How to configure Selenium Grid in docker-compose.yml (max session) - selenium

I couldn't find how to configure the Selenium Grid with Docker Compose.
How can I set for example the maxSessions in the docker-compose.yml for a Node?
I tried the following without success:
selenium-hub:
image: selenium/hub
networks:
- mynet
environment:
- MAX_SESSION=4 // DOES NOT WORK
- maxSession=4 // DOES NOT WORK
hostname: selenium-hub
ports:
- "4444:4444"
chrome:
image: selenium/node-chrome-debug
networks:
- mynet
volumes:
- /dev/shm:/dev/shm
depends_on:
- selenium-hub
environment:
- HUB_HOST=selenium-hub
- HUB_PORT=4444
- MAX_SESSION=4 // DOES NOT WORK
- maxSession=4 // DOES NOT WORK
...


you need to add this ENV under chrome:
NODE_MAX_SESSION=4 # As integer, maps to "maxSession"
read from here

Related

grpc_health_probe timeout with dotnet GRPC API

I'm running a dotnet GRPC API (recipients-api) and I want to use grpcui to test it. Both services are been declared on a docker-compose file. I'm declaring grpcui as a dependant service of recipients-api, and as I need it to be fully available before grpcui can run, I'm also using a health probe to ensure it's alive. The problem is that it seems like recipients-api entry point is not been run, it's like the process were stuck waiting for the health check to be sucessfull before hiting the container entrypoint, so it alsways throws a timeout. Any clues?
Here is my docker-compose file:
version: '3.4'
services:
recipientservice-api:
image: ${DOCKER_REGISTRY-}dataintegrationrecipientserviceapi
container_name: recipientservice-api
build:
context: ..
dockerfile: ../src/DataIntegration.RecipientService.Api/Dockerfile
environment:
ASPNETCORE_ENVIRONMENT: "Development"
ASPNETCORE_URLS: "http://+:5000"
MongoDb__ConnectionString: mongodb://wfuser:MyPassw0rd_#mongodb:27017/RecipientService?tls=false
MongoDb__"Database": "RecipientService"
expose:
- "5000"
ports:
- "5000:5000"
depends_on:
- mongodb
networks:
- recipients-network
healthcheck:
test: ["CMD", "bin/grpc_health_probe", "-connect-timeout 10s", "-rpc-timeout 4s", "-addr=localhost:5000"]
interval: 2s
retries: 5
start_period: 15s
timeout: 10s
grpcui:
image: fullstorydev/grpcui
container_name: grpcui
depends_on:
recipientservice-api:
condition: service_healthy
command:
- -plaintext
- -vvv
- recipientservice-api:5000
networks:
- recipients-network
ports:
- "8080:8080"
mongodb:
image: mongo:5.0
container_name: "mongodb"
hostname: mongodb
environment:
MONGO_INITDB_ROOT_USERNAME: admin
MONGO_INITDB_ROOT_PASSWORD: MyPassw0rd_123
MONGO_INITDB_DATABASE: RecipientService
volumes:
- mongo-recipients:/var/opt/mongodb
- ./init-mongo.js:/docker-entrypoint-initdb.d/init-mongo.js:ro
ports:
- "27017:27017"
expose:
- 27017
networks:
- recipients-network
networks:
recipients-network:
name: recipients-network
driver: bridge
volumes:
mongo-recipients:

traefik HTTP POST request net::ERR_CONNECTION_RESET

I am trying to install This docker image
which runs on port 3000 for http and 3001 for https.
I need to run just HTTP version on a LocalNetwork.
I am getting network error in browser console when upload test is running.
version: "3.3"
services:
traefik:
image: "traefik:v2.8"
container_name: "traefik"
command:
- "--log.level=DEBUG"
- "--api.insecure=true"
- "--providers.docker=true"
- "--providers.docker.exposedbydefault=false"
- "--entrypoints.web.address=:80"
ports:
- "5000:80"
- "5001:8080"
volumes:
- "/var/run/docker.sock:/var/run/docker.sock:ro"
openspeedtest:
image: "openspeedtest/latest"
container_name: "speedtest-service"
labels:
- "traefik.enable=true"
- "traefik.http.routers.openspeedtest.rule=Host(`unraid.vishnu.pro`)"
- "traefik.http.routers.openspeedtest.entrypoints=web"

