Any manuals?

[outcoldman]

Hi,

Is this container reusable? Do you have any manuals somewhere?

Thanks

[cptactionhank]

It certainly is and unfortunately i have not written a read yet.

However it is setup to share the /media path by default, so a quick way to get started is to just mount your shared folders to /media.

this means your docker run line would be something like: docker run -d --publish 548:548 --volume :/media/ cptactionhank/netatalk

and then add as many volume mounts to your hearts content, it should then be accessible through an AFP share called 'My AFP Volume'.

If you want different shares for each folder you do the same thing as previous, however you want to edit the afp.conf file to match what you want see more here http://netatalk.sourceforge.net/3.1/htmldocs/afp.conf.5.html

[outcoldman]

Thank you for getting back. I tried to use my own afp.conf and my own mounted volumes, but this is what I get:

2015-01-29 16:10:34,695 CRIT Supervisor running as root (no user in config file)
2015-01-29 16:10:34,695 WARN Included extra file "/etc/supervisor/conf.d/supervisord.conf" during parsing
2015-01-29 16:10:34,711 INFO RPC interface 'supervisor' initialized
2015-01-29 16:10:34,711 WARN cElementTree not installed, using slower XML parser for XML-RPC
2015-01-29 16:10:34,711 CRIT Server 'unix_http_server' running without any HTTP authentication checking
2015-01-29 16:10:34,711 INFO supervisord started with pid 1
2015-01-29 16:10:35,713 INFO spawned: 'fatal-event-helper' with pid 10
2015-01-29 16:10:35,715 INFO spawned: 'dbus' with pid 11
2015-01-29 16:10:35,716 INFO spawned: 'avahi-daemon' with pid 12
2015-01-29 16:10:35,717 INFO spawned: 'netatalk' with pid 13
2015-01-29 16:10:35,725 INFO exited: avahi-daemon (exit status 255; not expected)
2015-01-29 16:10:36,732 INFO success: fatal-event-helper entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
2015-01-29 16:10:36,732 INFO success: dbus entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
2015-01-29 16:10:36,733 INFO spawned: 'avahi-daemon' with pid 20
2015-01-29 16:10:36,734 INFO success: netatalk entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
2015-01-29 16:10:36,741 INFO exited: avahi-daemon (exit status 255; not expected)
2015-01-29 16:10:38,744 INFO spawned: 'avahi-daemon' with pid 24
2015-01-29 16:10:38,752 INFO exited: avahi-daemon (exit status 255; not expected)
2015-01-29 16:10:41,756 INFO spawned: 'avahi-daemon' with pid 25
2015-01-29 16:10:41,764 INFO exited: avahi-daemon (exit status 255; not expected)
2015-01-29 16:10:42,765 INFO gave up: avahi-daemon entered FATAL state, too many start retries too quickly
2015-01-29 16:10:44,732 INFO stopped: dbus (exit status 0)
2015-01-29 16:10:44,739 INFO stopped: netatalk (exit status 0)
2015-01-29 16:10:45,797 INFO exited: fatal-event-helper (exit status 0; expected)

[outcoldman]

Btw, this is my docker version

Docker version 1.4.1, build 5bc2ff8

[cptactionhank]

For some reason it looks like avahi-daemon keeps crashing, which I don't know why. I have tried running the image as a test and is successful in serving AFP.

