search

docker-library / cassandra

Docker Official Image packaging for Cassandra
Apache License 2.0
262 stars 281 forks source link

_ip_address bash function gets wrong IP on AWS ECS w/ awsvpc networking mode. #223

Closed LeifW closed 3 years ago

LeifW commented 3 years ago

It works fine when the networking mode for the container is set to "host" on AWS ECS, but when the networking mode is set to "awsvpc", the _ip_address function in the docker-entrypoint.sh script produces a 169.154.xxx.xxx address (which isn't externally addressable and doesn't work).

If I replace invocations of that _ip_address function with hostname -i, it works. I added echo lines for those two in the docker-entrypoint.sh and ran it on ECS w/ awsvpc networking mode: _ip_address: 169.254.172.8 hostname -i: 10.0.0.212

Here is the output of ip address from inside the container on ECS:

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
3: ecs-eth0@if18: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default 
    link/ether 0a:58:a9:fe:ac:08 brd ff:ff:ff:ff:ff:ff link-netnsid 0
    inet 169.254.172.8/22 scope global ecs-eth0
       valid_lft forever preferred_lft forever
17: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 9001 qdisc mq state UP group default qlen 1000
    link/ether 02:bf:84:b5:74:ab brd ff:ff:ff:ff:ff:ff
    inet 10.0.0.212/24 scope global eth0
       valid_lft forever preferred_lft foreve

Seems it would be simpler to just use hostname -i and get rid of that bash function?

yosifkit commented 3 years ago

I'd rather not use hostname -i since it is based on dns resolution of the hostname; even the man page recommends against using it. Unfortunately, --all-ip-addresses is going to have the same issue as the current ip address.

https://manpages.debian.org/buster/hostname/hostname.1.en.html#OPTIONS

       -i, --ip-address
              Display  the  network  address(es) of the host name. Note that this
              works only if the host name can be resolved. Avoid using  this  op‐
              tion; use hostname --all-ip-addresses instead.
       -I, --all-ip-addresses
              Display  all  network addresses of the host. This option enumerates
              all configured addresses on all network  interfaces.  The  loopback
              interface  and  IPv6  link-local addresses are omitted. Contrary to
              option -i, this option does not depend on name resolution.  Do  not
              make any assumptions about the order of the output.

I think it is valid for us to skip any link-local addresses (169.254.x.x).