Description

Several users using ZSH on OS X have reported an error when running commands in VSCode (https://github.com/microsoft/vscode-docker/issues/2366). The commands run are typically done with zsh -c 'docker build ...' internally by VSCode.

Related: https://github.com/docker/for-mac/issues/4956

Steps to reproduce the issue:

1. Install Docker Desktop for Mac 2.4.0.0.
2. Run zsh -c 'docker some command'

Describe the results you received: "exec: "com.docker.cli": executable file not found in $PATH".

Describe the results you expected: Successful execution of the command

Workaround: Disabling the "Cloud Experience" in settings has worked for these users.

• [x] I have tried with the latest version of Docker Desktop
• [x] I have tried disabling enabled experimental features
• [x] I have uploaded Diagnostics
• Diagnostics ID: 119E07EF-6952-4A59-B13D-E5489EF05FE9/20210614165845

Expected behavior

I am running a service which mounts a file onto the docker container. The service is define like so in the docker-compose file:

version: "2.1"

services:
    tms_make:    
        image: node:12.4.0-stretch     
        working_dir: /project    
        volumes:      
            - ./addons/tms/webpack.config.js:/project/webpack.config.js

I would expect the webpack.config.js file to mounted to the docker container.

Actual behavior

Error:

Error response from daemon: OCI runtime create failed: container_linux.go:367: starting container process caused: process_linux.go:495: container init caused: rootfs_linux.go:60: mounting "/Users/sev/projects/boot/addons/tms/webpack.config.js" to rootfs at "/var/lib/docker/overlay2/febdeca9fa5544324f62938537e9423b7d520bb7aa55e98db2b9cf3d66c5b1f3/merged/project/webpack.config.js" caused: not a directory: unknown: Are you trying to mount a directory onto a file (or vice-versa)? Check if the specified host path exists and is the expected type

Information

I have tried a few things to try and resolve the issue:

• Removing the container and the volumes and trying again.
• Turning the gRPC FUSE for file sharing checkbox off in the preferences. (there's a bunch of github issues on the docker github so I thought it might be a quick win)
• I also tried manually binding the file (to check if there was an issue with the file itself) and there was no errors

docker run -d \
--name testdocker \
--mount type=bind,source="$(pwd)"/addons/tms/webpack.config.js,target=/project/webpack.config.js \
node:12.4.0-stretch

and

docker run -d \
--name testdocker \
-v "$(pwd)"/addons/tms/webpack.config.js:project/webpack.config.js \
node:12.4.0-stretch

• I have tried mounting the directory and that worked fine - for some reason it's failing on single files?

• My colleagues (with the same docker desktop version) are running the same docker compose file to spin up their development environment without any issues. It seems like there's something specific to my machine / setup

  • macOS Version: Big Sur (v 11.3.1)
  • Intel chip or Apple chip: Intel
  • Docker Desktop Version: 3.4.0

Steps to reproduce the behavior

Please see above

Description Our VPC has multiple subnets in the same AZs. When running docker compose up using this VPC specified it gives this error: A load balancer cannot be attached to multiple subnets in the same Availability Zone (Service: AmazonElasticLoadBalancing; Status Code: 400; Error Code: InvalidConfigurationRequest

Steps to reproduce the issue:

1. Create a VPC with multiple subnets in the same VPC
2. Set x-aws-vpc to that VPC in your compose file
3. Run docker compose up

Describe the results you received: Error message (above)

Describe the results you expected: Should have successfully created the load balancer.

Additional information you deem important (e.g. issue happens only occasionally):

Output of docker version:

Client:
 Cloud integration: 1.0.2
 Version:           19.03.12
 API version:       1.40
 Go version:        go1.13.15
 Git commit:        48a66213fe17
 Built:             Mon Aug  3 00:00:00 2020
 OS/Arch:           linux/amd64
 Experimental:      false

Server:
 Engine:
  Version:          19.03.12
  API version:      1.40 (minimum version 1.12)
  Go version:       go1.13.15
  Git commit:       48a66213fe17
  Built:            Mon Aug  3 00:00:00 2020
  OS/Arch:          linux/amd64
  Experimental:     false
 containerd:
  Version:          v1.2.13
  GitCommit:        7ad184331fa3e55e52b890ea95e65ba581ae3429
 runc:
  Version:          1.0.0-rc10
  GitCommit:        dc9208a3303feef5b3839f4323d9beb36df0a9dd
 docker-init:
  Version:          0.1.5_catatonit
  GitCommit:        

Output of docker context show:
You can also run docker context inspect context-name to give us more details but don't forget to remove sensitive content.

