Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Not idemponent when port is bound to 0.0.0.0 #678

Closed
Apollo3zehn opened this issue Nov 30, 2023 · 2 comments · Fixed by #679
Closed

Not idemponent when port is bound to 0.0.0.0 #678

Apollo3zehn opened this issue Nov 30, 2023 · 2 comments · Fixed by #679

Comments

@Apollo3zehn
Copy link
Contributor

Is this a BUG REPORT or FEATURE REQUEST? (leave only one on its own line)

/kind bug

Description

The container is being recreated everytime the playbook runs but only if there is at least one published port which bounds to address 0.0.0.0. Please refer to the diff output below to quickly see the problem.

Steps to reproduce the issue:

Run the task shown later in this post. And then rerun it to see that the container is being recreated everytime.

Describe the results you received:

The container should only be created once instead of everytime the role task executes (see below for the task being run).

Describe the results you expected:

The container should not be recreated.

Additional information you deem important (e.g. issue happens only occasionally):

Happens nearly all the time. Only once it did not happen.

Version of the containers.podman collection:
Either git commit if installed from git: git show --summary
Or version from ansible-galaxy if installed from galaxy: ansible-galaxy collection list | grep containers.podman

containers.podman 1.11.0

Output of ansible --version:

ansible [core 2.14.9]
  config file = /home/vincent/Dokumente/Git/GitIWES/iwes-server-management/ansible.cfg
  configured module search path = ['/home/vincent/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
  ansible python module location = /usr/lib/python3/dist-packages/ansible
  ansible collection location = /home/vincent/.ansible/collections:/usr/share/ansible/collections
  executable location = /usr/bin/ansible
  python version = 3.11.6 (main, Oct  8 2023, 05:06:43) [GCC 13.2.0] (/usr/bin/python3)
  jinja version = 3.1.2
  libyaml = True

Output of podman version:

Version:      3.4.4
API Version:  3.4.4
Go Version:   go1.18.1
Built:        Thu Jan  1 00:00:00 1970
OS/Arch:      linux/amd64

Output of podman info --debug:

host:
  arch: amd64
  buildahVersion: 1.23.1
  cgroupControllers:
  - cpuset
  - cpu
  - io
  - memory
  - hugetlb
  - pids
  - rdma
  - misc
  cgroupManager: systemd
  cgroupVersion: v2
  conmon:
    package: 'conmon: /usr/bin/conmon'
    path: /usr/bin/conmon
    version: 'conmon version 2.0.25, commit: unknown'
  cpus: 4
  distribution:
    codename: jammy
    distribution: ubuntu
    version: "22.04"
  eventLogger: journald
  hostname: nexus
  idMappings:
    gidmap: null
    uidmap: null
  kernel: 5.15.0-89-generic
  linkmode: dynamic
  logDriver: journald
  memFree: 4695601152
  memTotal: 6209183744
  ociRuntime:
    name: crun
    package: 'crun: /usr/bin/crun'
    path: /usr/bin/crun
    version: |-
      crun version 0.17
      commit: 0e9229ae34caaebcb86f1fde18de3acaf18c6d9a
      spec: 1.0.0
      +SYSTEMD +SELINUX +APPARMOR +CAP +SECCOMP +EBPF +YAJL
  os: linux
  remoteSocket:
    exists: true
    path: /run/podman/podman.sock
  security:
    apparmorEnabled: true
    capabilities: CAP_CHOWN,CAP_DAC_OVERRIDE,CAP_FOWNER,CAP_FSETID,CAP_KILL,CAP_NET_BIND_SERVICE,CAP_SETFCAP,CAP_SETGID,CAP_SETPCAP,CAP_SETUID,CAP_SYS_CHROOT
    rootless: false
    seccompEnabled: true
    seccompProfilePath: /usr/share/containers/seccomp.json
    selinuxEnabled: false
  serviceIsRemote: false
  slirp4netns:
    executable: /usr/bin/slirp4netns
    package: 'slirp4netns: /usr/bin/slirp4netns'
    version: |-
      slirp4netns version 1.0.1
      commit: 6a7b16babc95b6a3056b33fb45b74a6f62262dd4
      libslirp: 4.6.1
  swapFree: 4294963200
  swapTotal: 4294963200
  uptime: 9h 11m 5.51s (Approximately 0.38 days)
plugins:
  log:
  - k8s-file
  - none
  - journald
  network:
  - bridge
  - macvlan
  volume:
  - local
registries: {}
store:
  configFile: /etc/containers/storage.conf
  containerStore:
    number: 2
    paused: 0
    running: 2
    stopped: 0
  graphDriverName: overlay
  graphOptions: {}
  graphRoot: /var/lib/containers/storage
  graphStatus:
    Backing Filesystem: extfs
    Native Overlay Diff: "true"
    Supports d_type: "true"
    Using metacopy: "false"
  imageStore:
    number: 2
  runRoot: /run/containers/storage
  volumePath: /var/lib/containers/storage/volumes
version:
  APIVersion: 3.4.4
  Built: 0
  BuiltTime: Thu Jan  1 00:00:00 1970
  GitCommit: ""
  GoVersion: go1.18.1
  OsArch: linux/amd64
  Version: 3.4.4

