Erisa/cloudflared-docker

(!) Cannot upgrade to 2023.2.2 or higher

Closed this issue · 3 comments

Erisa commented

Routine upgrade to 2023.2.2 is failing the hello world test, appears to be independent of Go version.

@Erisa ➜ /workspaces/cloudflared-docker (main) $ cat Dockerfile | grep VERSION=
ARG GOVERSION=1.19.6
ARG ALPINEVERSION=3.17
ARG VERSION=2023.2.2
@Erisa ➜ /workspaces/cloudflared-docker (main) $ docker build -t test . 
[+] Building 39.4s (7/10)                               
 => [internal] load build definition from Dockerf  0.2s
 => => transferring dockerfile: 747B               0.0s
 => [internal] load .dockerignore                  0.2s
 => => transferring context: 2B                    0.0s
 => [internal] load metadata for docker.io/librar  1.1s
 => [build 1/5] FROM docker.io/library/golang:1.1  9.0s
[+] Building 39.6s (7/10)                               
 => => sha256:31c62d91ada60d52cd2 1.65kB / 1.65kB  0.0s
 => => sha256:f2e0acaf7c628cd819b 1.16kB / 1.16kB  0.0s
 => => sha256:04c13dd25b45aee7195 5.11kB / 5.11kB  0.0s
 => => sha256:63b65145d645c1250c3 3.37MB / 3.37MB  0.2s
 => => sha256:f790f4c5274f100 122.36MB / 122.36MB  1.4s
 => => sha256:a2d21d5440ebff5 284.82kB / 284.82kB  0.4s
[+] Building 82.6s (11/11) FINISHED                     
 => [internal] load build definition from Dockerf  0.2s
 => => transferring dockerfile: 747B               0.0s
 => [internal] load .dockerignore                  0.2s
 => => transferring context: 2B                    0.0s
 => [internal] load metadata for docker.io/librar  1.1s
 => [build 1/5] FROM docker.io/library/golang:1.1  9.0s
 => => resolve docker.io/library/golang:1.19.6-al  0.1s 
 => => sha256:31c62d91ada60d52cd2 1.65kB / 1.65kB  0.0s 
 => => sha256:f2e0acaf7c628cd819b 1.16kB / 1.16kB  0.0s 
 => => sha256:04c13dd25b45aee7195 5.11kB / 5.11kB  0.0s 
 => => sha256:63b65145d645c1250c3 3.37MB / 3.37MB  0.2s 
 => => sha256:f790f4c5274f100 122.36MB / 122.36MB  1.4s 
 => => sha256:a2d21d5440ebff5 284.82kB / 284.82kB  0.4s 
 => => extracting sha256:63b65145d645c1250c391b2d  0.3s
 => => sha256:c7bf170fd9e6726c86c0d4b 155B / 155B  0.5s 
 => => extracting sha256:a2d21d5440ebff5aaaaeb115  0.1s 
 => => extracting sha256:f790f4c5274f100158d4c23b  4.9s 
 => => extracting sha256:c7bf170fd9e6726c86c0d4b4  0.0s 
 => [build 2/5] WORKDIR /src                       0.3s 
 => [build 3/5] RUN apk --no-cache add git build-  4.1s 
 => [build 4/5] RUN git clone https://github.com/  3.5s 
 => [build 5/5] RUN GOOS=linux GOARCH=amd64 make  61.8s
 => [stage-1 1/3] COPY --from=build /src/cloudfla  0.3s
 => [stage-1 2/3] COPY --from=build /etc/ssl/cert  0.4s
 => exporting to image                             1.0s
 => => exporting layers                            1.0s
 => => writing image sha256:3c4d9cac3d90b6681564a  0.0s
 => => naming to docker.io/library/test            0.0s
@Erisa ➜ /workspaces/cloudflared-docker (main) $ docker run test --hello-world  
2023-03-01T00:42:41Z INF Thank you for trying Cloudflare Tunnel. Doing so, without a Cloudflare account, is a quick way to experiment and try it out. However, be aware that these account-less Tunnels have no uptime guarantee. If you intend to use Tunnels in production you should use a pre-created named tunnel by following: https://developers.cloudflare.com/cloudflare-one/connections/connect-apps
2023-03-01T00:42:41Z INF Requesting new quick Tunnel on trycloudflare.com...
2023-03-01T00:42:43Z INF +--------------------------------------------------------------------------------------------+
2023-03-01T00:42:43Z INF |  Your quick Tunnel has been created! Visit it at (it may take some time to be reachable):  |
2023-03-01T00:42:43Z INF |  https://rocks-forgot-periodically-bass.trycloudflare.com                                  |
2023-03-01T00:42:43Z INF +--------------------------------------------------------------------------------------------+
2023-03-01T00:42:43Z INF Cannot determine default configuration path. No file [config.yml config.yaml] in [~/.cloudflared ~/.cloudflare-warp ~/cloudflare-warp /etc/cloudflared /usr/local/etc/cloudflared]
2023-03-01T00:42:43Z INF Version 2023.2.2
2023-03-01T00:42:43Z INF GOOS: linux, GOVersion: go1.19.6, GoArch: amd64
2023-03-01T00:42:43Z INF Settings: map[hello-world:true no-autoupdate:true protocol:quic]
2023-03-01T00:42:43Z INF Environmental variables map[TUNNEL_ORIGIN_CERT:/etc/cloudflared/cert.pem]
2023-03-01T00:42:43Z INF Generated Connector ID: b7f74f4c-0845-4863-b6de-4d17f41419f3
2023-03-01T00:42:43Z INF Initial protocol quic
2023-03-01T00:42:43Z INF ICMP proxy will use 172.17.0.2 as source for IPv4
2023-03-01T00:42:43Z INF ICMP proxy will use :: as source for IPv6
2023-03-01T00:42:43Z INF Starting metrics server on 127.0.0.1:43563/metrics
2023/03/01 00:42:43 failed to sufficiently increase receive buffer size (was: 208 kiB, wanted: 2048 kiB, got: 416 kiB). See https://github.com/lucas-clemente/quic-go/wiki/UDP-Receive-Buffer-Size for details.
2023-03-01T00:42:44Z INF Connection 195ae8b8-6c29-46d1-a114-959079beda83 registered with protocol: quic connIndex=0 ip=198.41.200.43 location=MAN
2023-03-01T00:42:44Z INF Connection 8e706b68-d4cd-47df-ac8f-155e43247a7f registered with protocol: quic connIndex=1 ip=198.41.192.67 location=AMS
2023-03-01T00:42:45Z INF Connection cf2a5517-05a9-4945-8e9f-d2c296dc9d7a registered with protocol: quic connIndex=2 ip=198.41.200.63 location=MAN
2023-03-01T00:42:47Z INF Connection 4bbe56ad-be17-4c01-9969-0c3bae72960e registered with protocol: quic connIndex=3 ip=198.41.192.7 location=AMS
panic: runtime error: index out of range [-1]

