search

wolph / wollen-socks

Simple OpenVPN client Socks proxy server combination which supports both Surfshark and NordVPN currently
GNU General Public License v2.0
6 stars 2 forks source link

Healthcheck is broken #2

Closed Alfagun74 closed 3 years ago

Alfagun74 commented 3 years ago

The container says it is unhealthy nonstop.

wolph commented 3 years ago

I'm running it through Kubernetes and it's working perfect for me. But I haven't extensively tried it using a regular Docker install. How are you running it?

Alfagun74 commented 3 years ago

I just used the Docker CLI to deploy it on Linux. It was constantly reporting ill. But to be honest, your answer came so late, that i just forked your project, removed the broken healthcheck, and put it in my private registry. And now it's running fine.

wolph commented 3 years ago

I've done a bit of checking and as far as I can see the healtcheck is working... but the script is somewhat reliant on the kubernetes cluster I'm running.

The main example of this (and probably the cause of both of your issues) is that I currently expect your main interface to be eth0: https://github.com/WoLpH/wollen-socks/blob/master/sockd.conf

Right now there's no easy way around that. I could dynamically generate the config file on boot based on environment settings but that's not the cleanest solution either.

MatthewUpdike commented 3 years ago

I can confirm too that the healthcheck is not working as it's supposed to. .State.Health says:

{
    "FailingStreak": 22,
    "Log": [
        {
            "End": "2021-01-28T20:52:58.378562047Z",
            "ExitCode": 2,
            "Output": "[WARN  tini (933)] Tini is not running as PID 1 and isn't registered as a child subreaper.\nZombie processes will not be re-parented to Tini, so zombie reaping won't work.\nTo fix the problem, use the -s option or set the environment variable TINI_SUBREAPER to register Tini as a child subreaper, or run Tini as PID 1.\nUnable to get ip, base ip: 123.45.67.89\n",
            "Start": "2021-01-28T20:52:57.908299975Z"
        },
     ...
    ],
    "Status": "unhealthy"
}

Setting the variable --env TINI_SUBREAPER= or /sbin/tini -s -- /scripts/health.sh removes the warning Also, when running the container the function get_ip() sometimes returns an empty string. .State.Health:

{
    "FailingStreak": 5,
    "Log": [
        {
            "End": "2021-01-28T21:54:31.504691575Z",
            "ExitCode": 2,
            "Output": "Unable to get ip, base ip: 123.45.67.89\n",
            "Start": "2021-01-28T21:54:30.920222491Z"
        },
       ...
    ],
    "Status": "unhealthy"
}

Everything else works perfectly fine

wolph commented 3 years ago

That indeed looks broken. I'm using the same script without any issues from kubernetes, but that runs it somewhat differently so I'm not that surprised it doesn't work.

Last time I tested using docker was before I added tini so I'm guessing that's not helping.

With regards to the empty string, that's probably due to one of the IP check sites not being available. I've personally created a private IP check so I can be certain it's available.

While I do plan on fixing both of the issues you've reported, my time is very limited right now so it could take a few months (I've got a pretty sizeable backlog of issues on my other repositories as well)

wolph commented 3 years ago

I've fixed the healtcheck and I've been testing it for a while. You should be able to use it without any changes for docker as well :)