Kubernetes - exit code 139 (no log).

[nohant]

What happened?

Hello, we tried to switch from a normal laravel/fpm configuration to a frankenphp/octane one.
the fist step was configuring our local environment to work and that was almost flawless:

FROM dunglas/frankenphp:1.1.5-alpine AS php-base

RUN set -eux; \
    install-php-extensions \
      excimer \
      gd \
      mysqli \
      opcache \
      pdo_mysql \
      redis-5.3.7 \
      sockets \
      zip \
      pcntl \
      ;
---
FROM php-base AS development-backend

COPY --from=composer /usr/bin/composer /usr/local/bin/composer

RUN apk add --no-cache bash flock git unzip


RUN mv "$PHP_INI_DIR/php.ini-development" "$PHP_INI_DIR/php.ini"
COPY docker/configs/mem-limit.ini "$PHP_INI_DIR/conf.d/mem-limit.ini"

WORKDIR /app

ENV COMPOSER_HOME=/.composer
RUN --mount=type=secret,id=github_token \
    composer config -g github-oauth.github.com $(cat /run/secrets/github_token)

# HACK: so that lower-privileged user in dev-entrypoint.sh can read this file
#       and do composer install
RUN chmod 0777 -R "${COMPOSER_HOME}"

ENV HOME=/tmp
ENTRYPOINT ["/app/docker/dev-entrypoint.sh"]

and our entrypoint configuration is pretty simple to be honest:

set -Eeoux pipefail

export APP_ENV=local

function serve_backend() {
  php artisan octane:start --host 0.0.0.0 --port 80 --admin-port 2019 --max-requests=1
}

and all this config works correctly, locally i can test the software and everything works fine (i love this.).
But oh boy, when we tried to configure our staging environment (same image as production, you will read that in the dockerfile) everything went crazy, from caddy to octane to php?

FROM php-base AS production
ARG USER=www-data

RUN apk add --no-cache fcgi bash
COPY --from=supercronic /usr/local/bin/supercronic /usr/local/bin/supercronic

COPY  --chown=${USER}:${USER} docker/configs/enable-opcache.ini "$PHP_INI_DIR/conf.d/zz-opcache.ini"
COPY  --chown=${USER}:${USER} docker/configs/php8-opt.ini "$PHP_INI_DIR/conf.d/zz-php8-opt.ini"
COPY --chown=${USER}:${USER} docker/configs/mem-limit.ini "$PHP_INI_DIR/conf.d/mem-limit.ini"
COPY --chown=${USER}:${USER} docker/configs/Caddyfile.production /etc/caddy/Caddyfile
RUN mv "$PHP_INI_DIR/php.ini-production" "$PHP_INI_DIR/php.ini"

WORKDIR /app

# entrypoint
COPY docker/entrypoint.sh .
COPY docker/crontab .

# composer
COPY --from=composer --chown=${USER}:${USER} /usr/bin/composer /usr/local/bin/composer
COPY --from=php-deps --chown=${USER}:${USER} /composer/vendor /composer/vendor

# storage
RUN \
    mkdir -p \
    storage/framework/cache \
    storage/framework/views
    
RUN \
    cp \
    /composer/vendor/laravel/octane/src/Commands/stubs/frankenphp-worker.php \
    public/frankenphp-worker.php

COPY composer.json .
RUN ln -s /composer/vendor vendor
RUN composer dump-autoload \
    --no-dev \
    --optimize \
    --no-scripts

USER ${USER}

# Laravel components
COPY app app
COPY artisan .
COPY bootstrap bootstrap
COPY config config
COPY database database
COPY resources/lang resources/lang
COPY resources/views resources/views
COPY routes routes

# Caddy components
COPY public/css public/css/
COPY public/documents public/documents
COPY public/favicon.ico public/
COPY public/fonts public/fonts
COPY public/images public/images
COPY public/img public/img
COPY public/js public/js
COPY public/robots.txt public/
COPY public/svg public/svg
COPY public/index.php public/index.php

ENV HOME=/tmp
ENTRYPOINT ["/app/entrypoint.sh"]

we use a rootless environment and use www-data as our main user, the caddyfile is pretty simple too:

{
        frankenphp
	admin off
	auto_https off
	auto_https disable_redirects
	order php_server before file_server

	servers {
		metrics
	}
}


:8080 {
	encode zstd br gzip
	php_server
	file_server
	root * /app/public
	header {
        -server
		-X-Powered-By
  	}
}

:8081 {
	metrics /metrics
}

and to complete everything, the entrypoint for production, this is also pretty standard/straightforward:

#!/usr/bin/env bash

set -eoux pipefail

function create_storage_folders() {
  echo "creating storage folders under ${APP_STORAGE_PATH}..."

  mkdir -p "${APP_STORAGE_PATH}/framework/cache/data"
  mkdir -p "${APP_STORAGE_PATH}/framework/views"
  mkdir -p "${APP_STORAGE_PATH}/bootstrap/cache"
  mkdir -p "${APP_STORAGE_PATH}/app"
  mkdir -p "${APP_STORAGE_PATH}/temp"
  mkdir -p "${APP_STORAGE_PATH}/logs"
  mkdir -p "/tmp/bootstrap/cache"
}

function serve_backend() {
  php artisan octane:frankenphp --host 0.0.0.0 --port 8080 --admin-port 2019 --log-level debug
  #docker-php-entrypoint --config /etc/caddy/Caddyfile --adapter caddyfile
}

i dont like to have to force --admin-port but i cant make the command work without that, and the log-level debug was needed in order to try to understand something of what was happening to be honest.

we cant make this work on kubernetes with a barebone deployment, but we don't understand what we are doing wrong, since the only error we get is a 139 (we can see that from the kubectl describe pod)

by the look of this there is something wrong we are doing that im missing?
Thank you for your time.

Build Type

Docker (Alpine)

Worker Mode

No

Operating System

GNU/Linux

CPU Architecture

aarch64

PHP configuration

PHPINFO from the local enviroment (same dockerfile.)

phpinfo()
PHP Version => 8.3.7

System => Linux 56797a10ebad 6.6.26-linuxkit #1 SMP Sat Apr 27 04:13:19 UTC 2024 aarch64
Build Date => May 10 2024 23:02:27
Build System => Linux - Docker
Build Provider => https://github.com/docker-library/php
Configure Command =>  './configure'  '--build=aarch64-linux-musl' '--with-config-file-path=/usr/local/etc/php' '--with-config-file-scan-dir=/usr/local/etc/php/conf.d' '--enable-option-checking=fatal' '--with-mhash' '--with-pic' '--enable-mbstring' '--enable-mysqlnd' '--with-password-argon2' '--with-sodium=shared' '--with-pdo-sqlite=/usr' '--with-sqlite3=/usr' '--with-curl' '--with-iconv=/usr' '--with-openssl' '--with-readline' '--with-zlib' '--enable-phpdbg' '--enable-phpdbg-readline' '--with-pear' '--enable-embed' '--enable-zts' '--disable-zend-signals' 'build_alias=aarch64-linux-musl'
Server API => Command Line Interface
Virtual Directory Support => enabled
Configuration File (php.ini) Path => /usr/local/etc/php
Loaded Configuration File => /usr/local/etc/php/php.ini
Scan this dir for additional .ini files => /usr/local/etc/php/conf.d
Additional .ini files parsed => /usr/local/etc/php/conf.d/docker-php-ext-excimer.ini,
/usr/local/etc/php/conf.d/docker-php-ext-gd.ini,
/usr/local/etc/php/conf.d/docker-php-ext-mysqli.ini,
/usr/local/etc/php/conf.d/docker-php-ext-opcache.ini,
/usr/local/etc/php/conf.d/docker-php-ext-pcntl.ini,
/usr/local/etc/php/conf.d/docker-php-ext-pdo_mysql.ini,
/usr/local/etc/php/conf.d/docker-php-ext-redis.ini,
/usr/local/etc/php/conf.d/docker-php-ext-sockets.ini,
/usr/local/etc/php/conf.d/docker-php-ext-sodium.ini,
/usr/local/etc/php/conf.d/docker-php-ext-zip.ini,
/usr/local/etc/php/conf.d/mem-limit.ini

