一次通过docker编译openresty报错curl returned a non-zero code: 6无法通过的问题处理

# 执行编译docker的主配置

[core01:/data]# more /usr/local/worksh/alisz-pixso-cs-gate-docker-build.sh

#!/bin/bash
#
# 因编译依赖较多,编译时间不可控,需要手动处理,否则可能影响业务正常运行
cd /data/www/vhosts/services/fic-server-cs-gate && pwd &&
    sudo chmod 755 ./log.sh ./temp_clear.sh
    sudo chmod 744 ./build.sh && 
    #sudo make pro -e ENABLE_SSL=1 -e ENABLE_REDIS=0 &&
    sudo make pro &&
        sudo docker-compose down &&
    sudo docker-compose up -d --build cs_gate_openresty

# 依赖的脚本
[core01:/data/www/vhosts/services/fic-server-cs-gate]# more log.sh

#! /bin/bash

#cron logrotate切割日志调用
pid="$(/usr/bin/docker exec cs_gate_openresty cat /usr/local/openresty/nginx/logs/nginx.pid)"
if [ -n "$pid" ]; then
    /usr/bin/docker exec cs_gate_openresty kill -USR1 $pid
    if [[ $? != 0 ]]; then
        echo send USR1 signal failed
    else
        echo send USR1 signal success
    fi
fi

[core01:/data/www/vhosts/services/fic-server-cs-gate]# more temp_clear.sh

#! /bin/bash

base_dir=$(dirname "$0")
cd "$base_dir" || echo "go to $base_dir failed"
if [ ! -f ".env" ]; then
    echo "env file not exists"
    exit 1
fi

today=$(date +"%m-%d")
last_hour=$(date -d "-1 hour" +"%H:%M")
temp_dir=$(grep "^OPENRESTY_TEMP" ./.env | cut -d= -f2)

if [ ! -d "$temp_dir" ]; then
    echo "dir not exist: $temp_dir"
    exit 1
fi
if [[ "$temp_dir" != *"nginx_temp"* ]]; then
    echo "invalid temp dir: $temp_dir"
    exit 1
fi

old_temp_files=""
if [[ -n "$today" && -n "$last_hour" ]]; then
    old_temp_files="$(ls -trl --time-style=iso $temp_dir | awk -F' ' '{if (($6<"'$today'") || ($6=="'$today'" && $7<="'$last_hour'")) print $8}')"
fi
if [ -n "$old_temp_files" ]; then
    cd "$temp_dir" &&
        rm -rf $old_temp_files && echo "del files: $old_temp_files"
    cd "$base_dir" || exit
else
    echo "nothing to del"
fi

# 编译文件
[core01:/data/www/vhosts/services/fic-server-cs-gate]# more build.sh

#!/bin/bash

function Usage() {
    cat <<_END_
    Usage: ./build.sh [options]
      options:
            -h, --help                  帮助 
            -c, --conf_file <path>      lua-cs 配置文件路径 
            -e, --env_file <path>       env 文件路径 
            --resolver                  lua-cs dns解析地址配置: resolver, 优先取env文件中的配置值
            --redis                     是否启用nchan-redis广播
            --ssl                       是否启用ssl
            --mock                      是否保留模拟接口

_END_
}

function getEnv() {
    local file="$1"
    local key="$2"
    if [ -z $file ] || [ -z $key ]; then
        echo "err: bad args: $file : $key" >&2
        exit 1
    fi
    local env="$(grep "^[^#]" $file | sed -e 's/ #.*$//' | grep $key | head -n 1 | cut -d= -f2)"
    if [ -z "$env" ]; then
        exit 1
    else
        echo "$env"
    fi
}

enable_redis=false
enable_ssl=false
enable_mock=false
env_file=""
docker_compose_file=""
conf_file=""
resolver_srv="$(cat /etc/resolv.conf | grep nameserver | uniq | head -n 1 | cut -d" " -f2)"
while [[ $# -gt 0 ]]; do
    case "$1" in
    --redis)
        #启用redis广播
        enable_redis=true
        shift # shift once since flags have no values
        ;;
    --mock)
        #保留模拟接口
        enable_mock=true
        shift # shift once since flags have no values
        ;;
    --ssl)
        #启用ssl
        enable_ssl=true
        shift # shift once since flags have no values
        ;;
    -c | --conf_file)
        conf_file=$2
        shift 2 # shift twice to bypass switch and its value
        ;;
    -e | --env_file)
        env_file=$2
        shift 2 # shift twice to bypass switch and its value
        ;;
    --docker_compose_file)
        docker_compose_file=$2
        shift 2 # shift twice to bypass switch and its value
        ;;
    --resolver)
        resolver_srv=$2
        shift 2 # shift twice to bypass switch and its value
        ;;
    -h | --help)
        Usage
        exit 0
        ;;
    *) # unknown flag/switch
        echo "invalid flag: $1" >&2
        exit 1
        ;;
    esac
done
if [ -z "$env_file" ]; then
    echo "err: missing --env_file opt" >&2
    exit 1
fi
if [ -z "$docker_compose_file" ]; then
    echo "err: missing --docker_compose_file opt" >&2
    exit 1
fi
if [ -z "$conf_file" ]; then
    echo "err: missing --conf_file opt" >&2
    exit 1
fi

