docker-ark-server
docker-ark-server copied to clipboard
Hermsi1337
[BUG] Ports not accessible from outside the container; hosted internally on 0.0.0.0
On my setup, the ports of the internal mechanism of the docker container are mapped to 0.0.0.0 and only 0.0.0.0, nothing else. This means that the Server cannot be accessed from the outside. I'm not sure what causes this.
This is what i got from looking around the ports inside the container (using docker exec -it ark_server bash):
root@429811629a8c:/app# nmap 0.0.0.0 -T5 -p 7777-7778
Starting Nmap 7.80 ( https://nmap.org ) at 2023-01-02 00:05 UTC
Nmap scan report for 0.0.0.0
Host is up.
PORT STATE SERVICE
7777/tcp filtered cbt
7778/tcp filtered interwise
Nmap done: 1 IP address (1 host up) scanned in 1.61 seconds
root@429811629a8c:/app# netstat -tulpn
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 127.0.0.11:34169 0.0.0.0:* LISTEN -
udp 0 0 127.0.0.11:41964 0.0.0.0:* -
udp 0 0 0.0.0.0:27015 0.0.0.0:* -
udp 0 0 0.0.0.0:7777 0.0.0.0:* -
udp 0 0 0.0.0.0:7778 0.0.0.0:* -
root@429811629a8c:/app# nmap 127.0.0.1 172.24.0.2 -T5 -p 1-65535
Starting Nmap 7.80 ( https://nmap.org ) at 2023-01-02 00:08 UTC
Nmap scan report for localhost (127.0.0.1)
Host is up (0.0000050s latency).
All 65535 scanned ports on localhost (127.0.0.1) are closed
Nmap done: 2 IP addresses (1 host up) scanned in 2.43 seconds
root@429811629a8c:/app# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
209: eth0@if210: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
link/ether 02:42:ac:17:00:02 brd ff:ff:ff:ff:ff:ff link-netnsid 0
inet 172.23.0.2/16 brd 172.23.255.255 scope global eth0
valid_lft forever preferred_lft forever
As you can see, the server is reachable on 0.0.0.0, but not on any other addresses of the container.
This is my docker-compose.yml:
version: '3'
services:
server:
restart: always
container_name: ark_server
image: hermsi/ark-server:latest
volumes:
- /srv/games/ark-server:/app
- /srv/games/ark-server-backups:/home/steam/ARK-Backups
environment:
- SESSION_NAME=REDACTED
- SERVER_MAP=TheIsland
- SERVER_PASSWORD=REDACTED
- ADMIN_PASSWORD=REDACTED
- MAX_PLAYERS=10
- UPDATE_ON_START=true
- BACKUP_ON_STOP=true
- PRE_UPDATE_BACKUP=true
- WARN_ON_STOP=true
- DISABLE_BATTLEEYE=true
- GAME_MOD_IDS=1404697612,1522327484,731604991,1609138312,1814953878
ports:
# Port for connections from ARK game client
- "7777:7777/udp"
# Raw UDP socket port (always Game client port +1)
- "7778:7778/udp"
# RCON management port
- "27020:27020/tcp"
# Steam's server-list port
- "27015:27015/udp"
The docker-compose setup should not be at fault here. I'm pretty sure something is up with the internal workings of the docker container.
docker exec -u steam -it ark_server arkmanager status
Running command 'status' for instance 'main'
Server running: Yes
Server PID: 5141
Server listening: Yes
Server Name: REDACTED
Steam Players: 0 / 70
Active Steam Players: 0
Server online: Yes
ARKServers link: http://arkservers.net/server/REDACTED:27015
Steam connect link: steam://connect/REDACTED:27015
Server build ID: 10238961
Server version: 355.10
The only port open to the host (and the rest of the internet) is port 27020, that one seems to be working OK. This is the only TCP port of the bunch, maybe that means something?
same here, any news? i tried to force iptables routing inside container without success :(
I've got a similar issue, restarting over and over seems to fix it for me. but it does come back every so often
EDIT: been able to fix the issue I'm experiencing by attaching the container to the host network, done by appending network_mode: host and removing the section where I declared the ports, probably not as secure but I run it in a vm anyways were ports are defined.
services:
server:
container_name: ark_cluster
image: hermsi/ark-server:latest
tty: true
volumes:
- ./ark-server:/app
- ./ark-server-backups:/home/steam/ARK-Backups
environment:
- GAME_MOD_IDS=6969696969,420420420
- SERVER_PASSWORD=
- ADMIN_PASSWORD=something
- MAX_PLAYERS=5
- UPDATE_ON_START=true
network_mode: host
Unrelated to this issue but I have messed around with the arkmanager.cfg removing some of the things set by environment variables and set them myself inside the config so my docker compose is a bit more sparse. some stuff might not be best practice since I'm new to docker.
network mode host should be fine, especially if it fixes things, but this is still a pretty bad bug, especially as the documentation says to specify ports without network_mode: host. Normally when hosting something, if hosted to 0.0.0.0 it will be accessible on any IP of the machine, but in this case that is diffrent. For me personally, this defies the rules of networking.
not sure if I have the same problem, but using Docker Desktop on Mac (intel) and I cannot seem to access any of the ports and thus cannot log into the server. not a networking guru, but curious how to fix this! is it an image problem or is it a docker problem?
