时间戳

首页 > 解决方案 > LDAP 服务器关闭“多阶段 Docker 构建”

docker - LDAP 服务器关闭“多阶段 Docker 构建”

问题描述

我正在为我的应用程序构建一个多阶段 docker,使用官方 python 图像“python:3.7-buster”、nginx、supervisord 和 uwsgi。映像构建成功,我可以检查不使用 ldap 的路由,但使用的路由会出现此错误:ldap.SERVER_DOWN: {'desc': "Can't contact LDAP server", 'errno': 107, 'info': 'Transport endpoint is not connected'}". 该应用程序在 docker 外运行良好。

我的码头文件:

FROM python:3.7-buster AS backend-builder

COPY ./backend /app

COPY ./build/docker-entrypoint.sh /app

RUN apt-get update

RUN yes yes | apt-get install vim

RUN  yes yes | apt-get install libsasl2-dev python-dev libldap2-dev libssl-dev

RUN pip install supervisor

RUN pip install uwsgi


COPY /backend/requirements.txt ./

RUN apt-get update

RUN  yes yes | apt-get install nginx

RUN pip install -r requirements.txt

Run pip install Flask-Cors

COPY ./build/nginx.conf /etc/nginx/nginx.conf

RUN mkdir /var/cache/nginx

RUN mkdir -p /spool/nginx /run/pid && \
    chmod -R 777 /var/log/nginx /var/cache/nginx /etc/nginx /var/run /run /run/pid /spool/nginx && \
    chgrp -R 0 /var/log/nginx /var/cache/nginx /etc/nginx /var/run /run /run/pid /spool/nginx && \
    chmod -R g+rwX /var/log/nginx /var/cache/nginx /etc/nginx /var/run /run /run/pid /spool/nginx


COPY ./build/uwsgi.ini /etc/uwsgi/apps-available/uwsgi.ini


COPY ./build/supervisord.conf /etc

EXPOSE 8080:8080

COPY ./build/docker-entrypoint.sh /usr/local/bin/docker-entrypoint.sh

RUN mkdir /var/log/supervisor/
RUN ln -s /usr/local/bin/docker-entrypoint.sh / && \
    chmod 777 /usr/local/bin/docker-entrypoint.sh && \
    chgrp -R 0 /usr/local/bin/docker-entrypoint.sh && \
    chown -R root:root /usr/local/bin/docker-entrypoint.sh && \
    chmod 777 /var/log/supervisor/

WORKDIR /app

RUN ls ./
ENTRYPOINT ["docker-entrypoint.sh"]
CMD ["/usr/local/bin/supervisord"]

要求.txt:

Flask==1.0.2
pytest==5.0.1
pytest-mock
requests==2.22.0
httpretty
azure==4.0.0
azure-storage-blob==2.0.1
azure-cli-core==2.0.74
sqlalchemy==1.3.6
Flask-SQLAlchemy==2.3.2
Flask-SimpleLDAP==1.4.0
flask-jwt-extended==3.23.0
tenacity
flasgger
PyYAML

nginx.conf:

pid /run/nginx.pid;
error_log /var/log/nginx/error.log;

events {
    worker_connections 1024;
}

http {
    include /etc/nginx/mime.types;
    default_type application/octet-stream;
    sendfile on;
    tcp_nopush on;

    client_body_temp_path /spool/nginx/client_temp 1 2;
    fastcgi_temp_path /spool/nginx/fastcgi_temp 1 2;
    proxy_temp_path /spool/nginx/proxy_temp 1 2;
    scgi_temp_path /spool/nginx/scgi_temp 1 2;
    uwsgi_temp_path /spool/nginx/uwsgi_temp 1 2;

    server {
        listen 8080;
        server_name localhost;


        access_log /var/log/nginx/access.log;

        location / {
            try_files $uri @dev_maintenance;
        }
        location @dev_maintenance {
            include uwsgi_params;
            uwsgi_pass unix:///run/uwsgi.sock;
        }
        location /static {
            alias /opt/repo/src/static;
            expires 1d;
        }
    }
}

uwsgi.ini

[uwsgi]
master = true
module= dev_maintenance:app
callable=app
buffer-size=65535
lazy=true
socket = /run/uwsgi.sock

supervisord.conf

[unix_http_server]
file=/run/supervisor.sock
chmod=0770

[supervisord]
nodaemon=true
pidfile=/run/pid/supervisord.pid
logfile=/var/log/supervisor/supervisord.log
childlogdir=/var/log/supervisor
logfile_maxbytes=50MB
logfile_backups=1

[rpcinterface:supervisor]
supervisor.rpcinterface_factory = supervisor.rpcinterface:make_main_rpcinterface

