OSX build hangs when getting to 8080 about habitus HOT 14 CLOSED

Trying to run Habitus on Docker for Mac (native) you can use the following command:

./habitus_darwin_amd64 -f habitus.yaml --build host=10.0.0.40 --host unix:///var/run/docker.sock --binding=0.0.0.0

In which 10.0.0.40 is the private IP address of my mac. Alternatively you can run something like this:

./habitus_darwin_amd64 -f habitus.yaml --build host=$(ipconfig getifaddr en0) --host unix:///var/run/docker.sock --binding=0.0.0.0

from habitus.

@BenHall

I noticed the following issues:

• There is no api in the URL for the Secrets. Also file is missing in the path. The correct URL for retrieving the secret should be http://$host:8080/v1/secrets/file/id_rsa, hence the 404 errors.
• Once you fix this issue you will be able to see that id_rsa will be retrieved. However you will probably need a mkdir -p ~/.ssh as well as making sure ssh is available on the image (alpine might not have it)

from habitus.

Thanks for the update.

I got the URL from http://blog.cloud66.com/using-ssh-private-keys-securely-in-docker-build/ - Might be worth updating the post?

I changed the Dockerfile so the command is now

RUN TOKEN=$(curl http://$host:8080/v1/secrets/file/id_rsa) && echo 'ENV:' && env && echo 'TOKEN ENV' && echo $TOKEN && unset $TOKEN

However, it still cannot communicate with 192.168.99.1:8080 nor 192.168.99.100:8080. From my host I can curl 192.168.99.100:8080 and it works great.

from habitus.

Thank you for the note, updated.

Question: are you using the new Docker for mac?

from habitus.

No, this is just the standard boot2docker

from habitus.

@BenHall if you look at the result of your ifconfig you can see the IP you can use. It's usually 192.168.99.1

from habitus.

Sorry for the delay in getting back to you about this. It's still hanging when attempting to access 192.168.99.1.

./habitus_darwin_amd64 -f habitus.yaml --build host=192.168.99.1

from habitus.

The example is here - https://github.com/katacoda/docker-build-arg-security-example/tree/master/habitus

from habitus.

I just cloned the example repo you kindly provided and ran the exact command you have in your comments and it all worked. One thing I can think is that the IP of the docker you are running is not the same.

The best way to find the IP address is to check the network name for the docker VM in VBox and then find it with ifconfig command:

from habitus.

I'm still having trouble with this :(

Tried on Linux, well Katacoda and it still can't connect...

This is the environment I was using: https://www.katacoda.com/courses/docker/playground

./habitus_linux_amd64 -f habitus.yaml --use-tls=false --build host=172.18.0.2 --host tcp://docker:2345 --binding=0.0.0.0

from habitus.

Sorry @BenHall but I'm not familiar with the environment. Did you manage to run it in Linux or OSX?

from habitus.

Katacoda is just a hosted Docker instance. I can't seem to get it working on either OSX or Linux. I imagine it's my example :(

from habitus.

That is very strange. I can't really comment on running it on Katacoda since it might be blocking the port or not having the port mapping to allow a container connect back to the host but not being able to run it on OSX or Linux is not something I've seen before like this. Can you send me the details of your Linux setup please? (OS version, docker version, etc).

from habitus.

I was facing the same issue @BenHall and I realized it was because of ufw. My docker config has --iptables=false" to enable ufw rules. I had to enable all traffic for the docker0 interface (172.17.0.0/16) to port 8080. You can see your docker0 ipv4 address by doing ifconfig -a

so in Ubuntu 14.04 lts:

sudo ufw enable from 172.17.0.0/16 to any port 8080

@khash I think you may be right about blocking a port - or at least this was the case in my setup.

from habitus.