goroutine 227 [running]:
github.com/cloudflare/cloudflared/ingress.Ingress.FindMatchingRule({{0x0, 0x0, 0x0}, {{0x0}, {0x0}, {0x0}, 0x0, {0x0}, 0x0, {0x0, ...}, ...}}, ...)
        /src/ingress/ingress.go:51 +0xef
github.com/cloudflare/cloudflared/proxy.(*Proxy).ProxyHTTP(0xc0003a1440, {0x13d0d38?, 0xc0008e7590}, 0xc0007e1890, 0xb0?)
        /src/proxy/proxy.go:96 +0x465
github.com/cloudflare/cloudflared/connection.(*QUICConnection).dispatchRequest(0xc0001c1ab0, {0x13d36b8, 0xc0008ec4c0}, 0xc0008e74b0, {0x10?, 0xc00023bc00?}, 0xc0008f0d20)
        /src/connection/quic.go:268 +0x263
github.com/cloudflare/cloudflared/connection.(*QUICConnection).handleDataStream(0xc0001c1ab0, {0x13d36b8, 0xc0008ec4c0}, 0xc00023bc00?)
        /src/connection/quic.go:235 +0x79
github.com/cloudflare/cloudflared/connection.(*QUICConnection).handleStream(0xc0005d4d01?, {0x13d36b8, 0xc0008ec4c0}, {0x13d0d68?, 0xc0007e1800})
        /src/connection/quic.go:217 +0x175
github.com/cloudflare/cloudflared/connection.(*QUICConnection).runStream(0xc0001c1ab0, {0x7f75cbb1d178, 0xc000456b40})
        /src/connection/quic.go:197 +0x128
created by github.com/cloudflare/cloudflared/connection.(*QUICConnection).acceptStream
        /src/connection/quic.go:183 +0x88
@Erisa ➜ /workspaces/cloudflared-docker (main) $
Erisa commented