$ docker run -ti -p 548:548 --net=host cptactionhank/netatalk
2015-01-29 01:30:00,466 CRIT Supervisor running as root (no user in config file)
2015-01-29 01:30:00,466 WARN Included extra file "/etc/supervisor/conf.d/supervisord.conf" during parsing
2015-01-29 01:30:00,495 INFO RPC interface 'supervisor' initialized
2015-01-29 01:30:00,495 WARN cElementTree not installed, using slower XML parser for XML-RPC
2015-01-29 01:30:00,495 CRIT Server 'unix_http_server' running without any HTTP authentication checking
2015-01-29 01:30:00,495 INFO supervisord started with pid 1
2015-01-29 01:30:01,499 INFO spawned: 'fatal-event-helper' with pid 8
2015-01-29 01:30:01,502 INFO spawned: 'dbus' with pid 9
2015-01-29 01:30:01,504 INFO spawned: 'avahi-daemon' with pid 10
2015-01-29 01:30:01,509 INFO spawned: 'netatalk' with pid 11
2015-01-29 01:30:02,522 INFO success: fatal-event-helper entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
2015-01-29 01:30:02,523 INFO success: dbus entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
2015-01-29 01:30:02,524 INFO success: avahi-daemon entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
2015-01-29 01:30:02,524 INFO success: netatalk entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
^C2015-01-29 01:30:16,806 WARN received SIGINT indicating exit request
2015-01-29 01:30:16,807 INFO waiting for avahi-daemon, netatalk, dbus, fatal-event-helper to die
2015-01-29 01:30:16,812 CRIT reaped unknown pid 25)
2015-01-29 01:30:16,824 INFO stopped: netatalk (exit status 0)
2015-01-29 01:30:16,836 INFO stopped: avahi-daemon (exit status 0)
2015-01-29 01:30:16,837 CRIT reaped unknown pid 12)
2015-01-29 01:30:16,861 INFO stopped: dbus (exit status 0)
2015-01-29 01:30:16,861 CRIT reaped unknown pid 26)
2015-01-29 01:30:16,863 INFO stopped: fatal-event-helper (exit status 0)
$ docker version
Client version: 1.4.1
Client API version: 1.16
Go version (client): go1.4
Git commit (client): 5bc2ff8
OS/Arch (client): darwin/amd64
Server version: 1.4.1
Server API version: 1.16
Go version (server): go1.3.3
Git commit (server): 5bc2ff8-dirty
$ docker info
Containers: 5
Images: 28
Storage Driver: overlay
Execution Driver: native-0.2
Kernel Version: 3.18.2
Operating System: CoreOS 575.0.0
CPUs: 4
Total Memory: 3.864 GiB
Name: localhost
ID: R6LI:7ZVP:HN3D:PXJ5:ZTXR:YLEW:QSDR:SVWT:AI7U:MSNT:QB2Z:MIAK 

1) What does your afp.conf file look like 2) Does it work if you use the run command i have supplied in the log above

[outcoldman]

In the log I attached before I used your command

docker run --publish 548:548 --volume /home/:/media/ cptactionhank/netatalk

The only one difference I see that my docker is based on 1.4, it is ubuntu with 3.13

> docker version
Client version: 1.4.1
Client API version: 1.16
Go version (client): go1.3.3
Git commit (client): 5bc2ff8
OS/Arch (client): linux/amd64
Server version: 1.4.1
Server API version: 1.16
Go version (server): go1.3.3
Git commit (server): 5bc2ff8
> docker info
Containers: 30
Images: 121
Storage Driver: aufs
 Root Dir: /var/lib/docker/aufs
 Dirs: 181
Execution Driver: native-0.2
Kernel Version: 3.13.0-44-generic
Operating System: Ubuntu 14.04.1 LTS
CPUs: 8
Total Memory: 31.13 GiB
Name: outcoldbuntu
ID: BHFX:6CMZ:OBDQ:ZYA7:AVTR:IAOH:ATVI:ONPY:AWW7:3YOK:Q5VO:HIUG
WARNING: No swap limit support

[cptactionhank]

OK, so I ran it on another system where I got something that looked like your output

$ docker info
Containers: 18
Images: 521
Storage Driver: aufs
 Root Dir: /var/lib/docker/aufs
 Dirs: 567
Execution Driver: native-0.2
Kernel Version: 3.13.0-43-generic
Operating System: Ubuntu 14.04.1 LTS
CPUs: 4
Total Memory: 3.86 GiB
ID: LUP4:5OZV:RXIV:P7A6:A3YF:Z7RK:JFVA:VAT7:F65D:5TVH:YBVM:WFK6
$ docker version
Client version: 1.4.1
Client API version: 1.16
Go version (client): go1.3.3
Git commit (client): 5bc2ff8
OS/Arch (client): linux/amd64
Server version: 1.4.1
Server API version: 1.16
Go version (server): go1.3.3
Git commit (server): 5bc2ff8

I will look into get it to work on my machine and hopefully it should be working on yours as well, in the meantime it would be nice if you could extract the log files from /var/log/supervisor.