I don't know why i need to add
"traefik.http.middlewares.limit.buffering.maxRequestBodyBytes
now it is working for me.
mytraefik yml
version: "3.9"
services:
traefik:
image: traefik:v2.8.0
container_name: traefik
command:
- --log.level=INFO
- --api.insecure=true
- --providers.docker=true
- --providers.docker.exposedbydefault=false
- --entrypoints.web.address=:80
- --entrypoints.websecure.address=:443
ports:
- 5000:80
- 5001:443
- 8080:8080
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
openspeedtest:
image: openspeedtest/latest
container_name: speedtest-service
labels:
- "traefik.enable=true"
- "traefik.http.routers.openspeedtest.rule=Host(`192.168.1.15`)"
- "traefik.http.routers.openspeedtest.entrypoints=web"
- "traefik.http.middlewares.limit.buffering.maxRequestBodyBytes=10000000000"
- "traefik.http.routers.openspeedtest.middlewares=limit"
- "traefik.http.routers.openspeedtest-https.rule=Host(`192.168.1.15`)"
- "traefik.http.routers.openspeedtest-https.entrypoints=websecure"
# - "traefik.http.middlewares.limit.buffering.maxRequestBodyBytes=10000000000"
- "traefik.http.routers.openspeedtest-https.middlewares=limit"
- "traefik.http.routers.openspeedtest-https.tls=true"
- "traefik.http.routers.openspeedtest-https.tls.certresolver=leresolver"

Gitea + drone ruuner-ssh and runner-exec not working

I had deploy Gitea + drone + runner for my group. Normally runner-docker works fine, but runner-ssh and runner-exec don't work
deploy by docker compose
gitea
version: "3"
services:
gitea:
image: gitea/gitea:1.15.7
# container_name: gitea
environment:
- USER_UID=1000
- USER_GID=1000
- DB_TYPE=mysql
- DB_HOST=db:3306
- DB_NAME=gitea
- DB_USER=gitea
- DB_PASSWD=xxxxxxx
restart: always
volumes:
- ./gitea:/data
- /home/git/.ssh/:/data/git/.ssh
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
ports:
- "33333:3000"
- "22:22"
depends_on:
- db
db:
image: mariadb
restart: always
environment:
- MYSQL_ROOT_PASSWORD=xxxxxx
- MYSQL_USER=gitea
- MYSQL_PASSWORD=xxxxxx
- MYSQL_DATABASE=gitea
volumes:
- ./db:/var/lib/mysql
drone
version: "3"
services:
drone:
image: drone/drone
container_name: drone
ports:
- "8800:80"
# - "44443:443"
volumes:
- ./drone:/data
environment:
- DRONE_GITEA_SERVER=https://git.ioiox.com
- DRONE_GITEA_CLIENT_ID=xxxxxxxxx
- DRONE_GITEA_CLIENT_SECRET=xxxxxxxxx
- DRONE_RPC_SECRET=yyyyyyyyyyyyyy
- DRONE_SERVER_HOST=drone.ioiox.com
- DRONE_SERVER_PROTO=https
- DRONE_GIT_ALWAYS_AUTH=true
- DRONE_USER_CREATE=username:stilleshan,admin:true
restart: always
runner-docker & runner-ssh
version: "3"
services:
drone-runner-docker:
image: drone/drone-runner-docker:1
container_name: drone-runner-docker
# ports:
# - "3000:3000"
volumes:
- /var/run/docker.sock:/var/run/docker.sock
environment:
- TZ=Asia/Shanghai
- DRONE_RPC_PROTO=https
- DRONE_RPC_HOST=drone.ioiox.com
- DRONE_RPC_SECRET=yyyyyyyyyyyyyy
- DRONE_RUNNER_CAPACITY=5
- DRONE_RUNNER_NAME=runner-docker
restart: always
drone-runner-ssh:
image: drone/drone-runner-ssh
container_name: drone-runner-ssh
# ports:
# - 3001:3000
environment:
- TZ=Asia/Shanghai
- DRONE_RPC_PROTO=https
- DRONE_RPC_HOST=drone.ioiox.com
- DRONE_RPC_SECRET=yyyyyyyyyyyyyy
- DRONE_RUNNER_CAPACITY=5
- DRONE_RUNNER_NAME=runner-ssh
restart: always
runner-exec
Install in centos7 by drone.io documents
issue
runner-exec
When I push to private repo activate runner, something wrong about git clone. But public repo works fine.
I tried setting DRONE_GIT_ALWAYS_AUTH=true or false also to no effect
enter image description here
runner-ssh
I use type: ssh in .drone.yml, Can trigger workflows. But got clone: skipped error, when i set disable clone step, also got error "greeting: skipped", I think the whole workflow can not working.
enter image description here

