I'm new to docker and I'm doing a little bit of experimenting with it.
I was trying to create a docker image for an openldap service.
I tried creating the image starting from debian:latest image provided from the official docker repos.
This is the content of my Dockerfile
FROM debian
RUN DEBIAN_FRONTEND="noninteractive" apt-get update
RUN DEBIAN_FRONTEND="noninteractive" apt-get install --yes --no-install-recommends slapd ldap-utils
RUN apt-get clean
I tried to create a container based on this image with
docker container run --interactive --tty --name=prova image
here image is the name of the image build from the Dockerfile above.
When I try to run slapd with service slapd start I get the following error:
[614.896012] Out of memory: Killed process 4005 (slapd) total-vm: 795276KB, anon-rss:334664KB, file-rss:8KB, shmem-rss:0kB, UID:101, pgtables:1108kB, oom_score_adj:0
So it seems to be a kernel error, due to explosion of the process inside the memory, though I cannot understand what causes it, the same ldap service works fine in the host system or in kvm virtual machines I created.
I've also tried to install openldap inside a live container created from the debian:latest image, I get the same error.
So here's my question: can anyone explain what is going on here and what it's causing the error?
Thanks for your help.
Best Answer
Running
service slapd startinside a docker container will probably waste some resources, in you case memory, since it needs to run the initd and some shell processes, thus triggering oom-killer quicker than single process container.You can check the
Dockerfilefrom a well used openldap docker image [1], which runsslapdprocess directly.If you are preparing an image for production use, you should also think about Backups and TLS, which are supported by
osixia/docker-openldap[1] anddocker-openldap-backup[2][1] https://github.com/osixia/docker-openldap
[2] https://github.com/osixia/docker-openldap-backup