search

immauss / openvas

Containers for running the Greenbone Vulnerability Manager. Run as a single container with all services or separate single applications containers via docker-compose.
GNU Affero General Public License v3.0
354 stars 102 forks source link

current latest image amd64 won't start #83

Closed cybermcm closed 2 years ago

cybermcm commented 2 years ago

Something is broken with latest image (amd64, 8885aef712c6). Container won't start at all, no log entry. using tag 21.4.4-03 -> working

immauss commented 2 years ago

Are you using bind mounts or docker managed volumes ?

cybermcm commented 2 years ago

sorry, should have posted my compose, bind mounts:

openvas:
  container_name: openvas
  cpus: 4
  environment:
   - PASSWORD=${openvas_OV_PASSWORD}
   - QUIET=true # immauss/openvas
   - SKIPSYNC=true
  hostname: openvas
  image: immauss/openvas
  labels:
   - ${WATCHTOWER_TRUE}
   - diun.enable=true
   - diun.watch_repo=true
   - traefik.enable=true
   - "traefik.http.routers.openvas.rule=Host(`openvas.${HOSTNAME}`)"
   - traefik.http.routers.openvas.entrypoints=web-secure
   - traefik.http.routers.openvas.tls.certresolver=le
   - traefik.http.routers.openvas.tls=true
   - traefik.http.routers.openvas.priority=2
   - traefik.http.routers.openvas.tls.options=default
   - traefik.http.routers.openvas.service=openvas
   - traefik.http.services.openvas.loadbalancer.server.port=9392
  networks:
   - web
  restart: always
  volumes:
   - /_openvas:/data # immauss/openvas
immauss commented 2 years ago

New release 21.4.4-05 moves the file system setup back to the start.sh. This ensure the /data folder is properly populated in an empty bind directory.

This is building now and will publish soon.

cybermcm commented 2 years ago

I'll give it a try when available... feedback: my /data directory was/is filled with data, it wasn't empty (filled with data from 21.4.4-03)

cybermcm commented 2 years ago

21.4.4-05: another issue, this time with one line in log file: openvas | Wait for redis socket to be created... and then nothing, standing there for minutes...

NOVACyclist commented 2 years ago

I'm having the same issues.

docker info Client: Context: default Debug Mode: false

Server: Containers: 1 Running: 0 Paused: 0 Stopped: 1 Images: 1 Server Version: 20.10.7 Storage Driver: overlay2 Backing Filesystem: extfs Supports d_type: true Native Overlay Diff: true userxattr: false Logging Driver: json-file Cgroup Driver: cgroupfs Cgroup Version: 1 Plugins: Volume: local Network: bridge host ipvlan macvlan null overlay Log: awslogs fluentd gcplogs gelf journald json-file local logentries splunk syslog Swarm: inactive Runtimes: io.containerd.runc.v2 io.containerd.runtime.v1.linux runc Default Runtime: runc Init Binary: docker-init containerd version: runc version: init version: Security Options: apparmor seccomp Profile: default Kernel Version: 5.4.0-90-generic Operating System: Ubuntu 20.04.3 LTS OSType: linux Architecture: x86_64 CPUs: 48 Total Memory: 15.65GiB Name: docker ID: 5LHM:JYDZ:3YW2:U2NI:XC4V:6UBY:FDK4:NGVV:VULI:3WCK:U5ZW:6AWW Docker Root Dir: /var/lib/docker Debug Mode: false Registry: https://index.docker.io/v1/ Labels: Experimental: false Insecure Registries: 127.0.0.0/8 Live Restore Enabled: false

WARNING: No swap limit support

immauss commented 2 years ago

So .... I've noidea how it happened.... latest should have still been 21.4.4-03 .... but somehow... it was replaced with the base image that I use for building. So basically a plain debian buster image with the gvm dependencies installed.

Surely this was my mistake ...

my appologies. It should be good now.

-Scott

cybermcm commented 2 years ago

just tried latest, seems good now, thanks

cybermcm commented 2 years ago

ups, you did it again, latest tag now produces Wait for redis socket to be created... again :-(