Multiple domains with Traefik

I am new to Traefik but trying to migrate from jwilder/nginx-proxy and letsencrypt-companion to Traefik.
I have setup Traefik with this config file:
traefik.yml
entryPoints:
web:
address: :80
http:
redirections:
entryPoint:
to: websecure
scheme: https
websecure:
address: :443
api:
dashboard: true
insecure: true
certificatesResolvers:
le:
acme:
email: username#gmail.com
storage: acme.json
httpChallenge:
# used during the challenge
entryPoint: web
providers:
docker:
endpoint: unix:///var/run/docker.sock
exposedByDefault: false
docker-compose.yml
version: '3'
services:
traefik:
image: traefik:v2.2
restart: always
ports:
- 80:80
- 443:443
- 8080:8080
networks:
- web
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- /data/disk1/traefik/traefik.yml:/traefik.yml
- /data/disk1/traefik/acme.json:/acme.json
container_name: traefik
When starting one container on domain #1
docker-compose.yml
version: "3"
services:
confluence:
container_name: confluence
image: atlassian/confluence-server:7.6.2
volumes:
- /data/disk1/atlassian/application-data/confluence:/var/atlassian/application-data/confluence
ports:
- "8090:8090"
external_links:
- postgres:postgres
environment:
- CATALINA_CONNECTOR_PROXYNAME=confluence.tld
- CATALINA_CONNECTOR_PROXYPORT=443
- CATALINA_CONNECTOR_SCHEME=https
- CATALINA_CONNECTOR_SECURE=true
- VIRTUAL_HOST=confluence.tld
- VIRTUAL_NETWORK=web
- VIRTUAL_PORT=8090
- LETSENCRYPT_EMAIL=user#tld
- LETSENCRYPT_HOST=confluence.tld
labels:
- traefik.enable=true
- traefik.http.routers.confluence.rule=Host(`confluence.tld`)
- traefik.http.routers.confluence.tls=true
- traefik.http.routers.confluence.tls.certresolver=le
- traefik.http.routers.confluence.service=confluence
- traefik.http.services.confluence.loadbalancer.server.port=8090
networks:
- web
restart: always
networks:
web:
external:
name: web
It works perfect.
NOTE: I have kept the environment variables for jwilder/nginx-proxy for the time being
When launching another container with different tld I can't get that working.
E.g.
docker-compose.yml
version: "3"
services:
confluence:
container_name: myapp
image: nginx:latest
volumes:
- /data/disk1/myapp/www/:/usr/share/nginx/html:ro
- /data/disk1/myapp/conf/nginx.conf:/etc/nginx/nginx.conf:ro
ports:
- "9999:80"
environment:
- VIRTUAL_HOST=www.tld2,tld2
- VIRTUAL_NETWORK=web
- VIRTUAL_PORT=9999
- LETSENCRYPT_EMAIL=user#tld2
- LETSENCRYPT_HOST=www.tld2,tld2
labels:
- traefik.enable=true
- traefik.http.routers.myapp.rule=Host(`tld2`) || Host(`www.tld2`)
- traefik.http.routers.myapp.tls=true
- traefik.http.routers.myapp.tls.certresolver=le
- traefik.http.routers.myapp.service=tld2
- traefik.http.services.myapp.loadbalancer.server.port=9999
networks:
- web
restart: always
networks:
web:
external:
name: web
It doesn't work but everything looks OK in Traefik dashboard.
Any ideas?

There is an error in the second docker-compose.yml:
You define the router named mypp to use a service named tld2:
traefik.http.routers.myapp.service=tld2
but your service is named myapp:
traefik.http.services.myapp.loadbalancer.server.port=9999
This should have generated an error in Traefik's log regarding an unresolvable service.
To fix this, configure your router myapp to use the service myapp:
traefik.http.routers.myapp.service=myapp

