ARM64v8 - Raspberry Pi compatible docker image #49
Comments
|
I don't see why not, as long as you can run java, and I believe there is support for that architecture. Please feel free to fork and experiment with this. Jerry Hopper took a look at "aarch64 support, for use on ARM single-board-computers": jerryhopper/fusionauth-install@b10349b so it looks like you might need to change the java install scripts as well. |
|
Here's more: |
|
@mooreds Thankyou very mush for the effort to build amd64v8 images. I tried to run the images on my raspberry pi 4 but it's throwing an error It's throwing the following error in |
|
Hmmm. I'm not sure what's going on. Unfortunately I can't provide much support for ARM64 images at this time, was just relaying a message from one of our community members who is working on this. |
|
My apologies for this @arslanakhtar61 , but pull the image again, and it works. So i now build the image again on my arm64 sbc, and pushed that to dockerhub, and its working now. The downside is that its not automatically updated when FA releases a new version. I hope to fix automated builds in the future. |
|
Meanwhile, i found a guide to build arm64 containers on dockerhub (https://www.balena.io/blog/building-arm-containers-on-any-x86-machine-even-dockerhub/). |
|
@jerryhopper Thanks alot for the effort. You could also use the new Also I just pulled the latest images and when I try to run using I get the following error: Any suggestions on what is going wrong? |
|
Bear with me: its my first aarch64 image, and everything is very expirimental. The problem: I cant get a Alpine container to work correctly. - So i did some testing with other images. Ive used a Ubuntu image which seem to work instantly. pull the updated images! unfortunatly, the image is quite big. |
|
@arslanakhtar61 please try the latest containers: botnyx/fusionauth-app-aarch64:latest DIGEST:sha256:18eb63e5f60e52d3bcd5b784961560f4e29b2ec1d953274732253f40ae4de824 This release uses a adoptopenjdk container, which runs ubuntu. its 267MB big. thanks for your interest in my little fusionauth pet-project. |
|
@jerryhopper Great Job! @mooreds, @jerryhopper can we create like automatic builds using perhaps Will there be an official docker image for aarch64? Especially now when we have arm based AWS instance - EC2. We can also work on minimizing the size of the docker image in the future. But at least for now, it's working on my raspberry pi 4. Thanks |
|
I will look into that automatic building. for now - i have a nanopi-neo2 dedicated to building arm64 images. Regarding the 'official' image, thats totally up to the FusionAuth staff. Im just a big fan of fusionauth |
|
Depends on what we mean by "official". :-) @arslanakhtar61 or @jerryhopper assuming this is just for fun - but if there is a real business case to run FusionAuth in this embedded mode, perhaps we would be interested in publishing the image. At a minimum, we could think about accept a PR for the |
|
For what its worth, after some more fiddling, i produced a image of 108mb in size, and setup a dedicated automated builder. I've used debian-buster as base for this container. This essentially means there will be a automated build every time there is a new official dockerimage was released. The automated arm64 builds can be found here : |
|
Great Job @jerryhopper. Thanks a lot for the effort. I will now start pulling fusionauth images for my raspberry pi 4 arm64 board from your dockerhub repo. |
|
yes, thanks for your contribution @jerryhopper ! |
|
I am trying to replace the
|
|
Please use the new repo, its a WAY smaller image - (and its on my personal
account)
https://hub.docker.com/repository/docker/jerryhopper/fusionauth-app-arm64
…On Tue, Jun 30, 2020 at 11:32 AM Muhammad Arslan AKHTAR < ***@***.***> wrote:
@jerryhopper <https://github.com/jerryhopper>
I am trying to replace the botnyx/fusionauth-app-aarch64:latest docker
image with your jerryhopper/fusionauth-app-arm64:latest image but am
getting the following error.
/usr/local/fusionauth/fusionauth-app/apache-tomcat/bin/catalina.sh: 38:
/usr/local/fusionauth/fusionauth-app/apache-tomcat/bin/setenv.sh: Syntax
error: "(" unexpected
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
<#49 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AAI3NGJINMFEJFI4MMFY47LRZGWKXANCNFSM4NS2GFSQ>
.