PHP API => 20230831
PHP Extension => 20230831
Zend Extension => 420230831
Zend Extension Build => API420230831,TS
PHP Extension Build => API20230831,TS
Debug Build => no
Thread Safety => enabled
Thread API => POSIX Threads
Zend Signal Handling => disabled
Zend Memory Manager => enabled
Zend Multibyte Support => provided by mbstring
Zend Max Execution Timers => enabled
IPv6 Support => enabled
DTrace Support => disabled

Registered PHP Streams => https, ftps, compress.zlib, php, file, glob, data, http, ftp, phar, zip
Registered Stream Socket Transports => tcp, udp, unix, udg, ssl, tls, tlsv1.0, tlsv1.1, tlsv1.2, tlsv1.3
Registered Stream Filters => zlib.*, convert.iconv.*, string.rot13, string.toupper, string.tolower, convert.*, consumed, dechunk

This program makes use of the Zend Scripting Language Engine:
Zend Engine v4.3.7, Copyright (c) Zend Technologies
    with Zend OPcache v8.3.7, Copyright (c), by Zend Technologies


 _______________________________________________________________________


Configuration

Core

PHP Version => 8.3.7

Directive => Local Value => Master Value
allow_url_fopen => On => On
allow_url_include => Off => Off
arg_separator.input => & => &
arg_separator.output => & => &
auto_append_file => no value => no value
auto_globals_jit => On => On
auto_prepend_file => no value => no value
browscap => no value => no value
default_charset => UTF-8 => UTF-8
default_mimetype => text/html => text/html
disable_classes => no value => no value
disable_functions => no value => no value
display_errors => STDOUT => STDOUT
display_startup_errors => On => On
doc_root => no value => no value
docref_ext => no value => no value
docref_root => no value => no value
enable_dl => Off => Off
enable_post_data_reading => On => On
error_append_string => no value => no value
error_log => no value => no value
error_log_mode => 0644 => 0644
error_prepend_string => no value => no value
error_reporting => 32767 => 32767
expose_php => On => On
extension_dir => /usr/local/lib/php/extensions/no-debug-zts-20230831 => /usr/local/lib/php/extensions/no-debug-zts-20230831
fiber.stack_size => no value => no value
file_uploads => On => On
hard_timeout => 2 => 2
highlight.comment => <font style="color: #FF8000">#FF8000</font> => <font style="color: #FF8000">#FF8000</font>
highlight.default => <font style="color: #0000BB">#0000BB</font> => <font style="color: #0000BB">#0000BB</font>
highlight.html => <font style="color: #000000">#000000</font> => <font style="color: #000000">#000000</font>
highlight.keyword => <font style="color: #007700">#007700</font> => <font style="color: #007700">#007700</font>
highlight.string => <font style="color: #DD0000">#DD0000</font> => <font style="color: #DD0000">#DD0000</font>
html_errors => Off => Off
ignore_repeated_errors => Off => Off
ignore_repeated_source => Off => Off
ignore_user_abort => Off => Off
implicit_flush => On => On
include_path => .:/usr/local/lib/php => .:/usr/local/lib/php
input_encoding => no value => no value
internal_encoding => no value => no value
log_errors => On => On
mail.add_x_header => Off => Off
mail.force_extra_parameters => no value => no value
mail.log => no value => no value
mail.mixed_lf_and_crlf => Off => Off
max_execution_time => 0 => 0
max_file_uploads => 20 => 20
max_input_nesting_level => 64 => 64
max_input_time => -1 => -1
max_input_vars => 1000 => 1000
max_multipart_body_parts => -1 => -1
memory_limit => 1G => 1G
open_basedir => no value => no value
output_buffering => 0 => 0
output_encoding => no value => no value
output_handler => no value => no value
post_max_size => 32M => 32M
precision => 14 => 14
realpath_cache_size => 4096K => 4096K
realpath_cache_ttl => 120 => 120
register_argc_argv => On => On
report_memleaks => On => On
report_zend_debug => Off => Off
request_order => GP => GP
sendmail_from => no value => no value
sendmail_path => /usr/sbin/sendmail -t -i => /usr/sbin/sendmail -t -i
serialize_precision => -1 => -1
short_open_tag => Off => Off
SMTP => localhost => localhost
smtp_port => 25 => 25
sys_temp_dir => no value => no value
syslog.facility => LOG_USER => LOG_USER
syslog.filter => no-ctrl => no-ctrl
syslog.ident => php => php
unserialize_callback_func => no value => no value
upload_max_filesize => 32M => 32M
upload_tmp_dir => no value => no value
user_dir => no value => no value
user_ini.cache_ttl => 300 => 300
user_ini.filename => .user.ini => .user.ini
variables_order => GPCS => GPCS
xmlrpc_error_number => 0 => 0
xmlrpc_errors => Off => Off
zend.assertions => 1 => 1
zend.detect_unicode => On => On
zend.enable_gc => On => On
zend.exception_ignore_args => Off => Off
zend.exception_string_param_max_len => 15 => 15
zend.max_allowed_stack_size => 0 => 0
zend.multibyte => Off => Off
zend.reserved_stack_size => 0 => 0
zend.script_encoding => no value => no value

ctype

ctype functions => enabled

curl

cURL support => enabled
cURL Information => 8.5.0
Age => 10
Features
AsynchDNS => Yes
CharConv => No
Debug => No
GSS-Negotiate => No
IDN => Yes
IPv6 => Yes
krb4 => No
Largefile => Yes
libz => Yes
NTLM => Yes
NTLMWB => No
SPNEGO => No
SSL => Yes
SSPI => No
TLS-SRP => Yes
HTTP2 => Yes
GSSAPI => No
KERBEROS5 => No
UNIX_SOCKETS => Yes
PSL => No
HTTPS_PROXY => Yes
MULTI_SSL => No
BROTLI => Yes
ALTSVC => Yes
HTTP3 => No
UNICODE => No
ZSTD => No
HSTS => Yes
GSASL => No
Protocols => dict, file, ftp, ftps, gopher, gophers, http, https, imap, imaps, mqtt, pop3, pop3s, rtsp, smb, smbs, smtp, smtps, telnet, tftp, ws, wss
Host => aarch64-alpine-linux-musl
SSL Version => OpenSSL/3.1.5
ZLib Version => 1.3.1

Directive => Local Value => Master Value
curl.cainfo => no value => no value

date

date/time support => enabled
timelib version => 2022.10
"Olson" Timezone Database Version => 2024.1
Timezone Database => internal
Default timezone => UTC

Directive => Local Value => Master Value
date.default_latitude => 31.7667 => 31.7667
date.default_longitude => 35.2333 => 35.2333
date.sunrise_zenith => 90.833333 => 90.833333
date.sunset_zenith => 90.833333 => 90.833333
date.timezone => UTC => UTC

dom

DOM/XML => enabled
DOM/XML API Version => 20031129
libxml Version => 2.11.7
HTML Support => enabled
XPath Support => enabled
XPointer Support => enabled
Schema Support => enabled
RelaxNG Support => enabled

excimer

excimer support => enabled
excimer version => 1.2.1

Directive => Local Value => Master Value
excimer.default_max_depth => 1000 => 1000

fileinfo

fileinfo support => enabled
libmagic => 543

filter

Input Validation and Filtering => enabled

Directive => Local Value => Master Value
filter.default => unsafe_raw => unsafe_raw
filter.default_flags => no value => no value

gd

GD Support => enabled
GD Version => bundled (2.1.0 compatible)
FreeType Support => enabled
FreeType Linkage => with freetype
FreeType Version => 2.13.2
GIF Read Support => enabled
GIF Create Support => enabled
JPEG Support => enabled
libJPEG Version => 8
PNG Support => enabled
libPNG Version => 1.6.40
WBMP Support => enabled
XPM Support => enabled
libXpm Version => 30411
XBM Support => enabled
WebP Support => enabled
BMP Support => enabled
AVIF Support => enabled
TGA Read Support => enabled

