R
Railway12mo ago
caiosampaio

Docker sandbox

Hello, I have a Python/Django application that runs third-party Python code. For security reasons I run them in a sandbox environment 
comando = f'sudo docker compose -f {self.FULL_PATH_DOCKER_COMPOSE} run sandbox python {self.NAME_FILE}'

processo = subprocess.Popen(
            comando,
            shell=True,
            stdin=subprocess.PIPE,
            stdout=subprocess.PIPE,
            stderr=subprocess.PIPE,
            text=True,
        )
comando = f'sudo docker compose -f {self.FULL_PATH_DOCKER_COMPOSE} run sandbox python {self.NAME_FILE}'

processo = subprocess.Popen(
            comando,
            shell=True,
            stdin=subprocess.PIPE,
            stdout=subprocess.PIPE,
            stderr=subprocess.PIPE,
            text=True,
        )
But when running the command I get the message docker: command not found, I've tried with docker-compose and it gives the same error. The above code is running inside the web container. my Railway.yml: 
services:
  web:
    build:
      context: .
      dockerfile: Dockerfile.web
  worker:
    build: .
    command: celery -A core worker --loglevel=INFO
  beat:
    build: .
    command: celery -A core beat -l INFO
services:
  web:
    build:
      context: .
      dockerfile: Dockerfile.web
  worker:
    build: .
    command: celery -A core worker --loglevel=INFO
  beat:
    build: .
    command: celery -A core beat -l INFO
Any suggestions please?
3 Replies
Percy
Percy12mo ago
Project ID: 3ba430a8-05c7-4204-a9f8-68e3384f9370
caiosampaio
caiosampaio12mo ago
3ba430a8-05c7-4204-a9f8-68e3384f9370 my Dockerfile.web: 
FROM python:3.9

RUN apt-get update && apt-get install -y apt-transport-https ca-certificates curl gnupg lsb-release
RUN curl -fsSL https://download.docker.com/linux/$(. /etc/os-release; echo "$ID")/gpg | gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg
RUN echo "deb [arch=amd64 signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/$(. /etc/os-release; echo "$ID") $(lsb_release -cs) stable" | tee /etc/apt/sources.list.d/docker.list > /dev/null
RUN apt-get update && apt-get install -y docker-ce-cli

# Instalação do Docker Compose
RUN curl -sSL https://github.com/docker/compose/releases/latest/download/docker-compose-$(uname -s)-$(uname -m) -o /usr/local/bin/docker-compose
RUN chmod +x /usr/local/bin/docker-compose

# Configuração do diretório de trabalho e instalação de dependências
WORKDIR /app
COPY requirements.txt .
RUN pip install --no-cache-dir -r requirements.txt

# Cópia dos arquivos do projeto
COPY . .

# Execução dos comandos de migração, coleta de arquivos estáticos e inicialização do servidor Gunicorn
CMD python manage.py migrate && python manage.py collectstatic --noinput && gunicorn core.wsgi
FROM python:3.9

RUN apt-get update && apt-get install -y apt-transport-https ca-certificates curl gnupg lsb-release
RUN curl -fsSL https://download.docker.com/linux/$(. /etc/os-release; echo "$ID")/gpg | gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg
RUN echo "deb [arch=amd64 signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/$(. /etc/os-release; echo "$ID") $(lsb_release -cs) stable" | tee /etc/apt/sources.list.d/docker.list > /dev/null
RUN apt-get update && apt-get install -y docker-ce-cli

# Instalação do Docker Compose
RUN curl -sSL https://github.com/docker/compose/releases/latest/download/docker-compose-$(uname -s)-$(uname -m) -o /usr/local/bin/docker-compose
RUN chmod +x /usr/local/bin/docker-compose

# Configuração do diretório de trabalho e instalação de dependências
WORKDIR /app
COPY requirements.txt .
RUN pip install --no-cache-dir -r requirements.txt

# Cópia dos arquivos do projeto
COPY . .

# Execução dos comandos de migração, coleta de arquivos estáticos e inicialização do servidor Gunicorn
CMD python manage.py migrate && python manage.py collectstatic --noinput && gunicorn core.wsgi
Brody
Brody12mo ago
1. railway's config file does not support yaml 2. if it did, thats not the correct syntax 3. you wouldn't be able to run docker-in-docker, the images are not started with the correct permissions to allow for that tl;dr what youre doing and how you are doing it would not be possible on railway, sorry
Want results from more Discord servers?
Add your server
More Posts
Having issue connecting to a Python (uvicorn) internal app through Golang appSo, I have a Python app that runs a uvicorn + FastAPI server. I don't want to expose it to a public Is it possible to set resource limits at the service level?For example I want to host Meilisearch on Railway but by default it uses a lot of RAM and I understaIs there a way to see the details of the estimate cost from this?So i've look into manage subscription link from my account. but there is'nt any next extimate paymenIssue with "railway up" command for Symfony API Project DeploymentI am facing difficulties while using the "railway up" command to deploy a Symfony-based API project newbHi. I am new to deploying a backend and front end. I don’t know how to go about this. It’s express aview historic usage?Is it possible to view historic usage or are we limited to the current period only?how to access pocketbase /pb/pb_data file, created using volumes and existing templatethis is my first time building anything of railway, I am unable to find where can i access /pb/pb_dadocker build stage always fail, manually Redeploy works========================= Using Detected Dockerfile =========================  context: 7bb49d15node-gyp on fastify templateHi, is it difficult to add node-gyp and python to an existing fastify template or do i need to buildDeploy problem for connect postgres with Prisma in NestJS.Project Id: 41a0502e-3568-4da7-96db-3ed7adcd4ffc