Difference between revisions of "Running Archive Team Projects with Docker"

From Archiveteam
Jump to navigation Jump to search
m (Minor improvements)
(Add explanation of Watchtower image address)
Line 38: Line 38:
#* <code>--restart=unless-stopped</code>: This tells Docker to restart the container unless you stop it. This also means that it will restart the container automatically when you reboot your system.
#* <code>--restart=unless-stopped</code>: This tells Docker to restart the container unless you stop it. This also means that it will restart the container automatically when you reboot your system.
#* <code>-v /var/run/docker.sock:/var/run/docker.sock</code>: This provides the Watchtower container access to your system's Docker socket. Watchtower uses this to communicate with Docker on your system to gracefully shutdown and update your containers.
#* <code>-v /var/run/docker.sock:/var/run/docker.sock</code>: This provides the Watchtower container access to your system's Docker socket. Watchtower uses this to communicate with Docker on your system to gracefully shutdown and update your containers.
#* <code>containrrr/watchtower</code>: This is the Docker image address for Watchtower.
#* <code>--label-enable</code>: This tells Watchtower only to update containers that are specifically tagged for auto-updating. This is included to prevent Watchtower from updating any other containers you may have running on your system. If you are only using Docker to run Archive Team projects, or wish to automatically update all containers including those that are not for Archive Team projects, you can leave this off.
#* <code>--label-enable</code>: This tells Watchtower only to update containers that are specifically tagged for auto-updating. This is included to prevent Watchtower from updating any other containers you may have running on your system. If you are only using Docker to run Archive Team projects, or wish to automatically update all containers including those that are not for Archive Team projects, you can leave this off.
#* <code>--cleanup</code>: This tells Watchtower to delete old, outdated Docker images, which helps save disk space on your system.
#* <code>--cleanup</code>: This tells Watchtower to delete old, outdated Docker images, which helps save disk space on your system.

Revision as of 20:52, 6 April 2021

Archiveteam1.png This page is currently in draft form and is being worked on. Instructions may be incomplete.
Archive team.png

You can run Archive Team scripts in Docker containers to help with our archiving efforts. It will download sites and upload them to our archive — and it’s really easy to do!

The scripts run in a Docker container, so there is no risk to your computer. The container will only use your bandwidth and some of your disk space. It will get tasks from and report progress to the Tracker.

Basic usage

Docker runs on Windows, macOS, and Linux, and is a free download. Docker runs code in containers, and stores code in images. (Docker requires the professional version of Windows if being run on versions of Windows prior to Windows 10 version 1903.)

Instructions for using Docker CLI on Windows, macOS, or Linux

  1. Download and install Docker from the link above.
  2. Open your terminal. On Windows, you can use either Command Prompt (CMD) or PowerShell, on macOS and Linux you can use Terminal (Bash).
  3. First, we will set up the Watchtower container. Watchtower automatically checks for updates to Docker containers every hour, and if an update is found, it will gracefully shutdown your container, update it, and restart it.
    Use the following command:
    docker run -d --name watchtower --restart=unless-stopped -v /var/run/docker.sock:/var/run/docker.sock containrrr/watchtower --label-enable --cleanup --interval 3600
    Explanation:
    • -d: Detaches the container from the terminal and runs it in the background.
    • --name watchtower: The name that is displayed for the container. A name other than "watchtower" can be specified here if needed.
    • --restart=unless-stopped: This tells Docker to restart the container unless you stop it. This also means that it will restart the container automatically when you reboot your system.
    • -v /var/run/docker.sock:/var/run/docker.sock: This provides the Watchtower container access to your system's Docker socket. Watchtower uses this to communicate with Docker on your system to gracefully shutdown and update your containers.
    • containrrr/watchtower: This is the Docker image address for Watchtower.
    • --label-enable: This tells Watchtower only to update containers that are specifically tagged for auto-updating. This is included to prevent Watchtower from updating any other containers you may have running on your system. If you are only using Docker to run Archive Team projects, or wish to automatically update all containers including those that are not for Archive Team projects, you can leave this off.
    • --cleanup: This tells Watchtower to delete old, outdated Docker images, which helps save disk space on your system.
    • --interval 3600: This tells Watchtower to check for updates to your Docker containers every hour.
  4. Now we will set up a project container. You'll need to know the image address for the script for the project you want to help out with. If you don't know it, you can ask us on IRC.
    Use the following command:
    docker run -d --name archiveteam --label=com.centurylinklabs.watchtower.enable=true --restart=unless-stopped [image address] --concurrent 1 [username]
    For example, to assist with the URLs project (i.e. #// on hackint IRC):
    docker run -d --name archiveteam --label=com.centurylinklabs.watchtower.enable=true --restart=unless-stopped atdr.meo.ws/archiveteam/urls-grab --concurrent 1 [username]
    Explanation:
    • -d: Detaches the container from the terminal and runs it in the background.
    • --name archiveteam: The name that is displayed for the container. A name other than "archiveteam" can be specified here if needed (e.g. you want to create multiple containers using the same image).
    • --label=com.centurylinklabs.watchtower.enable=true: Labels the container to be automatically updated by Watchtower. You can leave this off if you did not include --label-enable when launching the Watchtower container.
    • --restart=unless-stopped: This tells Docker to restart the container unless you stop it. This also means that it will restart the container automatically when you reboot your system.
    • [image address]: Replace this with the image address for the project you would like to help with. The brackets should not be included in the final command. Additionally, the address should not include https:// or http://, and all characters must be lowercase. Most project images will be made available at 'atdr.meo.ws/archiveteam/$repo-grab' where $repo is the same name as used on code repository. E.g. The code at https://github.com/ArchiveTeam/urls-grab corresponds to the Docker image address of 'atdr.meo.ws/archiveteam/urls-grab'.
    • --concurrent 1: Process 1 item at a time per container. Although this varies for each project, the maximum recommended value is 5, and the maximum allowed value is 20. Leave this at 1, or check with us on IRC if you are unsure.
    • [username]: Choose a username - we'll show your progress on the project leaderboard (tracker). The brackets should not be included in the final command.
Archiveteam1.png On Windows and macOS, once you have completed steps 1-4, you can also start, stop, and delete containers in the Docker Desktop UI. However, for the time being, initial setup and switching projects can only be done from the command line. Docker on Linux (either in a VM or on bare metal hardware) is the recommended way to run Docker containers.