Directive => Local Value => Master Value
gd.jpeg_ignore_warning => On => On

hash

hash support => enabled
Hashing Engines => md2 md4 md5 sha1 sha224 sha256 sha384 sha512/224 sha512/256 sha512 sha3-224 sha3-256 sha3-384 sha3-512 ripemd128 ripemd160 ripemd256 ripemd320 whirlpool tiger128,3 tiger160,3 tiger192,3 tiger128,4 tiger160,4 tiger192,4 snefru snefru256 gost gost-crypto adler32 crc32 crc32b crc32c fnv132 fnv1a32 fnv164 fnv1a64 joaat murmur3a murmur3c murmur3f xxh32 xxh64 xxh3 xxh128 haval128,3 haval160,3 haval192,3 haval224,3 haval256,3 haval128,4 haval160,4 haval192,4 haval224,4 haval256,4 haval128,5 haval160,5 haval192,5 haval224,5 haval256,5 

MHASH support => Enabled
MHASH API Version => Emulated Support

iconv

iconv support => enabled
iconv implementation => libiconv
iconv library version => 1.17

Directive => Local Value => Master Value
iconv.input_encoding => no value => no value
iconv.internal_encoding => no value => no value
iconv.output_encoding => no value => no value

json

json support => enabled

libxml

libXML support => active
libXML Compiled Version => 2.11.7
libXML Loaded Version => 21107
libXML streams => enabled

mbstring

Multibyte Support => enabled
Multibyte string engine => libmbfl
HTTP input encoding translation => disabled
libmbfl version => 1.3.2

mbstring extension makes use of "streamable kanji code filter and converter", which is distributed under the GNU Lesser General Public License version 2.1.

Multibyte (japanese) regex support => enabled
Multibyte regex (oniguruma) version => 6.9.9

Directive => Local Value => Master Value
mbstring.detect_order => no value => no value
mbstring.encoding_translation => Off => Off
mbstring.http_input => no value => no value
mbstring.http_output => no value => no value
mbstring.http_output_conv_mimetypes => ^(text/|application/xhtml\+xml) => ^(text/|application/xhtml\+xml)
mbstring.internal_encoding => no value => no value
mbstring.language => neutral => neutral
mbstring.regex_retry_limit => 1000000 => 1000000
mbstring.regex_stack_limit => 100000 => 100000
mbstring.strict_detection => Off => Off
mbstring.substitute_character => no value => no value

mysqli

MysqlI Support => enabled
Client API library version => mysqlnd 8.3.7
Active Persistent Links => 0
Inactive Persistent Links => 0
Active Links => 0

Directive => Local Value => Master Value
mysqli.allow_local_infile => Off => Off
mysqli.allow_persistent => On => On
mysqli.default_host => no value => no value
mysqli.default_port => 3306 => 3306
mysqli.default_pw => no value => no value
mysqli.default_socket => no value => no value
mysqli.default_user => no value => no value
mysqli.local_infile_directory => no value => no value
mysqli.max_links => Unlimited => Unlimited
mysqli.max_persistent => Unlimited => Unlimited
mysqli.rollback_on_cached_plink => Off => Off

mysqlnd

mysqlnd => enabled
Version => mysqlnd 8.3.7
Compression => supported
core SSL => supported
extended SSL => supported
Command buffer size => 4096
Read buffer size => 32768
Read timeout => 86400
Collecting statistics => Yes
Collecting memory statistics => Yes
Tracing => n/a
Loaded plugins => mysqlnd,debug_trace,auth_plugin_mysql_native_password,auth_plugin_mysql_clear_password,auth_plugin_caching_sha2_password,auth_plugin_sha256_password
API Extensions => mysqli,pdo_mysql

openssl

OpenSSL support => enabled
OpenSSL Library Version => OpenSSL 3.1.5 30 Jan 2024
OpenSSL Header Version => OpenSSL 3.1.4 24 Oct 2023
Openssl default config => /etc/ssl/openssl.cnf

Directive => Local Value => Master Value
openssl.cafile => no value => no value
openssl.capath => no value => no value

pcntl

pcntl support => enabled

pcre

PCRE (Perl Compatible Regular Expressions) Support => enabled
PCRE Library Version => 10.42 2022-12-12
PCRE Unicode Version => 14.0.0
PCRE JIT Support => enabled
PCRE JIT Target => ARM-64 64bit (little endian + unaligned)

Directive => Local Value => Master Value
pcre.backtrack_limit => 1000000 => 1000000
pcre.jit => On => On
pcre.recursion_limit => 100000 => 100000

PDO

PDO support => enabled
PDO drivers => sqlite, mysql

pdo_mysql

PDO Driver for MySQL => enabled
Client API version => mysqlnd 8.3.7

Directive => Local Value => Master Value
pdo_mysql.default_socket => no value => no value

pdo_sqlite

PDO Driver for SQLite 3.x => enabled
SQLite Library => 3.44.2

Phar

Phar: PHP Archive support => enabled
Phar API version => 1.1.1
Phar-based phar archives => enabled
Tar-based phar archives => enabled
ZIP-based phar archives => enabled
gzip compression => enabled
bzip2 compression => disabled (install ext/bz2)
Native OpenSSL support => enabled


Phar based on pear/PHP_Archive, original concept by Davey Shafik.
Phar fully realized by Gregory Beaver and Marcus Boerger.
Portions of tar implementation Copyright (c) 2003-2009 Tim Kientzle.
Directive => Local Value => Master Value
phar.cache_list => no value => no value
phar.readonly => On => On
phar.require_hash => On => On

posix

POSIX support => enabled

random

Version => 8.3.7

readline

Readline Support => enabled
Readline library => 8.2

Directive => Local Value => Master Value
cli.pager => no value => no value
cli.prompt => \b \>  => \b \> 

redis

Redis Support => enabled
Redis Version => 5.3.7
Redis Sentinel Version => 0.1
Available serializers => php, json
Available compression => lzf, zstd

Directive => Local Value => Master Value
redis.arrays.algorithm => no value => no value
redis.arrays.auth => no value => no value
redis.arrays.autorehash => 0 => 0
redis.arrays.connecttimeout => 0 => 0
redis.arrays.consistent => 0 => 0
redis.arrays.distributor => no value => no value
redis.arrays.functions => no value => no value
redis.arrays.hosts => no value => no value
redis.arrays.index => 0 => 0
redis.arrays.lazyconnect => 0 => 0
redis.arrays.names => no value => no value
redis.arrays.pconnect => 0 => 0
redis.arrays.previous => no value => no value
redis.arrays.readtimeout => 0 => 0
redis.arrays.retryinterval => 0 => 0
redis.clusters.auth => no value => no value
redis.clusters.cache_slots => 0 => 0
redis.clusters.persistent => 0 => 0
redis.clusters.read_timeout => 0 => 0
redis.clusters.seeds => no value => no value
redis.clusters.timeout => 0 => 0
redis.pconnect.connection_limit => 0 => 0
redis.pconnect.echo_check_liveness => 1 => 1
redis.pconnect.pool_detect_dirty => 0 => 0
redis.pconnect.pool_pattern => no value => no value
redis.pconnect.pool_poll_timeout => 0 => 0
redis.pconnect.pooling_enabled => 1 => 1
redis.session.lock_expire => 0 => 0
redis.session.lock_retries => 10 => 10
redis.session.lock_wait_time => 2000 => 2000
redis.session.locking_enabled => 0 => 0

Reflection

Reflection => enabled

session

Session Support => enabled
Registered save handlers => files user redis rediscluster 
Registered serializer handlers => php_serialize php php_binary 