[outcoldman]

This is what I got

supervisord.log

2015-01-29 17:43:24,522 CRIT Supervisor running as root (no user in config file)
2015-01-29 17:43:24,522 WARN Included extra file "/etc/supervisor/conf.d/supervisord.conf" during parsing
2015-01-29 17:43:24,539 INFO RPC interface 'supervisor' initialized
2015-01-29 17:43:24,539 WARN cElementTree not installed, using slower XML parser for XML-RPC
2015-01-29 17:43:24,539 CRIT Server 'unix_http_server' running without any HTTP authentication checking
2015-01-29 17:43:24,539 INFO supervisord started with pid 1
2015-01-29 17:43:25,541 INFO spawned: 'fatal-event-helper' with pid 8
2015-01-29 17:43:25,543 INFO spawned: 'dbus' with pid 9
2015-01-29 17:43:25,544 INFO spawned: 'avahi-daemon' with pid 10
2015-01-29 17:43:25,545 INFO spawned: 'netatalk' with pid 11
2015-01-29 17:43:25,554 INFO exited: avahi-daemon (exit status 255; not expected)
2015-01-29 17:43:26,558 INFO success: fatal-event-helper entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
2015-01-29 17:43:26,558 INFO success: dbus entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
2015-01-29 17:43:26,559 INFO spawned: 'avahi-daemon' with pid 18
2015-01-29 17:43:26,560 INFO success: netatalk entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
2015-01-29 17:43:26,567 INFO exited: avahi-daemon (exit status 255; not expected)
2015-01-29 17:43:28,570 INFO spawned: 'avahi-daemon' with pid 22
2015-01-29 17:43:28,578 INFO exited: avahi-daemon (exit status 255; not expected)
2015-01-29 17:43:31,582 INFO spawned: 'avahi-daemon' with pid 23
2015-01-29 17:43:31,590 INFO exited: avahi-daemon (exit status 255; not expected)
2015-01-29 17:43:32,591 INFO gave up: avahi-daemon entered FATAL state, too many start retries too quickly
2015-01-29 17:43:33,694 INFO stopped: dbus (exit status 0)
2015-01-29 17:43:34,564 INFO stopped: netatalk (exit status 0)
2015-01-29 17:43:35,618 INFO exited: fatal-event-helper (exit status 0; expected)

avahi-daemon-stderr---supervisor-TObzDJ.log

Found user 'avahi' (UID 102) and group 'avahi' (GID 103).
Successfully dropped root privileges.
chroot.c: fork() failed: Resource temporarily unavailable
failed to start chroot() helper daemon.
Found user 'avahi' (UID 102) and group 'avahi' (GID 103).
Successfully dropped root privileges.
chroot.c: fork() failed: Resource temporarily unavailable
failed to start chroot() helper daemon.
Found user 'avahi' (UID 102) and group 'avahi' (GID 103).
Successfully dropped root privileges.
chroot.c: fork() failed: Resource temporarily unavailable
failed to start chroot() helper daemon.
Found user 'avahi' (UID 102) and group 'avahi' (GID 103).
Successfully dropped root privileges.
chroot.c: fork() failed: Resource temporarily unavailable
failed to start chroot() helper daemon.

