Cloudron makes it easy to run web apps like WordPress, Nextcloud, GitLab on your server. Find out more or install now.


Skip to content
  • collectd warning in journal log

    Solved Support
    3
    0 Votes
    3 Posts
    382 Views
    R

    Thanks for the quick response!

  • Docker service failed after docker-compose install

    Solved Support
    6
    0 Votes
    6 Posts
    3k Views
    nebulonN

    @johannesjom generally it is not supported to install other things via apt manually. There are some warnings about this when you SSH into your server, but we can't quite prevent users who have root access to their own server to install things or also change essential config files. So not sure what we can do here besides warning the user.

  • Is it possible to install a docker image direct from docker hub?

    Solved Support
    12
    0 Votes
    12 Posts
    2k Views
    ?

    @eddowding Plug: https://git.atridad.dev/CTPR

    Instructions: https://git.atridad.dev/CTPR/docs/ctpr-documentation

  • all cloudron apps not responding after reboot, most services down

    Solved Support
    7
    0 Votes
    7 Posts
    836 Views
    girishG

    @ianhyzy ah, good to know! basically, the snap version of docker starts with it's own container data which seems totally separate from the normal docker.

  • Unable to delete custom app - Docker error

    Solved Support
    11
    0 Votes
    11 Posts
    671 Views
    X

    @girish Belated marking as resolved for anybody looking in future. girish did some remote ssh support magic and solved the problem.

  • 2 Votes
    3 Posts
    777 Views
    girishG

    @msbt thanks for reporting, fixed in the new package.

  • 8 Votes
    24 Posts
    3k Views
    BrutalBirdieB

    @infogulch RTFM myself šŸ˜„ nice catch, thanks for that.

  • 4 Votes
    21 Posts
    2k Views
    nottheendN

    @nottheend have created a new topic since it is most likely not this bug:
    https://forum.cloudron.io/topic/12216/docker-error-unable-to-pull-image-on-same-instance

  • Install fails (unauthorized: authentication required)

    Solved Support
    4
    0 Votes
    4 Posts
    560 Views
    mmolivierM

    @girish it's been solved. I did a docker logout and tried again. Got the error again but this time the error was a bit more detailed. Tried it again and it worked.

    Thanks!

  • Cloudron 6.1.1 update fails?

    Solved Support
    5
    0 Votes
    5 Posts
    598 Views
    ?

    @girish ah so thatā€™s because I was messing with dind for GitLab runner... whoops. Thanks for taking a look!

  • 0 Votes
    3 Posts
    3k Views
    girishG

    @makemrproper I have seen this as well . I am not sure what's causing this. But I will keep this thread open, just in case someone else hits this. I has to restart docker to "fix this" (systemctl restart docker)

  • Error removing volume while updating Nextcloud

    Solved Support
    3
    0 Votes
    3 Posts
    377 Views
    E

    It looks like restarting docker and running configure again did the trick. Fixed!

  • 0 Votes
    8 Posts
    988 Views
    girishG

    @xaddison the prune is done automatically when needed in the code. Most likely the containers that got removed are the ones that were "stopped". Cloudron runs cron jobs of apps in containers, for example. They will be in stopped state after finishing a run but will be reused in the next run. As for images, not sure what it cleaned up. Do you have the output of what it removed?

  • Deploying Cloudron Build and get a 404

    Solved Support
    3
    0 Votes
    3 Posts
    386 Views
    d19dotcaD

    @girish Looks good now, yeah likely just a Docker hiccup then I guess. Thanks Girish. šŸ™‚

  • Docker defaults config

    Solved Support
    3
    0 Votes
    3 Posts
    369 Views
    robiR

    That's not a docker config file with defaults šŸ˜‰

    I am looking to change various default parameters like runc, DNS, etc..

  • 2 Votes
    3 Posts
    453 Views
    LonkleL

    Gotcha, thanks for the clarification! ā˜ŗļø

  • -1 Votes
    39 Posts
    4k Views
    robiR

    My wording isn't quite correct, it's not full VMs. See below.

    https://blog.nestybox.com/2019/09/13/system-containers.html

    A Nestybox system container is an enhanced Docker container, designed to package not just applications but also low-level system software.

    What type of system software are we talking about? Currently Systemd and Docker, but in the near future software such as Kubernetes, graphical display servers, and others.

    The following figure illustrates the difference.

    But canā€™t you do this on a regular Docker container? No you canā€™t. Not properly.

    For example, in order to run Docker inside a regular container (i.e., Docker-in-Docker) you need to run the container in ā€œprivilegedā€ mode. This significantly weakens isolation between the container and the underlying host, posing a strong security risk (especially if you donā€™t trust the workloads running inside the container).

    But in some cases even privileged mode is not sufficient. For example, some system level programs read resource consumption information from the kernel (e.g., via the Linux /proc directory). In order for the program to work properly inside a container, such information must be provided relative to the resources assigned to the container itself, not the resources of the underlying host. A regular container does not do this, even when running in privileged mode.

    Nestybox system containers are designed to solve these problems.

    We can summarize the key properties of a Nestybox system container as:

    Runs low-level system workloads (as well as applications).

    Provides strong isolation from the underlying host.

    Presents a more complete abstraction of a virtual host to its workloads.