Directive => Local Value => Master Value
session.auto_start => Off => Off
session.cache_expire => 180 => 180
session.cache_limiter => nocache => nocache
session.cookie_domain => no value => no value
session.cookie_httponly => Off => Off
session.cookie_lifetime => 0 => 0
session.cookie_path => / => /
session.cookie_samesite => no value => no value
session.cookie_secure => Off => Off
session.gc_divisor => 1000 => 1000
session.gc_maxlifetime => 1440 => 1440
session.gc_probability => 1 => 1
session.lazy_write => On => On
session.name => PHPSESSID => PHPSESSID
session.referer_check => no value => no value
session.save_handler => files => files
session.save_path => no value => no value
session.serialize_handler => php => php
session.sid_bits_per_character => 5 => 5
session.sid_length => 26 => 26
session.upload_progress.cleanup => On => On
session.upload_progress.enabled => On => On
session.upload_progress.freq => 1% => 1%
session.upload_progress.min_freq => 1 => 1
session.upload_progress.name => PHP_SESSION_UPLOAD_PROGRESS => PHP_SESSION_UPLOAD_PROGRESS
session.upload_progress.prefix => upload_progress_ => upload_progress_
session.use_cookies => On => On
session.use_only_cookies => On => On
session.use_strict_mode => Off => Off
session.use_trans_sid => Off => Off

SimpleXML

SimpleXML support => enabled
Schema support => enabled

sockets

Sockets Support => enabled

sodium

sodium support => enabled
libsodium headers version => 1.0.19
libsodium library version => 1.0.19

SPL

SPL support => enabled
Interfaces => OuterIterator, RecursiveIterator, SeekableIterator, SplObserver, SplSubject
Classes => AppendIterator, ArrayIterator, ArrayObject, BadFunctionCallException, BadMethodCallException, CachingIterator, CallbackFilterIterator, DirectoryIterator, DomainException, EmptyIterator, FilesystemIterator, FilterIterator, GlobIterator, InfiniteIterator, InvalidArgumentException, IteratorIterator, LengthException, LimitIterator, LogicException, MultipleIterator, NoRewindIterator, OutOfBoundsException, OutOfRangeException, OverflowException, ParentIterator, RangeException, RecursiveArrayIterator, RecursiveCachingIterator, RecursiveCallbackFilterIterator, RecursiveDirectoryIterator, RecursiveFilterIterator, RecursiveIteratorIterator, RecursiveRegexIterator, RecursiveTreeIterator, RegexIterator, RuntimeException, SplDoublyLinkedList, SplFileInfo, SplFileObject, SplFixedArray, SplHeap, SplMinHeap, SplMaxHeap, SplObjectStorage, SplPriorityQueue, SplQueue, SplStack, SplTempFileObject, UnderflowException, UnexpectedValueException

sqlite3

SQLite3 support => enabled
SQLite Library => 3.44.2

Directive => Local Value => Master Value
sqlite3.defensive => On => On
sqlite3.extension_dir => no value => no value

standard

Dynamic Library Support => enabled
Path to sendmail => /usr/sbin/sendmail -t -i

Directive => Local Value => Master Value
assert.active => On => On
assert.bail => Off => Off
assert.callback => no value => no value
assert.exception => On => On
assert.warning => On => On
auto_detect_line_endings => Off => Off
default_socket_timeout => 60 => 60
from => no value => no value
session.trans_sid_hosts => no value => no value
session.trans_sid_tags => a=href,area=href,frame=src,form= => a=href,area=href,frame=src,form=
unserialize_max_depth => 4096 => 4096
url_rewriter.hosts => no value => no value
url_rewriter.tags => form= => form=
user_agent => no value => no value

tokenizer

Tokenizer Support => enabled

xml

XML Support => active
XML Namespace Support => active
libxml2 Version => 2.11.7

xmlreader

XMLReader => enabled

xmlwriter

XMLWriter => enabled

Zend OPcache

Opcode Caching => Disabled
Optimization => Disabled
SHM Cache => Enabled
File Cache => Disabled
JIT => On
Startup Failed => Opcode Caching is disabled for CLI

Directive => Local Value => Master Value
opcache.blacklist_filename => no value => no value
opcache.dups_fix => Off => Off
opcache.enable => On => On
opcache.enable_cli => Off => Off
opcache.enable_file_override => Off => Off
opcache.error_log => no value => no value
opcache.file_cache => no value => no value
opcache.file_cache_consistency_checks => On => On
opcache.file_cache_only => Off => Off
opcache.file_update_protection => 2 => 2
opcache.force_restart_timeout => 180 => 180
opcache.huge_code_pages => Off => Off
opcache.interned_strings_buffer => 8 => 8
opcache.jit => tracing => tracing
opcache.jit_bisect_limit => 0 => 0
opcache.jit_blacklist_root_trace => 16 => 16
opcache.jit_blacklist_side_trace => 8 => 8
opcache.jit_buffer_size => 0 => 0
opcache.jit_debug => 0 => 0
opcache.jit_hot_func => 127 => 127
opcache.jit_hot_loop => 64 => 64
opcache.jit_hot_return => 8 => 8
opcache.jit_hot_side_exit => 8 => 8
opcache.jit_max_exit_counters => 8192 => 8192
opcache.jit_max_loop_unrolls => 8 => 8
opcache.jit_max_polymorphic_calls => 2 => 2
opcache.jit_max_recursive_calls => 2 => 2
opcache.jit_max_recursive_returns => 2 => 2
opcache.jit_max_root_traces => 1024 => 1024
opcache.jit_max_side_traces => 128 => 128
opcache.jit_max_trace_length => 1024 => 1024
opcache.jit_prof_threshold => 0.005 => 0.005
opcache.lockfile_path => /tmp => /tmp
opcache.log_verbosity_level => 1 => 1
opcache.max_accelerated_files => 10000 => 10000
opcache.max_file_size => 0 => 0
opcache.max_wasted_percentage => 5 => 5
opcache.memory_consumption => 128 => 128
opcache.opt_debug_level => 0 => 0
opcache.optimization_level => 0x7FFEBFFF => 0x7FFEBFFF
opcache.preferred_memory_model => no value => no value
opcache.preload => no value => no value
opcache.preload_user => no value => no value
opcache.protect_memory => Off => Off
opcache.record_warnings => Off => Off
opcache.restrict_api => no value => no value
opcache.revalidate_freq => 2 => 2
opcache.revalidate_path => Off => Off
opcache.save_comments => On => On
opcache.use_cwd => On => On
opcache.validate_permission => Off => Off
opcache.validate_root => Off => Off
opcache.validate_timestamps => On => On

zip

Zip => enabled
Zip version => 1.22.3
Libzip version => 1.10.1
BZIP2 compression => Yes
XZ compression => Yes
ZSTD compression => Yes
AES-128 encryption => Yes
AES-192 encryption => Yes
AES-256 encryption => Yes

zlib

ZLib Support => enabled
Stream Wrapper => compress.zlib://
Stream Filter => zlib.inflate, zlib.deflate
Compiled Version => 1.3.1
Linked Version => 1.3.1

Directive => Local Value => Master Value
zlib.output_compression => Off => Off
zlib.output_compression_level => -1 => -1
zlib.output_handler => no value => no value

Additional Modules

Module Name

Environment
______________________________________________________________

PHP Credits

PHP Group
Thies C. Arntzen, Stig Bakken, Shane Caraveo, Andi Gutmans, Rasmus Lerdorf, Sam Ruby, Sascha Schumann, Zeev Suraski, Jim Winstead, Andrei Zmievski

Language Design & Concept
Andi Gutmans, Rasmus Lerdorf, Zeev Suraski, Marcus Boerger

