search

hardillb / nginx-proxy-avahi-helper

A container to generate matching mDNS CNAMEs for the virtual hosts used by jwilder/nginx-proxy
https://www.hardill.me.uk/wordpress/2020/09/22/nginx-proxy-avahi-helper/
Apache License 2.0
16 stars 2 forks source link

Can't find host #4

Closed twastvedt closed 2 years ago

twastvedt commented 2 years ago

Hi! Thanks for putting this together. I have everything running, but can't ping or otherwise resolve the hosts from other machines. I'm very new to mdns, so I'm not sure what to look for or how to interpret what I have found.

avahi-helper log:

dockergen.1 | 2022/04/03 16:52:54 Received event die for container 94a004be6d7e
dockergen.1 | 2022/04/03 16:52:55 Received event stop for container 94a004be6d7e
dockergen.1 | 2022/04/03 16:52:55 Generated 'cnames' from 7 containers
dockergen.1 | 2022/04/03 16:52:55 Running '/usr/src/app/restart.sh'
cname.1    | INFO: Exiting on SIGTERM...
dockergen.1 | 2022/04/03 16:52:55 Contents of cnames did not change. Skipping notification '/usr/src/app/restart.sh'
forego     | starting cname.1 on port 5200
forego     | sending SIGTERM to dockergen.1
forego     | sending SIGTERM to cname.1
dockergen.1 | 2022/04/03 16:52:56 Received signal: terminated

Let's say one of those virtual hosts is test.local.

$ hostname
pi
$ avahi-resolve -n pi.local
pi.local     172.23.0.1
$ avahi-resolve -nv6 pi.local
Server version: avahi 0.7; Host name: pi.local
pi.local     fe80::c401:bdff:fe96:af0f
$ avahi-resolve -n test.local
pi.local     fe80::c401:bdff:fe96:af0f
$ avahi-resolve -n4 test.local
Failed to resolve host name 'test.local': Timeout reached

Note that the hostname and the virtual host resolve to the same v6 ip address, but the virtual host fails to resolve a v4 version. Not sure if that's significant or an issue.

On another machine:

$ ping test.local
Ping request could not find host test.local. Please check the name and try again.

$ ping pi.local

Pinging pi [192.168.68.64] with 32 bytes of data:
Reply from 192.168.68.64: bytes=32 time=5ms TTL=64
...

Where should I go from here? Thanks!

techiebod commented 2 years ago

Had the same issue, after much head scratching I read the other issue here and saw the link to https://github.com/edgexfoundry-holding/device-bluetooth-c/issues/4 -- long answer very short, the issue is that writing to the dbus socket requires escalated privileges, so "privileged: true" is needed (that's in the docker-compose format, I'm assuming you can transpose to your way of running it). Or at least that worked for me :)

Must be said this repo is way out of date, and rebuilding it is hard (for a docker noob like me at least) due to obsolete dependancies

twastvedt commented 2 years ago

@techiebod Thanks for the tip! I did that, and now the container output looks much more promising. However, the results to the test commands above (avahi-resolve and ping) have the same output. Even though this container reports success, I am not able to resolve the cnames from other machines on the network. Any other thoughts? You said it's working for you, so after starting this container, you can successfully ping (or visit) the urls in the VIRTUAL_HOST environment variable values on your other containers? Thanks!

techiebod commented 2 years ago

Yep, all works for me, with the following docker-compose config:

avahi-proxy:
    container_name: avahi-proxy
    image: hardillb/nginx-proxy-avahi-helper
    privileged: true
    volumes:
      - /var/run/docker.sock:/tmp/docker.sock:ro
      - /run/dbus/system_bus_socket:/run/dbus/system_bus_socket:rw
    restart: always

And then a container setup like this (some lines removed for brevity):

homer:
    image: b4bz/homer
    environment:
      - VIRTUAL_HOST=blackbox.local
      - VIRTUAL_PORT=8080
    ports:
      - 8080:8080

So with the above on another machine (i.e. not the host or container) I can ping blackbox.local for example.

To test your local Avahi setup you can do the same from the commandline with: avahi-publish -a -R blah.local <host-ip>

Which whilst it runs, should allow you to ping blah.local from another machine.