[
    {
        "Name": "aws",
        "Metadata": {
            "Description": "(us-east-1)",
            "Type": "ecs"
        },
        "Endpoints": {
            "docker": {
                "SkipTLSVerify": false
            },
            "ecs": {
                "Profile": "default"
            }
        },
        "TLSMaterial": {},
        "Storage": {
            "MetadataPath": 
            "TLSPath": 
        }
    }
]

Output of docker info:

Client:
 Debug Mode: false

Server:
 Containers: 13
  Running: 0
  Paused: 0
  Stopped: 13
 Images: 50
 Server Version: 19.03.12
 Storage Driver: overlay2
  Backing Filesystem: extfs
  Supports d_type: true
  Native Overlay Diff: true
 Logging Driver: json-file
 Cgroup Driver: cgroupfs
 Plugins:
  Volume: local
  Network: bridge host ipvlan macvlan null overlay
  Log: awslogs fluentd gcplogs gelf journald json-file local logentries splunk syslog
 Swarm: inactive
 Runtimes: oci runc
 Default Runtime: runc
 Init Binary: docker-init
 containerd version: 7ad184331fa3e55e52b890ea95e65ba581ae3429
 runc version: dc9208a3303feef5b3839f4323d9beb36df0a9dd
 init version: 
 Security Options:
  apparmor
  seccomp
   Profile: default
 Kernel Version: 5.8.14-1-default
 Operating System: openSUSE Tumbleweed
 OSType: linux
 Architecture: x86_64
 CPUs: 8
 Total Memory: 15.52GiB
 Name: linux-cxdk
 ID: PFKF:BT7E:U52Z:NHNG:SUPN:OES4:PZJM:KMLE:LPII:YXWM:YZEU:EM3D
 Docker Root Dir: /var/lib/docker
 Debug Mode: false
 Registry: https://index.docker.io/v1/
 Labels:
 Experimental: false
 Insecure Registries:
  127.0.0.0/8
 Live Restore Enabled: false

Additional environment details (AWS ECS, Azure ACI, local, etc.): AWS ECS

Description

When you specify --env-file filename.env for the new docker-compose and the env file contains just variable names without "=" afterwards, the docker-compose command fails with "Can't separate key from value"

Steps to reproduce the issue:

1. Create _docker.env file with this content in a directory where you have a docker-compose file:

VARIABLE

2. Run docker-compose up --env-file ${PATH}/_docker.env

Describe the results you received:

The command fails with Can't separate key from value error

Describe the results you expected:

• It should not fail
• If VARIABLE is not defined in host, it should not be present in the container
• If VARIABLE is defined in host, it should be set in the container to the same value

Additional information you deem important (e.g. issue happens only occasionally):

Seems that adding = after the variable fixes the problem:

VARIABLE=

This issue was first discovered in https://github.com/apache/airflow/issues/16949 and workarounded in https://github.com/apache/airflow/pull/16950 by @oyarushe for Apache Airflow.

**Output of docker-compose --version: ***

v2.0.0-beta.6

Output of docker version:

Docker Desktop: 3.5.2 on MacOS

I tried to use the option x-aws-vpc on my docker compose file, so I can specify an existing VPC, but as long as I run docker compose up it shows "VPC should have at least 2 associated subnets in different availability zones" which is wrong cause I have 2 different subnets on different AZ's on that VPC, so I'm not sure if there's a missconfiguration on my VPC or someting that I missed on the compose file.

Steps to reproduce the issue: 1. 3. 2.

Describe the results you received: VPC should have at least 2 associated subnets in different availability zones

Describe the results you expected: Resources to be created on the VPC i specify

Additional information you deem important (e.g. issue happens only occasionally):

Output of docker version:

Client:
 Cloud integration: 1.0.1
 Version:           19.03.6-ce
 API version:       1.40
 Go version:        go1.13.4
 Git commit:        369ce74
 Built:             Fri May 29 04:01:26 2020
 OS/Arch:           linux/amd64
 Experimental:      false

Server:
 Engine:
  Version:          19.03.6-ce
  API version:      1.40 (minimum version 1.12)
  Go version:       go1.13.4
  Git commit:       369ce74
  Built:            Fri May 29 04:01:57 2020
  OS/Arch:          linux/amd64
  Experimental:     false
 containerd:
  Version:          1.3.2
  GitCommit:        ff48f57fc83a8c44cf4ad5d672424a98ba37ded6
 runc:
  Version:          1.0.0-rc10
  GitCommit:        dc9208a3303feef5b3839f4323d9beb36df0a9dd
 docker-init:
  Version:          0.18.0
  GitCommit:        fec3683

Output of docker context show:
You can also run docker context inspect context-name to give us more details but don't forget to remove sensitive content.