                               PHP Authors                               
Contribution => Authors
Zend Scripting Language Engine => Andi Gutmans, Zeev Suraski, Stanislav Malyshev, Marcus Boerger, Dmitry Stogov, Xinchen Hui, Nikita Popov
Extension Module API => Andi Gutmans, Zeev Suraski, Andrei Zmievski
UNIX Build and Modularization => Stig Bakken, Sascha Schumann, Jani Taskinen, Peter Kokot
Windows Support => Shane Caraveo, Zeev Suraski, Wez Furlong, Pierre-Alain Joye, Anatol Belski, Kalle Sommer Nielsen
Server API (SAPI) Abstraction Layer => Andi Gutmans, Shane Caraveo, Zeev Suraski
Streams Abstraction Layer => Wez Furlong, Sara Golemon
PHP Data Objects Layer => Wez Furlong, Marcus Boerger, Sterling Hughes, George Schlossnagle, Ilia Alshanetsky
Output Handler => Zeev Suraski, Thies C. Arntzen, Marcus Boerger, Michael Wallner
Consistent 64 bit support => Anthony Ferrara, Anatol Belski

                               SAPI Modules                               
Contribution => Authors
Apache 2.0 Handler => Ian Holsman, Justin Erenkrantz (based on Apache 2.0 Filter code)
CGI / FastCGI => Rasmus Lerdorf, Stig Bakken, Shane Caraveo, Dmitry Stogov
CLI => Edin Kadribasic, Marcus Boerger, Johannes Schlueter, Moriyoshi Koizumi, Xinchen Hui
Embed => Edin Kadribasic
FastCGI Process Manager => Andrei Nigmatulin, dreamcat4, Antony Dovgal, Jerome Loyet
litespeed => George Wang
phpdbg => Felipe Pena, Joe Watkins, Bob Weinand

                              Module Authors                              
Module => Authors
BC Math => Andi Gutmans
Bzip2 => Sterling Hughes
Calendar => Shane Caraveo, Colin Viebrock, Hartmut Holzgraefe, Wez Furlong
COM and .Net => Wez Furlong
ctype => Hartmut Holzgraefe
cURL => Sterling Hughes
Date/Time Support => Derick Rethans
DB-LIB (MS SQL, Sybase) => Wez Furlong, Frank M. Kromann, Adam Baratz
DBA => Sascha Schumann, Marcus Boerger
DOM => Christian Stocker, Rob Richards, Marcus Boerger
enchant => Pierre-Alain Joye, Ilia Alshanetsky
EXIF => Rasmus Lerdorf, Marcus Boerger
FFI => Dmitry Stogov
fileinfo => Ilia Alshanetsky, Pierre Alain Joye, Scott MacVicar, Derick Rethans, Anatol Belski
Firebird driver for PDO => Ard Biesheuvel
FTP => Stefan Esser, Andrew Skalski
GD imaging => Rasmus Lerdorf, Stig Bakken, Jim Winstead, Jouni Ahto, Ilia Alshanetsky, Pierre-Alain Joye, Marcus Boerger, Mark Randall
GetText => Alex Plotnick
GNU GMP support => Stanislav Malyshev
Iconv => Rui Hirokawa, Stig Bakken, Moriyoshi Koizumi
IMAP => Rex Logan, Mark Musone, Brian Wang, Kaj-Michael Lang, Antoni Pamies Olive, Rasmus Lerdorf, Andrew Skalski, Chuck Hagenbuch, Daniel R Kalowsky
Input Filter => Rasmus Lerdorf, Derick Rethans, Pierre-Alain Joye, Ilia Alshanetsky
Internationalization => Ed Batutis, Vladimir Iordanov, Dmitry Lakhtyuk, Stanislav Malyshev, Vadim Savchuk, Kirti Velankar
JSON => Jakub Zelenka, Omar Kilani, Scott MacVicar
LDAP => Amitay Isaacs, Eric Warnke, Rasmus Lerdorf, Gerrit Thomson, Stig Venaas
LIBXML => Christian Stocker, Rob Richards, Marcus Boerger, Wez Furlong, Shane Caraveo
Multibyte String Functions => Tsukada Takuya, Rui Hirokawa
MySQL driver for PDO => George Schlossnagle, Wez Furlong, Ilia Alshanetsky, Johannes Schlueter
MySQLi => Zak Greant, Georg Richter, Andrey Hristov, Ulf Wendel
MySQLnd => Andrey Hristov, Ulf Wendel, Georg Richter, Johannes Schlüter
OCI8 => Stig Bakken, Thies C. Arntzen, Andy Sautins, David Benson, Maxim Maletsky, Harald Radi, Antony Dovgal, Andi Gutmans, Wez Furlong, Christopher Jones, Oracle Corporation
ODBC driver for PDO => Wez Furlong
ODBC => Stig Bakken, Andreas Karajannis, Frank M. Kromann, Daniel R. Kalowsky
Opcache => Andi Gutmans, Zeev Suraski, Stanislav Malyshev, Dmitry Stogov, Xinchen Hui
OpenSSL => Stig Venaas, Wez Furlong, Sascha Kettler, Scott MacVicar, Eliot Lear
Oracle (OCI) driver for PDO => Wez Furlong
pcntl => Jason Greene, Arnaud Le Blanc
Perl Compatible Regexps => Andrei Zmievski
PHP Archive => Gregory Beaver, Marcus Boerger
PHP Data Objects => Wez Furlong, Marcus Boerger, Sterling Hughes, George Schlossnagle, Ilia Alshanetsky
PHP hash => Sara Golemon, Rasmus Lerdorf, Stefan Esser, Michael Wallner, Scott MacVicar
Posix => Kristian Koehntopp
PostgreSQL driver for PDO => Edin Kadribasic, Ilia Alshanetsky
PostgreSQL => Jouni Ahto, Zeev Suraski, Yasuo Ohgaki, Chris Kings-Lynne
Pspell => Vlad Krupin
random => Go Kudo, Tim Düsterhus, Guilliam Xavier, Christoph M. Becker, Jakub Zelenka, Bob Weinand, Máté Kocsis, and Original RNG implementators
Readline => Thies C. Arntzen
Reflection => Marcus Boerger, Timm Friebe, George Schlossnagle, Andrei Zmievski, Johannes Schlueter
Sessions => Sascha Schumann, Andrei Zmievski
Shared Memory Operations => Slava Poliakov, Ilia Alshanetsky
SimpleXML => Sterling Hughes, Marcus Boerger, Rob Richards
SNMP => Rasmus Lerdorf, Harrie Hazewinkel, Mike Jackson, Steven Lawrance, Johann Hanne, Boris Lytochkin
SOAP => Brad Lafountain, Shane Caraveo, Dmitry Stogov
Sockets => Chris Vandomelen, Sterling Hughes, Daniel Beulshausen, Jason Greene
Sodium => Frank Denis
SPL => Marcus Boerger, Etienne Kneuss
SQLite 3.x driver for PDO => Wez Furlong
SQLite3 => Scott MacVicar, Ilia Alshanetsky, Brad Dewar
System V Message based IPC => Wez Furlong
System V Semaphores => Tom May
System V Shared Memory => Christian Cartus
tidy => John Coggeshall, Ilia Alshanetsky
tokenizer => Andrei Zmievski, Johannes Schlueter
XML => Stig Bakken, Thies C. Arntzen, Sterling Hughes
XMLReader => Rob Richards
XMLWriter => Rob Richards, Pierre-Alain Joye
XSL => Christian Stocker, Rob Richards
Zip => Pierre-Alain Joye, Remi Collet
Zlib => Rasmus Lerdorf, Stefan Roehrich, Zeev Suraski, Jade Nicoletti, Michael Wallner

                            PHP Documentation                            
Authors => Mehdi Achour, Friedhelm Betz, Antony Dovgal, Nuno Lopes, Hannes Magnusson, Philip Olson, Georg Richter, Damien Seguy, Jakub Vrana, Adam Harvey
Editor => Peter Cowburn
User Note Maintainers => Daniel P. Brown, Thiago Henrique Pojda
Other Contributors => Previously active authors, editors and other contributors are listed in the manual.

