Rootless podman container health problem

Question

Rootless podman container health problem

Opened this issue 2 years ago · 4 comments

Hi, I running rootless podman with your container. Podman report me that the status is unhealthy.

podman create \
    --label io.containers.autoupdate=registry \
    --name speedtest \
    --net lab \
    --network-alias speedtest \
    ghcr.io/miguelndecarvalho/speedtest-exporter:latest

After some investigating it seems that when i don't publish port to my "host" network it fail connecting to localhost

podman exec -it speedtest sh
/app $ wget localhost:9798
Connecting to localhost:9798 ([::1]:9798)
wget: can't connect to remote host: Connection refused
/app $ wget http://127.0.0.1:9798
Connecting to 127.0.0.1:9798 (127.0.0.1:9798)
saving to 'index.html'
index.html           100% |*****************************************************************|    88  0:00:00 ETA
'index.html' saved

So maybe healthcheck should check 127.0.0.1 instead of localhost?
Publishing port is not necessary, to access speedtest-exporter on the same container network

Answer 1 · 2022-09-07T21:50:55.000Z

I have a similar problem, first example running the container inside a swarm cluster running in a Raspberry Pi, the second one in my local machine:

Healthcheck fails in Raspberry Pi, but works fine running outside them.

Answer 2 · 2022-09-11T21:40:10.000Z

Hey,

@Tokariew @bergpb sorry for the late response but as far as I can see, the problem is related to localhost not being resolved to 127.0.0.1? If not I can change this.

Thanks,
MiguelNdeCarvalho

Answer 3 · 2022-09-11T22:47:10.000Z

I not sure what podman is doing…
I know that running with following command containers stay healthy.

podman run --rm -it --health-cmd "wget --no-verbose --tries=1 --spider http://127.0.0.1:9798/" --health-timeout
=10s ghcr.io/miguelndecarvalho/speedtest-exporter

After installing apk add bind-tools and checking with dig/nslookup the localhost is resolved correctly to 127.0.0.1 on the container, but still i can't download with wget. ping localhost from container works fine too.

Answer 4 · 2022-09-12T14:44:56.000Z

I saw a similar problem in another project related to alpine images too: louislam/uptime-kuma#295
Since this, the alpine docker images for uptimekuma project were checked as deprecated: https://hub.docker.com/r/louislam/uptime-kuma

I can make some tests and confirm it the solution installing bind-tools works for swarm.
Also, another option is to change the base image to a debian based, which can be ~37MB greater than alpine image.