--
8 mythes over omgaan met hardcore techies
<http://computerworld.nl/projectmanagement/75977-8-mythes-over-omgaan-met-hardcore-techies>
Skype : jerryhopper
Google/mail/talk : hopper.jerry@gmail.com
Google+ : https://plus.google.com/102634396402324749838/
Twitter : http://twitter.com/jerry_hopper/
Facebook : http://www.facebook.com/jerry.hopper.9
<http://nl-nl.facebook.com/people/Jerry-Hopper/527420824>
www : http://www.helpivanmartin.org/
www : http://www.sahraniradio.com/
*"Ignorance is bliss" * - The lack of knowlege to a situation. Usually once
the whole truth is revealed you realize you were happier being clueless.
|
|
Yes, the error is coming out from your docker hub repo |
|
im investigating.. |
|
@arslanakhtar61 - please use the repo's issue-tracker for future issues please. jerryhopper/fusionauth_app_arm64#1 Thanks. |
|
@arslanakhtar61 i was fiddling with buildx, and i think you might be interested in this repo : https://hub.docker.com/repository/docker/jerryhopper/fusionauth-app/tags?page=1 |
|
@jerryhopper Great Work! I will try to run this new multi-arch docker image build with buildx. Thanks |
|
Although the original use case is for Raspberry Pi, this would apply to AWS Graviton2 as well, which I'm already using for another app. |
Thats great to hear! i'll mention this in the readme! i have a question though: Are you running FA with or without a Elastic engine? |
Oh and also:
This docker build will be usable for more use cases.
I was using Elastic since it was required at that time, after 1.18 I disabled Elastic engine because currently the users are still small. I'm using FusionAuth as part of migration from previous system (Firebase), and doing in stages, after final stage migration is done I expect about 300k users and beyond, so if it gets slow then I'll use Elastic again. |
|
Will FusionAuth be the first IAM platform to run on "Apple Silicon" !? 😛 |
|
I hate to break bad news but community-wise, another product did: https://www.itix.fr/blog/secure-raspberry-pi-keycloak-gatekeeper/ , https://collabnix.com/building-arm-based-docker-images-on-docker-desktop-made-possible-using-buildx/ I also searched for another obvious competitor of FusionAuth, and no Arm package so far in the ubuntu focal repository. But what I can is for Keycloak, it's still a community build (pretty much like FusionAuth right now with @jerryhopper's excellent work). If FusionAuth will support Arm64 officially that'd be awesome definitely! Both for those early adopters of Arm-powered MacBook, and also those running on servers (and those on Raspberry Pi, as @arslanakhtar61's original request). So I have to slightly disagree of @robotdan's "a real business case to run FusionAuth in this embedded mode" 😉 because Arm64 is not just for Raspi but also these additional platforms. Update: Just found out that Netflix now uses AWS Graviton2 instances. |
Sad. 😔 Well, we could be 2nd, or 3rd! Thanks for the details @ceefour !
Fair enough! For what it is worth, my definition of "a real business case" is if we have a client that wants to pay for support and our hosting and requires it to run on ARM. For our FusionAuth Cloud, in theory the client doesn't care what it is running on and they just need a URL. For our clients that need support and then want (or need) to run it on ARM to support their use case, that could be a real business case for FusionAuth. We have not seen this to date. However, we are building out entity management / IoT support (FusionAuth/fusionauth-issues#881) , and perhaps this may expose some new use cases where it could make sense to run this on ARM. With regard to "official" support, from your perspective, what does this entail? These arm based platforms are not my expertise, so I'll gladly take feedback from @ceefour @jerryhopper @arslanakhtar61 and others smarter than me on what you think it would look like to make these images official. My hesitation with "owning" this is that we don't have infrastructure or expertise to know if the build works. So perhaps there is some middle ground where we could publish the images and "own" the docker files in that they could exist in the FusionAuth containers repo. We could then (at least for now) mark them as community maintained and see how it goes. Comments, thoughts welcome. |
|
"With regard to "official" support, from your perspective, what does this entail?" In short: Here is my current state of mind on the subject: Running FA on Arm64 is my personal learning project to master automated building multi-arch docker images, and if my findings help the eventual realisation of FA official arm support - that's cool. About 'Real Tech Support from FA' for these extra architectures - i dont really need it. As there is so little difference from the original x64 container, and its only the underlying OS and Java that differs. In case of problems, i always try to replicate them on x64 - and then escalate the problem to FA support if the problem also exists in the x64 version. Buildx is a Experimental feature What is fundamentally different in my builds and the official FA docker images? (community-build) FusionAuth Multiarch roadmap
Personally i think it's time to start thinking about 'official images' only when :
I fully understand @robotdan hesitations about adopting these architectures due to a lack of proper knowledge and/or (hardware) resources. If i would be in @robotdan 's shoes , the lack of automated testing would be my main reason to not support arm64 |
|
Thank you @robotdan ! Minor things:
|
|
Thanks @ceefour I'm embarrassed I didn't double check my spelling. 😔 I'll update to fix shortly. |
|
Fixed! |
|
for what its worth to anyone: I've setup automation on the gitrepository, using a github-runner. See /.github/workflow/main.yml for details. |
|
Thank you for your persistence @jerryhopper. I've recently stumbled across this as I'm also building some Docker images on RPi ARM64. Your Actions yaml file, with a few tweaks, did the trick for me. |
|
OMG! OMG! OMG!