PHP Quality Assurance Team
Ilia Alshanetsky, Joerg Behrens, Antony Dovgal, Stefan Esser, Moriyoshi Koizumi, Magnus Maatta, Sebastian Nohn, Derick Rethans, Melvyn Sopacua, Pierre-Alain Joye, Dmitry Stogov, Felipe Pena, David Soria Parra, Stanislav Malyshev, Julien Pauli, Stephen Zarkos, Anatol Belski, Remi Collet, Ferenc Kovacs

                     Websites and Infrastructure team                     
PHP Websites Team => Rasmus Lerdorf, Hannes Magnusson, Philip Olson, Lukas Kahwe Smith, Pierre-Alain Joye, Kalle Sommer Nielsen, Peter Cowburn, Adam Harvey, Ferenc Kovacs, Levi Morrison
Event Maintainers => Damien Seguy, Daniel P. Brown
Network Infrastructure => Daniel P. Brown
Windows Infrastructure => Alex Schoenmaker

PHP License
This program is free software; you can redistribute it and/or modify
it under the terms of the PHP License as published by the PHP Group
and included in the distribution in the file:  LICENSE

This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

If you did not receive a copy of the PHP license, or have any
questions about PHP licensing, please contact license@php.net.

Relevant log output

No response

[withinboredom]

I believe there is an issue with alpine (musl) + openssl atm (see #676) which affects Octane. If this is the same issue, please close this one. It appears the workaround is to use Debian based images instead.

[nohant]

we have the same problem with the debian image @withinboredom.
i forgot to write that down in the error note. Same error, same configuration, only 139 in the pod.

[withinboredom]

Ok, 139 usually means it was killed by the kernel (sigsev, over memory limits, etc) so I'd check that the memory limits are sane or not-applicable.

[nohant]

we removed any request/limit from the pod, i can put here the manifest if in need, its no problem:

apiVersion: apps/v1
kind: Deployment
metadata:
  name: rimborsi
spec:
  selector:
    matchLabels:
      app: rimborsi
  template:
    metadata:
      labels:
        app: rimborsi
    spec:
      serviceAccountName: rimborsi
      containers:
        - name: rimborsi
          image: rimborsi
          imagePullPolicy: Always
          command:
            - ./entrypoint.sh
            - serve_backend
          livenessProbe:
            httpGet:
              path: /metrics-g3lka4TZ2H4G5gT
              port: 8081
            initialDelaySeconds: 10
            periodSeconds: 30
            timeoutSeconds: 5
          envFrom:
            - configMapRef:
                name: rimborsi-env
            - secretRef:
                name: rimborsi-secret-env
          volumeMounts:
            - mountPath: /data/caddy
              name: caddy-data
      volumes:
        - name: caddy-data
          emptyDir: {}
      securityContext:
        runAsNonRoot: true
        runAsUser: 65534 # nobody

i can try again to test debian instead of alpine for some reason, baybe third time a charm xD

[withinboredom]

Also check that you have enough memory on the host. There should be something in /var/log on the host that tells why the kernel killed it too (/var/log/syslog on my machine)

[nohant]

This is the max i can get from the kubelet about this pod:
generic.go:334] "Generic (PLEG): container finished" podID="b27a9ed5-0288-4759-9639-46328341de13" containerID="c7d58d16ea2aa709b00c235358f75a4b386926349e8719b8305489409480a0cd" exitCode=139

thats why we are so confused, we cant get anything from anywhere.
we are also removing libraries and components to test if is something wrong in our php extensions

[nohant]

restarted with the debian version, this is the last log i get:

php artisan octane:frankenphp --host 0.0.0.0 --port 8080 --admin-port 2019 --log-level debug
{"level":"info","ts":1717146237.7450576,"msg":"using provided configuration","config_file":"/composer/vendor/laravel/octane/src/Commands/stubs/Caddyfile","config_adapter":""}
{"level":"info","ts":1717146237.7472234,"logger":"admin","msg":"admin endpoint started","address":"localhost:2019","enforce_origin":false,"origins":["//localhost:2019","//[::1]:2019","//127.0.0.1:2019"]}
{"level":"info","ts":1717146237.7474031,"logger":"tls.cache.maintenance","msg":"started background certificate maintenance","cache":"0x400040db00"}
{"level":"info","ts":1717146237.7477,"logger":"http.log","msg":"server running","name":"srv0","protocols":["h1","h2","h3"]}
{"level":"info","ts":1717146237.7503412,"logger":"tls","msg":"cleaning storage unit","storage":"FileStorage:/data/caddy"}
{"level":"info","ts":1717146237.750461,"logger":"tls","msg":"finished cleaning storage units"}

but it still dies to error 139.

[withinboredom]

This is the max i can get from the kubelet about this pod

You're going to need to look at kernel-level logs, which will be in the host and nothing to do with Kubernetes. That's the last bet to figure out what is happening.

Looking at your deployment though, I do see something that might be the problem. Try adding this to your container spec:

        securityContext:
          allowPrivilegeEscalation: false
          capabilities:
            add:
            - NET_BIND_SERVICE
            drop:
            - ALL

[withinboredom]

The docker images have the cap built-in:

https://github.com/dunglas/frankenphp/blob/main/Dockerfile#L93

And need the cap at runtime, especially if running as non-root.

[nohant]

@withinboredom

at a certain point i had this configured following this but probably i lost that piece of configuration when i reverted lots of thing.
im testing the BIND on kubernetes now. (waiting for tests and build time, debian is way slower).

im searching into the aws ec2 arm node where to find kernel logs in the meantime because i cant find them

[withinboredom]

debian is way slower

Interesting :) are you using a build cache? It should be insta-build if the code didn't change.

@dunglas just did a pretty epic talk about some of that: https://dunglas.dev/2024/05/containerization-tips-and-tricks-for-php-apps/ if you are using github actions.

[nohant]

Thanks @withinboredom , dmsg doesnt have anything about the memory problem, maybe im looking in the wrong position

-rw-------   1 root   root               0 May  3 23:42 tallylog
-rw-r--r--   1 root   root             193 May  3 23:42 grubby_prune_debug
-rw-------   1 root   utmp               0 May  3 23:42 btmp
-rw-------   1 root   root               0 May  3 23:42 spooler
drwxr-xr-x  18 root   root             254 May 14 04:15 ..
drwx------   2 root   root              23 May 14 04:15 audit
-rw-------   1 root   root            2.4K May 14 04:15 grubby
-rw-r--r--   1 root   root             24K May 14 04:16 dmesg.old
-rw-------   1 root   root            6.4K May 14 04:19 yum.log
-rw-r--r--   1 root   root            290K May 14 04:19 lastlog
drwxr-sr-x+  4 root   systemd-journal   86 May 29 00:00 journal
-rw-r--r--   1 root   root             27K May 29 00:00 dmesg
drwxr-xr-x   3 root   root              17 May 29 00:00 amazon
-rw-------   1 root   root             798 May 29 00:00 maillog
-rw-------   1 root   root            8.6K May 29 00:00 secure
-rw-r--r--   1 root   root            6.3K May 29 00:00 user-data.log
-rw-r-----   1 root   root            2.8K May 29 00:00 cloud-init-output.log
-rw-r--r--   1 root   root             96K May 29 00:00 cloud-init.log
drwxr-xr-x   9 root   root            4.0K May 29 00:00 .
-rw-rw-r--   1 root   utmp            2.4K May 29 00:00 wtmp
drwxr-xr-x   2 root   root             121 May 29 00:00 aws-routed-eni
drwxr-x---   2 chrony chrony           276 May 31 03:32 chrony
-rw-------   1 root   root             19K May 31 09:01 cron
-rw-------   1 root   root             11K May 31 09:03 boot.log
drwxr-xr-x  58 root   root            8.0K May 31 09:21 pods
drwxr-xr-x   2 root   root             12K May 31 09:21 containers
-rw-------   1 root   root             11M May 31 09:21 messages

about the CI youre right, i forgot i had already run that, it took 40s xD
still no working, same 139 error (alpine or debian is the same.) do you think i have to put [this] (https://frankenphp.dev/docs/docker/#running-with-no-capabilities) in the dockerfile too?

