Startup fails after migration

[jckoester]

I've just moved my ldap setup from one server to another by simply copying over all files (config, database in host directories, environment.yml and ssl certificates) and tried starting the container. This fails with the following error:

Check previous TLS certificates...
Hi! I'm ssl-helper, what button should i press ?
cfssl-helper is launched, everybody on the floor!
Files /container/run/service/slapd/assets/certs/fullchain.pem and /container/run/service/slapd/assets/certs/key.pem exists, fix files permissions
Start OpenLDAP...
Waiting for OpenLDAP to start...
595be0a3 @(#) $OpenLDAP: slapd  (Jan 16 2016 23:00:08) $
    root@chimera:/tmp/buildd/openldap-2.4.40+dfsg/debian/build/servers/slapd
595be0a3 daemon: bind(7) failed errno=99 (Cannot assign requested address)
595be0a3 slapd stopped.

Any ideas what could be going wrong here?

(A simple docker run oisixia/openldap works by the way)

[jckoester]

After some more try and error, I believe this is a problem of docker-compose. The following composition worked well in coreOS but doesn't in debian stretch.

version: '2'

services:
    # dummy nginx for tls certificate generation
    ldap_nginx_dummy:
        container_name: ldap_nginx_dummy
        image: nginx
        restart: always
        environment:
            VIRTUAL_HOST: "ldap2.domain.tld"
            LETSENCRYPT_HOST: "ldap2.domain.tld"
            LETSENCRYPT_EMAIL: "admin@cbjck.de"
        volumes:
            - /data/ldap/nginx_conf.d:/etc/nginx/conf.d:ro
        networks:
            - outside
    # ldap container
    ldap:
        container_name: ldap
        image: osixia/openldap
        build:
            context: ./src/docker-openldap/image
        restart: always
        hostname: ldap2.domain.tld
        domainname: domain.tld
        volumes:
            - ./database:/var/lib/ldap
            - ./config:/etc/ldap/slapd.d
            - /data/ssl/ldap2.domain.tld:/container/service/slapd/assets/certs
            - ./environment:/container/environment/01-custom
        networks:
            - inside
            - outside
        ports:
            - "389:389"
            - "636:636"
        command: "--loglevel trace --copy-service"

networks:
    inside:
    outside:
        external:
            name: proxy-tier

In deboian this keeps bootlooping. Running the docker command directly lwokrs perfectly well for me.

docker run --name ldap --hostname ldap2.domain.tld -p 389:389 -p 636:636 --net proxy-tier --volume /data/ldap/database:/var/lib/ldap --volume /data/ldap/config:/etc/ldap/slapd.d --volume /data/ssl/ldap2.domain.tld:/container/service/slapd/assets/certs --volume /data/ldap/environment:/container/environment/01-custom --rm dasmaeh/openldap --copy-service

I actually can't see the difference between the two.

[ChuckNg]

Unfortunately I met the same problem when i copied the config and database dir from a running docker-openldap node for replication. The replication operation is fine and runs well in test env but cannot start container in prod, it's so weird...

[aferreol]

Meet the same problem with a fresh install and the recent release of the image. (With mounted volumes) (Works well with 1.1.8 and docker-compose).

After that impossible to start something.

[jwpritchard]

I had a similar issue solved by removing the domainname parameter from the docker-compose.yml file