I’ll throw my 2 cents into the ring. First off, I love that someone is trying to take this on. There are many reasons why docker could be useful to the FreePBX project and creating a simple dev environment is at the top of my list of potential applications. That being said, I don’t think that docker is particularly the wrong tool to do this, but I’m not sure that makes LXD is the right tool either.
Side Note: The project link from the OP is incorrect. The link to the project can be found here: Docker
A problem I see time and time again is that everyone wants to treat docker as if it acts and behaves as a Virtual Machine and it definitely is not that. By doing so, they want to make one image for FreePBX and pile a bunch of stuff into it when that is probably the wrong approach. That being said, docker works best when you split EACH process into a singe container. I would imagine a successful approach would end up looking more like a docker compose file than a docker image, which is the recommended setup for the project, however I would argue that there isn’t enough separation today for it today. When done, I would expect a ‘FreePBX Stack’ to have at least a PHP App image, a Node App image, a MySQL image, and an Asterisk Image at the minimum.
Now, the problem with putting FreePBX in Docker is that it is not designed to be spit up into several smaller containers from an architecture standpoint. As far as I know, at least two major concerns (there are probably a few more that I don’t know about as well) that hold back the FreePBX project from having really good docker support:
-
FreePBX directly manages the config files for an Asterisk instance. The problem here is if the FreePBX php app runs in one docker container, and Asterisk runs in another, how do you update the asterisk config?
-
Similarly, AGI also runs in the PHP app. How do you get asterisk to execute an AGI running in a different container?
Without directly addressing these problems, I believe anyone who tries to take on a FreePBX Docker project (LXD included) will end up having a bad time.
I’ll argue that this statement is partially correct. It’s correct when using the default config of docker, however, the OP used the ’ "userland-proxy": false docker option to resolve this issue, which I believe is a good strategy. Another way to resolve this issue is to run the contain’s networking directly on the host network, which will mostly resolve the proxy ports issue because they will no longer be needed. (Networking using the host network | Docker Docs) HOWEVER, this does create a new issue for fail2ban and the firewall module of FreePBX because it can no longer manage the iptable routes. That being said, the network management in FreePBX is currently inadequate today for something like docker and may require a special module for it to work.
The issue here is that Sangoma doesn’t have an official Asterisk docker image. I believe having one would relieve some of the concerns here and people wouldn’t have to compile one. I am not going to say I would recommend using a third party Asterisk docker image due to security concerns as well as other obvious issues of running something not officially supported by the project maintainer.
Technically, Asterisk and MySQL in theory should be the only services that “need” persistent storage here. For MySQL this problem has been solved a million times. For Asterisk, the main issue here once again comes down to the management of config files and modifying config dynamically in a docker image. A solution would also need to be made for Asterisk to save voicemails to a more docker friendly persistent storage device as well. The persistent storage concerns of the PHP App / Node App are probably due to bad design since these apps should be stateless anyways.
All in all, I like the work that was done in this project. And if you ever want to discuss this more in detail feel free to reach out to me.