search

containers / podman

Podman: A tool for managing OCI containers and pods.
https://podman.io
Apache License 2.0
23.07k stars 2.35k forks source link

docker-compose: port inaccessibls when using depends on #11004

Closed hoshsadiq closed 3 years ago

hoshsadiq commented 3 years ago

Is this a BUG REPORT or FEATURE REQUEST? (leave only one on its own line)

/kind bug

Description

Steps to reproduce the issue:

  1. Use compose file below:

    
version: '3.7'

services:
 redis:
   image: docker.io/library/redis:latest
   ports:
   - 127.0.0.1:6379:6379
   networks:
   - main
 redis-ui:
   image: docker.io/rediscommander/redis-commander:latest
   restart: always
   environment:
   - REDIS_HOSTS=local:redis:6379
   depends_on:
   - redis
   networks:
   - main
   ports:
   - 127.0.0.1:8063:8081
networks:
 main:
  2. Run docker-compose up
  3. Run: 
    $ podman port -a
a2732e426084    8081/tcp -> 127.0.0.1:8063
e7d59257adb2    6379/tcp -> 127.0.0.1:6379

Describe the results you received:

I'm unable to connect to the port for the redis-ui service (it just hangs, with the browser eventually saying connection was reset).

Changing the port for redis-ui from 8063 to 8081 allows the service to be accessible again, however, it is accessible only on port 8063 still.

Anyway, it looks to me like it's the depends_on option that is the issue, as removing it fixes the issue.

$ podman port -a
a2732e426084    8081/tcp -> 127.0.0.1:8063
e7d59257adb2    6379/tcp -> 127.0.0.1:6379
$ time curl -I -X HEAD --connect-timeout 1 localhost:8063
^C
curl -I -X HEAD --connect-timeout 1 localhost:8063  0.01s user 0.00s system 0% cpu 11.233 total

Subsequently removing depends_on causes it to work normally:

$ sed -i -r -e '/^\s+depends_on/s/^/#/' -e '/^\s+\- redis$/s/^/#/' docker-compose.yml
$ docker-compose down && docker-compose up
$ curl -I -X HEAD localhost:8063
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
Content-Length: 30775
ETag: W/"7837-V4GNsKXVD7vhlyfwPIhEPqyy5Y0"
Date: Wed, 21 Jul 2021 07:08:08 GMT
Connection: keep-alive
Keep-Alive: timeout=5

Describe the results you expected:

Ports accessible with depends_on

Additional information you deem important (e.g. issue happens only occasionally):

Output of podman version:

Version:      3.2.3
API Version:  3.2.3
Go Version:   go1.14.7
Built:        Thu Jan  1 01:00:00 1970
OS/Arch:      linux/amd64

Output of podman info --debug:

