search

containers / podman-compose

a script to run docker-compose.yml using podman
GNU General Public License v2.0
5.09k stars 483 forks source link

Not open ports with -d #146

Open cristianmenghi opened 4 years ago

cristianmenghi commented 4 years ago

Hi, using #podman-compose -f docker-compose.yml up -d stop binding ports to hosts, but if i run podman-compose -f docker-compose.yml -p influx-grafana up, without -d then works. This occurs after upgrade podman

Run as normal user on centos8.1 slirp4netns-0.4.3-23.2.el8.x86_64 runc-1.0.0-15.2.el8.x86_64 conmon-2.0.15-2.1.el8.x86_64 podman 1.8.2 BuildahVersion: 1.14.3

maztaim commented 4 years ago

I noticed this as well. I thought I had a work-around, but....I'll keep plugging at it. Let me know if there is more information that would help. Happy to test, try, whatnot.

fedora-release-workstation-32-1.noarch slirp4netns-1.0.0-1.fc32.x86_64 runc-1.0.0-144.dev.gite6555cc.fc32.x86_64 conmon-2.0.15-1.fc32.x86_64 podman-1.8.2-2.fc32.x86_64 buildah-1.14.8-1.fc32.x86_64 podman-compose-0.1.5-3.git20191107.fc32.noarch

muayyad-alsadi commented 4 years ago

I've tested this compose file on latest podman-compose devel branch on fedora 30

https://github.com/containers/podman-compose/tree/devel/tests/ports

and it seems working fine

$ cd tests/ports
$ ../../podman_compose.py up -d
$ netstat -tlnp | grep 8001
tcp6       0      0 :::8001                 :::*                    LISTEN      31849/containers-ro 
$ curl localhost:8001/index.txt
test1
maztaim commented 4 years ago

That works for me as well. Here is what I am working on: https://gist.github.com/maztaim/011bb52db53061aba61db0973e58da00

maztaim commented 4 years ago

The way I am able to reproduce is:

mkdir ~/keycloak
curl -sko ~/keycloak/keycloak.yml https://gist.githubusercontent.com/maztaim/011bb52db53061aba61db0973e58da00/raw/2b07f3aaa53b019a0b22dd50bdd8683d120288dd/keycloak.yml
cd ~/keycloak
podman-compose -f keycloak.yml up

See that it is working going to localhost:8080 ctrl-c the session.

podman-compose -f keycloak.yml down

Start it back up

podman-compose -f keycloak.yml up -d

I am unable to get to port 8080.

stop it and bring it back up without -d and all is working again.

muayyad-alsadi commented 4 years ago

I've pushed a change to make sure containers are started if they already exists.

I've tried your compose file, it seems working fine for me with "-d" for the first time but it won't work the second time (both with -d or without it)

maybe you the problem is that java of keycloak is not listening to that port maybe you need to pass some env variable, because it seems trying to init db again and abort

WFLYCTL0062: Composite operation failed and was rolled back. Steps that failed:
Step: step-9
Operation: /subsystem=datasources/jdbc-driver=postgresql:add(driver-name=postgresql, driver-module-name=org.postgresql.jdbc, driver-xa-datasource-class-name=org.postgresql.xa.PGXADataSource)
Failure: WFLYCTL0212: Duplicate resource [
    ("subsystem" => "datasources"),
    ("jdbc-driver" => "postgresql")
]
muayyad-alsadi commented 4 years ago

it seems that it's a bug in slirp4netns because inside the container 8080 is listening

[alsadi@alsadi-laptop keycloak]$ podman exec -u root -ti keycloak_keycloak_1 /bin/bash
[root@0329cddcccbf /]# cd /usr/local/bin
[root@0329cddcccbf bin]# curl -sSLO https://busybox.net/downloads/binaries/1.31.0-defconfig-multiarch-musl/busybox-x86_64
[root@0329cddcccbf bin]# chmod +x busybox-x86_64 
[root@0329cddcccbf bin]# ./busybox-x86_64 netstat -tlnp
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name    
tcp        0      0 10.0.2.100:54200        0.0.0.0:*               LISTEN      -
tcp        0      0 0.0.0.0:5432            0.0.0.0:*               LISTEN      -
tcp        0      0 0.0.0.0:8443            0.0.0.0:*               LISTEN      -
tcp        0      0 127.0.0.1:9990          0.0.0.0:*               LISTEN      -
tcp        0      0 0.0.0.0:8009            0.0.0.0:*               LISTEN      -
tcp        0      0 0.0.0.0:8080            0.0.0.0:*               LISTEN      -
tcp        0      0 :::5432                 :::*                    LISTEN      -
[root@0329cddcccbf bin]# curl -si localhost:8080 | head
HTTP/1.1 200 OK
Connection: keep-alive
Last-Modified: Thu, 30 Jan 2020 13:50:31 GMT
Content-Length: 1087
Content-Type: text/html
Accept-Ranges: bytes
Date: Sun, 19 Apr 2020 01:02:58 GMT

<!--
  ~ Copyright 2016 Red Hat, Inc. and/or its affiliates
muayyad-alsadi commented 4 years ago

it seems that using cntnet works fine

../../podman_compose.py -t cntnet up -d

which might indicate that it's a problem of either podman or slirp4netns

the difference here is that cntnet mode use

podman run --name=keycloak_infra ... -p 5432:5432 -p 8080:8080 k8s.gcr.io/pause:3.1

while the default mode use

podman pod create --name=keycloak --share net -p 5432:5432 -p 8080:8080

but now I can't reproduce the problem.

maztaim commented 4 years ago

I wasn't able to replicate with cntnet. If anything, it seemed to break things a little differently, it left a container running:

