dockerdocker-composehostnamepodmanmastodon

Unable to resolve hostname with docker-compose and podman


I am trying to deploy a mastodon server using this project: https://github.com/tootsuite/mastodon

I am running Docker-Compose and Podman on a Fedora 33 server.

$ docker-compose --version
docker-compose version 1.27.4, build unknown

$ docker --version
podman version 3.0.1

$ cat /etc/fedora-release
Fedora release 33 (Thirty Three)

I had to do some changes into the docker-compose.yml to make it work with Podman. You can see my whole config file below.

version: '3'
services:

  db:
    restart: always
    image: postgres:9.6-alpine
    shm_size: 256mb
    networks:
      - internal_network
    healthcheck:
      test: ["CMD", "pg_isready", "-U", "postgres"]
      timeout: 45s
      interval: 10s
      retries: 10
    volumes:
      - ./postgres:/var/lib/postgresql/data
    environment:
      - POSTGRES_HOST_AUTH_METHOD=trust

  redis:
    restart: always
    image: redis:6.0-alpine
    networks:
      - internal_network
    healthcheck:
      test: ["CMD", "redis-cli", "ping"]
      timeout: 45s
      interval: 10s
      retries: 10
    volumes:
      - ./redis:/data

#  es:
#    restart: always
#    image: docker.elastic.co/elasticsearch/elasticsearch-oss:6.8.10
#    environment:
#      - "ES_JAVA_OPTS=-Xms512m -Xmx512m"
#      - "cluster.name=es-mastodon"
#      - "discovery.type=single-node"
#      - "bootstrap.memory_lock=true"
#    networks:
#      - internal_network
#    healthcheck:
#      test: ["CMD-SHELL", "curl --silent --fail localhost:9200/_cluster/health || exit 1"]
#    volumes:
#      - ./elasticsearch:/usr/share/elasticsearch/data
#    ulimits:
#      memlock:
#        soft: -1
#        hard: -1

  web:
    #    build: .
    image: tootsuite/mastodon
    restart: always
    env_file: .env.production
    command: bash -c "rm -f /mastodon/tmp/pids/server.pid; bundle exec rails s -p 3000"
    networks:
      - external_network
      - internal_network
    healthcheck:
      test: ["CMD-SHELL", "wget -q --spider --proxy=off localhost:3000/health || exit 1"]
      timeout: 45s
      interval: 10s
      retries: 10
    ports:
      - "127.0.0.1:3000:3000"
    depends_on:
      - db
      - redis
#      - es
    volumes:
      - ./public/system:/mastodon/public/system

  streaming:
    build: .
    image: tootsuite/mastodon
    restart: always
    env_file: .env.production
    command: node ./streaming
    networks:
      - external_network
      - internal_network
    healthcheck:
      test: ["CMD-SHELL", "wget -q --spider --proxy=off localhost:4000/api/v1/streaming/health || exit 1"]
      timeout: 45s
      interval: 10s
      retries: 10
    ports:
      - "127.0.0.1:4000:4000"
    depends_on:
      - db
      - redis

  sidekiq:
    build: .
    image: tootsuite/mastodon
    restart: always
    env_file: .env.production
    command: bundle exec sidekiq
    depends_on:
      - db
      - redis
    networks:
      - external_network
      - internal_network
    volumes:
      - ./public/system:/mastodon/public/system
## Uncomment to enable federation with tor instances along with adding the following ENV variables
## http_proxy=http://privoxy:8118
## ALLOW_ACCESS_TO_HIDDEN_SERVICE=true
#  tor:
#    image: sirboops/tor
#    networks:
#      - external_network
#      - internal_network
#
#  privoxy:
#    image: sirboops/privoxy
#    volumes:
#      - ./priv-config:/opt/config
#    networks:
#      - external_network
#      - internal_network

networks:
  external_network:
  internal_network:
    internal: true

Here is a diff with remote version of the file on the repository:

(tl;dr: I added options to health-checks and an env variable to authorize running postgres without password and commented build option to use image from the repo, as building was failing too)

$ git diff docker-compose.yml
diff --git a/docker-compose.yml b/docker-compose.yml
index 52eea7a74..a8e047ec7 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -9,8 +9,13 @@ services:
       - internal_network
     healthcheck:
       test: ["CMD", "pg_isready", "-U", "postgres"]
+      timeout: 45s
+      interval: 10s
+      retries: 10
     volumes:
       - ./postgres:/var/lib/postgresql/data
+    environment:
+      - POSTGRES_HOST_AUTH_METHOD=trust

   redis:
     restart: always
@@ -19,6 +24,9 @@ services:
       - internal_network
     healthcheck:
       test: ["CMD", "redis-cli", "ping"]
+      timeout: 45s
+      interval: 10s
+      retries: 10
     volumes:
       - ./redis:/data

