nomad-driver-podman icon indicating copy to clipboard operation
nomad-driver-podman copied to clipboard
verified publisher icon hashicorp

Port 0 registered in consul if network.port.to not set

Open optiz0r opened this issue 3 years ago • 2 comments

My understanding of the network block, and the behaviour of the docker driver is that when a port is defined with only static = 1234 parameter and not an explicit to = 1234, that to should be defaulted to the value of static. Thus the following is valid and will register the consul service on port 1234:

job "foo" {
  group "foo" {
    network {
      port "foo" { static = 1234 }
    }
  }
}

With the podman driver, the above causes the consul service to be registered on port 0, which means services that dynamically pull service details from the consul catalog get the wrong port number.

Setting to explicitly does then register the correct port number:

job "foo" {
  group "foo" {
    network {
      port "foo" { 
        to = 1234
        static = 1234
      }
    }
  }
}

Also services that run on dynamic ports and only set the to do register the correct port number.

From a very quick look at the driver code, I think this line: https://github.com/hashicorp/nomad-driver-podman/blob/main/driver.go#L1089 is checking to see whether the to jobspec parameter is set to 0 and if so overriding it to the mapped port, however nomad docs (https://www.nomadproject.io/docs/job-specification/network#to) suggest the default might be -1. Perhaps this test should instead be >=0 ?

optiz0r avatar Dec 24 '21 08:12 optiz0r

@optiz0r thank you for the bug report and your analysis. We will have a look.

towe75 avatar Jan 03 '22 20:01 towe75

I got this issue too

ttys3 avatar Feb 06 '22 17:02 ttys3

@optiz0r or @ttys3 can either of you still reproduce the issue? I just tried and unless I'm misunderstanding it seems to work.

job "http" {

  group "group" {
    network {
      port "http" {
        static = "8080"
      }
    }

    update {
      min_healthy_time = "1s"
    }

    service {
      provider = "consul"
      port     = "http"
      name     = "python-http"
    }

    task "python" {
      driver = "podman"

      config {
        image = "docker.io/python:3"
        args  = ["python3", "-m", "http.server", "${NOMAD_PORT_http}", "--directory", "/tmp"]
      }

      resources {
        cpu    = 100
        memory = 64
      }
    }
  }
}

➜ curl -s localhost:8500/v1/catalog/service/python-http | jq .[].ServicePort
8080

shoenig avatar Jun 14 '23 20:06 shoenig

@shoenig this issue has been very long ago. currently I can not reproduce this. so I think it is not a problem now.

ttys3 avatar Jun 15 '23 12:06 ttys3

Ah alright, thanks!

shoenig avatar Jun 15 '23 13:06 shoenig