Stopping containers

  1. Recommended method: Attempt graceful stop by sending the SIGINT signal, with no hard-kill deadline:
    docker kill --signal=SIGINT archiveteam
    Explanation:
    • kill: Docker's command for killing a container, defaults to sending a SIGKILL signal unless otherwise specified
    • --signal=SIGINT: tells Docker to send a SIGINT signal to the container (not a SIGKILL)
    • archiveteam: This is the name of the Docker container(s) that need to be stopped. If needed, replace with the actual container name(s) you want to stop. Multiple containers can be stopped with the same command.
  2. Alternate, unrecommended method: Attempt stop, with a hard-kill deadline of 1 hour:
    docker stop -t 3600 archiveteam
    Explanation:
    • -t 3600: tells Docker to wait for 3600 seconds (60 minutes) before forcibly stopping the container. Docker's default is -t 10 (not recommended). Use -t 0to stop immediately (also not recommended). Hard-kill deadlines are problematic because large multi-GB projects may require long-running jobs (e.g. 48 hours for content download + additional hours of rsync upload time that itself may be delayed by upload bandwidth limits and/or congestion on the rsync target). Please ask in the project IRC channel if you are considering using a hard-kill method, especially for projects where there may not be time for another worker to retry later. (There may be interest in recovering/saving partial WARCs from containers that did not end gracefully.) Also see the FAQ entry about ungraceful stops.
    • archiveteam: This is the name of the Docker container(s) that need to be stopped. If needed, replace with the actual container name(s) you want to stop. Multiple containers can be stopped with the same command.

The same commands can also be used to stop the watchtower container.

Starting containers

Similarly, to start your containers again in the future, run docker start watchtower archiveteam. If needed, replace "watchtower" and "archiveteam" with the actual container names you used.

Deleting containers

To delete a container, run docker rm archiveteam. If needed, replace "archiveteam" with the name of the actual container you want to delete. To free up disk space, you can also purge your unused Docker images by running docker image prune. Note that this command will delete all Docker images on your system that are not associated with a container, not just Archive Team ones.

Checking for project updates

Remember to periodically check our IRC channels and homepage so you switch your scripts to a current project. Projects change frequently at Archive Team, and at the moment we don't have a way to automatically switch the projects run in Docker containers. To switch projects, simply stop your existing Archive Team container by running docker stop archiveteam, and delete it by running docker rm archiveteam and run a new one by repeating step 4. Then, you can optionally prune your unused Docker images as in step 7. Note: you don't need to stop or replace your Watchtower container, just make sure it is still running by using docker ps -f name=watchtower. If Watchtower is not running or you are unsure, run docker start watchtower.

FAQ

Why a Docker container in the first place?

A Docker container is a quick, safe, and easy way for newcomers to help us out. It offers many features:

  • Self-updating software infrastructure provided by Watchtower
  • Allows for unattended use
  • In case of software faults, your machine is not ruined
  • Restarts itself in case of runaway programs
  • Runs on Windows, macOS, and Linux painlessly
  • Ensures consistency in the archived data regardless of your machine's quirks
  • Restarts automatically after a system restart

If you have suggestions for improving this system, please talk to us as described below.

Can I use whatever internet access for running scripts?

No. We need "clean" connections. Please ensure the following:

  • No OpenDNS. No ISP DNS that redirects to a search page. Use non-captive DNS servers.
  • No ISP connections that inject advertisements into web pages.
  • No proxies. Proxies can return bad data. The original HTTP headers and IP address are needed for the WARC file.
  • No content-filtering firewalls.
  • No censorship. If you believe your country implements censorship, do not run Archive Team scripts.
  • No Tor. The server may return an error page instead of content if they ban exit nodes.
  • No free cafe wifi. Archiving your cafe's wifi service agreement repeatedly is not helpful.
  • No VPNs. Data integrity is a very high priority for the Archive Team so use of VPNs with the official crawler is discouraged.
  • We prefer connections from many public IP addresses if possible. (For example, if your apartment building uses a single IP address, we don't want your apartment banned.)