[
    {
        "Name": "test",
        "Metadata": {
            "Description": "(eu-west-2)"
        },
        "Endpoints": {
            "docker": {
                "SkipTLSVerify": false
            },
            "ecs": {
                "Profile": "test",
                "Region": "eu-west-2"
            }
        },
        "TLSMaterial": {},
        "Storage": {
            "MetadataPath": "/path",
            "TLSPath": "/path"
        }
    }
]

Output of docker info:

Client:
 Debug Mode: false

Server:
 Containers: 1
  Running: 0
  Paused: 0
  Stopped: 1
 Images: 2
 Server Version: 19.03.6-ce
 Storage Driver: overlay2
  Backing Filesystem: extfs
  Supports d_type: true
  Native Overlay Diff: true
 Logging Driver: json-file
 Cgroup Driver: cgroupfs
 Plugins:
  Volume: local
  Network: bridge host ipvlan macvlan null overlay
  Log: awslogs fluentd gcplogs gelf journald json-file local logentries splunk syslog
 Swarm: inactive
 Runtimes: runc
 Default Runtime: runc
 Init Binary: docker-init
 containerd version: ff48f57fc83a8c44cf4ad5d672424a98ba37ded6
 runc version: dc9208a3303feef5b3839f4323d9beb36df0a9dd
 init version: fec3683
 Security Options:
  seccomp
   Profile: default
 Kernel Version: 4.14.198-152.320.amzn2.x86_64
 Operating System: Amazon Linux 2
 OSType: linux
 Architecture: x86_64
 CPUs: 1
 Total Memory: 983.3MiB
 Name: ip-10-0-0-180.eu-west-2.compute.internal
 ID: UGZR:7DAU:VJDC:E2JB:Z5P2:FI3Q:ST4K:HAUU:SGJ2:HQSU:ZEGS:UKRT
 Docker Root Dir: /var/lib/docker
 Debug Mode: false
 Registry: https://index.docker.io/v1/
 Labels:
 Experimental: false
 Insecure Registries:
  127.0.0.0/8
 Live Restore Enabled: false

Additional environment details (AWS ECS, Azure ACI, local, etc.):

Description

Attempting to run docker compose up -d with a compose file that references a private image on ghcr.io fails with the following error:

failed to solve: rpc error: code = Unknown desc = failed to solve with frontend dockerfile.v0: failed to create LLB definition: failed to authorize: failed to fetch anonymous token: unexpected status: 401 Unauthorized

docker-compose up -d works, and docker compose up -d works if I run docker pull for that image first.

Steps to reproduce the issue:

1. Create a docker-compose.yml file that references a private image on ghcr.io
2. Log into ghcr.io via docker login ghcr.io
3. Run docker compose up -d

Describe the results you received:

% docker --debug compose up -d
DEBUG serving grpc connection
DEBUG serving grpc connection
DEBUG serving grpc connection
[+] Building 0.7s (7/7)
 => [redacted1 internal] load build definition from Dockerfile 0.0s
 => => transferring dockerfile: 86B 0.0s
[+] Building 0.8s (9/9) FINISHED
 => [redacted1 internal] load build definition from Dockerfile 0.0s
 => => transferring dockerfile: 86B 0.0s
 => [elasticsearch internal] load build definition from Dockerfile 0.0s
 => => transferring dockerfile: 62B 0.0s
 => [phpmyadmin internal] load build definition from Dockerfile 0.0s
 => => transferring dockerfile: 69B 0.0s
 => [redacted1 internal] load .dockerignore 0.0s
 => => transferring context: 2B 0.0s
 => [elasticsearch internal] load .dockerignore 0.0s
 => => transferring context: 2B 0.0s
 => [phpmyadmin internal] load .dockerignore 0.0s
 => => transferring context: 2B 0.0s
 => ERROR [redacted1 internal] load metadata for ghcr.io/redacted2/redacted3:redacted4 0.1s
 => CANCELED [elasticsearch internal] load metadata for docker.io/library/elasticsearch:7.12.0 0.0s
 => CANCELED [phpmyadmin internal] load metadata for docker.io/library/phpmyadmin:5.1.0-fpm-alpine 0.0s
------
 > [redacted1 internal] load metadata for ghcr.io/redacted2/redacted3:redacted4:
------
The new 'docker compose' command is currently experimental. To provide feedback or request new features please open issues at https://github.com/docker/compose-cli
failed to solve: rpc error: code = Unknown desc = failed to solve with frontend dockerfile.v0: failed to create LLB definition: failed to authorize: failed to fetch anonymous token: unexpected status: 401 Unauthorized

Describe the results you expected:

Same behavior as docker-compose up -d: compose-cli should use the credentials received from docker login

Additional information you deem important (e.g. issue happens only occasionally):

I'm on the M1 preview build of Docker Desktop for macOS, 3.3.0 (62632), RC3.

