Oqtane with Docker

[Sharafudeen]

Any plans for Docker container feature added in Oqtane?

I've read an article, if we can develop dotnet core application with Docker then "dotnet core dependencies / prerequisites is not required?"

Thanks & Regards!

[Sharafudeen]

@sbwalker any updates on this?

[sbwalker]

I am not sure what you are asking but if you want to run Oqtane on Docker please go ahead. If you run into any difficulties please share your findings so that others could benefit from the knowledge.

[Sharafudeen]

Actually I don't know how to setup & publish Oqtane with Docker container. Is there any special setups required for Docker in Oqtane?

[Behnam-Emamian]

I have started running Oqtane on Docker. The biggest challenge is that Oqtane manipulates files frequently. However, since the Docker image is immutable, we need to find a way to change Oqtane’s behavior without changing the files.

[jkeeley2073]

@mdmontesinos @sbwalker - For local development I'm running docker compose.

services:
   oqtane.server:
    build: 
      context: .
      dockerfile: Oqtane.Server/Dockerfile
      tags: ["latest","5.2.3"]
    ports:
      - "8080:8080"
    depends_on:
      - sqldata
    environment:
      - "ASPNETCORE_URLS=http://+:8080"
      - "ASPNETCORE_HTTP_PORTS=8080"
      - "ASPNETCORE_ENVIRONMENT=Development"
    networks:
      - octane-net
    volumes:
      - ./data:/app/Data
      - ./content:/app/Content
    mem_limit: 1g

   sqldata:
     image: mcr.microsoft.com/mssql/server:2022-latest 
     environment:
       - "SA_PASSWORD=**********"
       - "ACCEPT_EULA=Y"
     networks:
       - octane-net
     volumes:
       - oqtane_db:/var/opt/mssql
     ports:
       - "1533:1433"
volumes:
  oqtane_db:
  oqtane_fs:

networks:
  octane-net:

And my dockerfile

# See https://aka.ms/customizecontainer to learn how to customize your debug container and how Visual Studio uses this Dockerfile to build your images for faster debugging.

# This stage is used when running from VS in fast mode (Default for Debug configuration)
FROM mcr.microsoft.com/dotnet/aspnet:8.0 AS base
USER app
WORKDIR /app
EXPOSE 8080

ENV ASPNETCORE_URLS=http://+:8080
ENV ASPNETCORE_HTTP_PORTS=8080
ENV ASPNETCORE_ENVIRONMENT=Production

# This stage is used to build the service project
FROM mcr.microsoft.com/dotnet/sdk:8.0 AS build
ARG BUILD_CONFIGURATION=Release
WORKDIR /src
COPY ["Oqtane.Server/Oqtane.Server.csproj", "Oqtane.Server/"]
COPY ["Oqtane.Client/Oqtane.Client.csproj", "Oqtane.Client/"]
COPY ["Oqtane.Shared/Oqtane.Shared.csproj", "Oqtane.Shared/"]
COPY ["Oqtane.Database.MySQL/Oqtane.Database.MySQL.csproj", "Oqtane.Database.MySQL/"]
COPY ["Oqtane.Database.PostgreSQL/Oqtane.Database.PostgreSQL.csproj", "Oqtane.Database.PostgreSQL/"]
COPY ["Oqtane.Database.SqlServer/Oqtane.Database.SqlServer.csproj", "Oqtane.Database.SqlServer/"]
COPY ["Oqtane.Database.Sqlite/Oqtane.Database.Sqlite.csproj", "Oqtane.Database.Sqlite/"]

RUN dotnet restore "Oqtane.Server/Oqtane.Server.csproj"
RUN dotnet restore "Oqtane.Database.MySQL/Oqtane.Database.MySQL.csproj"

COPY . .