[withinboredom]

You could look in the journal file, but you probably need journalctl to parse it as it is binary-ish. It's still parsable by humans in a pinch, somewhat.

I also see that you're using the regular PHP to start up artisan... dunno if that has any affect. Maybe change your entrypoint:

frankenphp php-cli artisan octane:frankenphp

If I'm reading right though, it works locally but not in kubernetes? You also mentioned that the k8s machines are arm? I wonder if there is something architecturally specific going on there...

[nohant]

Locally works without problem (mac m1), but on kubernetes under arm nodes no. :/
i will try the frankenphp command for entrypoint and be back in a sec :)

[withinboredom]

You could also set up a deployment where the entrypoint is ["sleep", "infinity"] (and set the user to root so you can install tooling) then exec into the container and try running it manually. From there, you can use this:

https://mercure.rocks/docs/hub/debug

which also works for frankenphp. You can also use gdb to grab a stack trace. Sadly, nothing is standing out to me about your setup and I'm out of "is it plugged in" type of debugging. Time to get our hands dirty, so to speak.

[nohant]

[feat/data][~/Documents/workspace/infrastructure/staging]$ k exec -it rimborsi-76fdd6db88-qwjq4 bash
kubectl exec [POD] [COMMAND] is DEPRECATED and will be removed in a future version. Use kubectl exec [POD] -- [COMMAND] instead.
nobody@rimborsi-76fdd6db88-qwjq4:/app$

this was pretty easy, we can do that at runtime if we stop argo :D

Where would you suggest to start first?

[withinboredom]

I would start by running your entry point manually. Maybe you'll get more information. It's mostly standard debugging from this point, though the tools might be unfamiliar (if coming from a php-only background) or you may be a bit rusty if you haven't run gdb in awhile.

[nohant]

ok, finally something i can work with @withinboredom

[2024-05-31 12:08:56] stag.ERROR: The /tmp/bootstrap/cache directory must be present and writable. {"exception":"[object] (Exception(code: 0): The /tmp/bootstrap/cache directory must be present and writable. at /composer/vendor/laravel/framework/src/Illuminate/Foundation/PackageManifest.php:178)

i should create this folder in the dockerfile since its missing, but having added that folder manually now, nothing change compared to the usual behaviour.

[withinboredom]

If you want, you can shoot me an email (landers dot robert at gmail) and maybe we can hop on a call? Might be faster. I have some free time this afternoon (around 4:30 pm CEDT or later).

[nohant]

ive enabled an emptydir for tmp since it was missing at the moment.
i will sure send you an email, but this afternoon i cant :( thanks for real <3.

[nohant]

nobody@rimborsi-55d86f9b7-j9vql:/app$ env | grep -i tmp
APP_SERVICES_CACHE=/tmp/bootstrap/cache/services.php
APP_ROUTES_CACHE=/tmp/bootstrap/cache/routes-v7.php
HOME=/tmp
APP_CONFIG_CACHE=/tmp/bootstrap/cache/config.php
FILESYSTEM_TMP_DISK=s3_tmp
APP_PACKAGES_CACHE=/tmp/bootstrap/cache/packages.php
APP_STORAGE_PATH=/tmp/storage
APP_EVENTS_CACHE=/tmp/bootstrap/cache/events.php

we are getting somewhere now since we do not have tmp, but the bootstrap is under app

[nohant]

[2024-05-31 12:36:17] stag.ERROR: The /app/bootstrap/cache directory must be present and writable. {"exception":"[object] (Exception(code: 0): The /app/bootstrap/cache directory must be present and writable. at /composer/vendor/laravel/framework/src/Illuminate/Foundation/PackageManifest.php:178)
yeah, even if its in the right folder we are not getting anywhere. :D

[nohant]

with a brutal 777 we are getting now:
[2024-05-31 13:04:00] stag.ERROR: Unable to write to process ID file. {"exception":"[object] (RuntimeException(code: 0): Unable to write to process ID file. at /composer/vendor/laravel/octane/src/FrankenPhp/ServerStateFile.php:49)

[AlliBalliBaba]

If you want to start Caddy as www-data user, you need to make /data and /config writable for www-data, since Caddy will generate files by default in /data/caddy and /config/caddy.

The reason you are seeing the last error is probably because there is no /app/storage/logs folder or it's not writable. Octane will try to write a file there when it boots.

[nohant]

thanks @AlliBalliBaba
RUN mkdir -p /tmp/storage/logs; chmod -R 0777 /tmp/storage
we added this configuration, and even after this we are receiving the error you see before.
we spent whole dau on that and we are still suck at that errore.

about caddy we have this step:
RUN \ setcap CAP_NET_BIND_SERVICE=+eip /usr/local/bin/frankenphp; \ chown -R ${USER}:${USER} /data/caddy && chown -R ${USER}:${USER} /config/caddy

but nothing changed, we are kinda burned xD

[withinboredom]

Have you looked at that php file to determine where it is trying to write the PID file?

[nohant]

i cant understand where he wants to work

<?php

namespace Laravel\Octane\FrankenPhp;

use RuntimeException;

class ServerStateFile
{
    public function __construct(protected string $path)
    {
    }

    /**
     * Read the server state from the server state file.
     */
    public function read(): array
    {
        $state = is_readable($this->path)
                    ? json_decode(file_get_contents($this->path), true)
                    : [];

        return [
            'masterProcessId' => $state['masterProcessId'] ?? null,
            'state' => $state['state'] ?? [],
        ];
    }

    /**
     * Write the given process ID to the server state file.
     */
    public function writeProcessId(int $masterProcessId): void
    {
        if (! is_writable($this->path) && ! is_writable(dirname($this->path))) {
            throw new RuntimeException('Unable to write to process ID file.');
        }

        file_put_contents($this->path, json_encode(
            array_merge($this->read(), ['masterProcessId' => $masterProcessId]),
            JSON_PRETTY_PRINT
        ));
    }

    /**
     * Write the given state array to the server state file.
     */
    public function writeState(array $newState): void
    {
        if (! is_writable($this->path) && ! is_writable(dirname($this->path))) {
            throw new RuntimeException('Unable to write to process ID file.');
        }

        file_put_contents($this->path, json_encode(
            array_merge($this->read(), ['state' => $newState]),
            JSON_PRETTY_PRINT
        ));
    }

    /**
     * Delete the process ID file.
     */
    public function delete(): bool
    {
        if (is_writable($this->path)) {
            return unlink($this->path);
        }

        return false;
    }

    /**
     * Get the path to the process ID file.
     */
    public function path(): string
    {
        return $this->path;
    }
}

do you have any idea?

[withinboredom]

If you're in the container, just slap a vardump or logging statement or throw an exception in the file to dump the path.

[nohant]

i think we have made some actual progress:

+ frankenphp php-cli artisan octane:frankenphp --host 0.0.0.0 --port 8080 --admin-port 2019 --log-level debug
{"level":"info","ts":1717403392.9643722,"msg":"using provided configuration","config_file":"/composer/vendor/laravel/octane/src/Commands/stubs/Caddyfile","config_adapter":""}
{"level":"info","ts":1717403392.9664795,"logger":"admin","msg":"admin endpoint started","address":"localhost:2019","enforce_origin":false,"origins":["//localhost:2019","//[::1]:2019","//127.0.0.1:2019"]}
{"level":"info","ts":1717403392.9666653,"logger":"tls.cache.maintenance","msg":"started background certificate maintenance","cache":"0x400050cf00"}

thats now the only logs we get before the 139.
nothing on the machine, nothing anywhere, just this logs and the crash :D.
its the same on the debian image and in the alpine.