Package info (e.g. output of rpm -q podman or apt list podman):

(paste your output here)

Playbok you run with ansible (e.g. content of playbook.yaml):

- name: Ensure podman containers are running
  become: true
  containers.podman.podman_container:
    name: nginx
    image: docker.io/nginx:1.21.1
    publish:
      - "0.0.0.0:5555:80"
    generate_systemd:
      path: /etc/systemd/system
      restart_policy: always

Command line and output of ansible run with high verbosity

Please NOTE: if you submit a bug about idempotency, run the playbook with --diff option, like:

ansible-playbook -i inventory --diff -vv playbook.yml

The important part of the output below is the following I think:

--- before
+++ after
@@ -1 +1 @@
-publish - ['5555:80']
+publish - ['0.0.0.0:5555:80']

Just a wild guess: Is this maybe a yaml problem? I read several times that yaml makes funny things when there are leading zeros and no quotes because it thinks an octal number follows.

Full output:

TASK [podman : Configure podman containers] *******************************************************
task path: /ansible/roles/podman/tasks/main.yml:36
included: /ansible/roles/podman/tasks/configure_container.yml for dataspace => (item={'key': 'nginx', 'value': {'name': 'nginx', 'image': 'docker.io/nginx:1.21.1', 'publish': ['0.0.0.0:5555:80'], 'generate_systemd': {'path': '/etc/systemd/system', 'restart_policy': 'always'}}})

TASK [podman : Ensure podman containers are running] **********************************************
task path: /ansible/roles/podman/tasks/configure_container.yml:1
--- before
+++ after
@@ -1 +1 @@
-publish - ['5555:80']
+publish - ['0.0.0.0:5555:80']