Unfortunately the same with 2023.3.0

erisa@ubuntu:~/cloudflared-docker$ cat Dockerfile | grep VERSION=
ARG GOVERSION=1.19.4
ARG ALPINEVERSION=3.17
ARG VERSION=2023.3.0
erisa@ubuntu:~/cloudflared-docker$ docker build -t test .
[+] Building 21.2s (11/11) FINISHED
 => [internal] load .dockerignore                                                                                         0.0s
 => => transferring context: 2B                                                                                           0.0s
 => [internal] load build definition from Dockerfile                                                                      0.0s
 => => transferring dockerfile: 744B                                                                                      0.0s
 => [internal] load metadata for docker.io/library/golang:1.19.4-alpine3.17                                               0.7s
 => [build 1/5] FROM docker.io/library/golang:1.19.4-alpine3.17@sha256:86d32cc0dfc04757fd8aeebb86308e6d1e3de60c73cb59e0f  0.0s
 => CACHED [build 2/5] WORKDIR /src                                                                                       0.0s
 => CACHED [build 3/5] RUN apk --no-cache add git build-base                                                              0.0s
 => [build 4/5] RUN git clone https://github.com/cloudflare/cloudflared --depth=1 --branch 2023.3.0 .                     3.2s
 => [build 5/5] RUN GOOS=linux GOARCH=amd64 make cloudflared                                                             16.9s
 => [stage-1 1/3] COPY --from=build /src/cloudflared .                                                                    0.1s
 => [stage-1 2/3] COPY --from=build /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/                                    0.1s
 => exporting to image                                                                                                    0.2s
 => => exporting layers                                                                                                   0.2s
 => => writing image sha256:a1cb6f2537f87129aa51fac7a5a622f1c0ab6c93e1837f1c9bb122831b84fce2                              0.0s
 => => naming to docker.io/library/test                                                                                   0.0s
erisa@ubuntu:~/cloudflared-docker$ docker run test --hello-world
2023-03-02T18:59:08Z INF Thank you for trying Cloudflare Tunnel. Doing so, without a Cloudflare account, is a quick way to experiment and try it out. However, be aware that these account-less Tunnels have no uptime guarantee. If you intend to use Tunnels in production you should use a pre-created named tunnel by following: https://developers.cloudflare.com/cloudflare-one/connections/connect-apps
2023-03-02T18:59:08Z INF Requesting new quick Tunnel on trycloudflare.com...
2023-03-02T18:59:10Z INF +--------------------------------------------------------------------------------------------+
2023-03-02T18:59:10Z INF |  Your quick Tunnel has been created! Visit it at (it may take some time to be reachable):  |
2023-03-02T18:59:10Z INF |  https://seminars-springfield-application-shoes.trycloudflare.com                          |
2023-03-02T18:59:10Z INF +--------------------------------------------------------------------------------------------+
2023-03-02T18:59:10Z INF Cannot determine default configuration path. No file [config.yml config.yaml] in [~/.cloudflared ~/.cloudflare-warp ~/cloudflare-warp /etc/cloudflared /usr/local/etc/cloudflared]
2023-03-02T18:59:10Z INF Version 2023.3.0
2023-03-02T18:59:10Z INF GOOS: linux, GOVersion: go1.19.4, GoArch: amd64
2023-03-02T18:59:10Z INF Settings: map[hello-world:true no-autoupdate:true protocol:quic]
2023-03-02T18:59:10Z INF Environmental variables map[TUNNEL_ORIGIN_CERT:/etc/cloudflared/cert.pem]
2023-03-02T18:59:10Z INF Generated Connector ID: 6adfae12-73df-42d3-a991-75158b81b9c3
2023-03-02T18:59:10Z INF Initial protocol quic
2023-03-02T18:59:10Z INF ICMP proxy will use 172.17.0.3 as source for IPv4
2023-03-02T18:59:10Z INF ICMP proxy will use :: as source for IPv6
2023-03-02T18:59:10Z INF Starting metrics server on 127.0.0.1:42483/metrics
2023/03/02 18:59:10 failed to sufficiently increase receive buffer size (was: 208 kiB, wanted: 2048 kiB, got: 416 kiB). See https://github.com/lucas-clemente/quic-go/wiki/UDP-Receive-Buffer-Size for details.
2023-03-02T18:59:11Z INF Connection db9e8b43-c0ea-4320-8546-b0723575f6c5 registered with protocol: quic connIndex=0 ip=198.41.192.37 location=FRA
2023-03-02T18:59:12Z INF Connection 50890600-9012-4a06-ac8d-009b62ecf09f registered with protocol: quic connIndex=1 ip=198.41.200.53 location=VIE
2023-03-02T18:59:13Z INF Connection c0d8da09-eb8e-494a-b7f7-367b86ccc45b registered with protocol: quic connIndex=2 ip=198.41.192.67 location=FRA
2023-03-02T18:59:14Z INF Connection 9f4633bd-25c5-4637-88e5-af94398a442c registered with protocol: quic connIndex=3 ip=198.41.200.63 location=VIE
panic: runtime error: index out of range [-1]

