log/nginx/access.log \
&& ln -sf /dev/stderr /var/log/nginx/error.log
RUN mkdir -p $APP_DIR $BUILD_SCRIPTS_DIR \
&& chown -R $APP_USER $APP_DIR \
&& chmod -R 755 $APP_DIR
COPY docker/prod/php/conf/php.ini $PHP_INI_DIR/php.ini
COPY docker/prod/php/conf/fpm.conf $PHP_FPM_CONF_DIR/fpm.conf
COPY docker/prod/nginx/conf/nginx.conf $NGINX_DIR/nginx.conf
COPY docker/prod/supervisord/supervisord.conf $SUPERVISORD_CONF_DIR/supervisord.conf
# Used to check that PHP-FPM works
HEALTHCHECK --interval=5s --timeout=3s \
CMD curl -f http://localhost/ping || exit 1
EXPOSE $APP_PORT 443
CMD ["/usr/bin/supervisord", "-n", "-c", "/etc/supervisor/supervisord.conf"]
# Production build
FROM base as production
COPY docker/prod/nginx/conf/portfolio.conf $NGINX_DIR/conf.d/portfolio.conf
WORKDIR $APP_DIR
COPY . .
# The vendors are installed after the whole project is copied, this way, we can dump the autoload properly.
# The unrequired directories are also removed.
RUN /bin/bash "$BUILD_SCRIPTS_DIR/install_composer.sh" \
&& /bin/bash "$BUILD_SCRIPTS_DIR/composer_dependencies.sh" \
&& rm -rf $BUILD_SCRIPTS_DIR \
/usr/bin/git* \
/lib/apk/db/installed \
/usr/local/bin/composer \
node_modules/
And here's the supervisor configuration file:
[supervisord]
nodaemon = true
logfile = /dev/null
logfile_maxbytes = 0
pidfile = /var/run/supervisord.pid
loglevel = INFO
[rpcinterface:supervisor]
supervisor.rpcinterface_factory = supervisor.rpcinterface:make_main_rpcinterface
[program:php-fpm]
command = /usr/local/sbin/php-fpm
autostart = true
autorestart = true
priority = 5
stdout_logfile = /dev/stdout
stdout_logfile_maxbytes = 0
stderr_logfile = /dev/stderr
stderr_logfile_maxbytes = 0
[program:nginx]
command = /usr/sbin/nginx -g "daemon off;"
autostart = true
autorestart = true
priority = 10
stdout_events_enabled = true
stderr_events_enabled = true
stdout_logfile = /dev/stdout
stdout_logfile_maxbytes = 0
stderr_logfile = /dev/stderr
stderr_logfile_maxbytes = 0
[include]
files = /etc/supervisor/**/*.conf
Here's the error log in StackDriver logging linked to the container sandox:
2019-05-19 11:31:50.246 CEST
Container Sandbox Limitation: Unsupported syscall prctl(0x4,0x1,0x0,0x0,0x0,0x20)
Thanks for the help.