Open
Description
Bug Overview
One of the way "to healthcheck nginx container" is to use service nginx status command
gateway:
image: nginx:stable
restart: always
healthcheck:
test: ["CMD", "service", "nginx", "status"]
interval: 10s
timeout: 5s
retries: 5
...
After switching from nginx:stable to nginxinc/nginx-unprivileged:stable the healthcheck always show unhealthy status.
This command doesn't work on unprivileged debian image because:
- we moved pid to
/tmp/nginx.pid - init.d script in
/etc/init.d/nginxusing/run/nginx.pidas pid file location
DESC=${DESC:-nginx}
NAME=${NAME:-nginx}
CONFFILE=${CONFFILE:-/etc/nginx/nginx.conf}
DAEMON=${DAEMON:-/usr/sbin/nginx}
PIDFILE=${PIDFILE:-/run/nginx.pid}
SLEEPSEC=${SLEEPSEC:-1}
UPGRADEWAITLOOPS=${UPGRADEWAITLOOPS:-5}
CHECKSLEEP=${CHECKSLEEP:-3}
Expected Behavior
service nginx statusreturnsnginx is running.- command like
docker psshowshealthystatus
Steps to Reproduce the Bug
- run
docker run --rm -p 8080:8080 -d --health-cmd "service nginx status" --health-interval 10s --health-timeout 5s --health-retries 5 --name health-test nginxinc/nginx-unprivileged:stable - run
docker psor rundocker exec health-test service nginx status
output of docker ps:
➜ ~ docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
ac90b03512cc nginxinc/nginx-unprivileged:stable "/docker-entrypoint.…" 53 seconds ago Up 53 seconds (unhealthy) 0.0.0.0:8080->8080/tcp, [::]:8080->8080/tcp health-test
output of docker exec:
nginx is not running ... failed!
Environment Details
- Version of Docker and method of installation: Docker desktop (
28.2.2) and docker server (28.1.1) - Version/tag of the NGINX Docker unprivileged image or specific commit: stable (
1.2.8) - Target deployment platform: Docker compose
- Target OS: Ubuntu 22.04.05
Additional Context
We can fix Dockerfile-debian.template by adding another override with sed (if it's ok i'll make PR):
sed -i 's,PIDFILE=${PIDFILE:-/run/nginx.pid},PIDFILE=${PIDFILE:-/tmp/nginx.pid},' /etc/init.d/nginx
but i'm not sure how to fix -otel and -perl variants.