[rootles] container wnats to open port 443 but that does not exist

[theScrabi]

When trying to execute the docker-compose from this repository rootless: https://github.com/theScrabi/icinga2/tree/my_changes

it ends up with the following error:

podman pod create --name=icinga2 --share net -p 127.0.0.1:8080:80 -p 127.0.0.1:5665:5665 -p 127.0.0.1:8443:443
Error: unable to create pod: error adding pod to state: name icinga2 is in use: pod already exists
125
podman create --name=icinga2_icinga2_1 --pod=icinga2 --label io.podman.compose.config-hash=123 --label io.podman.compose.project=icinga2 --label io.podman.compose.version=0.0.1 --label com.docker.compose.container-number=1 --label com.docker.compose.service=icinga2 -e ICINGA2_FEATURE_GRAPHITE=1 -e ICINGA2_FEATURE_GRAPHITE_HOST=graphite -e ICINGA2_FEATURE_GRAPHITE_PORT=2003 -e ICINGA2_FEATURE_GRAPHITE_URL=http://graphite -e DEFAULT_MYSQL_HOST=mysql --env-file /home/schabi/Schreibtisch/icinga2/secrets_sql.env --mount type=bind,source=/home/schabi/Schreibtisch/icinga2/./data/icinga/cache,destination=/var/cache/icinga2 --mount type=bind,source=/home/schabi/Schreibtisch/icinga2/./data/icinga/certs,destination=/etc/apache2/ssl --mount type=bind,source=/home/schabi/Schreibtisch/icinga2/./data/icinga/etc/icinga2,destination=/etc/icinga2 --mount type=bind,source=/home/schabi/Schreibtisch/icinga2/./data/icinga/etc/icingaweb2,destination=/etc/icingaweb2 --mount type=bind,source=/home/schabi/Schreibtisch/icinga2/./data/icinga/lib/icinga,destination=/var/lib/icinga2 --mount type=bind,source=/home/schabi/Schreibtisch/icinga2/./data/icinga/lib/php/sessions,destination=/var/lib/php/sessions --mount type=bind,source=/home/schabi/Schreibtisch/icinga2/./data/icinga/log/apache2,destination=/var/log/apache2 --mount type=bind,source=/home/schabi/Schreibtisch/icinga2/./data/icinga/log/icinga2,destination=/var/log/icinga2 --mount type=bind,source=/home/schabi/Schreibtisch/icinga2/./data/icinga/log/icingaweb2,destination=/var/log/icingaweb2 --mount type=bind,source=/home/schabi/Schreibtisch/icinga2/./data/icinga/log/mysql,destination=/var/log/mysql --mount type=bind,source=/home/schabi/Schreibtisch/icinga2/./data/icinga/spool,destination=/var/spool/icinga2 --add-host icinga2:127.0.0.1 --add-host icinga2_icinga2_1:127.0.0.1 --add-host graphite:127.0.0.1 --add-host graphite:127.0.0.1 --add-host mysql:127.0.0.1 --add-host icinga2_mysql_1:127.0.0.1 --hostname icinga2 icinga2_icinga2
Error: error creating container storage: the container name "icinga2_icinga2_1" is already in use by "e59c623a12e6da3af91e38b26c49132b436b68fbab54490ea7ce12a63716760a". You have to remove that container to be able to reuse that name.: that name is already in use
125
podman create --name=graphite --pod=icinga2 --label io.podman.compose.config-hash=123 --label io.podman.compose.project=icinga2 --label io.podman.compose.version=0.0.1 --label com.docker.compose.container-number=1 --label com.docker.compose.service=graphite --mount type=bind,source=/home/schabi/Schreibtisch/icinga2/./data/graphite/conf,destination=/opt/graphite/conf --mount type=bind,source=/home/schabi/Schreibtisch/icinga2/./data/graphite/storage,destination=/opt/graphite/storage --mount type=bind,source=/home/schabi/Schreibtisch/icinga2/./data/graphite/log/graphite,destination=/var/log/graphite --mount type=bind,source=/home/schabi/Schreibtisch/icinga2/./data/graphite/log/carbon,destination=/var/log/carbon --add-host icinga2:127.0.0.1 --add-host icinga2_icinga2_1:127.0.0.1 --add-host graphite:127.0.0.1 --add-host graphite:127.0.0.1 --add-host mysql:127.0.0.1 --add-host icinga2_mysql_1:127.0.0.1 --hostname graphite graphiteapp/graphite-statsd:latest
Error: error creating container storage: the container name "graphite" is already in use by "d4581ec46730f297b0f683eb33dce5498440166e21ac1124bd243ff7376e430c". You have to remove that container to be able to reuse that name.: that name is already in use
125
podman create --name=icinga2_mysql_1 --pod=icinga2 --label io.podman.compose.config-hash=123 --label io.podman.compose.project=icinga2 --label io.podman.compose.version=0.0.1 --label com.docker.compose.container-number=1 --label com.docker.compose.service=mysql --env-file /home/schabi/Schreibtisch/icinga2/secrets_sql.env --mount type=bind,source=/home/schabi/Schreibtisch/icinga2/./data/mysql/data,destination=/var/lib/mysql --add-host icinga2:127.0.0.1 --add-host icinga2_icinga2_1:127.0.0.1 --add-host graphite:127.0.0.1 --add-host graphite:127.0.0.1 --add-host mysql:127.0.0.1 --add-host icinga2_mysql_1:127.0.0.1 mariadb
Error: error creating container storage: the container name "icinga2_mysql_1" is already in use by "33e0715144a8278c521de416e476ca2992c6ac081ae04251261437a56778135e". You have to remove that container to be able to reuse that name.: that name is already in use
125
podman start -a icinga2_icinga2_1
podman start -a graphite
podman start -a icinga2_mysql_1
ERRO[0003] error starting some container dependencies   
ERRO[0003] "failed to expose ports via rootlessport: \"listen tcp 0.0.0.0:443: bind: permission denied\\n\"" 
Error: unable to start container e59c623a12e6da3af91e38b26c49132b436b68fbab54490ea7ce12a63716760a: error starting some containers: internal libpod error
125
ERRO[0005] error starting some container dependencies   
ERRO[0005] "failed to expose ports via rootlessport: \"listen tcp 0.0.0.0:443: bind: permission denied\\n\"" 
Error: unable to start container d4581ec46730f297b0f683eb33dce5498440166e21ac1124bd243ff7376e430c: error starting some containers: internal libpod error
125
ERRO[0007] error starting some container dependencies   
ERRO[0007] "failed to expose ports via rootlessport: \"listen tcp 0.0.0.0:443: bind: permission denied\\n\"" 
Error: unable to start container 33e0715144a8278c521de416e476ca2992c6ac081ae04251261437a56778135e: error starting some containers: internal libpod error
125

However it can be seen in the docker-compose.yml file that there is not such port open to the host? Where does this error come from?

[tapg24]

try this sysctl net.ipv4.ip_unprivileged_port_start=0

[rhatdan]

You probably want to keep that above port 22.

[jerdna-regeiz]

Wild guess: could be the expose line in the Dockerfile EXPOSE 80 443 5665