WORKDIR "/src/Oqtane.Database.MySQL"
RUN dotnet build "Oqtane.Database.MySQL.csproj" -c $BUILD_CONFIGURATION -o /app/build

WORKDIR "/src/Oqtane.Database.PostgreSQL"
RUN dotnet build "Oqtane.Database.PostgreSQL.csproj" -c $BUILD_CONFIGURATION -o /app/build

WORKDIR "/src/Oqtane.Database.SqlServer"
RUN dotnet build "Oqtane.Database.SqlServer.csproj" -c $BUILD_CONFIGURATION -o /app/build

WORKDIR "/src/Oqtane.Database.Sqlite"
RUN dotnet build "Oqtane.Database.Sqlite.csproj" -c $BUILD_CONFIGURATION -o /app/build

WORKDIR "/src/Oqtane.Server"
#RUN dotnet build "Oqtane.Server.csproj" -c $BUILD_CONFIGURATION -o /app/build

# This stage is used to publish the service project to be copied to the final stage
FROM build AS publish
ARG BUILD_CONFIGURATION=Release
RUN dotnet publish "Oqtane.Server.csproj" -c $BUILD_CONFIGURATION -o /app/publish /p:UseAppHost=false

# This stage is used in production or when running from VS in regular mode (Default when not using the Debug configuration)
FROM base AS final
WORKDIR /app
COPY --from=publish /app/publish .
COPY Oqtane.Server/appsettings.json . 
ENTRYPOINT ["dotnet", "Oqtane.Server.dll"]

In my devops pipeline, I'm publishing the container image to azure container registry and using Azure CLI azure container app update to deploy to container app. I'm also using Azure File Share in Azure ContainerApps to mount a shared drive to support shared persistent storage.

Couple of other notes: Ran into issues trying to use Azure Sql (issues with permissions to Master DB), so currently I'm running SQL Server in a container app. That won't be supported in our production environment so I still need to solve that (several possible options). I'd also like to replace docker-compose with Aspire. I have not yet started to build any modules yet.

I'm happy to provide additional details, or try and answer any other questions if you guys have any. Also appreciate any suggestions or insights.

[mdmontesinos]

@jkeeley2073 Thanks for all the details of your setup!! I've also considered trying Aspire with Oqtane, specially for the observability it provides in development mode, but I haven't had the time for it yet. If you manage to do it, please consider sharing it with the community!

[jkeeley2073]

updated docker file using direct download from oqtane releases. Ensure easy upgrade path.

`# See https://aka.ms/customizecontainer to learn how to customize your debug container and how Visual Studio uses this Dockerfile to build your images for faster debugging.

This stage is used when running from VS in fast mode (Default for Debug configuration)

FROM mcr.microsoft.com/dotnet/aspnet:8.0 AS base
USER app
WORKDIR /app
EXPOSE 8080

ENV ASPNETCORE_URLS=http://+:8080
ENV ASPNETCORE_HTTP_PORTS=8080
ENV ASPNETCORE_ENVIRONMENT=Production

This stage is used to download and extract the release zip file

FROM mcr.microsoft.com/dotnet/sdk:8.0 AS download
WORKDIR /src
ARG GITHUB_RELEASE_URL=https://github.com/oqtane/oqtane.framework/releases/download/v5.2.3/Oqtane.Framework.5.2.3.Install.zip
RUN apt-get update && apt-get install -y unzip
RUN curl -L $GITHUB_RELEASE_URL -o release.zip
RUN unzip release.zip -d /app

This stage is used in production or when running from VS in regular mode (Default when not using the Debug configuration)

FROM base AS final
WORKDIR /app
COPY --from=download /app .
COPY Oqtane.Server/appsettings.json .
ENTRYPOINT ["dotnet", "Oqtane.Server.dll"]`

[Sen-Gupta]

Perhaps it helps somebody: (Just right click on Oqtane server project and let Add Docker Support.
You will end up with something like this. Net8/Net9 based on your version.

#See https://aka.ms/containerfastmode to understand how Visual Studio uses this Dockerfile to build your images for faster debugging.

FROM mcr.microsoft.com/dotnet/aspnet:6.0-bullseye-slim AS base
WORKDIR /app
EXPOSE 80
EXPOSE 443

FROM mcr.microsoft.com/dotnet/sdk:6.0-bullseye-slim AS build
WORKDIR /src
EXPOSE 80
EXPOSE 443
RUN apt-get update && apt-get install -y --no-install-recommends apt-utils gss-ntlmssp libicu-dev
COPY ["Oqtane.Server/Oqtane.Server.csproj", "Oqtane.Server/"]
COPY ["Oqtane.Shared/Oqtane.Shared.csproj", "Oqtane.Shared/"]
COPY ["Oqtane.Client/Oqtane.Client.csproj", "Oqtane.Client/"]
RUN dotnet restore "Oqtane.Server/Oqtane.Server.csproj"
COPY . .
WORKDIR "/src/Oqtane.Server"
RUN dotnet build "Oqtane.Server.csproj" -c Release -o /app/build