Output of docker version:

Client: Docker Engine - Community
 Cloud integration: 1.0.10
 Version:           20.10.5
 API version:       1.41
 Go version:        go1.13.15
 Git commit:        55c4c88
 Built:             Tue Mar  2 20:13:00 2021
 OS/Arch:           darwin/amd64 (rosetta)
 Context:           default
 Experimental:      true

Server: Docker Engine - Community
 Engine:
  Version:          20.10.5
  API version:      1.41 (minimum version 1.12)
  Go version:       go1.13.15
  Git commit:       363e9a8
  Built:            Tue Mar  2 20:16:48 2021
  OS/Arch:          linux/arm64
  Experimental:     true
 containerd:
  Version:          1.4.4
  GitCommit:        05f951a3781f4f2c1911b05e61c160e9c30eaa8e
 runc:
  Version:          1.0.0-rc93
  GitCommit:        12644e614e25b05da6fd08a38ffa0cfe1903fdec
 docker-init:
  Version:          0.19.0
  GitCommit:        de40ad0

Output of docker context show:

% docker context show
default
% docker context inspect default
[
    {
        "Name": "default",
        "Metadata": {
            "StackOrchestrator": "swarm"
        },
        "Endpoints": {
            "docker": {
                "Host": "unix:///var/run/docker.sock",
                "SkipTLSVerify": false
            }
        },
        "TLSMaterial": {},
        "Storage": {
            "MetadataPath": "\u003cIN MEMORY\u003e",
            "TLSPath": "\u003cIN MEMORY\u003e"
        }
    }
]

Output of docker info:

Client:
 Context:    default
 Debug Mode: false
 Plugins:
  app: Docker App (Docker Inc., v0.9.1-beta3)
  buildx: Build with BuildKit (Docker Inc., v0.5.1-docker)
  scan: Docker Scan (Docker Inc., v0.6.0)

Server:
 Containers: 0
  Running: 0
  Paused: 0
  Stopped: 0
 Images: 0
 Server Version: 20.10.5
 Storage Driver: overlay2
  Backing Filesystem: extfs
  Supports d_type: true
  Native Overlay Diff: true
 Logging Driver: json-file
 Cgroup Driver: cgroupfs
 Cgroup Version: 1
 Plugins:
  Volume: local
  Network: bridge host ipvlan macvlan null overlay
  Log: awslogs fluentd gcplogs gelf journald json-file local logentries splunk syslog
 Swarm: inactive
 Runtimes: io.containerd.runc.v2 io.containerd.runtime.v1.linux runc
 Default Runtime: runc
 Init Binary: docker-init
 containerd version: 05f951a3781f4f2c1911b05e61c160e9c30eaa8e
 runc version: 12644e614e25b05da6fd08a38ffa0cfe1903fdec
 init version: de40ad0
 Security Options:
  seccomp
   Profile: default
 Kernel Version: 5.10.25-linuxkit
 Operating System: Docker Desktop
 OSType: linux
 Architecture: aarch64
 CPUs: 4
 Total Memory: 3.841GiB
 Name: docker-desktop
 ID: MTTL:GPGI:RRKW:ACCC:BZVR:CAEG:SYFI:WGRP:45J2:QISG:IXDQ:RSK4
 Docker Root Dir: /var/lib/docker
 Debug Mode: false
 HTTP Proxy: http.docker.internal:3128
 HTTPS Proxy: http.docker.internal:3128
 Registry: https://index.docker.io/v1/
 Labels:
 Experimental: true
 Insecure Registries:
  127.0.0.0/8
 Live Restore Enabled: false

Additional environment details (AWS ECS, Azure ACI, local, etc.):

I'm on the M1 preview build of Docker Desktop for macOS, 3.3.0 (62632), RC3

Description

A previously valid docker compose file started raising an error with docker compose v2. I that noticed a possibly similar issue was raised a few days ago in a public project.

My workaround was to revise the text in my YAML comments in the place where comments described a command.

Note, this is only with Docker Compose v2, I didn't encounter any errors using docker-compose v1.29.