❯ podman-compose -f keycloak.yml down
podman stop -t=1 keycloak_db_1
ba2df30487be6f395f1c5e7a999647cf5bced19420ed5d614bcf8dc6963bb3e9
0
podman stop -t=1 keycloak_keycloak_1
8a3c0157cecb65c340f4f70968c7d19b5efc42b67719dd53dbc7aa6e0b62087e
0
podman rm keycloak_db_1
ba2df30487be6f395f1c5e7a999647cf5bced19420ed5d614bcf8dc6963bb3e9
0
podman rm keycloak_keycloak_1
8a3c0157cecb65c340f4f70968c7d19b5efc42b67719dd53dbc7aa6e0b62087e
0
podman pod rm keycloak
Error: no pod with name or ID keycloak found: no such pod
125
❯ podman ps -a
CONTAINER ID  IMAGE                 COMMAND  CREATED             STATUS                 PORTS                   NAMES
8399836f41e8  k8s.gcr.io/pause:3.1           About a minute ago  Up About a minute ago  0.0.0.0:5432->5432/tcp  keycloak_infra
❯ podman stop 8399
8399836f41e8b60a358196bac0b3ee7052a0c54d9cebacfde018a285f6aebeed

I am still able to start without -d and all functions as expected.

muayyad-alsadi commented 4 years ago

If you use -t cntnet in up, use it in down too.

podman pod ls podman ps -a

maztaim commented 4 years ago

That cleaned up the extra container. Thanks. I'm still baffled by why -d consistently doesn't work after the first attempt, yet without -d seems to just work. I appreciate you looking at it with me.

muayyad-alsadi commented 4 years ago

try doing up and logs in one line something like this (correct path if needed)

$ ../../podman_compose.py up -d; ../../podman_compose.py logs -f keycloak
maztaim commented 4 years ago

My version of podman-compose doesn't come with a logs argument. I'm going to pull from github and try.

maztaim commented 4 years ago

Even more inconsiently getting it to work both with and without -d. Here is the latest output that seems to work for -d:

❯ ../podman-compose/podman_compose.py -f keycloak.yml up -d; ../podman-compose/podman_compose.py -f keycloak.yml logs -f keycloak
using podman version: podman version 1.8.2
podman pod create --name=keycloak --share net -p 5432:5432 -p 8080:8080
c42c9e11be6900b0e49d514a168643c2ecfb3072b066e1f27a79917b902a5aa8
0
podman run --name=keycloak_db_1 -d --pod=keycloak --label io.podman.compose.config-hash=123 --label io.podman.compose.project=keycloak --label io.podman.compose.version=0.0.1 --label com.docker.compose.container-number=1 --label com.docker.compose.service=db -e POSTGRES_USER=keycloak -e POSTGRES_PASSWORD=My super secret. -e POSTGRES_DB=keycloak -v /home/taim/keycloak/./postgresql-data:/var/lib/postgresql/data:Z --add-host db:127.0.0.1 --add-host keycloak_db_1:127.0.0.1 --add-host keycloak:127.0.0.1 --add-host keycloak_keycloak_1:127.0.0.1 docker.io/library/postgres
bfff3c6559eec1a5deb7bcc01ca9ba1d85d7ecff9a5109cfa7733410656fe0a9
0
podman run --name=keycloak_keycloak_1 -d --pod=keycloak --label io.podman.compose.config-hash=123 --label io.podman.compose.project=keycloak --label io.podman.compose.version=0.0.1 --label com.docker.compose.container-number=1 --label com.docker.compose.service=keycloak -e KEYCLOAK_USER=admin -e KEYCLOAK_PASSWORD=Keycloak or bust. -e DB_VENDOR=postgres -e DB_ADDR=localhost:5432 -e DB_DATABSE=keycloak -e DB_USER=keycloak -e DB_PASSWORD=My super secret. --add-host db:127.0.0.1 --add-host keycloak_db_1:127.0.0.1 --add-host keycloak:127.0.0.1 --add-host keycloak_keycloak_1:127.0.0.1 quay.io/keycloak/keycloak
e2f3d517d15bfb8b9f88b338c3a110cb2ab0d4862b12284372d3862c1d3f9f51
0
using podman version: podman version 1.8.2
podman logs -f keycloak_keycloak_1
Added 'admin' to '/opt/jboss/keycloak/standalone/configuration/keycloak-add-user.json', restart server to load user
-b 0.0.0.0
=========================================================================

  Using PostgreSQL database

=========================================================================

17:41:29,427 INFO  [org.jboss.modules] (CLI command executor) JBoss Modules version 1.9.1.Final

The batch executed successfully
17:41:32,345 INFO  [org.jboss.as] (MSC service thread 1-3) WFLYSRV0050: Keycloak 9.0.3 (WildFly Core 10.0.3.Final) stopped in 42ms

The batch executed successfully
17:41:37,064 INFO  [org.jboss.as] (MSC service thread 1-3) WFLYSRV0050: Keycloak 9.0.3 (WildFly Core 10.0.3.Final) stopped in 13ms

  JBoss Bootstrap Environment

  JBOSS_HOME: /opt/jboss/keycloak

  JAVA: java

  JAVA_OPTS:  -server -Xms64m -Xmx512m -XX:MetaspaceSize=96M -XX:MaxMetaspaceSize=256m -Djava.net.preferIPv4Stack=true -Djboss.modules.system.pkgs=org.jboss.byteman -Djava.awt.headless=true  --add-exports=java.base/sun.nio.ch=ALL-UNNAMED --add-exports=jdk.unsupported/sun.misc=ALL-UNNAMED --add-exports=jdk.unsupported/sun.reflect=ALL-UNNAMED

=========================================================================

17:41:37,923 INFO  [org.jboss.modules] (main) JBoss Modules version 1.9.1.Final

    name: keycloak-default
    ...]