node-red.github.io icon indicating copy to clipboard operation
node-red.github.io copied to clipboard
verified publisher icon node-red

Linking containers example not working any more

Open lazyzero opened this issue 4 years ago • 6 comments

In the section about linking containers the example to link mosquitto by a bridge network dosn't work with mosquitto:latest (2.0.7), but with the last 1.6.13 seams that the config file of Mosquitto 2 is different and not listening to the network by default.

If I look into the container log I get:

1614083867: mosquitto version 2.0.7 starting 1614083867: Config loaded from /mosquitto/config/mosquitto.conf. 1614083867: Starting in local only mode. Connections will only be possible from clients running on this machine. 1614083867: Create a configuration file which defines a listener to allow remote access. 1614083867: Opening ipv4 listen socket on port 1883. 1614083867: Opening ipv6 listen socket on port 1883. 1614083867: Error: Address not available 1614083867: mosquitto version 2.0.7 running

by altering the docker command to:

docker run -itd --network iot --name mybroker eclipse-mosquitto:1.6.13

it works like expected. So two solutions:

  1. using the command like above with the last 1.6 Mosquitto
  2. Providing an docker image with adapted mosquitto.conf file to enable listener 1883 and allow_anonymous true to have the same behavior for the latest mosquitto.

Dockerfile could look like:

FROM eclipse-mosquitto:latest

RUN echo "listener 1883" >> /mosquitto/config/mosquitto.conf
&& echo "allow_anonymous true" >> /mosquitto/config/mosquitto.conf

VOLUME ["/mosquitto/data", "/mosquitto/log"]

EXPOSE 1883 ENTRYPOINT ["/docker-entrypoint.sh"] CMD ["/usr/sbin/mosquitto", "-c", "/mosquitto/config/mosquitto.conf"]

Best Christian

lazyzero avatar Feb 23 '21 14:02 lazyzero

hmm tricky - we don't really want to have to maintain another docker image just for this - nor really link to an old version. I guess that is the best option for now - but hopefully the broker folk will have a way out. I can see why they default to localhost for security but yeah - it's a pain for this scenario - as by a default a container won't have external network access.

dceejay avatar Feb 23 '21 19:02 dceejay

Okay, I see.

What about starting the mosquitto container as usual and then executing:

docker exec -ti broker sh -c 'echo "listener 1883" >> /mosquitto/config/mosquitto.conf && echo "allow_anonymous true" >> /mosquitto/config/mosquitto.conf'

followed by a restart of the container.

Best Christian

lazyzero avatar Feb 24 '21 07:02 lazyzero

I think this would be better raised against the mosquitto docker image, while I understand why they made the change to the default config, I don't think it holds for docker so I think this is Roger's problem to solve.

hardillb avatar Feb 24 '21 07:02 hardillb

https://github.com/eclipse/mosquitto/commit/12ff9d5e1491b805605d698c198b681db5c1dcbb

hardillb avatar Feb 27 '21 21:02 hardillb

so as per ^^^ docker run -it -p 1883:1883 -e NO_AUTHENTICATION=1 eclipse-mosquitto:<version> ?

dceejay avatar Feb 27 '21 22:02 dceejay

No, didn't work for me. The port is then still not exposed to external https://github.com/eclipse/mosquitto/issues/2119

lazyzero avatar Mar 11 '21 14:03 lazyzero