Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Run with --net=host break access to vnc #146

Open
lmontagnon opened this issue Mar 19, 2024 · 9 comments
Open

Run with --net=host break access to vnc #146

lmontagnon opened this issue Mar 19, 2024 · 9 comments

Comments

@lmontagnon
Copy link

lmontagnon commented Mar 19, 2024

Hi everyone,

I have a new issue which also breaks vnc startup.

For my project, I need to show my network (Ethernet and Wifi e.g. enp2s0 and wlp4s0) inside the container. With another image without vnc it's working when I add this parameter --net=host but with vnc doesn't work and break the startup.

Screenshot inside vnc container without --net=host parameter with ifconfig command (sudo update and sudo apt install net-tools) :
Screenshot from 2024-03-19 09-47-24

How to reproduce

Add --net=host parameter to run a new container :

docker run -p 6080:80 --security-opt seccomp=unconfined --shm-size=512m --net=host tiryoh/ros2-desktop-vnc:humble-amd64

And this appear

WARNING: Published ports are discarded when using host network mode
* enable custom user: ubuntu
  set default password to "ubuntu"
============================================================================================
NOTE: --security-opt seccomp=unconfined flag is required to launch Ubuntu Jammy based image.
See https://github.com/Tiryoh/docker-ros2-desktop-vnc/pull/56
============================================================================================
2024-03-19 13:48:35,463 INFO Included extra file "/etc/supervisor/conf.d/supervisord.conf" during parsing
2024-03-19 13:48:35,464 INFO Set uid to user 0 succeeded
2024-03-19 13:48:35,471 INFO RPC interface 'supervisor' initialized
2024-03-19 13:48:35,471 CRIT Server 'unix_http_server' running without any HTTP authentication checking
2024-03-19 13:48:35,471 INFO supervisord started with pid 44
2024-03-19 13:48:36,475 INFO spawned: 'novnc' with pid 45
2024-03-19 13:48:36,479 INFO spawned: 'vnc' with pid 46
2024-03-19 13:48:37,481 INFO success: novnc entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
2024-03-19 13:48:37,481 INFO success: vnc entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
2024-03-19 13:48:40,372 INFO exited: novnc (exit status 1; not expected)
2024-03-19 13:48:41,376 INFO spawned: 'novnc' with pid 233
2024-03-19 13:48:41,611 INFO exited: novnc (exit status 1; not expected)
2024-03-19 13:48:42,613 INFO spawned: 'novnc' with pid 462
2024-03-19 13:48:44,029 INFO success: novnc entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
2024-03-19 13:48:44,029 INFO exited: novnc (exit status 1; not expected)
2024-03-19 13:48:45,033 INFO spawned: 'novnc' with pid 610
2024-03-19 13:48:45,416 INFO exited: novnc (exit status 1; not expected)
2024-03-19 13:48:46,422 INFO spawned: 'novnc' with pid 678
2024-03-19 13:48:46,918 INFO exited: novnc (exit status 1; not expected)
2024-03-19 13:48:48,923 INFO spawned: 'novnc' with pid 696
2024-03-19 13:48:49,223 INFO exited: novnc (exit status 1; not expected)
2024-03-19 13:48:52,229 INFO spawned: 'novnc' with pid 709
2024-03-19 13:48:52,486 INFO exited: novnc (exit status 1; not expected)
2024-03-19 13:48:53,488 INFO gave up: novnc entered FATAL state, too many start retries too quickly

As you can see, a warning appears : WARNING: Published ports are discarded when using host network mode

I found a same Issue here : solarkennedy/ipmi-kvm-docker#10 but the solution with IPv6 doesn't work.
Another solution is to make some change inside vnc_startup.sh VNC_IP=$(ip route get 1 | awk '{print $NF;exit}') ConSol/docker-headless-vnc-container#31

Can you help me ?

Best regards,

lmontagnon

@cardboardcode
Copy link
Contributor

Please have a look at the link below. Encountered the same issue. Resolved it by modifying some files:

#145 (comment)

