Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Don't use network_mode: host in docker-compose #50

Closed
TheAnachronism opened this issue Oct 23, 2021 · 5 comments
Closed

Don't use network_mode: host in docker-compose #50

TheAnachronism opened this issue Oct 23, 2021 · 5 comments

Comments

@TheAnachronism
Copy link

The docker-compose example uses network_mode: host multiple times and the different applications want to bind to all kinds of ports then. In an environment that already has many containers running this can produce many conflicts. It would be better if it was setup with docker networks and only had to use host ports which are actually required (e.g. the 8282 port binding for the actual app.)
@L7R7
Copy link
Owner

L7R7 commented Oct 27, 2021

@TheAnachronism Thanks for reporting this, really appreciated!

I wasn't aware of that as I was just copy-pasting stuff from various places. I'll have a look at it and will improve the example. Alternatively, if you got some spare time, feel free to create a PR with a suggestion.

@TheAnachronism
Copy link
Author

Sadly I have no idea how prometheus or grafana work so I don't know which ports are required and how I test if everything actually works... I guess both have at least their default port exposed

L7R7 added a commit that referenced this issue Oct 27, 2021
@L7R7
Expose the ports for Prometheus and Grafana
f2fe5cf 
Using `newtork_mode: host` is not a good idea, as pointed out in #50
@L7R7 L7R7 mentioned this issue Oct 27, 2021
Merged
@L7R7
Copy link
Owner

L7R7 commented Oct 27, 2021

Prometheus and Grafana need to have one port exposed to make their UIs accessible. In addition to that, Grafana must be able to access Prometheus via HTTP, and Prometheus needs access to all containers (Prometheus scrapes metrics from the other containers, Grafana then queries Prometheus to provide visualizations to the end user).
If I only expose ports like in #52, the containers can't access each other. As far as I understand, it now uses the default bridge as network and that doesn't allow communication between containers. So I would need to use a user defined bridge?

L7R7 added a commit that referenced this issue Oct 27, 2021
@L7R7
Expose the ports for Prometheus and Grafana
bd00b35 
Using `newtork_mode: host` is not a good idea, as pointed out in #50.
This requires changes to the configs of Prometheus and Grafana, because
the containers aren't accessbile via 127.0.0.1 anymore
@L7R7
Copy link
Owner

L7R7 commented Oct 27, 2021

Found the issue. In the configs for Prometheus and Grafana, I was using 127.0.0.1 to address the containers. Of course that's not possible anymore. Instead I have to use the container names.

#52 looks good to me now. I think that was the solution you have in mind?

The confirmation that it works is that http://localhost:9090/targets shows a lot of green badges saying UP (if the config for the build statuses container is correct) as well as Grafana saying that the Prometheus datasource is accessible

@TheAnachronism
Copy link
Author

Yeah this looks quite good, thx for the quick work and response

L7R7 added a commit that referenced this issue Oct 28, 2021
@L7R7
Expose the ports for Prometheus and Grafana
86254e5 
Using `newtork_mode: host` is not a good idea, as pointed out in #50.
This requires changes to the configs of Prometheus and Grafana, because
the containers aren't accessbile via 127.0.0.1 anymore
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@L7R7 @TheAnachronism