@@ -42,7 +50,7 @@ services:
 #        hard: -1

   web:
-    build: .
+    #    build: .
     image: tootsuite/mastodon
     restart: always
     env_file: .env.production
@@ -52,6 +60,9 @@ services:
       - internal_network
     healthcheck:
       test: ["CMD-SHELL", "wget -q --spider --proxy=off localhost:3000/health || exit 1"]
+      timeout: 45s
+      interval: 10s
+      retries: 10
     ports:
       - "127.0.0.1:3000:3000"
     depends_on:
@@ -72,6 +83,9 @@ services:
       - internal_network
     healthcheck:
       test: ["CMD-SHELL", "wget -q --spider --proxy=off localhost:4000/api/v1/streaming/health || exit 1"]
+      timeout: 45s
+      interval: 10s
+      retries: 10
     ports:
       - "127.0.0.1:4000:4000"
     depends_on:

Generating secrets was fine, but it failed on this command:

$ sudo docker-compose run --rm web bundle exec rails db:migrate
Creating network "mastodon_internal_network" with the default driver
Creating network "mastodon_external_network" with the default driver
Creating mastodon_db_1    ... done
Creating mastodon_redis_1 ... done
Creating mastodon_web_run ... done
rails aborted!
PG::ConnectionBad: could not translate host name "db" to address: Name or service not known

I already used the combination of Docker-Compose and Podman 3.0 with several projects and I never had any issue with hostname resolving inside networks. I wonder if I must specify a driver for this situation.

Also I would like a way to test if I can reach db service with this hostname from the container of web and so, if the problem is in the code (that I highly doubt but I want to be sure).

EDIT1: Logs of db service showing that the service seems to be running fine and ready to accept connections

$ sudo docker logs -f mastodon_db_1

PostgreSQL Database directory appears to contain a database; Skipping initialization

LOG:  database system was shut down at 2021-04-01 07:02:04 UTC
LOG:  MultiXact member wraparound protections are now enabled
LOG:  database system is ready to accept connections
LOG:  autovacuum launcher started

Solution

  • I have found a solution: removing networks' definition.

    It sounds cheap, but it worked.

    So the final docker-compose.yml looks like this:

    version: '3'
    services:
    
      db:
        restart: always
        image: postgres:9.6-alpine
        shm_size: 256mb
        healthcheck:
          test: ["CMD", "pg_isready", "-U", "postgres"]
          timeout: 45s
          interval: 10s
          retries: 10
        volumes:
          - ./postgres:/var/lib/postgresql/data
        environment:
          - POSTGRES_HOST_AUTH_METHOD=trust
    
      redis:
        restart: always
        image: redis:6.0-alpine
        healthcheck:
          test: ["CMD", "redis-cli", "ping"]
          timeout: 45s
          interval: 10s
          retries: 10
        volumes:
          - ./redis:/data
    
    #  es:
    #    restart: always
    #    image: docker.elastic.co/elasticsearch/elasticsearch-oss:6.8.10
    #    environment:
    #      - "ES_JAVA_OPTS=-Xms512m -Xmx512m"
    #      - "cluster.name=es-mastodon"
    #      - "discovery.type=single-node"
    #      - "bootstrap.memory_lock=true"
    #    networks:
    #      - internal_network
    #    healthcheck:
    #      test: ["CMD-SHELL", "curl --silent --fail localhost:9200/_cluster/health || exit 1"]
    #    volumes:
    #      - ./elasticsearch:/usr/share/elasticsearch/data
    #    ulimits:
    #      memlock:
    #        soft: -1
    #        hard: -1
    
      web:
        #    build: .
        image: tootsuite/mastodon
        restart: always
        env_file: .env.production
        command: bash -c "rm -f /mastodon/tmp/pids/server.pid; bundle exec rails s -p 3000"
        healthcheck:
          test: ["CMD-SHELL", "wget -q --spider --proxy=off localhost:3000/health || exit 1"]
          timeout: 45s
          interval: 10s
          retries: 10
        ports:
          - "127.0.0.1:3000:3000"
        depends_on:
          - db
          - redis
    #      - es
        volumes:
          - ./public/system:/mastodon/public/system
    
      streaming:
        build: .
        image: tootsuite/mastodon
        restart: always
        env_file: .env.production
        command: node ./streaming
        healthcheck:
          test: ["CMD-SHELL", "wget -q --spider --proxy=off localhost:4000/api/v1/streaming/health || exit 1"]
          timeout: 45s
          interval: 10s
          retries: 10
        ports:
          - "127.0.0.1:4000:4000"
        depends_on:
          - db
          - redis
    
      sidekiq:
        build: .
        image: tootsuite/mastodon
        restart: always
        env_file: .env.production
        command: bundle exec sidekiq
        depends_on:
          - db
          - redis
        volumes:
          - ./public/system:/mastodon/public/system
    ## Uncomment to enable federation with tor instances along with adding the following ENV variables
    ## http_proxy=http://privoxy:8118
    ## ALLOW_ACCESS_TO_HIDDEN_SERVICE=true
    #  tor:
    #    image: sirboops/tor
    #    networks:
    #      - external_network
    #      - internal_network
    #
    #  privoxy:
    #    image: sirboops/privoxy
    #    volumes:
    #      - ./priv-config:/opt/config
    #    networks:
    #      - external_network
    #      - internal_network