@lmontagnon
Copy link
Author

lmontagnon commented Mar 19, 2024

@cardboardcode thank you for your reply,

I tried your solution but when I'm running the container (5.) I can't access to http://localhost:6080/
I have no errors on the terminal! but unable to connect with localhost:6080

docker run --ipc host --net host -p 6080:80 --security-opt seccomp=unconfined --shm-size=512m tiryoh/ros2-desktop-vnc:humble-amd64-HOST
WARNING: Published ports are discarded when using host network mode
* enable custom user: ubuntu
  set default password to "ubuntu"
============================================================================================
NOTE: --security-opt seccomp=unconfined flag is required to launch Ubuntu Jammy based image.
See https://github.com/Tiryoh/docker-ros2-desktop-vnc/pull/56
============================================================================================
2024-03-19 20:25:14,759 INFO Included extra file "/etc/supervisor/conf.d/supervisord.conf" during parsing
2024-03-19 20:25:14,759 INFO Set uid to user 0 succeeded
2024-03-19 20:25:14,769 INFO RPC interface 'supervisor' initialized
2024-03-19 20:25:14,769 CRIT Server 'unix_http_server' running without any HTTP authentication checking
2024-03-19 20:25:14,770 INFO supervisord started with pid 44
2024-03-19 20:25:15,773 INFO spawned: 'novnc' with pid 45
2024-03-19 20:25:15,776 INFO spawned: 'vnc' with pid 46
2024-03-19 20:25:17,516 INFO success: novnc entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
2024-03-19 20:25:17,516 INFO success: vnc entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)

@cardboardcode
Copy link
Contributor

Hmm... weird. Perhaps try accessing http://localhost:5905/ instead of http://localhost:6080/.

If still does not work, will need your help to show the exact steps you took to get to the aforementioned output so we can work with more information.

Also, remember to git pull and update the local repository to the latest commit, just in case.

@lmontagnon
Copy link
Author

unfortunately yes, I followed the exact steps as mentioned in your post #145 (comment)
And I pulled the last version commit.

I did some tests with the new build:

  • Without --ipc host --net host parameters novnc break and when i change entrypoint.sh file directly inside this container (change for vncserver 1 and go back 6080 to 80). stop container and restart it. It's working like before.

  • With --ipc host --net host parameters i don't have any errors but it's unable to connect http://localhost:6080/ or http://localhost:5905/

@cardboardcode can you do it again exactly your steps with the latest commit ?

Thank you for your help.

lmontagnon

@lmontagnon
Copy link
Author

Hello everyone,

I found a solution to my problem. I'm using Docker desktop on Ubuntu and the problem is that you need to be root to access with the net=host parameter. So if I run it with sudo

sudo docker run --ipc host --net host -p 6080:80 --security-opt seccomp=unconfined --shm-size=512m tiryoh/ros2-desktop-vnc:humble-amd64-HOST

That works ! I saw that Docker desktop uses another context. I uninstalled all Docker desktop files and installed Docker Engine. Add Docker Engine on root : https://docs.docker.com/engine/install/linux-postinstall/

@lmontagnon
Copy link
Author

@cardboardcode Have you tried under Windows 11? Because now it's the same problem and I'm trying to get Docker as root on Windows.

@cardboardcode
Copy link
Contributor

@cardboardcode Have you tried under Windows 11? Because now it's the same problem and I'm trying to get Docker as root on Windows.

Not yet. Not planning to anytime soon, unfortunately.

@cardboardcode
Copy link
Contributor

cardboardcode commented Mar 24, 2024

unfortunately yes, I followed the exact steps as mentioned in your post #145 (comment) And I pulled the last version commit.

I did some tests with the new build:

* Without `--ipc host --net host` parameters novnc break and when i change entrypoint.sh file directly inside this container (change for vncserver 1 and go back 6080 to 80). stop container and restart it. It's working like before.

* With `--ipc host --net host` parameters i don't have any errors but it's unable to connect http://localhost:6080/ or http://localhost:5905/

@cardboardcode can you do it again exactly your steps with the latest commit ?

Thank you for your help.

lmontagnon

Will do it with a fresh Ubuntu 22.04 instance on Virtual machine and update accordingly. Please see below (edited as of 24th March 2024 1410):

The steps for reproducing the example can be verified to still be working with the latest commit at least for me.

@sylarevan
Copy link

sylarevan commented Nov 26, 2024

Hi there. I'm just having the exact same problem with the 22.04 image with Humble: as soon as I'm using the host network, vnc is not starting anymore (tests done from a mac M3).
I have applied the changes suggested in #145 (comment) but I'm still getting the issue.

In the container, starting manually vnc:

# gosu turtle bash ./vnc_run.sh
hostname: Name or service not known
vncserver: Could not acquire fully qualified host name of this machine.

And indeed, it seems the actual hostname of the container is not mentioned in /etc/hosts:

# cat /etc/hostname
remotepc

# cat /etc/hosts
127.0.0.1       localhost
::1     localhost ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters

Adding the hostname in /etc/hosts inside the running container is sufficient for solving the issue:
# echo "127.0.0.1 $(cat /etc/hostname)" >> /etc/hosts
And indeed, vnc starts now normally in host mode.

To avoid adding this trick in the entrypoint script, I'm using a compose file with

hostname: remotepc
extra_hosts:
  - "remotepc:127.0.0.1"

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

3 participants