resolv=""
router=""
redis=""
conf_dir=""
node_port=""
ssl_crt_file=""
ssl_key_file=""
function getResolv() {
    resolv="$(getEnv $env_file "CS_GAET_RESOLVER")"
    if [ -z "$resolv" ] && [ -n "$resolver_srv" ]; then
        resolv="$resolver_srv"
    fi
    if [ -z "$resolv" ]; then
        echo "err: CS_GAET_RESOLVER not set" >&2
        exit 1
    fi
}
function getRouterServer() {
    router="$(getEnv $env_file "CS_ROUTER_UPSTREAM")"
    if [ -z "$router" ]; then
        echo "err: CS_ROUTER_UPSTREAM not set" >&2
        exit 1
    fi
}
function getRedis() {
    redis="$(getEnv $env_file "CS_REDIS_UPSTREAM")"
    if [ -z "$redis" ]; then
        echo "err: CS_REDIS_UPSTREAM not set" >&2
        exit 1
    fi
}
function getConfDir() {
    conf_dir="$(getEnv $env_file "OPENRESTY_CONFD_DIR")"
    if [ -z "$conf_dir" ]; then
        echo "err: OPENRESTY_CONFD_DIR not set" >&2
        exit 1
    fi
}
function getNodePort() {
    node_port="$(getEnv $env_file "CS_NODE_PORT")"
    if [ -z "$node_port" ]; then
        echo "err: CS_NODE_PORT not set" >&2
        exit 1
    fi
}
function getSSL() {
    ssl_crt_file="$(getEnv $env_file "CS_SSL_CRT")"
    if [ -z "$ssl_crt_file" ]; then
        echo "err: CS_SSL_CRT not set" >&2
        exit 1
    fi
    ssl_key_file="$(getEnv $env_file "CS_SSL_KEY")"
    if [ -z "$ssl_key_file" ]; then
        echo "err: CS_SSL_KEY not set" >&2
        exit 1
    fi
}

getRedis
getResolv
getRouterServer
getConfDir
getNodePort
getSSL

CONF_SAMPLE_FILE=./services/openresty/conf.d/lua-cs.sample
function moveFiles() {
    /bin/cp -f $docker_compose_file ./docker-compose.yml
    if [[ $? != 0 ]]; then
        echo "err: cp $docker_compose_file" >&2
        exit 1
    fi
    cat <<_END_
\n
=== 覆盖文件 docker-compose.yml === \n
\t    from: $docker_compose_file \n
\n
_END_

    /bin/cp -f $env_file ./.env
    if [[ $? != 0 ]]; then
        echo "err: cp $env_file" >&2
        exit 1
    fi
    if [[ $enable_ssl == true ]]; then
        sed -i "/CS_INTERNAL_WS/{s/\<ws:/wss:/g}" ./.env
    else
        sed -i "/CS_INTERNAL_WS/{s/\<wss:/ws:/g}" ./.env
    fi
    if [[ $? != 0 ]]; then
        echo "err: failed to set ssl"
        exit 1
    fi

    cat <<_END_
\n
=== 覆盖文件 .env === \n
\t    from: $env_file \n
\n
_END_
}
function clearConf() {
    local del_files
    local root_dir
    if [[ $enable_mock == true ]]; then
        del_files=$(ls "$conf_dir" | grep ".*.conf$" | grep -v localhost_test.conf)
    else
        del_files=$(ls "$conf_dir" | grep ".*.conf$")
    fi

    root_dir=$(pwd)
    if [ -n "$del_files" ]; then
        cd $conf_dir && tar --overwrite -czf ./conf_back.tar.gz $del_files
        cd "$root_dir"
    fi