Traefik - TLS Certificates for multiple subdomains does not work

I am using traefik as a reverse proxy for my infra. I want to deploy with docker compose, a stack like that :
Traefik : Reverse proxy
Nextcloud
Redis : Nextcloud cache
Postgres : Nnextcloud Db
Gogs : VCS
Postgres : Gogs Db
My compose is the following :
version: "3.3"
volumes:
nextcloud-www:
driver: local
nextcloud-db:
driver: local
nextcloud-redis:
driver: local
letsencrypt:
driver: local
gogs-data:
driver: local
gogs-db:
driver: local
services:
#Traefik
traefik:
image: traefik
container_name: traefik
restart: unless-stopped
command:
- "--log.level=DEBUG"
- "--api.insecure=true"
- "--providers.docker=true"
- "--providers.docker.exposedbydefault=false"
- "--entrypoints.web.address=:80"
- "--entrypoints.websecure.address=:443"
- "--entrypoints.web.http.redirections.entryPoint.to=websecure"
- "--entrypoints.web.http.redirections.entryPoint.scheme=https"
- "--certificatesresolvers.myresolver.acme.httpchallenge=true"
- "--certificatesresolvers.myresolver.acme.httpchallenge.entrypoint=web"
- "--certificatesresolvers.myresolver.acme.email=myemail#email.email"
- "--certificatesresolvers.myresolver.acme.storage=/letsencrypt/acme.json"
ports:
- 80:80
- 443:443
- 8080:8080
networks:
- nextcloud
- gogs
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- letsencrypt:/letsencrypt
labels:
traefik.enable: true
# Nextcloud
nextcloud:
image: nextcloud
container_name: nextcloud
restart: unless-stopped
networks:
- nextcloud
depends_on:
- nextcloud_redis
- nextcloud_db
labels:
traefik.enable: true
traefik.http.routers.nextcloud.middlewares: nextcloud,nextcloud_redirect
traefik.http.routers.nextcloud.tls.certresolver: myresolver
traefik.http.routers.nextcloud.rule: Host(`cloud.mydomain.fr`)
traefik.http.middlewares.nextcloud.headers.customFrameOptionsValue: ALLOW-FROM https://mydomain.fr
traefik.http.middlewares.nextcloud.headers.contentSecurityPolicy: frame-ancestors 'self' mydomain.fr *.mydomain.fr
traefik.http.middlewares.nextcloud.headers.stsSeconds: 155520011
traefik.http.middlewares.nextcloud.headers.stsIncludeSubdomains: true
traefik.http.middlewares.nextcloud.headers.stsPreload: true
traefik.http.middlewares.nextcloud_redirect.redirectregex.regex: /.well-known/(card|cal)dav
traefik.http.middlewares.nextcloud_redirect.redirectregex.replacement: /remote.php/dav/
environment:
POSTGRES_HOST: nextcloud_db
POSTGRES_DB: nextcloud
POSTGRES_USER: nextcloud
POSTGRES_PASSWORD: password
NEXTCLOUD_ADMIN_USER: dimitri_admin
NEXTCLOUD_ADMIN_PASSWORD: password
REDIS_HOST: nextcloud_redis
NEXTCLOUD_TRUSTED_DOMAINS: cloud.mydomain.fr
TRUSTED_PROXIES: 172.18.0.0/16
volumes:
- nextcloud-www:/var/www/html
# Nextcloud Db
nextcloud_db:
image: postgres
container_name: nextcloud_db
restart: unless-stopped
networks:
- nextcloud
environment:
POSTGRES_DB: nextcloud
POSTGRES_USER: nextcloud
POSTGRES_PASSWORD: password
volumes:
- nextcloud-db:/var/lib/postgresql/data
# Nextcloud Redis
nextcloud_redis:
image: redis
container_name: nextcloud_redis
restart: unless-stopped
networks:
- nextcloud
volumes:
- nextcloud-redis:/var/lib/redis
# Gogs
gogs:
image: gogs/gogs-rpi
container_name: gogs
restart: unless-stopped
networks:
- gogs
depends_on:
- gogs_db
labels:
traefik.enable: true
traefik.http.services.gogs.loadbalancer.server.port: 3000
traefik.http.routers.gogs.tls.certresolver: myresolver
traefik.http.routers.gogs.rule: Host(`git.mydomain.fr`)
environment:
# Postgres config
POSTGRES_HOST: gogs_db
POSTGRES_DB: gogs
POSTGRES_USER: gogs
POSTGRES_PASSWORD: password
volumes:
- gogs-data:/data
# Gogs database
gogs_db:
image: postgres
container_name: gogs_db
restart: unless-stopped
networks:
- gogs
environment:
POSTGRES_DB: gogs
POSTGRES_USER: gogs
POSTGRES_PASSWORD: password
volumes:
- gogs-db:/var/lib/postgresql/data
# Networks
networks:
nextcloud:
external: true
gogs:
external: true
The problem is the following :
The certificates are not generated for my websites.
How can i do it ?
Thanks !

Option 1: Use a wildcard...
https://docs.traefik.io/https/acme/#wildcard-domains
Option 2: Multiple certs...
Make multiple certresolvers and cert files (1 per domain) and use those in the services.
services:
traefik:
command:
- "--certificatesresolvers.myresolver1.acme.httpchallenge=true"
- "--certificatesresolvers.myresolver1.acme.httpchallenge.entrypoint=web"
- "--certificatesresolvers.myresolver1.acme.email=myemail#email.email"
- "--certificatesresolvers.myresolver1.acme.storage=/letsencrypt/domain1.json"
- "--certificatesresolvers.myresolver2.acme.httpchallenge=true"
- "--certificatesresolvers.myresolver2.acme.httpchallenge.entrypoint=web"
- "--certificatesresolvers.myresolver2.acme.email=myemail#email.email"
- "--certificatesresolvers.myresolver2.acme.storage=/letsencrypt/domain2.json"
nextcloud:
labels:
traefik.http.routers.nextcloud.tls.certresolver: myresolver1
gogs:
labels:
traefik.http.routers.gogs.tls.certresolver: myresolver2