Failed to unpack AMP when volume bind is set

[TABLE272]

Hi, first thanks for making this container. Suits my needs perfectly, just having one issue with it at the moment which im 100% sure is my error but can't figure it out with my lack of experience.

Whenever I have the volume bind setup AMP is failing to start with an access to path is denied error. In this case I have the host volume as /opt/amp following what my other containers are using and the path in container as /home/amp/.ampdata.

useradd: warning: the home directory already exists., Not copying any file from skel directory into it., [Info] AMP Instance Manager v1.9.1.0 built 12/12/2019 15:04, [Info] Release spec: Release - built by CUBECODERS/buildbot on CCL-DEV, [Info] Testing internet connection..., [Info] Checking licence key..., [Info] Licence Type: AMP Professional, [Info] Current Usage: 4, [Info] Creating Instance: 'Main', [Info] Performing Step: Creating Environment, [Error] Failed to unpack AMP., [Error] UnauthorizedAccessException, [Error] [0] (UnauthorizedAccessException) : Access to the path '/home/amp/.ampdata/instances/Main' is denied., [Error] at IO.FileCreateDirectory (String fullPath) , at IO.Directory.CreateDirectory (String path) , at InstanceManagerPlugin.LocalInstanceManager.DownloadAndUnpack (InstanceManagerPlugin.LocalAMPInstance Spec, Boolean ModuleOnly, Boolean SkipCache) , [Error] IOException, [Error] [1] (IOException) : Permission denied, [Info] Performing Step: Failed, [Info] Instance creation failed. The core archive failed to download or unpack, Starting AMP..., [Info] AMP Instance Manager v1.9.1.0 built 12/12/2019 15:04, [Info] Release spec: Release - built by CUBECODERS/buildbot on CCL-DEV, [Error] No such instance matching name: 'Main',

I attempted changing the host location such as to /home/<user>/amp but no amount of changes to the host volume seemed to make a difference. However if I have no volume bind set, or one that does not affect the relevant folder inside the container such as simply /.ampdata in this case, AMP launches fine.

[Info] AMP Instance Manager v1.9.1.0 built 12/12/2019 15:04, [Info] Release spec: Release - built by CUBECODERS/buildbot on CCL-DEV, [Info] Testing internet connection..., [Info] Checking licence key..., [Info] Licence Type: AMP Professional, [Info] Current Usage: 4, [Info] Creating Instance: 'Main', [Info] Performing Step: Creating Environment, [Info] Performing Step: Downloading AMP, [Info] No cache exists for 1912, [Info] Downloading AMP from https://cubecoders.com/Downloads/AMP_Latest.zip..., [Info] Complete, [Info] Performing Step: Unpacking, [Info] Performing Step: Configuring AMP, [23:24:17] [Core Info]            : Starting AMP version 1.9.1.2 (Lapetus), built 17/12/2019 14:25, [23:24:17] [Core Info]            : Stream: Mainline (Release) - built by CUBECODERS/buildbot on CCL-DEV, [23:24:18] [Core Warning]         : Specified password is very weak. Change it ASAP., [23:24:18] [Core Info]            : Running in a Docker environment., [23:24:18] [Core Info]            : OS: Linux / x86_64, [23:24:18] [Core Info]            : CPU: Intel(R) Xeon(R) CPU @ 2.20GHz (1C/1T), [23:24:18] [Core Info]            : AMP Instance ID: 785d7962-5316-4cdc-a893-a54c4015eec2, [23:24:18] [Core Info]            : Checking for AMP updates..., [23:24:19] [ModuleLoader Info]    : Loaded ADSModule version 1.0.0.0 by CubeCoders Limited, [23:24:19] [ModuleLoader Info]    : Loaded FileManager version 1.0.0.0 by CubeCoders Limited, [23:24:19] [ModuleLoader Info]    : Loaded EmailSender version 1.0.0.0 by CubeCoders Limited, [23:24:19] [ModuleLoader Info]    : Loaded WebRequestPlugin version 1.0.0.0 by CubeCoders Limited, [23:24:19] [ModuleLoader Info]    : Loaded LocalFileBackupPlugin version 1.0.0.0 by CubeCoders Limited, [23:24:19] [ModuleLoader Info]    : ADSModule requests dependency InstanceManagerPlugin..., [23:24:19] [ModuleLoader Info]    : Loaded InstanceManagerPlugin version 1.0.0.0 by CubeCoders Limited, [23:24:19] [ModuleLoader Info]    : ADSModule requests dependency SystemUserManagerPlugin..., [23:24:19] [ModuleLoader Info]    : Loaded SystemUserManagerPlugin version 1.0.0.0 by CubeCoders Limited, [23:24:19] [ModuleLoader Info]    : Loaded steamcmdplugin version 1.0.0.0 by CubeCoders Limited, [23:24:19] [Core Info]            : -configonly specified or activation performed. Saving settings and shutting down. This is perfectly normal., [Info] Performing Step: Finished, [Info] Instance created successfully!, Starting AMP..., [Info] AMP Instance Manager v1.9.1.0 built 12/12/2019 15:04, [Info] Release spec: Release - built by CUBECODERS/buildbot on CCL-DEV, [Info] Starting Instance: 'Main', [Info] Waiting for AMP instance to start..., [Notice] AMP instance Main is now running., [Info] You can browse to this instance at http://172.18.0.8:8080/, [Info] Instance started in new session. Run 'ampinstmgr View Main' to view this instances console.,
AMP Started., Entrypoint Sleeping. Logs can be viewed through AMP web UI or at ampdata/instances/Main/AMP_Logs,

However as I am unable to get the bind working, my changes are lost if I need to make any adjustments to the container itself. As far as user profiles go, I am using UID 1002 and GID 1004 in following my other containers, but have also tried with 1000 on both to see if it made a difference.