I turned my Docker container off. Will those tasks be lost?

If you've killed your Docker instance, then the work your container did has been lost. However, the tasks will be returned to the pool after a period of time, and others may claim them.

How much disk space will the Docker container use?

Short answer: it depends on the project. Ask in the project IRC channel.

Long answer: because each project defines items differently, sizes may vary. A single task may be a small file or a whole subsection of a website.

How can I see the status of my archiving?

You can check the project leaderboard to see how much you've archived. If you want to see the current status of your Docker container, you can run docker logs --tail 0 -f archiveteam. --tail 0 tells Docker to only show newly added log messages, and -f tells Docker to keep displaying logs as they come in until you press Control-C to stop it. If needed, replace "archiveteam" with the actual name you used for your container.

How can I look around inside a container?

Run this to bring up a command shell inside the container. Replace 'archiveteam' with the name of the container:
sudo docker exec -t -i archiveteam /bin/bash

How can I run tons of containers easily?

We assume you've checked with the current Archive Team project what concurrency and resources are needed or useful!

Whether your have your own virtual cluster or you're renting someone else's (aka a "cloud"), you probably need some orchestration software.

ArchiveTeam volunteers have successfully used a variety of hosting providers and tools (including free trials on AWS and GCE), often just by building their own flavour of virtual server and then repeating it with simple cloud-init scripts (to install and launch docker as above) or whatever tool the hosting provides. If you desire full automation, the archiveteam-infra repository by diggan helps with Terraform on DigitalOcean.

Some custom monitoring scripts also exist, for instance watcher.py.

I'd like to help write code or I want to tweak the scripts to run to my liking. Where can I find more info? Where is the source code and repository?

Check out the Dev documentation for details on the infrastructure and details of the source code layout.

I still have a question!

Check out the general FAQ page. Talk to us on IRC. Use #archiveteam-bs for general questions or the project IRC channel for project-specific instructions.

Troubleshooting

(Linux) Running Docker commands gives me a permission denied error. How can I fix this?

There are a few ways to fix this issue. The fastest way is to put sudo before your Docker commands. This runs the process as the root user. You can also log into your system as root and run the Docker commands from there. Alternatively, you can create a docker user group and add your account to it by running sudo groupadd docker, then sudo usermod -aG docker $USER, and then activate the changes by running newgrp docker or simply logging out and logging back in to your system or rebooting your system[1].

I see a message that no item was received.

This means that there is no work available. This can happen for several reasons:

  • The project has just finished and someone is inspecting the work done. If a problem is discovered, items may be re-queued and more work will become available.
  • You have checked out/claimed too many items. Reduce your concurrency and let others do some of the work too.
  • In a rare case, you have been banned by a tracker administrator because there was a problem with your work: you were requesting too much, you were tampering with the scripts, a malfunction has occurred, or your internet connection is "unclean" (see above).

I see a message about rate limiting.

Don't worry. Keep in mind that although downloading the internet for fun and digital preservation are the primary goals of all Archive Team activities, serious stress on the target's server may occur. The rate limit is imposed by a tracker administrator and should not be subverted.

(In other words, we don't want to DDoS the servers.)

If you like, you can switch to another project with less load.

I see a message about code being out of date.

Don't worry. There is a new update ready. You do not need to do anything about this if you are running the container with Watchtower; Watchtower will update its code every five minutes. If you are impatient, please stop and remove your container, then repeat step 4 in the setup instructions and it will download the latest code and resume work.

I'm running the scripts manually and I see a message about code being out of date.

This happens when a bug in the scripts is discovered. Bugs are unavoidable, especially when the server is out of our control.

I see messages about rsync errors.

Uh-oh! Something is not right. Please notify us immediately in the appropriate IRC channel.

The item I'm working on is downloading thousands of URLs and it's taking hours.

Please notify us in the appropriate IRC channel. You may need to restart the container.

The instructions to run the software/scripts are awful and they are difficult to set up.

Well, excuuuuse me, princess!

We're not a professional support team so help us help you help us all. See above for bug reports, suggestions, or code contributions.

Recovering from a ungraceful container stop

Please ask in the project IRC channel if some of your containers were stopped ungracefully. This includes using a container stop that used a hard-kill, also stops due to system failures or power outages. This is especially important for projects where there may not be enough time for another worker to retry later. Do not attempt to start/restart the affected containers. (Note: it is possible to recover/save partial WARCs using docker cp archiveteam:/grab/ ./ or similar from still running containers that are about to be terminated.)

Where can I file a bug, suggestion, or a feature request?

If the issue is related to the web interface or the library that grab scripts are using, see seesaw-kit issues. Other issues should be filed into their own repositories.

Are you a coder?

Like our scripts? Interested in how it works under the hood? Got software skills? Help us improve it!

Note: some of the content of this page has been adapted from ArchiveTeam Warrior.