tomcat7 无法在 Ubuntu Docker 容器内启动

tomcat7 fail to start inside Ubuntu Docker container

初始情况

在 Ubuntu (14.04 / 14.10) 中 运行 以下命令:

apt-get update && apt-get install tomcat7
service tomcat7 start

一方面,我在 VirtualBox VM 和 tomcat7 startet 中按预期进行了尝试:

vagrant init hashicorp/precise32
vagrant up

另一方面,我在 Docker 容器中尝试了这个,开始时如下所示:

sudo docker run -it --name tomcattest ubuntu bash

问题

service tomcat7 start命令输出[fail]。然而 tomcat 是 运行,但是 /var/log/tomcat7/catalina.out 表示如下:

Apr 16, 2015 5:52:40 PM org.apache.catalina.startup.ClassLoaderFactory validateFile
WARNING: Problem with directory [/usr/share/tomcat7/common/classes], exists: [false], isDirectory: [false], canRead: [false]
Apr 16, 2015 5:52:40 PM org.apache.catalina.startup.ClassLoaderFactory validateFile
WARNING: Problem with directory [/usr/share/tomcat7/common], exists: [false], isDirectory: [false], canRead: [false]
Apr 16, 2015 5:52:40 PM org.apache.catalina.startup.ClassLoaderFactory validateFile
WARNING: Problem with directory [/usr/share/tomcat7/server/classes], exists: [false], isDirectory: [false], canRead: [false]
Apr 16, 2015 5:52:40 PM org.apache.catalina.startup.ClassLoaderFactory validateFile
WARNING: Problem with directory [/usr/share/tomcat7/server], exists: [false], isDirectory: [false], canRead: [false]
Apr 16, 2015 5:52:40 PM org.apache.catalina.startup.ClassLoaderFactory validateFile
WARNING: Problem with directory [/usr/share/tomcat7/shared/classes], exists: [false], isDirectory: [false], canRead: [false]
Apr 16, 2015 5:52:40 PM org.apache.catalina.startup.ClassLoaderFactory validateFile
WARNING: Problem with directory [/usr/share/tomcat7/shared], exists: [false], isDirectory: [false], canRead: [false]
Apr 16, 2015 5:52:40 PM org.apache.coyote.AbstractProtocol init
INFO: Initializing ProtocolHandler ["http-bio-8080"]
Apr 16, 2015 5:52:40 PM org.apache.catalina.startup.Catalina load
INFO: Initialization processed in 514 ms
Apr 16, 2015 5:52:41 PM org.apache.catalina.core.StandardService startInternal
INFO: Starting service Catalina
Apr 16, 2015 5:52:41 PM org.apache.catalina.core.StandardEngine startInternal
INFO: Starting Servlet Engine: Apache Tomcat/7.0.52 (Ubuntu)
Apr 16, 2015 5:52:41 PM org.apache.catalina.startup.HostConfig deployDirectory
INFO: Deploying web application directory /var/lib/tomcat7/webapps/ROOT
Apr 16, 2015 5:52:42 PM org.apache.coyote.AbstractProtocol start
INFO: Starting ProtocolHandler ["http-bio-8080"]
Apr 16, 2015 5:52:42 PM org.apache.catalina.startup.Catalina start
INFO: Server startup in 1150 ms

已搜索说明

任何人都可以解释不同的行为并告诉我是否可以通过 apt-get 在 docker 容器内安装 tomcat7 而没有警告的简单方法?

This article 报告相同的错误(对于 Tomcat8,但它也应该适用于 Tomcat7):

I have no idea why, but it seems Tomcat 8 on Ubuntu is not configured in any meaningful way. Everything is available but we need some symbolic links here and there as well as creating the temp directory. This translates into the following instruction in the Dockerfile:

RUN ln -s /var/lib/tomcat8/common $CATALINA_HOME/common && \
    ln -s /var/lib/tomcat8/server $CATALINA_HOME/server && \
    ln -s /var/lib/tomcat8/shared $CATALINA_HOME/shared && \
    ln -s /etc/tomcat8 $CATALINA_HOME/conf && \
    mkdir $CATALINA_HOME/temp

但真正的原因大概在this question

CATALINA_BASE et al. only get set in /etc/init.d/tomcat8.
In the docker image, that service doesn't get initialized as it does in a full VM.

解决方法

tomcat 启动脚本需要一些特殊权限。具体需要检查所有运行ning进程,验证自己是运行ning。您可以授予 Docker 容器以下权限,以使 tomcat 启动脚本成功退出:

sudo docker run --cap-add SYS_PTRACE -it ubuntu bash

重要的选项是--cap-add SYS_PTRACE,所有其他选项可能会有所不同。在 docker github:

上有(至少一个)讨论这个问题的问题

https://github.com/docker/docker/issues/6800

后续问题

尽管如此,我找不到为图像的 docker 构建设置此权限的方法。我的最终目标是 运行 一个 docker 构建,它在内部执行一个 Ansible 剧本。构建只是因为服务启动而失败,我不会从剧本中删除它。我会进一步调查,但欢迎提供可能的解决方案。