    cd $conf_dir && /bin/rm -f $del_files
    cd "$root_dir"
    if [[ $? != 0 ]]; then
        echo "err: rm $del_files" >&2
        exit 1
    fi
    cat <<_END_
\n
=== 删除conf文件 === \n
\t    $del_files \n
\n
_END_
}

function buildConfFile() {
    sed -e "s|resolver [0-9\.]*|resolver $resolv|" $CONF_SAMPLE_FILE >$conf_file
    if [[ $? != 0 ]]; then
        echo "err: failed to init resolver"
        exit 1
    fi
    cat <<_END_
\n
=== 修改 resolver === \n
\t    resolver: $resolv \n
\n
_END_
    sed -i "/upstream cs_router/{:a;n;s|server [0-9\.:]*|server $router|g;/\}/!ba}" $conf_file
    if [[ $? != 0 ]]; then
        echo "err: failed to set router"
        exit 1
    fi
    cat <<_END_
=== 修改 router === \n
\t    router: $router \n
\n
_END_
    if [[ $enable_redis == true ]]; then
        local redis_server
        local pattern
        redis_server=$(echo $redis |
            sed -e "s|,|;\\\n    nchan_redis_server |g; s/^/nchan_redis_server &/" |
            awk '{gsub(/\\\//, "/"); gsub(/\//, "\\/"); print $0}')
        pattern="/upstream cs_redis/{:a;n;s|nchan_redis_server [0-9a-zA-Z\.:\/\@_]*|$redis_server|g;/\}/!ba}"
        sed -i "$pattern" $conf_file
        if [[ $? != 0 ]]; then
            echo "err: failed to enable redis"
            exit 1
        fi

        cat <<_END_
=== 修改 redis upstream === \n
\t    redis-server: $redis \n
\n
_END_
    else
        sed -i "s/nchan_redis_pass/# nchan_redis_pass/g; \
        s/^upstream cs_redis/# &/; \
        /upstream cs_redis/{:a;n;s/^/# &/;/\}/!ba} " $conf_file
        if [[ $? != 0 ]]; then
            echo "err: failed to disable redis"
            exit 1
        fi
        cat <<_END_
=== 取消 redis upstream === \n
\n
_END_
    fi

    if [[ $enable_ssl == true ]]; then
        sed -i "/listen \+$node_port/{s/ \+ssl \?/ /g;s/;$/ ssl;/g}; \
        s|\(ssl_certificate \+\).*;$|\1$ssl_crt_file;|g; \
        s|\(ssl_certificate_key \+\).*;$|\1$ssl_key_file;|g; \
        s|# \+ssl_|ssl_|g " $conf_file
        if [[ $? != 0 ]]; then
            echo "err: failed to enable ssl"
            exit 1
        fi
        cat <<_END_
=== 配置 ssl === \n
\t    ssl_crt: $ssl_crt_file \n
\t    ssl_key: $ssl_key_file \n
\n
_END_
    else
        sed -i "/listen \+$node_port/{s/ \+ssl \?/ /g}; s|\(ssl_certificate \+\).*;$|\1$ssl_crt_file;|g; \
        s|\(ssl_certificate_key \+\).*\;$|\1$ssl_key_file;|g; \
        s/[^#] \+ssl_/# &/g; " $conf_file
        if [[ $? != 0 ]]; then
            echo "err: failed to disable ssl"
            exit 1
        fi
        cat <<_END_
=== 取消 ssl === \n
\n
_END_
    fi

}

clearConf
moveFiles
buildConfFile

cat <<_END_
\n
    Successful! \n
\n
_END_

# docker-compose文件
[core01:/data/www/vhosts/services/fic-server-cs-gate]# more docker-compose-pro.yml

version: "3"
services:
  cs_gate_openresty:
    # image:  openresty/openresty:${OPENRESTY_VERSION}
    build:
      context: ./services/openresty
      dockerfile: /data/www/vhosts/services/fic-server-cs-gate/services/openresty/Dockerfile.build
      target: pro
      args:
        RESTY_FLAVOR: centos
        RESTY_SRC_VERSION: "1.19.3.1"
        NCHAN_VERSION: "1.2.2"
    container_name: cs_gate_openresty
    volumes:
      #  - ${SOURCE_DIR}:/www/:rw
       - ${OPENRESTY_CONFD_DIR}:/etc/nginx/conf.d/:ro
       - ${OPENRESTY_SSL_CERTIFICATE_DIR}:/ssl:ro
       - ${OPENRESTY_CONF_FILE}:/usr/local/openresty/nginx/conf/nginx.conf:ro
       - ${OPENRESTY_TEMP}:/usr/local/openresty/nginx/client_body_temp:rw
       - ${OPENRESTY_LOG_DIR}:/var/log/nginx/:rw
       - ${OPENRESTY_LUA_DIR}:/etc/nginx/lua/:ro
    environment:
      TZ: "$TZ"
      CS_NODE_HOST: "$CS_NODE_HOST"
      CS_NODE_PORT: "$CS_NODE_PORT"
      CS_INTERNAL_WS: "$CS_INTERNAL_WS"
      CS_ETCD_HOST: "$CS_ETCD_HOST"
      CS_ETCD_USER: "$CS_ETCD_USER"
      CS_ETCD_PWD: "$CS_ETCD_PWD"
      CS_ETCD_LEASE_TTL: "$CS_ETCD_LEASE_TTL"
      CS_ETCD_LEASE_INTERVAL: "$CS_ETCD_LEASE_INTERVAL"
    restart: always
    network_mode: "host"

# docker编译主配置文件

[core01:/data]# cat /data/www/vhosts/services/fic-server-cs-gate/services/openresty/Dockerfile.build

ARG RESTY_FLAVOR
FROM openresty/openresty:${RESTY_FLAVOR} as base



FROM base as builder
ARG RESTY_SRC_VERSION
ARG NCHAN_VERSION

ARG RESTY_YUM_REPO="https://openresty.org/package/centos/openresty.repo"

RUN cd /tmp && curl -fSL https://openresty.org/download/openresty-${RESTY_SRC_VERSION}.tar.gz -o openresty-${RESTY_SRC_VERSION}.tar.gz

RUN cd /tmp && curl -fSL https://github.com/slact/nchan/archive/v${NCHAN_VERSION}.tar.gz -o nchan-${NCHAN_VERSION}.tar.gz
    
# RUN luarocks 安装依赖包
RUN /usr/local/openresty/luajit/bin/luarocks install lua-resty-jit-uuid

RUN yum install -y yum-utils \
    && yum-config-manager --add-repo ${RESTY_YUM_REPO} \
    && yum install -y \
        gettext \
        gzip \
        make \
        tar \
        unzip \
        pcre-devel \
        openssl-devel \
        gcc \
    && cd /tmp \
    && tar xzf openresty-${RESTY_SRC_VERSION}.tar.gz \
    && tar xzf nchan-${NCHAN_VERSION}.tar.gz \
    && cd openresty-${RESTY_SRC_VERSION} \
    && ./configure \
        --with-http_v2_module \
        --add-module=/tmp/nchan-${NCHAN_VERSION} \
    && make\
    && make install \
    && yum clean all \
    && cd /tmp \
    && rm -rf openresty-${RESTY_SRC_VERSION} openresty-${RESTY_SRC_VERSION}.tar.gz \
    && rm -rf nchan-${NCHAN_VERSION}.tar.gz nchan-${NCHAN_VERSION}

#安装第三方resty库
COPY ./lualib/neturl/url.lua /usr/local/openresty/lualib/
COPY ./lualib/typeof/typeof.lua /usr/local/openresty/lualib/
COPY ./lualib/lua-resty-http/*.lua /usr/local/openresty/lualib/resty/
COPY ./lualib/lua-resty-etcd/etcd.lua /usr/local/openresty/lualib/resty/
COPY ./lualib/lua-resty-etcd/etcd /usr/local/openresty/lualib/resty/etcd

CMD ["/usr/bin/openresty", "-g", "daemon off;"]
# Use SIGQUIT instead of default SIGTERM to cleanly drain requests
# See https://github.com/openresty/docker-openresty/blob/master/README.md#tips--pitfalls
STOPSIGNAL SIGQUIT



FROM builder as dev


FROM builder as test


FROM builder as pro


FROM builder as local
RUN yum install -y iproute net-work net-tools.x86_64 #ip ifconfig 工具,可选

RUN /usr/local/openresty/luajit/bin/luarocks install luacheck #开发调试,非必需
RUN yum install -y perl-Test-Nginx #开发调试,非必需
# # RUN yum install -y perl-CPAN.noarch #开发调试,非必需
# RUN yum install -y perl-App-cpanminus #开发调试,非必需
# RUN cpanm Protocol::WebSocket
RUN cd /tmp && curl -fSL https://github.com/openresty/openresty-devel-utils/archive/master.tar.gz -o openresty-devel-utils.tar.gz
RUN cd /tmp && tar xzf openresty-devel-utils.tar.gz -C /usr/share \
    && rm -rf openresty-devel-utils.tar.gz
ENV PATH="${PATH}:/usr/share/openresty-devel-utils-master"