Or if you prefer (on a mac) run: dns-sd -G v4 blah.local

HTH

twastvedt commented 2 years ago

Thanks for the confirmation. It's keeping me going, knowing that you're getting it to work! My config now looks like yours (I have several containers I want to host, so they're all on different ports, but otherwise looks the same), and it's still not resolving. avahi-publish works (while running I can ping from another machine). But nothing that avahi-proxy "sets up" seems to be working. Do you know of any way to debug/check on what it's set up, other than pinging? Thanks again.

techiebod commented 2 years ago

If you exec into the avahi-proxy (or whatever you've called it) with: docker exec -it avahi-proxy bash

Can you see your entries in the cnames file? Mine has all the entries I have active

How this seems to work is that it scans for docker events to add them to here, and then uses another process which is a bit of python to write them onto the dbus for avahi (if I've understood correctly, and I reserve the right to have completely misunderstood! 😄 ).

hardillb commented 2 years ago

@twastvedt can you show an example of the names you are trying.

You may need to modify the settings on clients doing looks if they are more than 2 levels deep. e.g. foo.local is 2, www.foo.local is 3.

twastvedt commented 2 years ago

Thanks for the further suggestions. Everything checks out though.

Can you see your entries in the cnames file? Mine has all the entries I have active

@twastvedt can you show an example of the names you are trying.

Yes. the cnames file has a list of all 6 of the containers with VIRTUAL_HOST set:

esphome.local
home.local
infinitude.local
node-red.local
portainer.local
zwave.local
techiebod commented 2 years ago

@twastvedt dunno if you've sorted this yet, or given up! ;)

But if you want to debug this further, given that you can see avahi-proxy is seeing the changes made in docker-land, the next bit is to work out if avahi is seeing them, a killall -USR1 avahi-daemon will get avahi to dump it's "zone" info into syslog, and then you can see if they appear. Which then at least let's you see if avahi is getting the messages or not

twastvedt commented 2 years ago

@techiebod Not sorted. I'm out of my depth here, but I'd still love to get this working and still very much appreciate your help.

I did as you suggest. Initially Avahi's cache dump in syslog did not include any of the cnames from avahi-proxy. I don't believe I actually changed anything, but after some fiddling I restarted the machine and now the cnames show up in the syslog!

(Raspberry Pi's name in the below is "katie")

