Ports and volume not properly set

[smalenfant]

I searched post, the only one I found was closed for lack of information.

I did not test on main branch or latest version (3.8.0) as I didn't see any commits related to this.

SUMMARY

When running with version 3.7.0 (ansible 9.2.0), ports are not exposed on the local host. It was working as expect on the 2.7.0 version (part of ansible 6.7.0).

ISSUE TYPE

• Bug Report

COMPONENT NAME

docker_container

ANSIBLE VERSION

$ ansible --version
ansible [core 2.16.3]
  config file = None
  configured module search path = ['/home/p5smalenfa/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
  ansible python module location = /opt/virtualenvs/ansible-9.2.0/lib/python3.11/site-packages/ansible
  ansible collection location = /home/p5smalenfa/.ansible/collections:/usr/share/ansible/collections
  executable location = /opt/virtualenvs/ansible-9.2.0/bin/ansible
  python version = 3.11.5 (main, Sep  7 2023, 00:00:00) [GCC 11.4.1 20230605 (Red Hat 11.4.1-2)] (/opt/virtualenvs/ansible-9.2.0/bin/python)
  jinja version = 3.1.3
  libyaml = True

COLLECTION VERSION

$ ansible-galaxy collection list community.docker

# /opt/virtualenvs/ansible-9.2.0/lib/python3.11/site-packages/ansible_collections
Collection       Version
---------------- -------
community.docker 3.7.0  

CONFIGURATION

$ ansible-config dump --only-changed
CONFIG_FILE() = None
DEFAULT_CALLBACK_PLUGIN_PATH(env: ANSIBLE_CALLBACK_PLUGINS) = ['/opt/virtualenvs/ansible-9.2.0/lib/python3.11/site-packages/ara/plugins/callback']
DEFAULT_HOST_LIST(env: ANSIBLE_INVENTORY) = erased
DEFAULT_VAULT_PASSWORD_FILE(env: ANSIBLE_VAULT_PASSWORD_FILE) = erased
HOST_KEY_CHECKING(env: ANSIBLE_HOST_KEY_CHECKING) = False

OS / ENVIRONMENT

Target host: Centos 7.9

STEPS TO REPRODUCE

This is the task ran from the playbook:

- name: Create ARA container
  docker_container:
    name: "ara"
    image: "recordsansible/ara-api:latest"
    restart: true
    restart_policy: unless-stopped
    volumes:
      - /opt/ara:/opt/ara
    ports:
      - 8000:8000/tcp
    state: "{{ state | default('started') }}"

EXPECTED RESULTS

I expect 0.0.0.0:8000 to show in the results

$ docker ps
CONTAINER ID   IMAGE                    COMMAND                  CREATED          STATUS          PORTS                    NAMES
db349352f342   recordsansible/ara-api   "bash -c '/usr/local…"   11 minutes ago   Up 10 minutes   0.0.0.0:8000->8000/tcp   ara

ACTUAL RESULTS

Service is unreachable

Frist pass (container was accessible): 

TASK [ara-docker : Create ARA container] ***********************************************************************************************************************************************************************************************************
--- before
+++ after
@@ -1,4 +1,4 @@
 {
-    "restarted": false,
+    "restarted": true,
     "running": true
 }

changed: [cdn1cdcts0001.coxlab.net]

State: 
$ docker ps
CONTAINER ID   IMAGE          COMMAND                  CREATED          STATUS         PORTS      NAMES
4d8ba8b06717   d1e166215b16   "bash -c '/usr/local…"   10 seconds ago   Up 9 seconds   8000/tcp   ara

Second pass with module 3.7.0 (It shows the proper diffs, just not applied):

TASK [ara-docker : Create ARA container] [CHECK MODE] **********************************************************************************************************************************************************************************************
--- before
+++ after
@@ -1,13 +1,22 @@
 {
     "env": [
-        "ARA_BASE_DIR=/opt/ara",
+        "ARA_BASE_DIR=/opt/ara/server",
         "DISTTAG=f38container",
         "FGC=f38",
         "container=oci"
     ],
-    "published_ports": null,
-    "restart_policy": "no",
-    "restarted": false,
+    "published_ports": {
+        "8000/tcp": [
+            {
+                "HostIp": "0.0.0.0",
+                "HostPort": "8000"
+            }
+        ]
+    },
+    "restart_policy": "unless-stopped",
+    "restarted": true,
     "running": true,
-    "volume_binds": null
+    "volume_binds": [
+        "/opt/ara:/opt/ara:rw"
+    ]
 }

$ docker ps
CONTAINER ID   IMAGE          COMMAND                  CREATED         STATUS         PORTS      NAMES
e2771e1df101   d1e166215b16   "bash -c '/usr/local…"   2 seconds ago   Up 2 seconds   8000/tcp   ara

[smalenfant]

I haven't noticed before but looks like there is also an issue with volume_binds.

-    "volume_binds": null
+    "volume_binds": [
+        "/opt/ara:/opt/ara:rw"
+    ]

[felixfontein]

If I run that task multiple times with the latest version, I only get

TASK [Create ARA container] ******************************************************************************************************************************************************************
--- before
+++ after
@@ -1,4 +1,4 @@
 {
-    "restarted": false,
+    "restarted": true,
     "running": true
 }

changed: [localhost]

but always docker ps shows the port:

CONTAINER ID   IMAGE                           COMMAND                  CREATED         STATUS        PORTS                    NAMES
2bcd2cb04274   recordsansible/ara-api:latest   "bash -c '/usr/local…"   2 minutes ago   Up 1 second   0.0.0.0:8000->8000/tcp   ara

Also switching between community.docker 2.7.0, 3.7.0, and main branch doesn't give different results for me.

[smalenfant]

We just went through this module with a different docker image (different host) and it worked fine as well. Would you know how I could debug this through docker? Seems like an API issue.

[smalenfant]

I wonder what kind of residual container issue this was. I just ran docker system prune -a and re-run my playbook:

CONTAINER ID   IMAGE                    COMMAND                  CREATED         STATUS         PORTS                    NAMES
bddc41f7ded3   recordsansible/ara-api   "bash -c '/usr/local…"   6 seconds ago   Up 4 seconds   0.0.0.0:8000->8000/tcp   ara

Solved. We can close this.

[smalenfant]

Just interesting on how the older module was always making it work. But not with the new one would break it.

[felixfontein]

Without being able to reproduce this I'm not able to tell you why.