changed: [dataspace] => {"actions": ["recreated nginx"], "changed": true, "container": {"AppArmorProfile": "containers-default-0.44.4", "Args": ["nginx", "-g", "daemon off;"], "BoundingCaps": ["CAP_CHOWN", "CAP_DAC_OVERRIDE", "CAP_FOWNER", "CAP_FSETID", "CAP_KILL", "CAP_NET_BIND_SERVICE", "CAP_SETFCAP", "CAP_SETGID", "CAP_SETPCAP", "CAP_SETUID", "CAP_SYS_CHROOT"], "Config": {"Annotations": {"io.container.manager": "libpod", "io.kubernetes.cri-o.Created": "2023-11-30T08:25:18.99975545Z", "io.kubernetes.cri-o.TTY": "false", "io.podman.annotations.autoremove": "FALSE", "io.podman.annotations.init": "FALSE", "io.podman.annotations.privileged": "FALSE", "io.podman.annotations.publish-all": "FALSE", "org.opencontainers.image.stopSignal": "3"}, "AttachStderr": false, "AttachStdin": false, "AttachStdout": false, "Cmd": ["nginx", "-g", "daemon off;"], "CreateCommand": ["podman", "container", "run", "--name", "nginx", "--publish", "0.0.0.0:5555:80", "--detach=True", "docker.io/nginx:1.21.1"], "Domainname": "", "Entrypoint": "/docker-entrypoint.sh", "Env": ["PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin", "TERM=xterm", "container=podman", "NGINX_VERSION=1.21.1", "NJS_VERSION=0.6.1", "PKG_RELEASE=1~buster", "HOME=/root", "HOSTNAME=edf325a70128"], "Hostname": "edf325a70128", "Image": "docker.io/library/nginx:1.21.1", "Labels": {"maintainer": "NGINX Docker Maintainers <[email protected]>"}, "OnBuild": null, "OpenStdin": false, "StdinOnce": false, "StopSignal": 3, "StopTimeout": 10, "Timeout": 0, "Tty": false, "Umask": "0022", "User": "", "Volumes": null, "WorkingDir": "/"}, "ConmonPidFile": "/run/containers/storage/overlay-containers/edf325a70128bca6f1e9c8743bda8b64a2edbe63fa72190dbd3a20fda9475936/userdata/conmon.pid", "Created": "2023-11-30T08:25:18.99975545Z", "Dependencies": [], "Driver": "overlay", "EffectiveCaps": ["CAP_CHOWN", "CAP_DAC_OVERRIDE", "CAP_FOWNER", "CAP_FSETID", "CAP_KILL", "CAP_NET_BIND_SERVICE", "CAP_SETFCAP", "CAP_SETGID", "CAP_SETPCAP", "CAP_SETUID", "CAP_SYS_CHROOT"], "ExecIDs": [], "ExitCommand": ["/usr/bin/podman", "--root", "/var/lib/containers/storage", "--runroot", "/run/containers/storage", "--log-level", "warning", "--cgroup-manager", "systemd", "--tmpdir", "/run/libpod", "--runtime", "crun", "--events-backend", "journald", "container", "cleanup", "edf325a70128bca6f1e9c8743bda8b64a2edbe63fa72190dbd3a20fda9475936"], "GraphDriver": {"Data": {"LowerDir": "/var/lib/containers/storage/overlay/11b0fdc918778b3d6cfca60bd2da139dd0f5c364a74e20f73674a889c02aa7c9/diff:/var/lib/containers/storage/overlay/180e89ec24ef15365fe61259d47dbe04c30f81fb56fa78eb4e23b97f7f340154/diff:/var/lib/containers/storage/overlay/742ad078b57fba40e94fe4de1c9dd10b23d90f38d68489f6394f7ba98b70c761/diff:/var/lib/containers/storage/overlay/71cc83acb1ebe94b2094a580b8ad67603993ae786b1e8bb3ac0740602bb5588a/diff:/var/lib/containers/storage/overlay/86ff56812ca92ab734071399aecd96884d518e9ac72437af81613d72f98bb0bf/diff:/var/lib/containers/storage/overlay/d000633a56813933cb0ac5ee3246cf7a4c0205db6290018a169d7cb096581046/diff", "MergedDir": "/var/lib/containers/storage/overlay/03636beaf11364778cc0acafb3d0c9fdc652c988a9f15d3d107121f447a489bd/merged", "UpperDir": "/var/lib/containers/storage/overlay/03636beaf11364778cc0acafb3d0c9fdc652c988a9f15d3d107121f447a489bd/diff", "WorkDir": "/var/lib/containers/storage/overlay/03636beaf11364778cc0acafb3d0c9fdc652c988a9f15d3d107121f447a489bd/work"}, "Name": "overlay"}, "HostConfig": {"AutoRemove": false, "Binds": [], "BlkioDeviceReadBps": null, "BlkioDeviceReadIOps": null, "BlkioDeviceWriteBps": null, "BlkioDeviceWriteIOps": null, "BlkioWeight": 