Open kkin1995 opened 6 months ago
jameswestendorf
commented
6 months ago I had the same issue. If you set the compose container_name property, be sure to go into the two supplied ini files and update the DNS names it's trying to use. If you don't set the container_name property, it can also randomly change the name which might cause it as well.
BrianT71
commented
1 month ago @jameswestendorf can you elaborate on setting the container_name property. I'm very new to docker so please use small words. I copied the parsedmarc.sample.ini to parsedmarc.ini. I did not change anything else in the configs.
When I run docker-compose images, I get the following:
Container Repository Tag Image Id Size
-------------------------------------------------------------------------------------------------------------------
dmarc-visualizer_elasticsearch_1 docker.elastic.co/elasticsearch/elasticsearch 7.17.5 11df7a62573d 609.6 MB
dmarc-visualizer_grafana_1 dmarc-visualizer_grafana latest b0e81f24b9bf 286.4 MB
dmarc-visualizer_parsedmarc_1 dmarc-visualizer_parsedmarc latest 7c2852e398d5 301.6 MB@BrianT71 If you don't use the 'container_name' property, docker will add random characters to the end like: dmarc-visualizer_elasticsearch_3d2345sd and every time you pull down new images, the name changes.
To fix that, in your docker compose file (if you are using that), this will set a name: For example, elastic search: container_name: dmarc-visualizer_elasticsearch_1
Then in the ini files, make sure the names match what you set.
Hope this makes sense?
BrianT71
commented
1 month ago Thanks. I updated the docker-compose.yml file to include the container name as follows:
version: '3.5'
services:
parsedmarc:
container_name: dmarc-visualizer_parsedmarc_1
build: ./parsedmarc/
volumes:
- ./files:/input:ro
- ./output_files:/output
command: parsedmarc -c /parsedmarc.ini /input/* --debug
depends_on:
- elasticsearch
restart: on-failure
elasticsearch:
container_name: dmarc-visualizer_elasticsearch_1
image: docker.elastic.co/elasticsearch/elasticsearch:7.17.5
environment:
- discovery.type=single-node
volumes:
- ./elastic_data:/usr/share/elasticsearch/data
grafana:
container_name: dmarc-visualizer_grafana_1
build: ./grafana/
ports:
- 3000:3000
user: root
environment:
GF_INSTALL_PLUGINS: grafana-piechart-panel,grafana-worldmap-panel
GF_AUTH_ANONYMOUS_ENABLED: 'true'The only ini file I see is in ./parsedmarc. I just copied the sample ini into parsedmarc.ini. You mentioned matching the container names but I don't see where this config is referencing containers. Also, are there other ini files needed for either elasticsearch or grafana? I don't see where any were creating as part of the install or build.
[general]
save_aggregate = True
save_forensic = True
output = /output/
[elasticsearch]
hosts = elasticsearch:9200
ssl = FalseThere might only be the single .ini to edit… I don’t have this running any more. 😊
In your config file snippet,
[elasticsearch] hosts = elasticsearch:9200
Change hosts= line to read: hosts = dmarc-visualizer_elasticsearch_1:9200
BrianT71
commented
1 month ago This error is fixed for me now. For anyone stumbling across this, I still see the connection error for a few cycles in the logs but it's appears to be a timing issue as all the pieces start up. After a few restart cycles, I parsedmarc shows as saving to elasticsearch.
Turns out I also had this issue which may have been the actual cause of my continuous restart. https://github.com/debricked/dmarc-visualizer/issues/53
The parsedmarc container is continuously throwing this exception and then restarting shortly afterwards.
Also, in the Grafana dashboard, the following error pop-up is being thrown in the top right corner: