Running rallly in docker with multiple networks does not bind to all network interfaces

[kolaente]

Describe the bug

TL;DR: Rallly should bind on the 0.0.0.0 interface instead of binding to a specific network interface.

Consider the following docker compose file:

version: "3"

services:
  db:
    image: postgres:14
    restart: unless-stopped
    volumes:
      - /var/apps/rallly/db:/var/lib/postgresql/data
    environment:
      - POSTGRES_PASSWORD=password
      - POSTGRES_DB=db
    healthcheck:
      test: ["CMD-SHELL", "pg_isready -U postgres"]
      interval: 5s
      timeout: 5s
      retries: 5

  rallly:
    image: lukevella/rallly:3.4.1
    restart: unless-stopped
    depends_on:
      db:
        condition: service_healthy
    environment:
      - DATABASE_URL=postgres://postgres:password@db:5432/db
    env_file:
      - config.env
    networks:
      - default
      - web
    labels:
      - "traefik.docker.network=web"
      - "traefik.enable=true"
      - "traefik.http.routers.rallly.rule=Host(`rallly.example.com`)"
      - "traefik.http.routers.rallly.entrypoints=https"
      - "traefik.http.routers.rallly.tls.certResolver=basic"

networks:
  web:
    external: true

As you can see, the rallly container is part of a default network which is created by compose for that particular stack and a web network which I use to expose containers with traefik to the outside world.

When starting the stack, rallly says the following:

rallly-rallly-1  | Prisma schema loaded from prisma/schema.prisma
rallly-rallly-1  | Datasource "db": PostgreSQL database "db", schema "public" at "db:5432"
rallly-rallly-1  |
rallly-rallly-1  | 42 migrations found in prisma/migrations
rallly-rallly-1  |
rallly-rallly-1  |
rallly-rallly-1  | No pending migrations to apply.
rallly-rallly-1  |    ▲ Next.js 14.0.1
rallly-rallly-1  |    - Local:        http://ae088df5c5e7:3000
rallly-rallly-1  |    - Network:      http://10.10.38.3:3000
rallly-rallly-1  |
rallly-rallly-1  |  ✓ Ready in 258ms

Yet when I try to access it on rallly.example.com I get a Bad Gateway error message. It looks like Traefik can't reach the container.

Inspecting the running container with docker inspect gives us a clue:

            "Networks": {
                "rallly_default": {
                    "IPAMConfig": null,
                    "Links": null,
                    "Aliases": [
                        "rallly-rallly-1",
                        "rallly",
                        "ae088df5c5e7"
                    ],
                    "NetworkID": "0fa8b1133017dcd079eb7093e08385ea7d577b632c88f984c39f6401e3c69e03",
                    "EndpointID": "590e0a721169a2149149a67392252132968632b7345a89255a33337c9f879379",
                    "Gateway": "10.10.38.1",
                    "IPAddress": "10.10.38.3",
                    "IPPrefixLen": 24,
                    "IPv6Gateway": "",
                    "GlobalIPv6Address": "",
                    "GlobalIPv6PrefixLen": 0,
                    "MacAddress": "02:42:0a:0a:26:03",
                    "DriverOpts": null
                },
                "web": {
                    "IPAMConfig": null,
                    "Links": null,
                    "Aliases": [
                        "rallly-rallly-1",
                        "rallly",
                        "ae088df5c5e7"
                    ],
                    "NetworkID": "efd930c280f1f8c7a6421bea97f18d2753c8eae4dd1f7c14c639ed20858b2525",
                    "EndpointID": "7de5d808c18cc02a017ac14fa9017b4843b97f30e464b39c0054be7caa2c92ac",
                    "Gateway": "192.168.192.1",
                    "IPAddress": "192.168.192.31",
                    "IPPrefixLen": 20,
                    "IPv6Gateway": "",
                    "GlobalIPv6Address": "",
                    "GlobalIPv6PrefixLen": 0,
                    "MacAddress": "02:42:c0:a8:c0:1f",
                    "DriverOpts": null

Specifically, Rallly only seems to detect the (virtual) network interface of the default network, not the one from web network. But Traefik can't reach it on that address, only on the 192.168.192.31 one, coming from the web network.

To fix this, Rallly should bind on the 0.0.0.0 interface (basically all interfaces) instead of only one (the first?).

[kolaente]

I've noticed if you restart it often enough, it will sometimes bind to the ip of the web network which then makes it work. But that's highly unreliable.

[emy]

I'm running a really similar setup and experience the same issue.

[scottwallacesh]

Workaround: configure the Docker hostname to 0.0.0.0.

e.g.

  rallly:
    image: lukevella/rallly:latest
    container_name: rallly
    hostname: 0.0.0.0

[C0chett0]

Thanks @scottwallacesh works like a charm !

[lukevella]

Workaround: configure the Docker hostname to 0.0.0.0.

e.g.

  rallly:
    image: lukevella/rallly:latest
    container_name: rallly
    hostname: 0.0.0.0

Is this worth adding to the official docker compose config? I've not had a need for it myself but happy to include it, if it is useful.

[corvec]

@scottwallacesh This fixed the issue I'd been having (using with Traefik, with an internal network for the DB and on a different network with Traefik).

@lukevella I think it would make sense to add it. I don't think it will do anything for anyone using that config stock, but for anyone using it with a reverse proxy and two networks - which would be a best practice - it's necessary.

Would you be interested in documenting example docker compose configs for use with reverse proxies? If so, this is what I use for Rallly with Traefik: https://gist.github.com/corvec/fa95a8e97d730d4c25548576b422630c - feel free to use it as a starting point.

[kolaente]

Based on this pr it is enough to set the HOSTNAME env variable to 0.0.0.0 to make it listen on all interfaces.

Opened a PR: https://github.com/lukevella/rallly/pull/1015