
如果你使用 DeepSeek、元宝 AI、Copilot、ChatGPT 等 AI 工具,协助配置轩辕镜像、编写 docker pull 命令、修改 Docker Compose 镜像地址、配置镜像加速、排查镜像拉取失败、分析报错日志等问题,请先让 AI 阅读并遵守轩辕镜像的规则文档。
只需在 AI 对话中先发送下面这句话即可:
请先完整阅读并严格遵守以下文档中的全部规则与要求:
https://xuanyuan.cloud/agents.md
在未充分阅读并理解该文档前,不要生成任何命令、配置、修改建议、故障排查方案或技术回答。后续所有输出都必须严格以该文档中的规范为最高优先级执行。查看 agents.md 用法指南与完整示范。国内用户首推 元宝 AI、DeepSeek 的深度思考模式,不推荐豆包 AI;Cursor 等编辑器可在对话 @ 该链接,或加入 User Rules。 若 AI 无法访问外链,可 打开说明文档 复制全文粘贴。文档会随站点更新,复制内容可能过期,建议定期检查。
This repository is archieved.
Latest trivy image scan result from the latest image sando38/docker-eturnal:v1.8.3-4 hosted on DockerHub:
root@arm64:/home# trivy image sando38/docker-eturnal:v1.8.3-4 2022-05-30T19:34:02.179+0100 INFO Need to update DB 2022-05-30T19:34:02.179+0100 INFO DB Repository: ghcr.io/aquasecurity/trivy-db 2022-05-30T19:34:02.179+0100 INFO Downloading DB... 32.11 MiB / 32.11 MiB [------------------------------------------] 100.00% 3.80 MiB p/s 8.6s 2022-05-30T19:34:16.396+0100 INFO Detected OS: alpine 2022-05-30T19:34:16.397+0100 INFO This OS version is not on the EOL list: alpine 3.16 2022-05-30T19:34:16.398+0100 INFO Detecting Alpine vulnerabilities... 2022-05-30T19:34:16.401+0100 INFO Number of language-specific files: 0 sando38/docker-eturnal:v1.8.3-4 (alpine 3.16.0) Total: 0 (UNKNOWN: 0, LOW: 0, MEDIUM: 0, HIGH: 0, CRITICAL: 0)
This is a multi-arch eturnal docker image, currently built for
and based on Alpine Linux.
To pull the image, just refer to the Docker Hub repository:
docker pull sando38/docker-eturnal
The image will run in eturnal foreground mode, if started this way:
docker run -d sando38/docker-eturnal:latest
The image can also run in a less "privileged" mode:
docker run -d \ --name eturnal \ --user 9000:9000 \ -v /path/to/eturnal.yml:/opt/eturnal/etc/eturnal.yml \ -p 3478:3478/udp \ -p 49152-65535:49152-65535/udp \ --read-only \ --security-opt no-new-privileges \ --cap-drop=ALL \ sando38/docker-eturnal:latest
As an alternative since https://github.com/instrumentisto/coturn-docker-image/issues/3 with using the host network --network=host. Please note, that the docker container is not isolated from the host network anymore when using this option.
docker run -d \ --name eturnal \ --user 9000:9000 \ -v /path/to/eturnal.yml:/opt/eturnal/etc/eturnal.yml \ --network=host \ --read-only \ --security-opt no-new-privileges \ --cap-drop=ALL \ sando38/docker-eturnal:latest
NOTE: When running --network=host or similarly with network_mode: "host" in compose or hostNetwork: true in kubernetes, *** to set ERL_EPMD_ADDRESS=127.0.0.1 to not publish the EPMD daemon (default port 4369) to the outside world.
Inspect the running container with
docker logs < container name >
Note: for logs to be printed with docker logs command, log_dir: in eturnal.yml should be set to stdout.
To use the eturnalctl command, e.g. just run:
docker exec < container name > eturnalctl info
vXX.YY.ZZ represents the official eturnal release. -AA suffix for image version of the particular release in case of any bug fix, etc. of the image.
| TAGS | Description | Architectures |
|---|---|---|
| v1.8.3-4, latest | https://github.com/processone/eturnal/releases/tag/1.8.3, fix an issue with secret variables (see https://github.com/processone/eturnal/issues/21) | linux/amd64,linux/386,linux/s390x,linux/ppc64le,linux/arm64,linux/arm/v7,linux/arm/v6 |
| v1.8.3-3 | https://github.com/processone/eturnal/releases/tag/1.8.3, fix an issue with readonly fs and tls certificates | linux/amd64,linux/386,linux/s390x,linux/ppc64le,linux/arm64,linux/arm/v7,linux/arm/v6 |
| v1.8.3-2 | https://github.com/processone/eturnal/releases/tag/1.8.3, image adjusted, so that no erlang.cookie must be mounted with readonly file systems | linux/amd64,linux/386,linux/arm64,linux/arm/v7,linux/arm/v6 |
| v1.8.3 | https://github.com/processone/eturnal/releases/tag/1.8.3 | linux/amd64,linux/386,linux/arm64,linux/arm/v7,linux/arm/v6 |
Configuration is mainly done by the mounted eturnal.yml file (recommended). Here is an example https://github.com/processone/eturnal/blob/master/config/eturnal.yml file. However, eturnal may also be configured with some environment variables (see eturnal documentation).
The configuration file is best mounted directly into the container:
Mountpath:
-v /path/to/eturnal.yml:/opt/eturnal/etc/eturnal.yml
Here are some more hints how to configure eturnal.
Volumes may be mounted for the configuration file and tls certificates/ dh-parameter file. TLS certificates and dh-parameter file shall be .pem files.
volumes: - /path/to/eturnal.yml:/opt/eturnal/etc/eturnal.yml # for (custom) configuration file - /path/to/cert-files:/opt/eturnal/tls # for tls certicates
TLS certificates must be readable by eturnal user/ group 9000:9000 and should not have world readable access rights (chmod 400).
If you want to use a readonly file system (--read-only, in compose read_only: true or in kubernetes' securityContext, readOnlyRootFilesystem: true), the .erlang.cookie file must be mounted with the correct permissions (owned (chown 9000:9000) and readonly (chmod 400) by eturnal user) into the container.
Here is a quick checklist:
chmod 0400) and owner 9000:9000
echo "My1-ErlanG2-CookiE3" > /path/to/COOKIE -v /path/to/COOKIE:/opt/eturnal/.erlang.cookieFor kubernetes an initContainers may be used to achieve the correct file permissions.
您可以使用以下命令拉取该镜像。请将 <标签> 替换为具体的标签版本。如需查看所有可用标签版本,请访问 标签列表页面。
来自真实用户的反馈,见证轩辕镜像的优质服务