glotcode / docker-run Goto Github PK
View Code? Open in Web Editor NEWApi for running untrusted code in containers
License: MIT License
Api for running untrusted code in containers
License: MIT License
I am using docker-run inside docker container.I am running container on CentOS 7.4.1708.
I run the command
curl http://localhost:8088
{
"name": "docker-run",
"version": "1.3.0",
"description": "Api for running code in transient docker containers"
}
I run next command ,then i got error:
curl --header 'X-Access-Token: my-token' http://localhost:8088/version
{
"error": "docker.version",
"message": "Failed to get docker version: Failed while sending request: Failed deserialize response body: missing field `Platform` at line 1 column 293"
}
Hi, I'm trying to run the project locally with docker. The examples from the API work fine until I try to run the example code - the run hangs waiting on the response from the python container.
From what I see the container dies immediately with:
exec /nix/store/mv32i0sb8sjpxlzj0p0dmx5sphy2arbw-rust_code-runner-1.2.0/bin/code-runner: resource temporarily unavailable
edit: Directly running the container from the image works:
> docker run -it glot/python:latest
{"language": "python", "files": [{"name": "main.py", "content": "print(42)"}]}
{"stdout":"42\n","stderr":"","error":""}
I'm using the latest image glot/python:latest.
Do you know what could be the root cause for it?
edit: It seems nproc
limit is causing this issue.
If I completely remove it from the container creation everything works fine.
But if it is present, even with seemingly ridiculous values like:
"Ulimits": [
{
"Name": "nofile",
"Hard": 100,
"Soft": 90
},
{
"Name": "nproc",
"Hard": 100000,
"Soft": 200
}
],
It starts erroring.
Many thanks,
Matej
I am using docker-run inside a docker container. I am running container on MacOs Big Sur 11.2. I getting this error when running the code:
{
error: 'docker.container.create',
message: 'Failed to create container: Failed while sending request: Failed deserialize response body: EOF while parsing a value at line 1 column 0'
}
Inside the container, I run next commands:
curl http://localhost:8088
{
"name": "docker-run",
"version": "1.1.0",
"description": "Api for running code in transient docker containers"
}
Here I got error:
curl --header 'X-Access-Token: token' http://localhost:8088/version
{
"error": "docker.version",
"message": "Failed to get docker version: Failed while sending request: Failed deserialize response body: EOF while parsing a value at line 1 column 0"
}
curl --unix-socket /var/run/docker.sock http://localhost/version
{
"Platform":{"Name":"Docker Engine - Community"}, "Components":[{"Name":"Engine","Version":"20.10.2","Details"....
It is hello-world tests run. As you see it works just fine:
curl -XPOST --unix-socket /var/run/docker.sock -d '{"Image":"hello-world"}' -H 'Content-Type: application/json' http://localhost/containers/create
{"Id":"3a0e8c036fd8ebdba26c7144de2af6e3a0428a62b8e6a9107a587ac5f7f44594","Warnings":[]}
My env file:
SERVER_LISTEN_ADDR=0.0.0.0
SERVER_LISTEN_PORT=8088
SERVER_WORKER_THREADS=10
API_ACCESS_TOKEN=token
DOCKER_UNIX_SOCKET_PATH=/var/run/docker.sock
DOCKER_UNIX_SOCKET_READ_TIMEOUT=3
DOCKER_UNIX_SOCKET_WRITE_TIMEOUT=3
DOCKER_CONTAINER_HOSTNAME=glot
DOCKER_CONTAINER_USER=glot
DOCKER_CONTAINER_MEMORY=500000000
DOCKER_CONTAINER_NETWORK_DISABLED=true
DOCKER_CONTAINER_ULIMIT_NOFILE_SOFT=90
DOCKER_CONTAINER_ULIMIT_NOFILE_HARD=100
DOCKER_CONTAINER_ULIMIT_NPROC_SOFT=3000
DOCKER_CONTAINER_ULIMIT_NPROC_HARD=3100
DOCKER_CONTAINER_CAP_DROP=MKNOD NET_RAW NET_BIND_SERVICE
RUN_MAX_EXECUTION_TIME=20
RUN_MAX_OUTPUT_SIZE=100000
RUST_LOG=debug
DEBUG_KEEP_CONTAINER=true
Also I have tried on Linux ( Ubuntu) the same container and it works just fine.