goroutine 197 [running]:
github.com/cloudflare/cloudflared/ingress.Ingress.FindMatchingRule({{0x0, 0x0, 0x0}, {{0x0}, {0x0}, {0x0}, 0x0, {0x0}, 0x0, {0x0, ...}, ...}}, ...)
        /src/ingress/ingress.go:51 +0xef
github.com/cloudflare/cloudflared/proxy.(*Proxy).ProxyHTTP(0xc00025c7e0, {0x13d04d8?, 0xc0004b3670}, 0xc00024af30, 0x30?)
        /src/proxy/proxy.go:96 +0x465
github.com/cloudflare/cloudflared/connection.(*QUICConnection).dispatchRequest(0xc0005defc0, {0x13d2e58, 0xc0001315c0}, 0xc0004b3530, {0x10?, 0xc000700000?}, 0xc000a65860)
        /src/connection/quic.go:269 +0x263
github.com/cloudflare/cloudflared/connection.(*QUICConnection).handleDataStream(0xc0005defc0, {0x13d2e58, 0xc0001315c0}, 0xc000700000?)
        /src/connection/quic.go:236 +0x79
github.com/cloudflare/cloudflared/connection.(*QUICConnection).handleStream(0xc00014d001?, {0x13d2e58, 0xc0001315c0}, {0x13d0508?, 0xc00024aea0})
        /src/connection/quic.go:218 +0x175
github.com/cloudflare/cloudflared/connection.(*QUICConnection).runStream(0xc0005defc0, {0x7f50de55fec8, 0xc000af6000})
        /src/connection/quic.go:198 +0x128
created by github.com/cloudflare/cloudflared/connection.(*QUICConnection).acceptStream
        /src/connection/quic.go:184 +0x88
erisa@ubuntu:~/cloudflared-docker$
Erisa commented

Update: It looks like I can reproduce with docker run cloudflare/cloudflared --hello-world
So will raise this as an issue with the main cloudflared repo