search

kylemanna / docker-openvpn

🔒 OpenVPN server in a Docker container complete with an EasyRSA PKI CA
https://hub.docker.com/r/kylemanna/openvpn/
MIT License
8.62k stars 2.37k forks source link

ERROR: Cannot start service openvpn: Address already in use #661

Closed mrahmadt closed 2 years ago

mrahmadt commented 2 years ago

Hello

I'm following the steps at https://github.com/kylemanna/docker-openvpn/blob/master/docs/docker-compose.md (using macvlan driver) but everytime I try below command I get this error "ERROR: Cannot start service openvpn: Address already in use"

# docker-compose run --rm openvpn easyrsa build-client-full $CLIENTNAME nopass
ERROR: Cannot start service openvpn: Address already in us

I can see openvpn container is up and running but I'm not sure what is this error about

# docker ps -a
CONTAINER ID   IMAGE                       COMMAND                  CREATED              STATUS          PORTS     NAMES
11121004f5e1   kylemanna/openvpn           "easyrsa build-clien…"   About a minute ago   Created                   smartgwmaster_openvpn_run_5
58620a1f6871   kylemanna/openvpn           "ovpn_getclient ahmad"   7 minutes ago        Created                   smartgwmaster_openvpn_run_4
42d91d8429f4   kylemanna/openvpn           "easyrsa build-clien…"   7 minutes ago        Created                   smartgwmaster_openvpn_run_3
eb24a158636d   kylemanna/openvpn           "easyrsa build-clien…"   12 minutes ago       Created                   smartgwmaster_openvpn_run_2
0b6dbb957fda   kylemanna/openvpn           "easyrsa build-clien…"   14 minutes ago       Created                   smartgwmaster_openvpn_run_1
b3eabdeb2daf   kylemanna/openvpn           "ovpn_run"               14 minutes ago       Up 14 minutes             openvpn
ea32e13a6bb6   smartgwmaster_sniproxyvpn   "/initser/start.sh"      6 weeks ago          Up 2 weeks                sniproxyvpn

        # docker exec -it openvpn bash
        bash-5.0# ps -ef
        PID   USER     TIME  COMMAND
            1 nobody    0:00 openvpn --config /etc/openvpn/openvpn.conf --client-config-dir /etc/openvpn/ccd --crl-verify /etc/openvpn/crl.pem
        24 root      0:00 bash
        31 root      0:00 ps -ef
        bash-5.0# ifconfig 
        eth0      Link encap:Ethernet  HWaddr 02:42:C0:A8:01:0B  
                inet addr:192.168.1.11  Bcast:192.168.1.255  Mask:255.255.255.0
                UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
                RX packets:148 errors:0 dropped:0 overruns:0 frame:0
                TX packets:3 errors:0 dropped:0 overruns:0 carrier:0
                collisions:0 txqueuelen:0 
                RX bytes:14822 (14.4 KiB)  TX bytes:598 (598.0 B)

        lo        Link encap:Local Loopback  
                inet addr:127.0.0.1  Mask:255.0.0.0
                UP LOOPBACK RUNNING  MTU:65536  Metric:1
                RX packets:0 errors:0 dropped:0 overruns:0 frame:0
                TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
                collisions:0 txqueuelen:1000 
                RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)

        tun0      Link encap:UNSPEC  HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00  
                inet addr:192.168.255.1  P-t-P:192.168.255.2  Mask:255.255.255.255
                UP POINTOPOINT RUNNING NOARP MULTICAST  MTU:1500  Metric:1
                RX packets:0 errors:0 dropped:0 overruns:0 frame:0
                TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
                collisions:0 txqueuelen:100 
                RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)

        bash-5.0# netstat -rn
        Kernel IP routing table
        Destination     Gateway         Genmask         Flags   MSS Window  irtt Iface
        0.0.0.0         192.168.1.1     0.0.0.0         UG        0 0          0 eth0
        192.168.1.0     0.0.0.0         255.255.255.0   U         0 0          0 eth0
        192.168.254.0   192.168.255.2   255.255.255.0   UG        0 0          0 tun0
        192.168.255.0   192.168.255.2   255.255.255.0   UG        0 0          0 tun0
        192.168.255.2   0.0.0.0         255.255.255.255 UH        0 0          0 tun0
        bash-5.0# ping google.com
        PING google.com (172.217.16.238): 56 data bytes
        64 bytes from 172.217.16.238: seq=0 ttl=115 time=83.591 ms
mrahmadt commented 2 years ago

I think I found the issue

As per the instruction, I have to start the openvpn container before generating the client certificate and this is was causing the problem

When I stopped openvpn and execute the command 

docker-compose run --rm openvpn easyrsa build-client-full $CLIENTNAME nopass

then run openvpn

docker-compose up -d openvpn

Everything was fine.