docker-vernemq icon indicating copy to clipboard operation
docker-vernemq copied to clipboard
verified publisher icon vernemq

Docker container with multiple networks binds to one IP only

Open vytasmk opened this issue 6 years ago • 5 comments

Problem

I have got in to the issue when I have added VerneMQ broker to the existing network an also to another docker network. Old network is with currently working containers and is created using some python script. New Docker network is built with docker-compose and has few other containers, I wanted to make VerneMQ from new network to communicate with old one so attached old network to new docker-compose. Other containers from docker-compose does not need to access old network so that is easy done. But now I have got in to problems when port 1883 is listening only to one IP address that is found using vernemq.sh script. Also I can not override using Docker environment variables as lines are included in the script after environment variables are parsed.

Expected behavior

I think in Docker container listeners should be listening to all interfaces as users control what can access service inside the Docker container by attaching to the one or more networks, for example I can add third docker network that is responsible for monitoring but do not want to allow it to my other containers.

So current listeners that are set in the script vernemq.sh

echo "listener.tcp.default = ${IP_ADDRESS}:1883" >> /vernemq/etc/vernemq.conf
echo "listener.ws.default = ${IP_ADDRESS}:8080" >> /vernemq/etc/vernemq.conf
echo "listener.vmq.clustering = ${IP_ADDRESS}:44053" >> /vernemq/etc/vernemq.conf
echo "listener.http.metrics = ${IP_ADDRESS}:8888" >> /vernemq/etc/vernemq.conf

${IP_ADDRESS} should be replaced by 0.0.0.0. If we have only one network it will work as before and listen to one IP and localhost.

Also these code lines should be placed right after the '########## Start ##########' line so they could be overridden by parsing environment variables.

I do not know how clustering will work in this case but If I understand correctly it should be working fine.

vytasmk avatar Mar 25 '19 18:03 vytasmk

It looks like these issues are similar: #110 and #107

I understand that we can mount whole configuration vernemq.conf.local but in most cases there is enough to use ENV variables so I do not have to play with config file and mount it directly.

vytasmk avatar Mar 25 '19 19:03 vytasmk

thanks for reporting. 0.0.0.0 will work for MQTT and HTTP , but NOT for the clustering listener.

dergraf avatar Mar 26 '19 07:03 dergraf

In most cases Docker container will have only one network so one IP and setting MQTT, HTTP and WS listeners to 0.0.0.0 will solve problems when somebody will use multiple networks to access broker.

Regarding clustering no problem to stick to one IP.

So if somebody can update script and update docker image it would be perfect.

vytasmk avatar Mar 26 '19 08:03 vytasmk

I got the same issue when tried to build cluster with 3 servers , and have 3 containers are in those 3 servers

thanh-nguyen-van avatar Jul 20 '19 04:07 thanh-nguyen-van

For other people looking for the exact solution:

I noticed that setting the default listeners via the environment variable (e.g. DOCKER_VERNEMQ_LISTENER__TCP__DEFAULT) is being overridden by the initialisation script bin/vernemq.sh and will not work.

Looking at the script and after testing setting the following environment variable works:

DOCKER_IP_ADDRESS=0.0.0.0

pepijnverburg avatar Apr 19 '20 21:04 pepijnverburg