Also I have tried to change DOCKER_CONTAINER_HOSTNAME to various options but nothing helped.
So when I want to execute bash for an example container is creating but not running and returns and it is a main issue for now:
message: 'Failed to create container: Failed while sending request: Failed deserialize response body: EOF while parsing a value at line 1 column 0'
I am getting error when I am running post command for:
curl --request POST --header "X-Access-Token: my-token" --header "Content-type: application/json" --data "{"image": "glot/python:latest", "payload": {"language": "python", "files": [{"name": "main.py", "content": "print(42)"}]}}" http://localhost:8088/run
{ "error": "request.parse", "message": "Failed to parse json from request: key must be a string at line 1 column 2" }
Hello. I installed docker-run according to the instructions. When asked to execute the code, I get the following response: Failed to decode json returned from code runner: EOF while parsing a value at line 1 column 0
.
curl http://localhost:8088
{
"name": "docker-run",
"version": "1.0.0",
"description": "Api for running code in transient docker containers"
}
curl --header 'X-Access-Token: token' http://localhost:8088/version
{
"docker": {
"version": "19.03.8",
"apiVersion": "1.40",
"gitCommit": "afacb8b7f0",
"goVersion": "go1.13.8",
"os": "linux",
"arch": "amd64",
"kernelVersion": "5.4.0-48-generic",
"buildTime": "2020-12-04T23:02:49.000000000+00:00",
"platform": {
"name": ""
},
"components": [
{
"name": "Engine",
"version": "19.03.8"
},
{
"name": "containerd",
"version": "1.3.3-0ubuntu2"
},
{
"name": "runc",
"version": "spec: 1.0.1-dev"
},
{
"name": "docker-init",
"version": "0.18.0"
}
]
}
curl --request POST --header 'X-Access-Token: token' --header 'Content-type: application/json' --data '{"image": "glot/python:latest", "payload": {"language": "python", "files": [{"name": "main.py", "content": "print(42)"}]}}' http://localhost:8088/run
{
"error": "coderunner.stdout.decode",
"message": "Failed to decode json returned from code runner: EOF while parsing a value at line 1 column 0"
}
Hi! Thanks for this project!
I'm trying to test the API on my MacBook, but when I try to run the sample code the request hangs for a while an then returns:
{
"error": "docker.container.attach",
"message": "Failed to attach to container: Failed while sending request: Failed read to chunked response body: Failed to read chunk length: Resource temporarily unavailable (os error 35)"
}
The other API paths works fine this is my Docker version:
{
"docker": {
"version": "24.0.2",
"apiVersion": "1.43",
"gitCommit": "659604f",
"goVersion": "go1.20.4",
"os": "linux",
"arch": "arm64",
"kernelVersion": "5.15.49-linuxkit-pr",
"buildTime": "2023-05-25T21:50:59.000000000+00:00",
"platform": {
"name": "Docker Desktop 4.21.1 (114176)"
},
"components": [
{
"name": "Engine",
"version": "24.0.2"
},
{
"name": "containerd",
"version": "1.6.21"
},
{
"name": "runc",
"version": "1.1.7"
},
{
"name": "docker-init",
"version": "0.19.0"
}
]
}
}
One thing that might be relevant is that I set the DOCKER_UNIX_SOCKET_PATH
environment variable with /var/run/docker.sock
instead of /Users/lucassantos/Library/Containers/com.docker.docker/Data/docker.raw.sock
. When the env variable is set with the last one, sometimes the API can't even create the code-runner container.
I don't know if the CPU architecture or OS are problems, but setup is a M1 MacBook Pro with macOS Sonoma Beta 3.