执行主配置编译报错:

# 报错1

Step 8/20 : RUN cd /tmp && curl -fSL https://github.com/slact/nchan/archive/v${NCHAN_VERSION}.tar.gz -o nchan-${NCHAN_VERSION}.tar.gz
 ---> Running in 02c82cd862f7
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100   119    0   119    0     0     23      0 --:--:--  0:00:05 --:--:--    26
100  205k    0  205k    0     0    671      0 --:--:--  0:05:13 --:--:--     0
curl: (56) OpenSSL SSL_read: SSL_ERROR_SYSCALL, errno 104
ERROR: Service 'cs_gate_openresty' failed to build : The command '/bin/sh -c cd /tmp && curl -fSL https://github.com/slact/nchan/archive/v${NCHAN_VERSION}.tar.gz -o nchan-${NCHAN_VERSION}.tar.gz' returned a non-zero code: 56


# 报错2
Step 3/18 : FROM base as builder
 ---> 986d477107a9
Step 4/18 : ARG RESTY_SRC_VERSION
 ---> Using cache
 ---> 52adc77b4464
Step 5/18 : ARG NCHAN_VERSION
 ---> Using cache
 ---> 2919d20ae795
Step 6/18 : ARG RESTY_YUM_REPO="https://openresty.org/package/centos/openresty.repo"
 ---> Using cache
 ---> 3505e48abd9f
Step 7/18 : RUN /usr/local/openresty/luajit/bin/luarocks install lua-resty-jit-uuid
 ---> Running in 15db5a8636e7
Warning: Failed searching manifest: Failed downloading https://luarocks.org - Failed downloading https://luarocks.org/manifest-5.1 - /root/.cache/luarocks/https___luarocks.org/manifest-5.1
Warning: Failed searching manifest: Failed downloading https://raw.githubusercontent.com/rocks-moonscript-org/moonrocks-mirror/master - Failed downloading https://raw.githubusercontent.com/rocks-moonscript-org/moonrocks-mirror/master/manifest-5.1 - /root/.cache/luarocks/https___raw.githubusercontent.com_rocks-moonscript-org_moonrocks-mirror_master/manifest-5.1
Warning: Failed searching manifest: Failed downloading http://luafr.org/moonrocks - Failed downloading http://luafr.org/moonrocks/manifest-5.1 - /root/.cache/luarocks/http___luafr.org_moonrocks/manifest-5.1
Warning: Failed searching manifest: Failed downloading http://luarocks.logiceditor.com/rocks - Failed downloading http://luarocks.logiceditor.com/rocks/manifest-5.1 - /root/.cache/luarocks/http___luarocks.logiceditor.com_rocks/manifest-5.1

Error: No results matching query were found for Lua 5.1.
To check if it is available for other Lua versions, use --check-lua-versions.
ERROR: Service 'cs_gate_openresty' failed to build : The command '/bin/sh -c /usr/local/openresty/luajit/bin/luarocks install lua-resty-jit-uuid' returned a non-zero code: 1



分析:
仔细看报错:

Step 7/20 : RUN cd /tmp && curl -fSL https://openresty.org/download/openresty-${RESTY_SRC_VERSION}.tar.gz -o openresty-${RESTY_SRC_VERSION}.tar.gz
 ---> Running in 029c74012006
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
  0     0    0     0    0     0      0      0 --:--:--  0:00:14 --:--:--     0curl: (6) Could not resolve host: openresty.org
ERROR: Service 'cs_gate_openresty' failed to build : The command '/bin/sh -c cd /tmp && curl -fSL https://openresty.org/download/openresty-${RESTY_SRC_VERSION}.tar.gz -o openresty-${RESTY_SRC_VERSION}.tar.gz' returned a non-zero code: 6

以为是curl版本问题或者是resole.conf中dns设置问题,修改后问题依旧

通过在机器中执行命令,发现是可以成功下载的 curl -fSL  https://openresty.org/download/openresty-1.19.3.1.tar.gz -o openresty-1.19.3.1.tar.gz

突然想到应该是docker容器内部访问的网络问题,于是重启 docker重新执行编译,问题解决

systemctl restart docker

上一篇:【决策树】泰坦尼克号幸存者预测项目


下一篇:SyntaxError: Non-UTF-8 code starting with ‘\xc4‘ in file E:/7.python/day3/easyguis.py on line 2