shinsenter/php

PHPFPM-Apache - s6-overlay-suexec: fatal: can only run as pid 1

Closed this issue · 4 comments

Able to run locally but not in a container environment such as AWS ECS. When I do, I get error:

s6-overlay-suexec: fatal: can only run as pid 1

This is the Dockerfile contents:

FROM shinsenter/phpfpm-apache:php8.1

# Set environment variables
ENV PHP_PM_MAX_CHILDREN=100
ENV PHP_PM_START_SERVERS=20
ENV PHP_PM_MIN_SPARE_SERVERS=10
ENV PHP_PM_MAX_SPARE_SERVERS=35
ENV PHP_PM_MAX_REQUESTS=1000
ENV PHP_UPLOAD_MAX_FILESIZE=200M
ENV APP_PATH=/var/www/foo
ENV DOCUMENT_ROOT=/var/www/foo/html

# Update and install additional packages
RUN phpaddmod \
    mcrypt \
    memcache \
    pgsql \
    rdkafka \
    soap \
    stomp \
    xdebug \
    xsl

# Set the working directory
WORKDIR /var/www/foo

# Copy application files
COPY . .

# Copy Apache vhosts configuration
COPY docker/apache/vhosts.conf.template /etc/apache2/sites-available/vhosts.conf

# Enable the site configuration
RUN a2ensite vhosts.conf

# Copy and unzip server.zip
COPY docker/foo/server.zip /tmp/server.zip
RUN unzip /tmp/server.zip -d /var/www/conf/ \
    && rm /tmp/server.zip

# Run Composer install commands
RUN composer install --no-dev --no-scripts --prefer-dist -o -d /var/www/foo \
    && composer install --no-dev --no-scripts --prefer-dist -o -d /var/www/foo/includes/classes/Azure/ExternalAPI

# Modify PHP settings and create necessary directories
RUN sed -i \
    -e 's/error_reporting = E_ALL & ~E_DEPRECATED & ~E_STRICT/error_reporting = E_ALL \& ~E_DEPRECATED \& ~E_STRICT \& ~E_WARNING \& ~E_NOTICE/g' \
    "$PHP_INI_DIR/php.ini" \
    && mkdir -p /mnt/file_archive/{logs,dx,dx_archive,storage,cached} \
    && mkdir -p /var/www/conf \
    && mkdir -p /var/www/foo/html/foo/css/cached \
    && chown -R www-data:www-data /var/www

# Expose necessary ports
EXPOSE 80

I also tried the following suggestion

CMD [ "exec", "/init" ]

Hi @6rendon,

I've reviewed your Dockerfile and it looks good overall, with a couple of minor suggestions:

  • Set the DOCUMENT_ROOT variable to a relative path within the APP_ROOT directory. Instead of using an absolute path, try using DOCUMENT_ROOT=/html.
  • Avoid modifying the container's default CMD instruction. Altering this command could potentially cause the container to malfunction.

I've successfully built and run the container using your setup, and here's the log output:

PHP version 8.1.28 (/usr/local/bin/php)
Run the "diagnose" command to get more detailed diagnostics output.

     _     _                      _              __    _
    | |   (_)                    | |            / /   | |
 ___| |__  _ _ __  ___  ___ _ __ | |_ ___ _ __ / / __ | |__  _ __
/ __| '_ \| | '_ \/ __|/ _ \ '_ \| __/ _ \ '__/ / '_ \| '_ \| '_ \
\__ \ | | | | | | \__ \  __/ | | | ||  __/ | / /| |_) | | | | |_) |
|___/_| |_|_|_| |_|___/\___|_| |_|\__\___|_|/_/ | .__/|_| |_| .__/
                                                | |         | |
                                                |_|         |_|
Github:    https://code.shin.company/php
DockerHub: https://docker.shin.company/php

(To edit this welcome message, add your text to /etc/welcome.txt)

----------------------------------------
Container     : shinsenter/phpfpm-apache
Distro        : Debian GNU/Linux 12 (bookworm)
Timezone      : UTC (GMT+0000)
UID / GID     : www-data:www-data (33:33)
App Root      : /var/www/foo
Document Root : /var/www/foo/html
----------------------------------------

PHP Docker Images (https://hub.docker.com/r/shinsenter/php)
Copyright (C) 2024  SHIN (@shinsenter)

This is free software under the GNU GPL.
You can redistribute and/or modify it under the terms of the GNU GPL.
This program is distributed in the hope it will be useful,
but WITHOUT ANY WARRANTY. See the GNU GPL for more details.

To get support, please contact: SHIN (@shinsenter)

PHP 8.1.28 (fpm-fcgi) (built: May 14 2024 04:25:52)
Copyright (c) The PHP Group
Zend Engine v4.1.28, Copyright (c) Zend Technologies
    with Zend OPcache v8.1.28, Copyright (c), by Zend Technologies
    with Xdebug v3.3.2, Copyright (c) 2002-2024, by Derick Rethans
Composer version 2.7.6 2024-05-04 23:03:15

Server version: Apache/2.4.59 (Debian)
Server built:   2024-04-05T12:02:26
Syntax OK
[30-May-2024 01:20:11] NOTICE: fpm is running, pid 2525
[30-May-2024 01:20:11] NOTICE: ready to handle connections
[Thu May 30 01:20:11.123775 2024] [mpm_event:notice] [pid 2531:tid 281473283002400] AH00489: Apache/2.4.59 (Debian) OpenSSL/3.0.11 configured -- resuming normal operations

Unfortunately, I don't have AWS environment to be able to reproduce the issue you're experiencing with your container on AWS. It would be very helpful if you could provide me with more details and more verbose logs.

Please let me know if you have any questions.

I also suspect that there might be a possibility that ECS Exec is enabled on your container host. ECS Exec wants to own pid 1, which is causing conflicts with s6-overlay. This issue is currently being discussed on GitHub and there is no definitive solution yet.

I will continue to follow this issue and update you as soon as a patch is available for s6-overlay.

In the meantime, you can try the following workaround: disabling ECS Exec will prevent it from taking over pid 1 and allow s6-overlay to function properly. However, this will also mean that you will not be able to use ECS Exec to connect to your containers.

I hope this information is helpful. Please let me know if you have any other questions.

Best regards,

Hello,

Can I contact you directly

@6rendon

Sure, you can email me at shin@shin.company. I'm happy to help when I can, but please note that I have limited time for free technical support.

To understand your issue better, please provide a detailed explanation. This will help me see if I can address it quickly. If the issue is beyond my expertise or needs more extensive attention, I'll direct you to some helpful resources.

Thank you for your understanding.