fatal-event-helper-stdout---supervisor-QzL0ag.log

READY
RESULT 2
OKdbus: stopped
netatalk: stopped

netatalk-stderr---supervisor-xUZVD1.log

sh: 1: gsettings: not found
sh: 1: gsettings: not found
sh: 1: /usr/bin/tracker-control: not found

netatalk-stdout---supervisor-AmzX8j.log

Jan 29 17:43:25.556274 netatalk[11] {netatalk.c:386} (note:Default): Netatalk AFP server starting
Jan 29 17:43:25.556593 netatalk[11] {netatalk.c:434} (note:Default): Starting dbus: /usr/bin/dbus-daemon
Jan 29 17:43:25.560256 cnid_metad[13] {cnid_metad.c:509} (note:AFPDaemon): CNID Server listening on localhost:4700
Jan 29 17:43:25.723905 afpd[12] {afp_config.c:198} (note:AFPDaemon): Netatalk AFP/TCP listening on 172.17.0.190:548
Jan 29 17:43:26.559581 netatalk[11] {netatalk.c:447} (note:Default): Starting Tracker
Jan 29 17:43:26.563942 netatalk[11] {netatalk.c:456} (note:Default): Registered with Zeroconf
Jan 29 17:43:33.693311 netatalk[11] {afp_avahi.c:240} (error:AFPDaemon): Failed to contact server: Daemon not running
Jan 29 17:43:34.557584 netatalk[11] {netatalk.c:254} (note:AFPDaemon): Restarting 'afpd' (restarts: 1)

and few empty files

-rw-------   1 outcoldman  staff     0 Jan 29 09:46 avahi-daemon-stdout---supervisor-qOerYD.log
-rw-------   1 outcoldman  staff     0 Jan 29 09:46 dbus-stderr---supervisor-cn3MpI.log
-rw-------   1 outcoldman  staff     0 Jan 29 09:46 dbus-stdout---supervisor-wiPnRx.log
-rw-------   1 outcoldman  staff     0 Jan 29 09:46 fatal-event-helper-stderr---supervisor-zN54Bd.log

So it seems like that there are some dependencies which I do not have in this container gsettings and /usr/bin/tracker-control. But this is weird.

Thank you again for helping me!

[cptactionhank]

So I got it running on my alternate machine now, hopefully it should be the same solution for you as well. Just pull the image again and create the netatalk container again and it should be it, if not please provide output of df -h and cat /etc/fstab.

Please verify and thank you for the issue report.

[outcoldman]

@cptactionhank awesome! it is working now.

Have you tried to setup timemachine with this docker image? I can connect to the drive, but it is invisible in the list of Network devices, and because of that I cannot use it as Time Machine server. I guess avahi does not report about this instance :(

[cptactionhank]

You are indeed correct. I was working for a long time ago with having Avahi running through a container but gave up, so my host machines have an avahi-daemon running instead, where i define all the stuff.

However in mere recent versions of docker we for example have the possibility to use the hosts network stack, so one way to fix this avahi not reporting problem is to add --net=host to your docker run line.

I can see i really need to add documentation for getting all this stuff running :) I'll look into this as soon as I can.

[outcoldman]

I played a little with your container on this weekend, still could not make avahi to work :( Don't see any issues in container, but at the same time I don't see this drive on my network.

I also found another docker container for timemachine https://github.com/arve0/docker-timemachine but it uses old version of netatalk (3.1.1 from https://launchpad.net/~ali-asad-lotia/+archive/ubuntu/netatalk-stable).

What I really want to have at the end is a combined solution from these two docker containers:

• latest netatalk (probably use the same way as you did - building it from sources)
• avahi enabled
• allow to create user:password with environment variables USERNAME, PASSWORD (at current moment it is possible only to create a container with username timemachine and custom password).
• allow to override hostname in afpd.conf / avahi configuration with another HOSTNAME.
• note that @arve0 mentioned that there are some issues with ubuntu 14.04, so he is using 12.04.

When I will have a time I will try to do that. Don't know how long it will take me. If you can make this work - I will highly appreciate this.