Jun  7 21:01:26 katie avahi-daemon[693]: Got SIGUSR1, dumping record data.
Jun  7 21:01:26 katie avahi-daemon[693]: ;;; ZONE DUMP FOLLOWS ;;;
Jun  7 21:01:26 katie avahi-daemon[693]: zwave.local#011IN#011CNAME katie.local ; ttl=30 ; iface=-1 proto=-1
Jun  7 21:01:26 katie avahi-daemon[693]: portainer.local#011IN#011CNAME katie.local ; ttl=30 ; iface=-1 proto=-1
Jun  7 21:01:26 katie avahi-daemon[693]: node-red.local#011IN#011CNAME katie.local ; ttl=30 ; iface=-1 proto=-1
Jun  7 21:01:26 katie avahi-daemon[693]: infinitude.local#011IN#011CNAME katie.local ; ttl=30 ; iface=-1 proto=-1
Jun  7 21:01:26 katie avahi-daemon[693]: home.local#011IN#011CNAME katie.local ; ttl=30 ; iface=-1 proto=-1
Jun  7 21:01:26 katie avahi-daemon[693]: esphome.local#011IN#011CNAME katie.local ; ttl=30 ; iface=-1 proto=-1
Jun  7 21:01:26 katie avahi-daemon[693]: _services._dns-sd._udp.local#011IN#011PTR _smb._tcp.local ; ttl=4500 ; iface=-1 proto=-1
Jun  7 21:01:26 katie avahi-daemon[693]: KATIE._smb._tcp.local#011IN#011TXT  ; ttl=4500 ; iface=-1 proto=-1
Jun  7 21:01:26 katie avahi-daemon[693]: KATIE._smb._tcp.local#011IN#011SRV 0 0 445 katie.local ; ttl=120 ; iface=-1 proto=-1
Jun  7 21:01:26 katie avahi-daemon[693]: _smb._tcp.local#011IN#011PTR KATIE._smb._tcp.local ; ttl=4500 ; iface=-1 proto=-1
Jun  7 21:01:26 katie avahi-daemon[693]: 7.a.9.6.e.7.7.9.f.5.1.0.1.e.f.5.0.0.0.0.0.0.0.0.0.0.0.0.0.8.e.f.ip6.arpa#011IN#011PTR katie.local ; ttl=120 ; iface=2 proto=-1
Jun  7 21:01:26 katie avahi-daemon[693]: katie.local#011IN#011AAAA fe80::5fe1:15f:977e:69a7 ; ttl=120 ; iface=2 proto=-1
Jun  7 21:01:26 katie avahi-daemon[693]: 64.68.168.192.in-addr.arpa#011IN#011PTR katie.local ; ttl=120 ; iface=2 proto=-1
Jun  7 21:01:26 katie avahi-daemon[693]: katie.local#011IN#011A 192.168.68.64 ; ttl=120 ; iface=2 proto=-1
Jun  7 21:01:26 katie avahi-daemon[693]: ;;; INTERFACE eth0.IPv6 ;;;
Jun  7 21:01:26 katie avahi-daemon[693]: ;;; CACHE DUMP FOLLOWS ;;;
Jun  7 21:01:26 katie avahi-daemon[693]: katie.local#011IN#011AAAA fe80::5fe1:15f:977e:69a7 ; ttl=120
Jun  7 21:01:26 katie avahi-daemon[693]: katie.local#011IN#011A 192.168.68.64 ; ttl=120
Jun  7 21:01:26 katie avahi-daemon[693]: _services._dns-sd._udp.local#011IN#011PTR _smb._tcp.local ; ttl=4500
Jun  7 21:01:26 katie avahi-daemon[693]: _smb._tcp.local#011IN#011PTR KATIE._smb._tcp.local ; ttl=4500
Jun  7 21:01:26 katie avahi-daemon[693]: KATIE._smb._tcp.local#011IN#011TXT  ; ttl=4500
Jun  7 21:01:26 katie avahi-daemon[693]: ;;; INTERFACE eth0.IPv4 ;;;
Jun  7 21:01:26 katie avahi-daemon[693]: ;;; CACHE DUMP FOLLOWS ;;;
Jun  7 21:01:26 katie avahi-daemon[693]: katie.local#011IN#011AAAA fe80::5fe1:15f:977e:69a7 ; ttl=120
Jun  7 21:01:26 katie avahi-daemon[693]: katie.local#011IN#011A 192.168.68.64 ; ttl=120
Jun  7 21:01:26 katie avahi-daemon[693]: #011CLASS1440#011TYPE41 \# 18 00 04 00 0E 00 00 66 E0 03 88 0A 9D D8 14 DF 51 04 67 ; ttl=4500
Jun  7 21:01:26 katie avahi-daemon[693]: _services._dns-sd._udp.local#011IN#011PTR _smb._tcp.local ; ttl=4500
Jun  7 21:01:26 katie avahi-daemon[693]: _smb._tcp.local#011IN#011PTR KATIE._smb._tcp.local ; ttl=4500
Jun  7 21:01:26 katie avahi-daemon[693]: KATIE._smb._tcp.local#011IN#011TXT  ; ttl=4500
Jun  7 21:01:26 katie avahi-daemon[693]: ;; WIDE AREA CACHE ;;;

Ping still doesn't work though. Is this what the cname lines in syslog should look like?

techiebod commented 2 years ago

So that looks good now. Where are you pinging from? Can it ping katie.local? If it can ping katie.local based on that info you should be able to ping zwave.local for example. But this shows that the info has been passed through from docker, and out to avahi, to the proxy is doing it's job :)

twastvedt commented 2 years ago

Weird. Pinging from my Windows laptop, which is on the same network:

$ ping katie.local

Pinging katie.local [fe80::5fe1:15f:977e:69a7%2] with 32 bytes of data:
Reply from fe80::5fe1:15f:977e:69a7%2: time=5ms
Reply from fe80::5fe1:15f:977e:69a7%2: time=2ms
Reply from fe80::5fe1:15f:977e:69a7%2: time=3ms
Reply from fe80::5fe1:15f:977e:69a7%2: time=2ms

Ping statistics for fe80::5fe1:15f:977e:69a7%2:
    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 2ms, Maximum = 5ms, Average = 3ms

$ ping zwave.local
Ping request could not find host zwave.local. Please check the name and try again.

As you say, I guess this is no longer an issue with this project, though now I'm not sure where the issue is!