Results of my quick experimentation with YAML comments:

# `echo $(pwd)` <- invalid template error
# `echo foo` <- works
# awk '{print $3}' <- invalid template error
# awk '{print}' <- works
# $1 <- invalid template error
# $FOO <- works

Steps to reproduce the issue:

1. Add the following line to any valid docker compose file: # $1.
2. Run docker compose -f docker-compose.yaml config

Describe the results you received:

$ docker compose up
Invalid template: "version: \"3.9\"\nservices:\n  <SNIPPED> \n"

Describe the results you expected:

The previously valid file continues to be valid.

Additional information you deem important (e.g. issue happens only occasionally):

n/a

Output of docker compose version:

This is the version where I'm encountering the errors.

Docker Compose version 2.0.0-beta.4

And docker-compose --version, just FYI, no errors running the same file with this:

docker-compose version 1.29.2, build 5becea4c
docker-py version: 5.0.0
CPython version: 3.9.0
OpenSSL version: OpenSSL 1.1.1h  22 Sep 2020

Output of docker version:

Client:
 Cloud integration: 1.0.17
 Version:           20.10.7
 API version:       1.41
 Go version:        go1.16.4
 Git commit:        f0df350
 Built:             Wed Jun  2 11:56:22 2021
 OS/Arch:           darwin/amd64
 Context:           desktop-linux
 Experimental:      true

Server: Docker Engine - Community
 Engine:
  Version:          20.10.7
  API version:      1.41 (minimum version 1.12)
  Go version:       go1.13.15
  Git commit:       b0f5bc3
  Built:            Wed Jun  2 11:54:58 2021
  OS/Arch:          linux/amd64
  Experimental:     false
 containerd:
  Version:          1.4.6
  GitCommit:        d71fcd7d8303cbf684402823e425e9dd2e99285d
 runc:
  Version:          1.0.0-rc95
  GitCommit:        b9ee9c6314599f1b4a7f497e1f1f856fe433d3b7
 docker-init:
  Version:          0.19.0
  GitCommit:        de40ad0

Output of docker context show:
You can also run docker context inspect context-name to give us more details but don't forget to remove sensitive content.

desktop-linux

Output of docker info:

Client:
 Context:    desktop-linux
 Debug Mode: false
 Plugins:
  buildx: Build with BuildKit (Docker Inc., v0.5.1-docker)
  compose: Docker Compose (Docker Inc., 2.0.0-beta.4)
  scan: Docker Scan (Docker Inc., v0.8.0)

Server:
 Containers: 0
  Running: 0
  Paused: 0
  Stopped: 0
 Images: 8
 Server Version: 20.10.7
 Storage Driver: overlay2
  Backing Filesystem: extfs
  Supports d_type: true
  Native Overlay Diff: true
  userxattr: false
 Logging Driver: json-file
 Cgroup Driver: cgroupfs
 Cgroup Version: 1
 Plugins:
  Volume: local
  Network: bridge host ipvlan macvlan null overlay
  Log: awslogs fluentd gcplogs gelf journald json-file local logentries splunk syslog
 Swarm: inactive
 Runtimes: io.containerd.runc.v2 io.containerd.runtime.v1.linux runc
 Default Runtime: runc
 Init Binary: docker-init
 containerd version: d71fcd7d8303cbf684402823e425e9dd2e99285d
 runc version: b9ee9c6314599f1b4a7f497e1f1f856fe433d3b7
 init version: de40ad0
 Security Options:
  seccomp
   Profile: default
 Kernel Version: 5.10.25-linuxkit
 Operating System: Docker Desktop
 OSType: linux
 Architecture: x86_64
 CPUs: 4
 Total Memory: 1.941GiB
 Name: docker-desktop
 ID: 2GCX:VMBV:LPFZ:QCQ6:ESVL:M37D:DCZK:LGQM:2X5D:EJOS:HCC3:YQIJ
 Docker Root Dir: /var/lib/docker
 Debug Mode: false
 HTTP Proxy: http.docker.internal:3128
 HTTPS Proxy: http.docker.internal:3128
 Registry: https://index.docker.io/v1/
 Labels:
 Experimental: false
 Insecure Registries:
  127.0.0.0/8
 Live Restore Enabled: false

Additional environment details (AWS ECS, Azure ACI, local, etc.):

Only tested local.