[arve0]

@outcoldman why is it important to get the latest netatalk? It's stable and it works.

[outcoldman]

@arve0 the short answer is "because we can" :) long answer - there were a lot of fixes made after v3.1.1, some of them more important than others, like for example crashes when the same volume used for smb and afp.

[arve0]

@outcoldman Fair enough :smile: Keep me updated if you get anything working.

[cptactionhank]

Some quick feedback:

My intention is to keep the image as plain and less opinionated as possible, such that it should be most useful for most usages. For example i'm running the container with PAM-LDAP user accounts, others might just use it for anonymous file sharing, and many more.

@arve0: I prefer to run the latest stable version, such that previous bugs and security flaws has been fixed or improved. With the 'stable' argument one could just as well chose to use Netatalk 2.2, like the one from the official Ubuntu and Debian repositories. However I would like to use the more updated and more recent version of the software. I also updated my openssl to prevent Heart bleed og recently libc is being updated as well, previous are stable but has some lacking.

@outcoldman: I get it would be convenient for your use case have environment variables to control username and password for a single user. However for unix permissions etc. I think it makes more sense the username defined would be a uid number instead of a name a the user would be assigned the same id, which might not match with the rest of the system, especially if one mounts host volumes directly with the container. I don't think it is something I'll add, however you can configure your container to suit your need, for example edit the afp.conf file to override hostname, disable spotlight, enable time machine and so on. The hostname think could possible also be fixed with the docker flag -h, --hostname="" Container host name, but I haven't tested it.

Also protecting your time machine share behind a user/password, you could run an adduser command in the container to create a unix user in the container and setup sharing permissions in the configuration file. From docker 1.3 I believe, it has been possible to execute additional commands in a running container by docker exec [OPTIONS] CONTAINER COMMAND [ARG...]

Lastly for your problems with Avahi/Bonjour announcements have you tried running the container with the flag --net=host it worked fine for me on both my VM, and an Ubuntu server. Do you have setup a firewall perhaps blocking UDP port 5353 or checked with wireshark if Avahi is actually responding on the network. Can you provide a sketch of the network to get a better idea of what could be the problem.

Thank you all for your feedback, I have been busy so I haven't been able to experiment some more with my network and thus only responding on here.

[cptactionhank]

Hey @arve0 I have now added some documentation and therefore closing this issue.

I have successfully run the container with service announcement using --net=host on both my test machines a CoreOS server and a Ubuntu Server 14.04. I was able to through afp.conf to change the listening port and announced server name. If you still are experiencing problems please create a new issue or contact me and I'll try my best to help.

[outcoldman]

:+1: thank you, I also will try to verify it and find out if I can use it for my needs.

[outcoldman]

Just built my custom docker image using your image with

Dockerfile

FROM cptactionhank/netatalk:latest

RUN groupadd -g1000 outcoldman
RUN useradd --no-create-home -u1000 -g1000 -G users outcoldman
RUN echo "outcoldman:MySecretPassword" | chpasswd 

COPY ./afp.conf /etc/netatalk/afp.conf

afp.conf

; Netatalk 3.x configuration file
;

[Global]
; Global server settings

; enable spotlight and correct the dbus daemon path
dbus daemon = /usr/bin/dbus-daemon
spotlight = yes

; provide AFP runtime statistics (connected users, open volumes) via dbus.
afpstats = yes

; no need guest acccess
uam list = uams_dhx2.so uams_dhx.so

; output log entries to stdout instead of syslog
log file = /dev/stdout
log level = default:note

hostname = timemachine
zeroconf = yes

[TimeMachine]
    path = /TimeMachine
    time machine = yes
    vol size limit = 1000000
    valid users = outcoldman

and docker-compose

timemachine:
    image: outcoldman/netatalk
    volumes:
        - /mnt/BACKUP/TimeMachine:/TimeMachine
    mem_limit: 512m
    cpu_shares: 128
    net: host
    hostname: timemachine

@cptactionhank thank you again!