host:
  arch: amd64
  buildahVersion: 1.21.3
  cgroupControllers: []
  cgroupManager: cgroupfs
  cgroupVersion: v1
  conmon:
    package: 'conmon: /usr/libexec/podman/conmon'
    path: /usr/libexec/podman/conmon
    version: 'conmon version 2.0.27, commit: '
  cpus: 8
  distribution:
    distribution: pop
    version: "21.04"
  eventLogger: journald
  hostname: pop-os
  idMappings:
    gidmap:
    - container_id: 0
      host_id: 1000
      size: 1
    - container_id: 1
      host_id: 100000
      size: 65536
    uidmap:
    - container_id: 0
      host_id: 1000
      size: 1
    - container_id: 1
      host_id: 100000
      size: 65536
  kernel: 5.11.0-7620-generic
  linkmode: dynamic
  memFree: 598298624
  memTotal: 16491663360
  ociRuntime:
    name: crun
    package: 'crun: /usr/bin/crun'
    path: /usr/bin/crun
    version: |-
      crun version 0.20.1.5-925d-dirty
      commit: 0d42f1109fd73548f44b01b3e84d04a279e99d2e
      spec: 1.0.0
      +SYSTEMD +SELINUX +APPARMOR +CAP +SECCOMP +EBPF +CRIU +YAJL
  os: linux
  remoteSocket:
    exists: true
    path: /run/user/1000/podman/podman.sock
  security:
    apparmorEnabled: false
    capabilities: CAP_CHOWN,CAP_DAC_OVERRIDE,CAP_FOWNER,CAP_FSETID,CAP_KILL,CAP_NET_BIND_SERVICE,CAP_SETFCAP,CAP_SETGID,CAP_SETPCAP,CAP_SETUID,CAP_SYS_CHROOT
    rootless: true
    seccompEnabled: true
    seccompProfilePath: /usr/share/containers/seccomp.json
    selinuxEnabled: false
  serviceIsRemote: false
  slirp4netns:
    executable: /usr/bin/slirp4netns
    package: 'slirp4netns: /usr/bin/slirp4netns'
    version: |-
      slirp4netns version 1.1.8
      commit: unknown
      libslirp: 4.3.1-git
      SLIRP_CONFIG_VERSION_MAX: 3
      libseccomp: 2.4.3
  swapFree: 606044160
  swapTotal: 4294434816
  uptime: 299h 10m 35.21s (Approximately 12.46 days)
registries:
  search:
  - docker.io
  - quay.io
store:
  configFile: /home/hosh/.config/containers/storage.conf
  containerStore:
    number: 12
    paused: 0
    running: 2
    stopped: 10
  graphDriverName: overlay
  graphOptions:
    overlay.mount_program:
      Executable: /usr/bin/fuse-overlayfs
      Package: 'fuse-overlayfs: /usr/bin/fuse-overlayfs'
      Version: |-
        fusermount3 version: 3.10.2
        fuse-overlayfs: version 1.5
        FUSE library version 3.10.2
        using FUSE kernel interface version 7.31
  graphRoot: /home/hosh/.local/share/containers/storage
  graphStatus:
    Backing Filesystem: extfs
    Native Overlay Diff: "false"
    Supports d_type: "true"
    Using metacopy: "false"
  imageStore:
    number: 42
  runRoot: /run/user/1000/containers
  volumePath: /home/hosh/.local/share/containers/storage/volumes
version:
  APIVersion: 3.2.3
  Built: 0
  BuiltTime: Thu Jan  1 01:00:00 1970
  GitCommit: ""
  GoVersion: go1.14.7
  OsArch: linux/amd64
  Version: 3.2.3

Package info (e.g. output of rpm -q podman or apt list podman):

Listing...
podman/unknown,now 100:3.2.3-1 amd64 [installed]
podman/unknown 100:3.2.3-1 arm64
podman/unknown 100:3.2.3-1 armhf
podman/unknown 100:3.2.3-1 s390x

Have you tested with the latest version of Podman and have you checked the Podman Troubleshooting Guide? (https://github.com/containers/podman/blob/master/troubleshooting.md)

Yes

Additional environment details (AWS, VirtualBox, physical, etc.): Physical

Luap99 commented 3 years ago

I take a look, are you running rootless or rootful?

hoshsadiq commented 3 years ago

I was running rootless.

Luap99 commented 3 years ago

Thanks for the issue @hoshsadiq. I finally figured out what is going on in https://github.com/containers/podman/issues/10052. This is basically the same problem. I am not sure if there is a short term fix but for now you could use static ips, e.g:

version: '3.7'

services:
  redis:
    image: docker.io/library/redis:latest
    ports:
    - 127.0.0.1:6379:6379
    networks:
      main:
        ipv4_address: 172.16.10.3
  redis-ui:
    image: docker.io/rediscommander/redis-commander:latest
    restart: always
    environment:
    - REDIS_HOSTS=local:redis:6379
    depends_on:
    - redis
    networks:
      main:
        ipv4_address: 172.16.10.4
    ports:
    - 127.0.0.1:8063:8081
networks:
  main:
    ipam:
      config:
        - subnet: 172.16.10.0/24
hoshsadiq commented 3 years ago

Thanks for the info, I'll use static IPs for now! Since this is already being tracked I'll close this one.