docker-compose with podman doesn't support port range

[wuboy0307]

Is this a BUG REPORT or FEATURE REQUEST? (leave only one on its own line)

/kind bug

Description

I try to migrate my old project with docker/docker-compose to podman/docker-compose. Everything works fine except the port range won't work.

I believe this bug is related to https://github.com/containers/podman/pull/12305 , which you already fix for EXPOSE, but not for ports.

Steps to reproduce the issue:

1. use the following docker-compose.yml

   
   version: '3.4'
   services:
   nginx:
   image: nginx:latest
   ports:
     - "${HTTPS_PORT:-4430-4439}:443"

2. docker-compose up -d

**Describe the results you received:**

Creating network "test_default" with the default driver Creating test_nginx_1 ... error ERROR: for test_nginx_1 Cannot create container for service nginx: make cli opts(): strconv.Atoi: parsing "4430-4439": invalid syntax

**Describe the results you expected:**

Creating network "test_default" with the default driver Creating test_nginx_1 ... Creating test_nginx_1 ... done

**Additional information you deem important (e.g. issue happens only occasionally):**

**Output of `podman version`:**

(paste your output here)

**Output of `podman info --debug`:**

Client: Podman Engine Version: 4.1.1 API Version: 4.1.1 Go Version: go1.18.1 Git Commit: 8f28725b09dad0151774a8fb84ce6cd064bb9d96 Built: Sun Jul 10 17:46:38 2022 OS/Arch: linux/amd64

**Package info (e.g. output of `rpm -q podman` or `apt list podman`):**

apt list podman Listing... 完成 podman/jammy,now 3.4.4+ds1-1ubuntu1 amd64 [residual-config]

**Have you tested with the latest version of Podman and have you checked the Podman Troubleshooting Guide? (https://github.com/containers/podman/blob/main/troubleshooting.md)**

Yes. I download the latest version from here https://github.com/containers/podman/issues/14065#issuecomment-1129268318
I also check the troubleshooting page, nothing is useful for the port range bug.

**Additional environment details (AWS, VirtualBox, physical, etc.):**

PRETTY_NAME="Ubuntu 22.04 LTS"
NAME="Ubuntu"
VERSION_ID="22.04"
VERSION="22.04 (Jammy Jellyfish)"
VERSION_CODENAME=jammy
ID=ubuntu
ID_LIKE=debian
HOME_URL="https://www.ubuntu.com/"
SUPPORT_URL="https://help.ubuntu.com/"
BUG_REPORT_URL="https://bugs.launchpad.net/ubuntu/"
PRIVACY_POLICY_URL="https://www.ubuntu.com/legal/terms-and-policies/privacy-policy"
UBUNTU_CODENAME=jammy

[Luap99]

The error message is confusing but you are not using the correct syntax. If you specify a range both sides must use a range with the same amount of ports. try: - "4430-4439:443-439"

[wuboy0307]

@Luap99 No, I didn't specify a range "both sides". I want it to be fixed port 443 in container side, but a random port between 4430 to 4439 in the host.

Please refer to the official document. https://docs.docker.com/compose/compose-file/compose-file-v3/#ports

The last example is:

"12400-12500:1240"

Which is exactly what I do in my example.

Further more, the example is running well on docker. I uninstalled docker and installed podman to run it. Then the issue happened.

[Luap99]

This doesn't specify what exactly happens with this syntax. Does it forward all ports from this range to the single one or does it pick one random from the given range?

[wuboy0307]

This doesn't specify what exactly happens with this syntax. Does it forward all ports from this range to the single one or does it pick one random from the given range?

It means the inside(container) port is fix at 443 for other containers to access, but random port from 4430 to 4439 for outside(host).

[wuboy0307]

Yes, it pick one random from the given range as host port (from 4430 to 4439), and map it to the container port(443). Here is the result of docker-compose ps

[hp01 test]$ docker-compose ps

    Name                  Command               State                       Ports
------------------------------------------------------------------------------------------------------
test_nginx_1   /docker-entrypoint.sh ngin ...   Up      0.0.0.0:4430->443/tcp,:::4430->443/tcp, 80/tcp

[Luap99]

OK, I see that this also works with docker run -p but the syntax is not documented here: https://docs.docker.com/config/containers/container-networking/#published-ports so we missed that.

So the first step would be to add support to podman run -p and then we can enable it in the compat api.

[mheon]

I'll take this

[jansu76]

Any progress with this? It is preventing me from running multiple replicas on a docker-compose stack: https://stackoverflow.com/questions/73773262/using-podman-with-docker-compose-how-to-get-multiple-replicas-of-a-service

(or, is there any workaround to this issue)

[github-actions[bot]]

A friendly reminder that this issue had no activity for 30 days.

[rhatdan]

@mheon What is going on here?

[mheon]

No time to work on it. Waiting for a bug week. If anyone else wants this in the meantime, they can take it.

[SamantazFox]

This doesn't specify what exactly happens with this syntax. Does it forward all ports from this range to the single one or does it pick one random from the given range?

It means the inside(container) port is fix at 443 for other containers to access, but random port from 4430 to 4439 for outside(host).

In addition, it's worth mentioning that when using replicas, each service get the first open port(s) in the range. For instance, using the following compose snippet:

version: "3"
services:

  invidious:
    image: quay.io/invidious/invidious:latest
    restart: unless-stopped
    deploy:
      mode: replicated
      replicas: 7
      endpoint_mode: vip
    ports:
      - "127.0.0.1:3000-3006:3000"

The first invidious container gets mapped to 127.0.0.1:3000, the second to 127.0.0.1:3001 and so on.

[meleschi]

I've also run into this issue attempting to run multiple syslog containers mapped to 514/udp in the container:

$]  /usr/bin/podman pod create --name=syslog-pod -p="1514-1523:514/udp"
Error: host and container port ranges have different lengths: 10 vs 1

My goal is to spin up 10 containers in the Pod, and have them randomly be assigned a host port between 1514-1523, then mapped to 514/udp in the container itself.

Is there any way to do this with a pod currently?

[DominicLavery]

Thanks for the feedback on the dupe ticket @Luap99. I see there isn't a simple fix, but I've got some time to be able to work on this issue. Is there a preferred method to fix it?