Deployment of kerberos/kerberos:latest fails

[lexustec]

Hello folks,

I tried to deploy kerberos on my docker swarm the last days.

I run into the same issue someone had posted on kerberos/machinery:

2021-02-03 08:28:09,527 CRIT Set uid to user 2021-02-03 08:28:09,556 INFO RPC interface 'supervisor' initialized 2021-02-03 08:28:09,557 CRIT Server 'unix_http_server' running without any HTTP authentication checking 2021-02-03 08:28:09,557 INFO supervisord started with pid 29 2021-02-03 08:28:10,562 INFO spawned: 'nginx' with pid 32 2021-02-03 08:28:10,567 INFO spawned: 'machinery' with pid 33 2021-02-03 08:28:10,796 INFO exited: machinery (exit status 255; not expected) 2021-02-03 08:28:11,798 INFO success: nginx entered RUNNING state, process has stayed up for > than 1 seconds (startsecs) 2021-02-03 08:28:11,801 INFO spawned: 'machinery' with pid 40 2021-02-03 08:28:11,982 INFO exited: machinery (exit status 255; not expected) 2021-02-03 08:28:13,990 INFO spawned: 'machinery' with pid 43 2021-02-03 08:28:14,196 INFO exited: machinery (exit status 255; not expected) 2021-02-03 08:28:17,203 INFO spawned: 'machinery' with pid 46 2021-02-03 08:28:17,403 INFO exited: machinery (exit status 255; not expected) 2021-02-03 08:28:18,405 INFO gave up: machinery entered FATAL state, too many start retries too quickly

also the web IF gives back a 502 bad gateway ofc.

Any hint on this ?

I tried to attach to the container but this times out.

Is it because the container is not privileged ? ( in Docker swarm env there are no priviledged containers... if i dont fork and recompile.... )

Why i use docker swarm: Multiple endpoints ( raspi4 over WAN ) with cams ( in raspi4 local network ) and central storage/ management and routing.

[edgarGracia]

This happened to me too. I managed to solve it by enabling the raspberry camera on the raspi-config:

sudo raspi-config-> Interface Options -> Camera

[3ldidi94]

Same issue than @lexustec for me. I already have enabled the camera with raspi-config command. I've attached the log file locate under /etc/opt/kerberosio/logs/log.stash.

log.stash.txt

[3ldidi94]

As the docker image seems to not work properly from scratch, I made a script to install kerberos.io manually on Debian/Ubuntu. It should install and setup kerberos.io just fine for a raspberry pi 3. It should work also on other raspberry pi if you change the url in the script variables to fit your version here https://github.com/kerberos-io/machinery/releases

#!/bin/bash

# Author : 3lDiDi94
# Creation : 01/24/2021
# Last update : 05/11/2021

### PLEASE MODIFY URL HERE TO FILL THE NEW VERSION
### FOR RASPBERRY PI 3 ONLY; CHANGE URL IF OTHER PLATFORM

KER_IO="https://github.com/kerberos-io/machinery/releases/download/v2.8.0/rpi3-machinery-kerberosio-armhf-2.8.0.deb"
LIB265="https://github.com/kerberos-io/machinery/releases/download/v2.8.0/rpi3-libx265.so.160"
LIB264="https://github.com/kerberos-io/machinery/releases/download/v2.8.0/rpi3-libx264.so.148"
WEB_APP="https://github.com/kerberos-io/web/releases/download/v2.8.0/web.tar.gz"
SERVER_NAME="_"

### VARIABLES
DL_FOLDER="$HOME/kerberos-io/$(date | cut -d' ' -f 3,4 | sed 's/ /_/g' | sed 's/:/-/g')"
APP_FOLDER="/var/www/kerberos"

###########################

# RETRIEVING FILES
mkdir -p $DL_FOLDER && cd $DL_FOLDER
wget $KER_IO -O "rpi3-arm-last.deb"
wget $LIB265
wget $LIB264
sudo dpkg -i "rpi3-arm-last.deb"
sudo mv "rpi3-libx265.so.160" "/usr/lib/arm-linux-gnueabihf/libx265.so.160"
sudo mv "rpi3-libx264.so.148" "/usr/lib/arm-linux-gnueabihf/libx264.so.148"

# SYSTEM CONFIG
sudo systemctl enable kerberosio
sudo service kerberosio start
sudo apt-get install -y nginx php7.1 php7.1-curl php7.1-gd php7.1-fpm php7.1-cli php7.1-opcache php7.1-mbstring php7.1-xml php7.1-zip php7.1-mcrypt php7.1-readline