[nohant]

Starting program: /usr/local/bin/frankenphp php-cli artisan octane:frankenphp --host 0.0.0.0 --port 80 --admin-port 2019
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/aarch64-linux-gnu/libthread_db.so.1".
[New Thread 0xffff4ae6dde0 (LWP 311)]
[New Thread 0xffff4265dde0 (LWP 312)]
[New Thread 0xffff4a61dde0 (LWP 313)]
[New Thread 0xffff49e0dde0 (LWP 314)]
[New Thread 0xffff495fdde0 (LWP 315)]
[New Thread 0xffff48c0dde0 (LWP 316)]
[New Thread 0xffff43ffede0 (LWP 317)]
[New Thread 0xffff437eede0 (LWP 318)]
[Attaching after Thread 0xffff437eede0 (LWP 318) vfork to child process 319]
[New inferior 2 (process 319)]
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/aarch64-linux-gnu/libthread_db.so.1".
[Detaching vfork parent process 309 after child exec]
[Inferior 1 (process 309) detached]
process 319 is executing new program: /usr/bin/dash
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/aarch64-linux-gnu/libthread_db.so.1".
[Attaching after Thread 0xffff88568fa0 (LWP 319) vfork to child process 320]
[New inferior 3 (process 320)]
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/aarch64-linux-gnu/libthread_db.so.1".
[Detaching vfork parent process 319 after child exec]
[Inferior 2 (process 319) detached]
process 320 is executing new program: /usr/bin/stty
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/aarch64-linux-gnu/libthread_db.so.1".
[Inferior 3 (process 320) exited normally]
(gdb)
   INFO  Server running…

  Local: http://0.0.0.0:80

  Press Ctrl+C to stop the server


   WARN  server is listening only on the HTTP port, so no automatic HTTPS will be applied to this server

running the sofware with gdb dont cause a crash apparently (on debian) but will not move anything nor give an error of sort.
If i launch manually the command outside of gdb or like entrypoiht for the pod, the 139 error is there waiting for us.

[nohant]

we made some progress, the pod is now working, the problem was from this opcache part.

now we are fighting caddy/webserver because instead of going into app/public it goes www and for obvious reasons the app dont work, but this config in caddy gets ignored,it seem

{
    frankenphp
	admin off
	auto_https off
	order php_server before file_server

	servers {
		metrics
	}

	log {
		format json
	}
}


:8080 {
	log

	header {
    -server
		-X-Powered-By
  	}

	root * /app/public
	encode zstd br gzip
	file_server
}

:8081 {
	metrics /metrics
}

@withinboredom do you have any idea why its ignoring this even if its in the right position?
COPY docker/configs/Caddyfile.production /etc/caddy/Caddyfile

[withinboredom]

Does your entry point tell it to load the caddy file? -c /etc/caddy/Caddyfile

[nohant]

we edited the entrypoint and now it has the correct entryfile, yes, but nonetheless the default answer from the url is /www, even if i do a port forward i get localhost/www.

[withinboredom]

ah, that's weird but that smells like an app configuration issue. You could always stick a header('I: am here' in your index.php to see if it is loading the PHP or not. If it isn't, then it is a caddy issue, if it is, then it is a config issue.

[nohant]

if i manually put localhost/index.php in the browser it works correctly, thats why i tought it was a caddy problem that i cant undestand or something going under the hood. :/

[withinboredom]

I guess I don't understand the problem :)

Are you being redirected to http://localhost/www when going to http://localhost and you're trying to figure out why?

[nohant]

I guess I don't understand the problem :)

Are you being redirected to http://localhost/www when going to http://localhost and you're trying to figure out why?

exactly.
we dont have anywhere www in the code, and our caddyfile, as you can see, dont use www anywhere xD

[withinboredom]

What is the status code? Could it be cached?

[nohant]

At the moment there is no cache enabled, since we delete the pod and we recreate that, the first call will go directly to this www and we are searching at why.
thats our superpowered now entrypoint for this container: frankenphp php-cli artisan octane:frankenphp --host 0.0.0.0 --port 8080 --admin-port 2019 --log-level debug --caddyfile /etc/caddy/Caddyfile
and this is our caddyfile that is configured following the documentation from franken:

{
	frankenphp
	admin off
	auto_https off
	order php_server before file_server

	servers {
		metrics
	}

	log {
		format json
	}
}

:8080 {
	log

	header {
		-server
		-X-Powered-By
	}

	root * /app/public
	encode zstd br gzip
	php_server
	file_server
}

:8081 {
	metrics /metrics
}

[withinboredom]

I meant, is the redirect cached in your browser? The browser caches permanent redirects forever (308).

[nohant]

I meant, is the redirect cached in your browser? The browser caches permanent redirects forever (308).

oh sorry i misunderstood that, the answer is no, the app is not correctly starting because the nginx cant find the app and goes 503.
in order to "see" something i need to go manually to port-forward.

also, our colleagues when try to port forward they get the same error.

[withinboredom]

Yeah, I don't see anything that stands out in your caddyfile. Could nginx be the one doing the redirect?

[withinboredom]

The only thing I can think of is that maybe you have an index.htm that is being loaded instead of index.php

[nohant]

The only thing I can think of is that maybe you have an index.htm that is being loaded instead of index.php

in the port-forward there is no nginx, that is the problem.
its only the app and the caddyfile, if we go to the localhost:8080 (that is the service and/or the pod) we meet that www.

im gonna try again something difference and a cleanup, because i can see that the octane caddyfile is more complex and require this file: /composer/vendor/laravel/octane/src/Commands/stubs/frankenphp-worker.php

i tought too for a moment about the index.htm or something and i doublechecked xD

[withinboredom]

You might need something like this in your Caddyfile:

        @notIndex {
            not {
                path /franken-worker.php
            }
        }
        rewrite @notIndex /franken-worker.php

but I can't remember laravel specifics off the top of my head.

[nohant]

You might need something like this in your Caddyfile:

        @notIndex {
            not {
                path /franken-worker.php
            }
        }
        rewrite @notIndex /franken-worker.php

but I can't remember laravel specifics off the top of my head.

ok, this i don't honestly understand, why i would need this if its not mentioned in the franken documentation? its because of octane? but, looking at the octane doc for frankenphp it doenst state anywhere to use this component/piece.

[withinboredom]

You probably don't need it. I've needed it when testing various dev cases ... but if it isn't documented, then you likely don't need it :) Sorry to confuse you.

[nohant]

this is the octane caddyfile:

{
	{$CADDY_GLOBAL_OPTIONS}

	admin localhost:{$CADDY_SERVER_ADMIN_PORT}

	frankenphp {
		worker "{$APP_PUBLIC_PATH}/frankenphp-worker.php" {$CADDY_SERVER_WORKER_COUNT}
	}
}

{$CADDY_SERVER_SERVER_NAME} {
	log {
		level {$CADDY_SERVER_LOG_LEVEL}

		# Redact the authorization query parameter that can be set by Mercure...
		format filter {
			wrap {$CADDY_SERVER_LOGGER}
			fields {
				uri query {
					replace authorization REDACTED
				}
			}
		}
	}

	route {
		root * "{$APP_PUBLIC_PATH}"
		encode zstd br gzip

		# Mercure configuration is injected here...
		{$CADDY_SERVER_EXTRA_DIRECTIVES}

		php_server {
			index frankenphp-worker.php
			# Required for the public/storage/ directory...
			resolve_root_symlink
		}
	}
}

its correct too technically, if i put
CADDY_SERVER_SERVER_NAME as :8080
and `$APP_PUBLIC_PATH' as /app/public

so now i have a real doubt:
how is this caddyfile working correctly witht his: frankenphp php-cli artisan octane:frankenphp --host 0.0.0.0 --port 80 --admin-port 2019 --max-requests=1 --log-level debug locally, but our caddyfile dont?

[withinboredom]

Just an "is it plugged in" kind of question: but did you verify the caddyfile in the container is the correct one?

[nohant]

if i dont say what caddyfile to use, it has to use the octane one from the frankenphp default configuration, or this is what i understand at the moment.

[nohant]

ok, i made the app working.
it seems that in caddy you cant have:

:8080 {

but instead need to have:

{$CADDY_SERVER_SERVER_NAME} {

with this edit the app is working, i mean, i have a blocked-mixed-content error but i can fight that, not all the app now :D