Greetings! This issue has been discussed a lot elsewhere. After reading all the docs and other related issues, we still aren’t sure how to do it. We are hoping to get concrete guidance for setting up our stack which can be conceptualized in the following way

services:
  # UI - single page app using Vue.js. It calls API gateway for any backend services
  frontend:
    image: ${IMG_FRONTEND}
    ports:
      - 80:80
      - 443:443

  # API gateway using Gunicorn. It handles auth and forwards requests to internal services
  api:
    image: ${IMG_API}
    ports:
      - 8000:8000

  # Internal service only accessible from API gateway and other internal services
  svc1:
    image: ${IMG_SVC1}
    expose:
      - 8000

  # Same as svc1
  svc2:
    image: ${IMG_SVC2}
    expose:
      - 8000

How do we set up the compose so that:

• All external traffics secured by HTTPS
• Requests can be correctly routed to frontend and API gateway
• Redirect 80 to 443
• Ideally everything done in compose and no need to mess with CloudFormation

While this can be easily achieved using Traefik but we struggle with Docker-ECS. So far we understand:

• No path routing so we can’t route UI request to example.com and API requests to api.example.com
• Port mapping has to be the same

We are particularly confused because the official doc is limited but community resource with examples contain conflictive information.

For example, the doc says

Setting SSL termination by Load Balancer

x-aws-cloudformation:
  Resources:
    WebappTCP80Listener:
      Properties:
        Certificates:
          - CertificateArn: "arn:aws:acm:certificate/123abc"
        Protocol: HTTPS

Looks simple but then the community suggests otherwise.

https://techsparx.com/software-development/docker/docker-ecs/load-balancer/https.html

Slack groups also confirms there no way to avoid going through this.

We understand this project is still in development with its limitation so we are flexible in terms of technical solutions as long as business requirements are satisfied. Any feedback is appreciated.

What I did Inspired by kustomize.io support in kubectl, introduce x-aws-cloudformation extension to pass patch files to apply on the converted CloudFormation template with unsupported features.

This allows user to apply custom attributes on components we manage without being locked by unsupported features which hardly find their way in the compose model, while still being able to manage the deployment lifecycle just by docker compose up command.

usage I want to deploy Jenkins:

services:
  test:
    image: jenkins/jenkins:lts
    ports:
      - "80:80"

Unfortunately, jenkins respond to / with a 403 error as users need to login. I need to tweak the LoadBalancer TargetGroupt healthCheck rules accordingly...

Here comes my updated compose file:

services:
  test:
    image: jenkins/jenkins:lts
    ports:
      - "80:80"

x-aws-cloudformation:
  Resources:
    TestTCP80TargetGroup:
      Properties:
        Matcher: 
          HttpCode: 200-499

docker compose up

implementation details

This relies on kustomize's kyaml library to merge yaml trees, which ensure we get consistent behaviour / avoid dependecies hell if we want to adopt a comparable mechanism in a kubernetes backend

Related issue https://github.com/docker/compose-cli/issues/1115

/test-ecs

(not mandatory) A picture of a cute animal, if possible in relation with what you did

It currently lacks support for --env-file flag, to load env vars form a file and automatically load env variables from .env like it does docker-compose.

$ docker compose up --help
Create and start containers

Usage:
  docker compose up [SERVICE...] [flags]

Flags:
      --build                     Build images before starting containers.
  -d, --detach                    Detached mode: Run containers in the background
  -e, --environment stringArray   Environment variables
  -f, --file stringArray          Compose configuration files
  -h, --help                      help for up
  -p, --project-name string       Project name
      --remove-orphans            Remove containers for services not defined in the Compose file.
      --workdir string            Work dir

Global Flags:
      --config DIRECTORY   Location of the client config files DIRECTORY (default "/Users/kulikov/.docker")
  -c, --context string     context
  -D, --debug              Enable debug output in the logs
  -H, --host string        Daemon socket(s) to connect to

Description

Hello again, thanks for this great tool! Can't describe how pleased I am to avoid to CF templates 😅

We use the compose cli in our CI jobs to deploy to ECS (requiring docker in docker). This has been working with v1.0.7 but I'm now looking to upgrade to the latest and greatest. When doing so I cannot seem to activate the ECS context.