Hello
When I try to run snippet , invalid type: null
got from docker-run, I checked the request body, no error found
Please see the request and response
Request
{
"image": "glot/python:latest",
"payload": {
"language": "python",
"files": [
{
"name": "main.py",
"content": "print(42)"
}
]
}
}
Response:
400 Bad Request
{
"error": "docker.container.create",
"message": "Failed to create container: Failed while sending request: Failed deserialize response body: invalid type: null, expected a sequence at line 1 column 88"
}
Hello.
I am unable to access a Docker container running docker-run
. I run Ubuntu 18.04 with Docker 20.10.14. My docker.env ->
API_ACCESS_TOKEN=my-token RUN_MAX_EXECUTION_TIME=5 DOCKER_CONTAINER_NETWORK_DISABLED=false
And I use the command from example command in run.md: docker run --detach --restart=always --publish 8088:8088 --env-file docker.env glot/docker-run:latest
docker logs
outputs: [2022-07-26T14:59:34Z INFO docker_run] Listening on 0.0.0.0:8088 with 10 worker threads
, however I am unable to access the application, neither of these commands work:
curl --header 'X-Access-Token: my-token' http://localhost:8088/version
curl http://localhost:8088
curl --request POST --header 'X-Access-Token: my-token' --header 'Content-type: application/json' --data '{"image": "glot/python:latest", "payload": {"language": "python", "files": [{"name": "main.py", "content": "print(42)"}]}}' http://localhost:8088/run
.
All of them result in curl: (56) Recv failure: Connection reset by peer
or curl: (52) Empty reply from server
. Nothing is binded to 8088.
This is a result from docker ps -a
: bc0d290fcc91 glot/docker-run:latest "/nix/store/mr0cg9ll…" 3 minutes ago Up 3 minutes 0.0.0.0:8088->8088/tcp, :::8088->8088/tcp angry_swartz
No iptables/ufw rules block access to the application. Other docker webapp containers (unrelated to docker-run
) work fine. What can the problem be?
Changing NPROC
limits to really high values doesn't fix the issue.
Hello, I am planning to use this component for my use case. So started Installed the docker-run using this
My OS details are
Ubuntu: 20.04
CPU:2 Cores
RAM: 4GB
Started the container using
docker run --detach --restart=always --publish 8088:8088 --volume /var/run/docker.sock:/var/run/docker.sock --env "API_ACCESS_TOKEN=my-token" --env "RUN_MAX_EXECUTION_TIME=1000" glot/docker-run:latest
Then ran below cURL commands to know the server status and they worked fine
root@ubuntu:/home/ec2-user# curl http://localhost:8088
{
"name": "docker-run",
"version": "1.3.0",
"description": "Api for running code in transient docker containers"
}
root@ubuntu:/home/ec2-user# curl --header 'X-Access-Token: my-token' http://localhost:8088/version
{
"docker": {
"version": "20.10.2",
"apiVersion": "1.41",
"gitCommit": "20.10.2-0ubuntu1~20.04.2",
"goVersion": "go1.13.8",
"os": "linux",
"arch": "amd64",
"kernelVersion": "5.8.0-55-generic",
"buildTime": "2021-03-29T19:10:09.000000000+00:00",
"platform": {
"name": ""
},
"components": [
{
"name": "Engine",
"version": "20.10.2"
},
{
"name": "containerd",
"version": "1.4.4-0ubuntu1~20.04.2"
},
{
"name": "runc",
"version": "1.0.0~rc95-0ubuntu1~20.04.1"
},
{
"name": "docker-init",
"version": "0.19.0"
}
]
}
}
Now, when in run the python code getting timeout exception even though I increase to 1000. Am I missing any other configurations?
root@ubuntu:/home/ec2-user# curl --request POST --header 'X-Access-Token: my-token' --header 'Content-type: application/json' --data '{"image": "glot/python:latest", "payload": {"language": "python", "files": [{"name": "main.py", "content": "print(42)"}]}}' http://localhost:8088/run
{
"error": "limits.execution_time",
"message": "Failed while reading stream: Max execution time exceeded"
}
Please help me to run the API's.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.