mqtt-broker not starting

[ilyesm]

Hi there,

When using the CE images, the mqtt-broker container fails to start. It did so perfectly before, and suddenly after a system upgrade (apt-get upgrade), it does not start.

When running docker logs mqtt-broker, there is nothing output, and the container does not show on either docker network or is not reachable from another container in the network.

Any ideas? (We have tried restarting the server, deleting the network, deleting the image, to no avail)

Thanks!

[ilyesm]

Would a possible workaround be to manually add to the docker compose file a mosquito container from the official docker image?

[ilyesm]

Also, nothing is shown when doing docker compose up and going through the logs of all containers. This leads me to believe it is a problem when the container is starting, perhaps with the Dockerfile?

[bjoernricks]

Hey, I am not sure if I understand correctly what you have done? You must not upgrade the container image content via running apt upgrade by yourself. You always need to pull the new image. Also if the mqtt daemon is not running there should be some error output. Without the error output nobody will be able to help you.

[boomshadow]

I think what @ilyesm means is that they recently upgraded their host machine, and the greenbone stack no longer runs.

I nuked my entire docker locally and I'm starting completely from scratch. Following the official docs for running greenbone in docker-compose, I'm getting this error:

greenbone-network-scanner-redis-server-1         | rm: cannot remove '/run/redis/redis.sock': Permission denied

A work-around is to pull the Dockerfile and redis config down locally (https://github.com/greenbone/greenbone-container-images/tree/main/redis-server).

Then I commented out the USER directive: https://github.com/greenbone/greenbone-container-images/blob/main/redis-server/Dockerfile#L14

The stack is now running.

[bjoernricks]

@boomshadow completely different things mqtt-server and redis-server. @boomshadow in your case i really think you broke the permissions in the redis socket volume in some kind. Just do a docker volume rm greenbone-community-edition_redis_socket_vol and do a docker compose up afterwards.

[boomshadow]

I recognize its a different service. Apologies for highjacking this issue. I made the assumption that MQTT wasn't starting due to Redis not starting. I'll open a new issue.

[ilyesm]

@bjoernricks, I updated the rest of my host, not the docker images themselves. Regarding the mqtt-broker container, it does not start and does not output anything at all. The only output regarding the mqtt-broker is:

oversight-ospd-openvas-1 | OSPD[7] 2023-06-30 09:39:46,874: INFO: (ospd.main) Starting OSPd OpenVAS version 22.4.3.dev1. oversight-ospd-openvas-1 | OSPD[7] 2023-06-30 09:39:46,883: ERROR: (ospd_openvas.messaging.mqtt) Could not connect to MQTT broker, error was: [Errno -3] Temporary failure in name resolution. Unable to get results from Notus. oversight-gvmd-1 | md manage: INFO:2023-06-30 09h39.49 UTC:344: osp_scanner_feed_version: No feed version available yet. OSPd OpenVAS is still starting

[bjoernricks]

docker-compose -f $DOWNLOAD_DIR/docker-compose.yml -p greenbone-community-edition logs mqtt-broker doesn't show anything?

What about just starting the mqtt-broker with

docker-compose -f $DOWNLOAD_DIR/docker-compose.yml -p greenbone-community-edition stop
docker-compose -f $DOWNLOAD_DIR/docker-compose.yml -p greenbone-community-edition up mqtt-broker

[ilyesm]

Shows absolutely nothing, just goes down to a new line.

ilyas@scan:~$ docker logs oversight-mqtt-broker-1 -f ilyas@scan:~$ docker logs oversight-mqtt-broker-1

[ilyesm]

Starting mqtt-broker manually without detaching outputs:

ubuntu@scan:~/oversight$ docker compose up mqtt-broker [+] Building 0.0s (0/0) Attaching to oversight-mqtt-broker-1 Error response from daemon: driver failed programming external connectivity on endpoint oversight-mqtt-broker-1 (d37d927bd74b137b7997d3273d07b6983cb3208af82a1e37471fe734dd98c3d5): Error starting userland proxy: listen tcp4 0.0.0.0:1883: bind: address already in use

[ilyesm]

Understood what the problem was. In the same machine I had tried installing the CE from source, which installed mosquitto on the underlying system, and it was taking up port 1883. Uninstalled mosquitto from Ubuntu and now all works fine!

Container oversight-mqtt-broker-1 Started

Thanks everyone for the help!