Steps to reproduce the issue:

1. Create a docker image that has the Compose CLI and Compose v2 installed:

echo 'FROM alpine:latest AS downloader
   # Install wget
   RUN apk add wget
   # Download the compose CLI
   RUN wget https://github.com/docker/compose-cli/releases/download/v1.0.17/docker-linux-amd64 && \\
       chmod +x docker-linux-amd64
   # Download compose local
   RUN wget https://github.com/docker/compose-cli/releases/download/v2.0.0-beta.3/docker-compose-linux-amd64 && \\
       chmod 755 docker-compose-linux-amd64

   FROM docker:20.10.7
   # Copy the built compose cli
   COPY --from=downloader docker-linux-amd64 /cli/docker
   # Copy compose v2 plugin
   COPY --from=downloader docker-compose-linux-amd64 /root/.docker/cli-plugins/docker-compose
   # Put docker somwhere we expect
   RUN ln -s /usr/local/bin/docker /usr/local/bin/com.docker.cli
   # Add to path
   ENV PATH="/cli:${PATH}"
   # Run
   CMD ["docker"]' > Dockerfile
docker build -t compose-cli-test .

2. Create a context

$ docker run -it -e AWS_ACCESS_KEY_ID=abc -e AWS_SECRET_ACCESS_KEY=efg compose-cli-test sh
# docker context create ecs --from-env ecs

Describe the results you received:

Cannot activate the ecs context:

# docker --context ecs context show
default
# docker context use ecs && docker context show
ecs
default

Therefore executing docker compose up will spin up a local stack.

Describe the results you expected:

To activate an ECS context and be able to deploy to ECS using docker compose up

Note, in order to obtain docker version information I needed to mount the docker engine on my host machine with:

docker run -it -e AWS_ACCESS_KEY_ID=abc -e AWS_SECRET_ACCESS_KEY=def -v /var/run/docker.sock:/var/run/docker.sock compose-cli-test sh

Output of docker version:

Client:
 Cloud integration: 1.0.17
 Version:           20.10.7
 API version:       1.41
 Go version:        go1.13.15
 Git commit:        f0df350
 Built:             Wed Jun  2 11:51:04 2021
 OS/Arch:           linux/amd64
 Context:           default
 Experimental:      true

Server: Docker Engine - Community
 Engine:
  Version:          20.10.7
  API version:      1.41 (minimum version 1.12)
  Go version:       go1.13.15
  Git commit:       b0f5bc3
  Built:            Wed Jun  2 11:54:58 2021
  OS/Arch:          linux/amd64
  Experimental:     false
 containerd:
  Version:          1.4.6
  GitCommit:        d71fcd7d8303cbf684402823e425e9dd2e99285d
 runc:
  Version:          1.0.0-rc95
  GitCommit:        b9ee9c6314599f1b4a7f497e1f1f856fe433d3b7
 docker-init:
  Version:          0.19.0
  GitCommit:        de40ad0

Output of docker context show:
You can also run docker context inspect context-name to give us more details but don't forget to remove sensitive content.

default

Output of docker info:

Client:
 Context:    default
 Debug Mode: false
 Plugins:
  compose: Docker Compose (Docker Inc., 2.0.0-beta.3)

Server:
 Containers: 11
  Running: 1
  Paused: 0
  Stopped: 10
 Images: 229
 Server Version: 20.10.7
 Storage Driver: overlay2
  Backing Filesystem: extfs
  Supports d_type: true
  Native Overlay Diff: true
  userxattr: false
 Logging Driver: json-file
 Cgroup Driver: cgroupfs
 Cgroup Version: 1
 Plugins:
  Volume: local
  Network: bridge host ipvlan macvlan null overlay
  Log: awslogs fluentd gcplogs gelf journald json-file local logentries splunk syslog
 Swarm: inactive
 Runtimes: io.containerd.runc.v2 io.containerd.runtime.v1.linux runc
 Default Runtime: runc
 Init Binary: docker-init
 containerd version: d71fcd7d8303cbf684402823e425e9dd2e99285d
 runc version: b9ee9c6314599f1b4a7f497e1f1f856fe433d3b7
 init version: de40ad0
 Security Options:
  seccomp
   Profile: default
 Kernel Version: 5.10.25-linuxkit
 Operating System: Docker Desktop
 OSType: linux
 Architecture: x86_64
 CPUs: 4
 Total Memory: 8.748GiB
 Name: docker-desktop
 ID: 6WLX:RSRY:TKNK:2CIA:6ST7:T3OO:ZKJ2:YISU:XOTR:MFPR:36ID:HLFE
 Docker Root Dir: /var/lib/docker
 Debug Mode: true
  File Descriptors: 49
  Goroutines: 59
  System Time: 2021-06-26T11:59:39.6248652Z
  EventsListeners: 3
 HTTP Proxy: http.docker.internal:3128
 HTTPS Proxy: http.docker.internal:3128
 Registry: https://index.docker.io/v1/
 Labels:
 Experimental: false
 Insecure Registries:
  127.0.0.0/8
 Live Restore Enabled: false

Additional environment details (AWS ECS, Azure ACI, local, etc.):

Description

Have the possibility to mark ECS containers as non essential

Currently all containers are marked as essential: https://github.com/docker/compose-cli/blob/79770d5803d1b475409aad187b11a2b63d79a037/ecs/convert.go#L122

Use case

I have a container that initialises (create, seed...) the database then exit. It works beautifully in localhost context (*), I would like the same behaviour when deployed to ECS

Unfortunately since all containers are marked as essential, ECS restarts the container in an infinite loop caused by "Essential container in task exited"

Proposed solution

Map restart: no to Essential: false in ECS ? see https://github.com/aws/amazon-ecs-cli/pull/62#issuecomment-244259521

Related issues

• https://github.com/docker/compose-cli/issues/2101
• https://github.com/aws/amazon-ecs-cli/pull/342
• https://github.com/aws/amazon-ecs-cli/issues/267#issuecomment-315484417

(*)

services:
  front:
    ...

  back:
    ...
    depends_on:
      database-init:
        condition: service_completed_successfully

  database-init:
    ...
    command: ['npm', 'run', 'db:init']
    depends_on:
      database:
        condition: service_healthy

  database:
    ...

Description

• The Docker Azure integration with Azure Container Instances provided limited ability to use docker compose to deploy multi container applications. We needed to run multi-container applications and decided to use docker compose.
• Azure Context was used to execute docker commands with Azure Container Instances. However, the only Docker Compose commands currently available in an ACI context are docker compose up and docker compose down. Following were the issues that we faced while using the ACI Context:
  • Docker ACI integration provided no ability to scale services (Equivalent of docker compose up --scale)
    • We needed to run several containers with the same configuration, and although this can be accomplished with the --scale docker compose option, the Docker Azure Integration did not provide this.
  • Service Credential Configuration
    • There was no ability to specify private container registry credentials
  • No ability to stop the containers without destroying the resources (Equivalent of az container stop)

Additional information you deem important (e.g. issue happens only occasionally):

• Workaround Details:
  • Azure CLI Commands for container create and container stop were utilized instead of the ACI integration with Docker.

Output of docker-compose --version:

docker-compose version 1.29.2, build 5becea4c

Output of docker version:

Server: Docker Desktop 4.11.1 (84025)

This is either a question or a feature request, but I would love to be able to run two different services on the same port and then use path prefixes to route to each separately.

For example, svc1 and sc2 both run on port 80, then, my-alb-1234567.us-east-1.elb.amazonaws.com/svc1 -> svc1 target group my-alb-1234567.us-east-1.elb.amazonaws.com/svc2 -> svc2 target group

In AWS this is accomplished by creating listener rules for each path pattern. I don't believe it's possible to achieve this using x-aws-cloudformation overlay because the compose cli will attempt to create two listeners on the same port, which is forbidden.

Bumps github.com/containerd/containerd from 1.5.13 to 1.5.16.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Bumps postgresql from 42.3.3 to 42.3.8.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Description

Thanks for providing a great tool! I have a small proposal. AWS ECS allows environment variables to be set from AWS Systems Manager Parameter Store or AWS Secrets Manager with "valueFrom". This ECS support for compose does not seem to have a setting for this feature. It would be nice to be able to configure like following in the same way as x-aws-role.

services:
  foo:
    x-aws-secrets:
      - name: ENV_VAR_NAME
        value_from: parameter-name or ARN

I found in the documentation here that we can use AWS Secret Manager to set a secret on a file. However, it would be more convenient if we could easily set values for environment variables as described above.

Additional information you deem important (e.g. issue happens only occasionally):

I also considered a workaround to override the task definition using x-aws-cloudformation, but it was not practical. I tried to write the following configuration and convert it.

services:
  web:
    image: nginx:alpine
    ports:
      - '80:80'

x-aws-cloudformation:
  Resources:
    WebTaskDefinition:
      Properties:
        ContainerDefinitions:
          - Name: web
            Secrets:
              - Name: ENV_VAR_NAME
                ValueFrom: my-parameter

Then I got the following output, and the original ContainerDefinitions disappeared.

  WebTaskDefinition:
    Properties:
      ContainerDefinitions:
        - Name: web
          Secrets:
            - Name: ENV_VAR_NAME
              ValueFrom: my-parameter

It may be sufficient if Secrets can be set using x-aws-cloudformation without adding a configuration like x-aws-secrets. This could be solved with an implementation for https://github.com/docker/compose-cli/issues/2160 .

Additional environment details (AWS ECS, Azure ACI, local, etc.):

AWS ECS