[supervisorctl]
serverurl=unix:///run/supervisor.sock

[program:nginx]
command=/usr/sbin/nginx -g "daemon off;" -c /etc/nginx/nginx.conf
stdout_logfile=/dev/stdout
stdout_logfile_maxbytes=0
stderr_logfile=/dev/stderr
stderr_logfile_maxbytes=0

[program:uwsgi]
command=/usr/local/bin/uwsgi --ini /etc/uwsgi/apps-available/uwsgi.ini
stdout_logfile=/dev/stdout
stdout_logfile_maxbytes=0
stderr_logfile=/dev/stderr
stderr_logfile_maxbytes=0

完整的错误输出:

raceback (most recent call last):
  File "/usr/local/lib/python3.7/site-packages/flask_simpleldap/__init__.py", line 119, in bind
    current_app.config['LDAP_PASSWORD'])
  File "/usr/local/lib/python3.7/site-packages/ldap/ldapobject.py", line 445, in simple_bind_s
    msgid = self.simple_bind(who,cred,serverctrls,clientctrls)
  File "/usr/local/lib/python3.7/site-packages/ldap/ldapobject.py", line 439, in simple_bind
    return self._ldap_call(self._l.simple_bind,who,cred,RequestControlTuples(serverctrls),RequestControlTuples(clientctrls))
  File "/usr/local/lib/python3.7/site-packages/ldap/ldapobject.py", line 331, in _ldap_call
    reraise(exc_type, exc_value, exc_traceback)
  File "/usr/local/lib/python3.7/site-packages/ldap/compat.py", line 44, in reraise
    raise exc_value
  File "/usr/local/lib/python3.7/site-packages/ldap/ldapobject.py", line 315, in _ldap_call
    result = func(*args,**kwargs)
ldap.SERVER_DOWN: {'desc': "Can't contact LDAP server", 'errno': 107, 'info': 'Transport endpoint is not connected'}

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "/usr/local/lib/python3.7/site-packages/flask/app.py", line 2309, in __call__
    return self.wsgi_app(environ, start_response)
  File "/usr/local/lib/python3.7/site-packages/flask/app.py", line 2295, in wsgi_app
    response = self.handle_exception(e)
  File "/usr/local/lib/python3.7/site-packages/flask_cors/extension.py", line 161, in wrapped_function
    return cors_after_request(app.make_response(f(*args, **kwargs)))
  File "/usr/local/lib/python3.7/site-packages/flask/app.py", line 1741, in handle_exception
    reraise(exc_type, exc_value, tb)
  File "/usr/local/lib/python3.7/site-packages/flask/_compat.py", line 35, in reraise
    raise value
  File "/usr/local/lib/python3.7/site-packages/flask/app.py", line 2292, in wsgi_app
    response = self.full_dispatch_request()
  File "/usr/local/lib/python3.7/site-packages/flask/app.py", line 1815, in full_dispatch_request
    rv = self.handle_user_exception(e)
  File "/usr/local/lib/python3.7/site-packages/flask_cors/extension.py", line 161, in wrapped_function
    return cors_after_request(app.make_response(f(*args, **kwargs)))
  File "/usr/local/lib/python3.7/site-packages/flask/app.py", line 1718, in handle_user_exception
    reraise(exc_type, exc_value, tb)
  File "/usr/local/lib/python3.7/site-packages/flask/_compat.py", line 35, in reraise
    raise value
  File "/usr/local/lib/python3.7/site-packages/flask/app.py", line 1813, in full_dispatch_request
    rv = self.dispatch_request()
  File "/usr/local/lib/python3.7/site-packages/flask/app.py", line 1799, in dispatch_request
    return self.view_functions[rule.endpoint](**req.view_args)
  File "./dev_maintenance/active_directory.py", line 60, in login
    test = ldap.bind_user(user, passwd)
  File "/usr/local/lib/python3.7/site-packages/flask_simpleldap/__init__.py", line 144, in bind_user
    user_dn = self.get_object_details(user=username, dn_only=True)
  File "/usr/local/lib/python3.7/site-packages/flask_simpleldap/__init__.py", line 181, in get_object_details
    conn = self.bind
  File "/usr/local/lib/python3.7/site-packages/flask_simpleldap/__init__.py", line 122, in bind
    raise LDAPException(self.error(e.args))
flask_simpleldap.LDAPException: Can't contact LDAP server
[pid: 12|app: 0|req: 1/1] 172.17.0.1 () {36 vars in 476 bytes} [Mon Nov 18 11:38:04 2019] POST /login => generated 0 bytes in 14 msecs (HTTP/1.1 500) 0 headers in 0 bytes (0 switches on core 0)

标签: dockerflaskldap

解决方案

所以我解决了这个问题,它是 ldap 应用程序配置上的主机,需要将其更改为:host.docker.internal

推荐阅读