    Typically runs multiple applications within it (rather than just one app).

    One way to look at it is that a regular container packages applications. In contrast, a Nestybox system container packages virtual host environments capable of running applications as well as system-level workloads.
    See it work!

    Use Cases

    But why would you want to run such system-level software inside a container in the first place? I.e., Why do we need system containers?

    There are several use cases.

    For example, by virtue of running Docker inside the container (securely), the system container can be used for:

    CI/CD pipelines (where the need for a container to run another container arises).

    Docker sandboxing (e.g., to run multiple Docker instances with total isolation between them).

    Our blog site contains articles with practical examples of such use cases.

    In the near future, as we add support for more system-level workloads inside the system container, more use cases will open up.

    In general, if you have a need for a virtual host that runs many of the same workloads that you could run on a VM, yet is faster and more efficient, then a Nestybox system container is a good fit.

    Key Features and Benefits

    Deployment with Docker (and Kubernetes)

    This allows you to leverage the power of these amazing tools to build, deploy, and manage system containers. No need to learn new tools.

    Fast & Efficient

    Just like regular application containers.

    Strong Container Isolation

    Nestybox system containers always use the Linux user namespace.

    This means the root user in the system container has full capabilities inside the system container, but none outside of it.

    In addition, Nestybox system containers use exclusive Linux user namespace user-ID and group-ID mappings for each system container.

    If a process inside the container escapes the container sandbox, it will find itself without privileges to access resources of the host or of other containers.
    Image Flexibility

    A Nestybox system container image can be created with Docker, just like any Docker container.

    However, it typically is configured with an environment resembling a virtual host (e.g., process manager, multiple apps, docker, app containers, graphical display server, etc), although you can also configure it with a single system-level application (e.g., Docker) if you wish. Itā€™s up to you to choose whatā€™s in the image and the entry-point.
    Portability

    You can deploy Nestybox system containers on any Linux machine, whether itā€™s bare-metal, a local VM, or a cloud VM, in a data-center, your laptop, an edge device, or even an IoT device.

    And as with any Docker container you have the flexibility to move the system container around as you wish. Just upload it to your repo and deploy it on the target machine with Docker.
    Partially virtualized procfs

    In Nestybox system containers, portions of the Linux procfs (/proc) are virtualized. The goal is to make the system container more closely resemble a real host or VM. For example, the /proc/uptime file returns the containerā€™s uptime, not the underlying hostā€™s uptime.

    How does it work?

    Nestybox system containers are made possible by Sysbox, our system container runtime.

    Sysbox is software that installs on the Linux host machine, integrates with Docker (and soon Kubernetes), and works under the covers.

    Users interact with Docker to create the system container image and deploy it, just as with application containers. The difference is that this image can now include system-level software such as Docker itself (for Docker-in-Docker), etc.

    The following figure illustrates this.

    Running the system container is simple, it only requires passing the --runtime=sysbox-runc flag to Docker:

    $ docker run --runtime=sysbox-runc -it my-syscont-image

    Under the covers, Sysbox takes care of setting up the system container abstraction so that it can properly run system level workloads.

    Itā€™s easy. And you avoid the need for unsecure privileged containers or complex container configurations.

    Is it a VM?

    No, itā€™s not. Itā€™s an enhanced container. As with all containers, it uses OS-level virtualization and shares the Linux kernel with the rest of the system. In contrast, VMs use hardware-level virtualization (i.e., emulate hardware in software) and have a dedicated OS per VM.

    The following figure illustrates the differences.

    This gives system containers and VMs different properties. In particular system containers are faster, more efficient, and more portable (see above) but offer a lesser degree of isolation from the underlying host.

    From a workload perspective however, Nestybox is working to make our system containers support as many workloads as VMs can run such that they can present a viable alternative to VMs in some scenarios.

  • Strange storage usage

    Support
    7
    0 Votes
    7 Posts
    861 Views
    girishG

    @smilebasti The /home/yellowtent/appsdata is the location of apps. This size seems to roughly match the nextcloud size. As for docker, you should not use du tools inside docker's image directories since they are overlays and the du tool is not smart enough to figure out the size correctly. Try docker system df to get a better idea about the actual size docker uses (this is what is reported in the graph as ~5GB). The volumes also link into appsdata so they might be double counted the du tools.

    To take a wild guess, maybe you were backing up to the file system for some time before you moved to NAS via SMB? If this was the case, then you should remove the old backups manually from /var/backups. You can just safely nuke all the timestamped directories and the snapshot directory inside it.

  • 0 Votes
    17 Posts
    2k Views
    girishG

    @JOduMonT Yup, we are waiting for the next peertube release to make it stable (there is a bug in current release which makes it hard to finish the setup) and then start posting videos there.

  • NodeJS Server

    Moved Solved Support
    5
    1 Votes
    5 Posts
    1k Views
    girishG

    For others looking for examples, there's a bunch of custom app templates I made that should help getting started:

    https://git.cloudron.io/cloudron/tutorial-php-app/ https://git.cloudron.io/cloudron/tutorial-nodejs-app https://git.cloudron.io/cloudron/tutorial-basic https://git.cloudron.io/cloudron/tutorial-redis https://git.cloudron.io/cloudron/tutorial-supervisor-app