FROM build AS publish
RUN dotnet dev-certs https
RUN dotnet publish "Oqtane.Server.csproj" -c Release -o /app/publish

FROM base AS final
WORKDIR /app

COPY --from=publish /app/publish .
ENTRYPOINT ["dotnet", "Oqtane.Server.dll"]

Compose File (compose.yml) (must be located at root level, i.e. where you have oqtane.sln)
version: '3.9'
services:
portal:
image: fi/foodinvites:${TAG}
container_name: foodinvites-portal
build:
context: .
dockerfile: Oqtane.Server/Dockerfile
restart: always
environment:
- ASPNETCORE_URLS=http://0.0.0.0:8980;https://0.0.0.0:8981
- ASPNETCORE_Kestrel__Certificates__Default__Password=lostman@123
- ASPNETCORE_Kestrel__Certificates__Default__Path=/https/foodinvites.pfx
ports:
- 8980:8980
- 8981:8981
volumes:
- /etc/ssl/certs:/https:ro
- foodinvites_portal_content:/app/Content
- foodinvites_portal_packages:/app/Packages

volumes:
foodinvites_portal_content:
external: true
foodinvites_portal_packages:
external: true

You may use this in CI/CD pipeline or even run it locally with docker compose up

We have been using this approach since last 3 years. (Perhaps need to look at it again in sometime)

[fonsecaf]

Hi @yem583,

Have you managed to get Oqtane running on Azure Container Apps with HTTPS? I’ve encountered an issue where the app works fine over HTTP if I configure the container to listen on port 80, set the ingress to communicate with it on port 80, and allow insecure connections.

However, when I try to set it up for HTTPS, it fails during the installer phase. For example:
• If the container listens on port 80, ingress communicates on port 80, and I use HTTPS to access the app, it fails.
• If the container listens on port 443, ingress communicates on port 443, and I access it via HTTPS, it also fails.

The same image works perfectly with both HTTP and HTTPS on my local machine, so I believe this must be related to the Container App/Ingress configuration.

Have you come across this issue or found a way to configure it properly?

Thanks!

[Sen-Gupta]

@fonsecaf You must watch the following. Oqtane has a built in Https redirection to ensure identity protection. So it should not let you setup on http. Your option and tough ones unfortunately, at least that works for us in production. We bundle and mount CA signed certificate along with image of the same domain or subdomain your Oqtane is hosted on. Expose SSL port of your choice and map ingress accordingly. We have it running in production but not in Azure container Apps. Edit: Any ingress provider must pass the true/real hostname like mysite.mydomain.com which is setup in Oqtane as Alias, hopefully same is the actual domain in most cases. But if desired, you can keep your oqtane running inside container on mysiteintenral.mydomain.com/ or even mysiteintenral.anotherdomainn.com/. The rule is ingress/proxy must transform and pass the alias oqtane is expecting and you must have the certificates for the same. The trick: 1) Create and mount locally signed certificate potentially wildcard *.mysite.local and map to a docker volume - ASPNETCORE_Kestrel__Certificates__Default__Path=/app/mysite.pfx (This path is path of certificate in the container/image) 2) Create Alias in Oqtane, (In Alias Table), I usually do in development environment for all environment and just make them default by going to SQL for the particular enviornment. Alias: site1.mysite.com and so on as you require. You will have Oqtane responding at site1.mysite.com if you have this alias in Oqtane and you have made it default. (Certificate issue is taken care as we have created our own and bundled in the image, so it should be possible to run Oqtane now on SSL) Now the Ingress/proxy part: Assuming your actual domain is: site1.realdomain.com The proxy/ingress configuration should transform the domain name from site1.realdomain.com to site1.mysite.com. This must be done correctly as Oqtane shall on respond on the Alias which are configured in this case, site1.mysite.com. There are other variations exist but the key to solution is, You must hit with correct Alias to Oqtane as it has it's own AliasResolver to support multitenancy so a simple ingress does not work until you somehow configure ingress to pass the actual alias configured in Oqtane. Happy to share more details, if you need! Regards Sen