It's probably something very easy I'm just missing, very much still learning as I go. If you could point me in the direction of what I'm doing wrong that would be appreciated.

[MitchTalmadge]

Hi! Happy to help. Just to check, can you verify that the host volume and its sub-directories are owned by the same user (1002/1004) used in the container? If that's not the problem I have another idea and I'll be pushing out a new build soon to hopefully fix it.

[TABLE272]

Thanks, yep was actually just off checking that while waiting for a response. The ownership of the volume directory appears correct. 1002/1004 are for the "cloudbox" user as listed below.

ls -lah /opt/amp
total 12K
drwxr-xr-x  3 cloudbox cloudbox 4.0K Dec 30 15:52 .
drwxrwxr-x 26 cloudbox cloudbox 4.0K Dec 30 15:52 ..
drwxr-xr-x  2 cloudbox cloudbox 4.0K Dec 30 15:52 .ampdata

This is the same as on the organizr example I was using earlier.

ls -lah /opt/organizr
total 28K
drwxrwxr-x  7 cloudbox cloudbox 4.0K Dec 28 10:55 .
drwxrwxr-x 26 cloudbox cloudbox 4.0K Dec 30 15:52 ..
drwxr-xr-x  2 cloudbox cloudbox 4.0K Dec 28 10:55 keys
drwxr-xr-x  4 cloudbox cloudbox 4.0K Dec 28 10:55 log
drwxrwxr-x  3 cloudbox cloudbox 4.0K Dec 28 10:55 nginx
drwxr-xr-x  2 cloudbox cloudbox 4.0K Dec 28 10:55 php
drwxrwxr-x  3 cloudbox cloudbox 4.0K Dec 30 17:02 www

Figured it might be that too as most my searching around for solutions was pointing towards that, but that appeared to be more so for permission being denied when writing to the host volume, as opposed to this being the opposite.

[MitchTalmadge]

Ok good to know. It doesn't seem like you're doing anything wrong so hopefully this new build will work. I had a similar issue in testing and this seemed to solve it. It's being built by docker hub right now. I'll let you know when it's done.

Are you using docker compose? If so and you are comfortable sharing your compose file (hiding the secrets of course) that might help.

[TABLE272]

Good to know its not just me being silly then, still very much new to docker but getting the hang of it I think.

At present im installing via the docker run command following the template cloudbox provides on their wiki since it works lets encrypt and everything in at the same time.

This is the command I am using

docker run -d \
    --name=amp \
    --restart=always \
    -e PGID=1004 -e PUID=1002 \
    --network=cloudbox \
    --network-alias=amp \
    -p 8080:8080 \
    -p 25565:25565 \
    -v /opt/amp:/home/amp/.ampdata \
    --label com.github.cloudbox.cloudbox_managed=true \
    -e VIRTUAL_PORT=8080 \
    -e VIRTUAL_HOST=amp.<domain>.com \
    -e LETSENCRYPT_HOST=amp.<domain>.com \
    -e LETSENCRYPT_EMAIL=<user>@<domain>.com \
    -e LICENCE=<key> \
    -e MODULE=ADS \
    -e USERNAME=<panelusername> \
    -e PASSWORD=<panelpassword> \
    -e UID=1002 -e GID=1004 \
    mitchtalmadge/amp-dockerized

[MitchTalmadge]

Cloudbox is totally new to me but it's pretty interesting that they put a Let's Encrypt layer on top of any image, that's neat. Your command looks good to me assuming Cloudbox is working as intended.

The new image is built, you should be able to run something like docker pull mitchtalmadge/amp-dockerized in order to get the latest image. Try it out after pulling and see if it makes any difference :)

[TABLE272]

That seems to have fixed it, thanks very much.

AMP started up fine with the correct volume information, ls is showing files in the correct bind directory and I tried a quick recreate of the image and it picked up where it left of with instances in tact.

Thanks very much for the assistance :)

[MitchTalmadge]

Awesome! :D Very exciting.

One other thing, you may run into re-activation problems which I've been investigating here: #3 It looks like Docker tends to re-assign mac addresses and this causes AMP to assume that you've moved the installation to "new hardware" which requires a re-activation (to prevent people sharing instances for example). My way around this is to add a hard-coded mac address through Docker. Could you try this for me?

• Visit this page: https://miniwebtool.com/mac-address-generator/
• Put 02:42:AC in as the prefix
• Choose the format with colons :
• Generate
• Copy the generated MAC and add to your command. For example: --mac-address="02:42:AC:XX:XX:XX"

Then restart the container and see if it all still works. Hopefully after doing this you will never experience a de-activation. If you do, let me know here: #3. I'm still looking into ways of detecting when containers need to be re-activated and doing it manually, but it's taking a bit of time to figure out.

Just a note, the first boot after hard-coding a mac address may cause an initial de-activation; the easiest way to re-activate is just to wipe the volume and start over, but if you have substantial work put into it then it's a bit more involved. You'd have to exec into the container with a bash shell, then run:

su amp --command "ampinstmgr Reactivate Main \"${LICENCE}\""

and again for any other instances you have, replacing Main with them (for example, Minecraft01). Don't change the LICENCE part, it is filled in with the environment variable you supplied when starting the container automatically.

Hopefully you don't have to do that but if you ever start getting activation errors let me know and I'll walk you through it.

[TABLE272]

Thanks, I actually noticed that issue earlier when checking if this issue had been reported already. I've gone ahead and made that mac address change so i'll close this issue down and let you know over on #3 if anything happens regarding deactivation. Keep up the good work :)