There are many reasons to run a web service in a container. One of the remote services I rely on most heavily is git. While git local operations are fine in a global namespace, running a shared git repository on a remote server is a web-service based use case. There are three protocols used most commonly to remotely access git: git, ssh, and https. I am going to focus on the last one here.
In a previous post I ran git and gitweb as Web services directly on my laptop. Then I got push access to work. Now I want to do the same thing, but in a container. The directory that stores the repository files are going to be mounted into the container so that they survive a reboot.
We are going to use the same git.conf and gitweb.conf files as we used for the base OS, but we will put them into the container image via a Dockerfile.
FROM fedora:latest #registry.fedoraproject.org/f29/httpd USER root LABEL maintainer="Adam Young" # Update image RUN yum -y install httpd RUN yum -y install gitweb COPY git.conf /etc/httpd/conf.d/ RUN mkdir -p /var/www/git EXPOSE 80 # Start the service CMD ["-D", "FOREGROUND"] ENTRYPOINT ["/usr/sbin/httpd"]
To build the container, I used podman:
buildah bud -t ayoung/gitserver
And to run it:
podman run -p 9999:80/tcp --mount type=bind,source=/var/lib/git,destination=/var/lib/git --rm -it localhost/ayoung/gitserver
Note that I run from a very non-standard port: 9999. To clone from this server:
git clone http://gitserver:9999/repo/gitserver.repo
Note that I have put an entry into /etc/hosts for gitserver.
Make a change and trying to push back to the server gives me an error:
git clone http://gitserver:99$ git push Enumerating objects: 5, done. Counting objects: 100% (5/5), done. Delta compression using up to 8 threads Compressing objects: 100% (3/3), done. Writing objects: 100% (3/3), 347 bytes | 347.00 KiB/s, done. Total 3 (delta 1), reused 0 (delta 0), pack-reused 0 error: remote unpack failed: unable to create temporary object directory To http://gitserver:9999/repo/gitserver.repo ! [remote rejected] master -> master (unpacker error) error: failed to push some refs to 'http://gitserver:9999/repo/gitserver.repo'
Even when running with SELinux in permissive mode. This is because the user that is writing the file has a different ID than
the ayoung user that owns the repo. If I make the repo world writable:$ cd /var/lib/git/ $ sudo chmod -R a+w . $ cd – $ git push origin HEAD:test Enumerating objects: 5, done. Counting objects: 100% (5/5), done. Delta compression using up to 8 threads Compressing objects: 100% (3/3), done. Writing objects: 100% (3/3), 347 bytes | 347.00 KiB/s, done. Total 3 (delta 1), reused 0 (delta 0), pack-reused 0 To http://gitserver:9999/repo/gitserver.repo * [new branch] HEAD -> test
I can successfully push to the remote repository.
Both this change and the config change in the last post are not how I would want to run in product, but these are interim steps toward what I really want: running the git server in OpenShift. We’ll get there.