podman: [v1.8] pkg/rootlessport: host port is intermittently opened inside the container

The point is that I’m unconvinced that it is a workaround, as opposed to something in the middle of a set of intermittent failures. I have also managed to reproduce the problem with a fresh container:

√ podman run --name tbw -v /tmp/bw-data:/data -p 7080:80 bitwardenrs/server:alpine

✗ curl http://localhost:7080/
curl: (7) Failed to connect to localhost port 7080: Connection refused
√ podman ps 
CONTAINER ID  IMAGE                                      COMMAND        CREATED         STATUS                 PORTS                    NAMES
9e9e0dcbac9b  docker.io/bitwardenrs/server:alpine        /bitwarden_rs  34 seconds ago  Up 33 seconds ago      0.0.0.0:7080->80/tcp     tbw
√ podman exec -it 9e9 /bin/sh
/ # netstat -nltp
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name
tcp        0      0 0.0.0.0:7080            0.0.0.0:*               LISTEN      -
tcp        0      0 0.0.0.0:80              0.0.0.0:*               LISTEN      1/bitwarden_rs
/ # curl http://localhost:7080/
<!DOCTYPE html>
<html>

<head>
...

So in this case the port mapping has again been created inside the container - rather than exposed outside.

_Originally posted by @cbz in https://github.com/containers/libpod/issues/5167#issuecomment-585310213_

About this issue

  • Original URL
  • State: closed
  • Created 4 years ago
  • Reactions: 4
  • Comments: 23 (11 by maintainers)

Most upvoted comments

@siepkes guessing you came here by search engine as i did… but for me it turned out the issue was not this issue (but a different one )… if you want to see if you have this issue then please check if the requested published port is being bound inside the container (otherwise, if you have the issue i actually did, the container stopped listening from outside, it had to do with any connection to the port attempted before the container fully came up rather than it being bound inside the container).

+1
aleks-mariusz on Apr 1, 2020

I’m also running in to, which I think is, this issue. Like @aleks-mariusz I’m also running podman > 1.8. I’m running rootless podman 1.8.1 on Fedora 31. My experience is that the container works fine on starting and then after sometime suddenly starts exhibiting the above described behaviour (ie. getting connection refused from outside of the container).

The only way I found to “fix” this is to delete the container and the pod and then to recreate everything. Just deleting the container is not enough.

+1
siepkes on Apr 1, 2020

hmm… curious… as i always am using podman run (and never have used podman create or podman start)…

would the issue owners here prefer i open up a new case, since i also am not actually experiencing the port being bound inside the container (i was pointed to this case maybe erroneously)…

i think my issue stems from the fact of noticing that containers-rootlessport is not running, whenever i get into the situation of my port is not being bound properly? (and this was something that has worked at some point, then mysteriously stops working (until i rollback my rootfs iscsi lun)

I think mine sounds more like your problem. There is no suppose-to-be-outside port being opened inside. And as I use podman-compose, consequently I always use podman run. Let’s open another issue.

+1
forward3141 on Mar 18, 2020
Read more comments on GitHub
← podman: [v1.8] /kind bug Unable to access application publically/outside after exposing port with podman
podman: v4.0.0 missing static binaries in Release page →