# NGINX CONFIG
sudo rm -f /etc/nginx/sites-enabled/default

cat <<EOF > /etc/nginx/sites-enabled/kerberosio.conf
server {
    listen 80;
    listen [::]:80;

    root /var/www/kerberos/public;

    server_name $SERVER_NAME;

    index index.php index.html index.htm;

    location /
    {
            autoindex on;
            try_files \$uri \$uri/ /index.php?\$query_string;
    }

    location ~ \.php$
    {
            fastcgi_pass unix:/var/run/php/php7.1-fpm.sock;
            fastcgi_param SCRIPT_FILENAME \$document_root\$fastcgi_script_name;
            include fastcgi_params;
    }
}

server {
        listen 443 ssl;
        listen [::]:443 ssl;

        access_log /var/log/nginx/reverse-access.log;
        error_log /var/log/nginx/reverse-error.log;

        location / {
            proxy_pass http://127.0.0.1:80;
            proxy_set_header X-Real-IP \$remote_addr;
            proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
            proxy_set_header X-Forwarded-Proto \$scheme;
            proxy_set_header X-Forwarded-Host \$http_host;

  }
}
EOF

sudo service nginx restart

# WEB APP CONFIG
sudo mkdir -p $APP_FOLDER && sudo chown www-data: $APP_FOLDER && cd $APP_FOLDER
sudo -u www-data wget $WEB_APP
sudo -u www-data tar xvf web.tar.gz .
sudo chown www-data -R storage bootstrap/cache config/kerberos.php
sudo chmod -R 775 storage bootstrap/cache
sudo chmod 0600 config/kerberos.php

## AUTREMOVAL SCRIPT
cd $HOME
cat << EOF > autoremoval-kerberos-images.sh
#!/bin/bash
partition=/dev/root
imagedir=/etc/opt/kerberosio/capture/
if [[ \$(df -h | grep \$partition | head -1 | awk -F' ' '{ print \$5/1 }' | tr ['%'] ["0"]) -gt 80 ]];
then
    echo "Cleaning disk"
    find \$imagedir -type f | sort | head -n 100 | xargs -r rm -rf;
fi;
EOF
chmod +x autoremoval-kerberos-images.sh
(crontab -l 2>/dev/null; echo "*/5 * * * * $HOME/autoremoval-kerberos-images.sh") | crontab -

[eth0xFEED]

I had the same issue and was able to resolve by running the following command, believe the /dev filesystem path is needed for pi camera to be mounted by agent.

docker run --privileged -v /dev:/dev --name camera1 -p 80:80 -p 8889:8889 -d kerberos/kerberos

[yllekz]

This project/app/repo seems to be dead/inactive unfortunately. Not sure what's going on.

If it helps, this is my docker-compose which works on a Pi (assuming you have a directly-attached Pi camera via the camera port:

---
version: "2"
services:
  kerberos:
    image: kerberos/kerberos:latest
    container_name: kerberos
    environment:
      - PUID=1000
      - PGID=1000
      - TZ=America/New_York
    volumes:
      - /path/to/config/kerberos/capture:/etc/opt/kerberosio/capture
      - /path/to/config/kerberos/config:/etc/opt/kerberosio/config
      - /path/to/config/kerberos/logs:/etc/opt/kerberosio/logs
      - /path/to/config/kerberos/webconfig:/var/www/web/config
    ports:
      - 8080:80 #WebUI
      - 8889:8889 #kerberos comm port
    devices:
       - "/dev/vchiq:/dev/vchiq"
    privileged: true
    restart: unless-stopped

[cedricve]

Hey there no it is revived here -> https://github.com/kerberos-io/agent https://github.com/kerberos-io/agent

This repo will be updated soon.

On 8 Sep 2022, at 16:48, yllekz @.***> wrote:

container_name: kerberos

[yllekz]

Oh, interesting. Will there be an update to the current app or is there an entirely new Docker container coming out?

[cedricve]

Its build from scratch, everything is new. Currently it only works with a RTSP stream (and we are proxying USB and RPI cameras). But IP cameras coming with a h264 stream will work natively.

On 8 Sep 2022, at 16:56, yllekz @.***> wrote:

Oh, interesting. Will there be an update to the current app or is there an entirely new Docker container coming out?

— Reply to this email directly, view it on GitHub https://github.com/kerberos-io/kerberos-docker/issues/33#issuecomment-1240834244, or unsubscribe https://github.com/notifications/unsubscribe-auth/AALZUGZBTYBMZ6RZ5D5OX7LV5H5DRANCNFSM4XAN7PFQ. You are receiving this because you commented.