Host mode or port forwarding both have issues
zilexa opened this issue · 4 comments
Reporting bugs/issues
- Please provide the following information:
-
OS/distribution version (command for your OS may differ):
No LSB modules are available.
Distributor ID: Ubuntu
Description: Ubuntu 19.10
Release: 19.10
Codename: eoan -
Docker version:
Docker version 19.03.8, build afacb8b7f0 -
Labels from container:
"Labels": { "org.label-schema.build-date": "2020-03-24T03:15:31Z", "org.label-schema.license": "Apache-2.0", "org.label-schema.name": "UniFi Controller", "org.label-schema.schema-version": "1.0", "org.label-schema.url": "https://github.com/goofball222/unifi", "org.label-schema.vcs-ref": "c9d0384", "org.label-schema.vcs-url": "https://github.com/goofball222/unifi.git", "org.label-schema.vendor": "The Goofball - goofball222@gmail.com", "org.label-schema.version": "5.12.66" } -
Details on how to reproduce the trouble, if available:
with network host mode:
now Portainer says "Unhealthy" after the container has started. I can also not access it.
-
container_name: unifi
image: goofball222/unifi
network_mode: host
restart: unless-stopped
environment:
- PUID=${PUID}
- PGID=${PGID}
- TZ=${TZ}
volumes:
- /etc/localtime:/etc/localtime:ro
- ${USERDIR}/docker/unifi/cert:/usr/lib/unifi/cert
- ${USERDIR}/docker/unifi/data:/usr/lib/unifi/data
- ${USERDIR}/docker/unifi/logs:/usr/lib/unifi/logs
- Details on how to reproduce the trouble, if available:
without host mode, with port forwarding.
Now I can access the controller, I can change my IP under Settings>Controller to the IP address of the host machine since it is part of the LAN. Immediately the 2 AC In-Wall APs are discovered.
PROBLEM: adoption fails, even after hard resetting the APs.
container_name: unifi
image: goofball222/unifi
restart: unless-stopped
environment:
- PUID=${PUID}
- PGID=${PGID}
- TZ=${TZ}
volumes:
- /etc/localtime:/etc/localtime:ro
- ${USERDIR}/docker/unifi/cert:/usr/lib/unifi/cert
- ${USERDIR}/docker/unifi/data:/usr/lib/unifi/data
- ${USERDIR}/docker/unifi/logs:/usr/lib/unifi/logs
ports:
- 3478:3478/udp
- 8888:8080
- 8443:8443
- 8880:8880
- 8843:8843
- 6789:6789 # allows speed tests from Unifi apps
- 10001:10001/udp # allows layer 2 broadcast discovery when running on host in local LAN```
It appears you're trying to remap the controller http port 8080 to the external/host port 8888 - 8888:8080. I assume this is because you already have another service or container operating on TCP port 8080 on your host.
That port mapping change won't work without also setting unifi.http.port=8888 in the controller ${DATADIR}/system.properties file. At that point you'd also need to change your port mapping to: - 8888:8888.
The UniFi controller software has to explicitly know which ports it's using so it can send that information to the managed devices in their connection strings/config. This means you can't use the transparent remapping function of Docker.
This also affects the container health check script since it defaults to checking that the API is running and responding properly on port 8080 unless an alternate is set in system.properties.
Aha ok that makes total sense for the second method.
But the first method, using "network-mode: host", isn't that just suppose to work?
No port forwarding happening there.
network_mode: host still uses/attaches ports on the Docker host, so if there's something else already occupying one of the UniFi ports on the host the controller will fail to function properly. You would need to check other running containers and the host processes via netstat or other commands to determine what might be on the required ports. From there you'd need to move the conflicting service, or adjust the controller settings to move the UniFi controller service(s) to an unused port.
Ah that makes a lot of sense. Indeed that port was used already. I'll close this one. Thanks a lot for the clarification!