So this is official? Thank youuuuuuuuu @robotdan and @jerryhopper !!! |
|
Today is I think a major milestone for FusionAuth, definitely deserves a release note. I've been running FusionAuth in Fargate (amd64) so far and it's been rock-solid, and relatively easy to deploy & manage. AWS is (understandably) pushing its own Arm processors, and now available in Fargate: When I'm not using Fargate, I use k3s in cloud servers (k3s is also great for IoT, edge devices, etc. which are usually Arm-based). So I'm excited how this empowers users/sysadmins on choices of deployment (and cost). |
|
Example usage with Pulumi: const taskDef = new aws.ecs.TaskDefinition(pulumi.getProject(), {
family: `${pulumi.getProject()}-${pulumi.getStack()}`,
executionRoleArn: pulumi.output(ecsTaskExecutionRole).arn,
containerDefinitions: containerDefinitions.apply(JSON.stringify),
volumes: [],
memory: "1024",
requiresCompatibilities: ["FARGATE"],
networkMode: "awsvpc",
cpu: "256",
runtimePlatform: {
cpuArchitecture: "ARM64",
},
tags: {
"Environment": "prod",
"tenant_id": "lovia",
},
}); |
|
I just switched a FusionAuth instance to arm64 and the transition was so smooth I couldn't even tell whether it's actually running the arm64 version. Definitely not here:
Amazon ECS Web UI doesn't show anything either at runtime. The only clue is the Task Definition, and even that in JSON, it doesn't anywhere else:
@robotdan Do you think it's a good idea to put the arch in System > About ? Second: Since "About" also mentioned the entire Database version string... I guess wouldn't hurt to also put the entire JVM string as well? |
|
The downside at this point is that AWS seems to be overbooked with Graviton. I previously used But this is awesome! Choice! |
|
@jerryhopper I too get this error when trying to build the arm v7 image.
But I am building on an intel MacBook. We will be getting our M1 MacBooks shortly, so I can retry on that platform. But we currently release on an x86 Linux server. However, we could probably spin up an arm based build agent to release additional image architectures .
Hopefully soon. Just ensuring it works, but I hope to add this to the release process and all future images will be published form @ceefour in your above screen shots, can you confirm you are running FusionAuth on Graviton? And yes, that is a great suggestion to add the architecture type to the about panel. |
|
Arch type for the about panel -> FusionAuth/fusionauth-issues#1531 |
|
@ceefour how about this?
That is essentially just a string made up from Java properties |
|
a quick note from my side: i will look into the armv7 issue tonight - it previously runned here on a qemu, i will test/try again on real armv7 hardware instead of a emu. |
|
@robotdan that is awesome! 🔥 |
As far as i know, jlink doesnt seem to import/copy the jmods for some shady reason. Wild guess: maybe specifying the arch during build helps?
Building using github actions runs fine... you might want to have a look at my build-log - i have invited you to my gitproject- So you could have a look at the 'Actions/buildlogs' overthere. On a sidenote: amv7 is merely a 'gimmick' ... the memory limitation doesnt makes it the best choice for running FA :) |
|
Maybe it is an idea to use Github Actions? - i created a workflow for that, which you can find in this branch: https://github.com/jerryhopper/fusionauth-containers/tree/jerryhopper--multi-build-githubworkflow i had to slice the command in the dockerfile, because for some weird reason it fails if i dont split the command. |
|
We also would like a Looks to be a work in progress only using the latest version:
|
|
Hmm, that may be possible. I’ll take a look. |
|
Done and done. Any specific versions you want in between 1.24.0 and current? I suppose we could just republish all of them as well. |
|
@robotdan just saw that it looks like you pushed up Shouldn't that tag also have Thanks again 💯
|
Yes.. was in the middle of testing a few things. Refresh and it should show all 3 architectures now.
You're welcome! Thanks for using FusionAuth! |
|
I think I'll close this one out. I will published (or have published depending upon when you read this) images back to 1.24.0 for Going forward all releases will be published with at least those three architectures, perhaps Anyone have an opinion an y additional architectures? I see there is a |
|
Thank you so much to everyone who has provided suggestions here, helped us understand the need, for contributing examples, PRs, etc. @jerryhopper @ceefour @nodesocket @arslanakhtar61 @ColinM9991 . We plan to put out a press release for our multi-arch support. We may add some community member quotes if anyone is interested in contributing one. If interested, use the contact form on the website and indicate @robotdan sent you for a quote. 😎 |
|
I only released the latest patch in each point version. If anyone needs another version for |
I want to deploy fusionAuth onto ARM64v8 - Raspberry Pi 4. So far the docker images for fusionAuth only support amd64 architecture. Is there a way to deploy fusionAuth docker image on Raspberry Pi 4 k8s cluster?
The text was updated successfully, but these errors were encountered: