puppetlabs-docker
puppetlabs-docker copied to clipboard
*_docker_params_changed is notified every time puppet runs, regardless of status
Describe the Bug
docker::run
instances are restarted on each puppet run, regardless of whether any params have actually changed. This is using restart => 'unless-stopped'
, so not using the systemd approach.
Expected Behavior
Instances should not restart if params have not changed.
Environment
- Version 4.1.2
- Platform Ubuntu 20.04
Is #629 related to this at all?
This issue has been marked as stale because it has been open for a while and has had no recent activity. If this issue is still important to you please drop a comment below and we will add this to our backlog to complete. Otherwise, it will be closed in 7 days.
Hi, I still can't upgrade due to this as docker restarts managed instances every half hour. Am I the only one experiencing this issue?
I'm not using systemd, but using the built in docker restart value
That is one of the reason, why I switched the whole Docker part to Ansible playbooks. Docker and Puppet isn't fun.
I am having the same issue as described with puppetserver 6.20.0-1focal
and puppet-agent 6.28.0-1bionic
(both from https://apt.puppet.com)
I've been looking around. Change detection for exposed ports is completely incorrect.
The code checks only for PortBinding
keys, ignoring HostIP
and HostPort
part of port bindings defined in puppet.
For instance, code:
ports = inspect_hash['HostConfig']['PortBindings'].keys
ports = ports.map { |item| item.split('/')[0] }
pp_ports = opts['ports'].sort if opts['ports'].is_a?(Array)
pp_ports = [opts['ports']] if opts['ports'].is_a?(String)
param_changed = true if pp_ports && pp_ports != ports
For my case, I have something like this defined in hiera:
ports:
- <ipv4>:80:5601/tcp
- "[<ipv6>]:80:5601/tcp"
Which results into in docker:
{
"5601/tcp": [
{
"HostIp": "<ipv4>",
"HostPort": "80"
},
{
"HostIp": "<ipv6>",
"HostPort": "80"
}
]
}
If we go through change detection code, it compares the following lists:
["<ipv4>:80:5601/tcp", "[<ipv6>]:80:5601/tcp"]
== ["5601"]
Which is of course incorrect. Seeing this code, I believe the logic in detection is completely wrong also for other parameters.
By moving from restart => always
to systemd_restart => always
switched from "weird" puppet managed docker to use systemd. Everything started to work as expected.
Maybe remove the "weird" docker management mode?
Hello! 👋
This issue has been open for a while and has had no recent activity. We've labelled it with attention-needed
so that we can get a clear view of which issues need our attention.
If you are waiting on a response from us we will try and address your comments on a future Community Day.
Alternatively, if it is no longer relevant to you please close the issue with a comment.
@MasterMind2k this has hit me now too so trying to work out a patch/path forward and wouldn't mind your input since it seems you have a specific use case/scenario.
I see two scenarios, fully explicit <ip>:<ext port>:<int port>/<proto>
and one where some things are less explicit <ext port>:<int port>
. Is that a fair assessment? I'm thinking that we iterate both sets (manifest data and inspect data to build hashes that are then compared.
@bmagistro, yes, I think it is. If you are setting IP, you'll probably also set protocol (due to Firewall configuration, etc).
In my opinion, short variation should be expanded to full spec localhost:<ext port>:<int port>/tcp
.