0, "BlkioWeightDevice": null, "CapAdd": [], "CapDrop": ["CAP_AUDIT_WRITE", "CAP_MKNOD", "CAP_NET_RAW"], "Cgroup": "", "CgroupConf": null, "CgroupManager": "systemd", "CgroupMode": "private", "CgroupParent": "", "Cgroups": "default", "ConsoleSize": [0, 0], "ContainerIDFile": "", "CpuCount": 0, "CpuPercent": 0, "CpuPeriod": 0, "CpuQuota": 0, "CpuRealtimePeriod": 0, "CpuRealtimeRuntime": 0, "CpuShares": 0, "CpusetCpus": "", "CpusetMems": "", "Devices": [], "DiskQuota": 0, "Dns": [], "DnsOptions": [], "DnsSearch": [], "ExtraHosts": [], "GroupAdd": [], "IOMaximumBandwidth": 0, "IOMaximumIOps": 0, "IpcMode": "private", "Isolation": "", "KernelMemory": 0, "Links": null, "LogConfig": {"Config": null, "Path": "", "Size": "0B", "Tag": "", "Type": "journald"}, "Memory": 0, "MemoryReservation": 0, "MemorySwap": 0, "MemorySwappiness": 0, "NanoCpus": 0, "NetworkMode": "bridge", "OomKillDisable": false, "OomScoreAdj": 0, "PidMode": "private", "PidsLimit": 2048, "PortBindings": {"80/tcp": [{"HostIp": "", "HostPort": "5555"}]}, "Privileged": false, "PublishAllPorts": false, "ReadonlyRootfs": false, "RestartPolicy": {"MaximumRetryCount": 0, "Name": ""}, "Runtime": "oci", "SecurityOpt": [], "ShmSize": 65536000, "Tmpfs": {}, "UTSMode": "private", "Ulimits": [{"Hard": 1048576, "Name": "RLIMIT_NOFILE", "Soft": 1048576}, {"Hard": 4194304, "Name": "RLIMIT_NPROC", "Soft": 4194304}], "UsernsMode": "", "VolumeDriver": "", "VolumesFrom": null}, "HostnamePath": "/run/containers/storage/overlay-containers/edf325a70128bca6f1e9c8743bda8b64a2edbe63fa72190dbd3a20fda9475936/userdata/hostname", "HostsPath": "/run/containers/storage/overlay-containers/edf325a70128bca6f1e9c8743bda8b64a2edbe63fa72190dbd3a20fda9475936/userdata/hosts", "Id": "edf325a70128bca6f1e9c8743bda8b64a2edbe63fa72190dbd3a20fda9475936", "Image": "822b7ec2aaf2122b8f80f9c7f45ca62ea3379bf33af4e042b67aafbf6eac1941", "ImageName": "docker.io/library/nginx:1.21.1", "IsInfra": false, "MountLabel": "", "Mounts": [], "Name": "nginx", "Namespace": "", "NetworkSettings": {"Bridge": "", "EndpointID": "", "Gateway": "10.88.0.1", "GlobalIPv6Address": "", "GlobalIPv6PrefixLen": 0, "HairpinMode": false, "IPAddress": "10.88.2.216", "IPPrefixLen": 16, "IPv6Gateway": "", "LinkLocalIPv6Address": "", "LinkLocalIPv6PrefixLen": 0, "MacAddress": "1a:fb:ac:a7:a6:29", "Networks": {"podman": {"DriverOpts": null, "EndpointID": "", "Gateway": "10.88.0.1", "GlobalIPv6Address": "", "GlobalIPv6PrefixLen": 0, "IPAMConfig": null, "IPAddress": "10.88.2.216", "IPPrefixLen": 16, "IPv6Gateway": "", "Links": null, "MacAddress": "1a:fb:ac:a7:a6:29", "NetworkID": "podman"}}, "Ports": {"80/tcp": [{"HostIp": "", "HostPort": "5555"}]}, "SandboxID": "", "SandboxKey": "/run/netns/cni-ff3f7444-cb0b-769e-a6a7-4952c5905564"}, "OCIConfigPath": "/var/lib/containers/storage/overlay-containers/edf325a70128bca6f1e9c8743bda8b64a2edbe63fa72190dbd3a20fda9475936/userdata/config.json", "OCIRuntime": "crun", "Path": "/docker-entrypoint.sh", "PidFile": "/run/containers/storage/overlay-containers/edf325a70128bca6f1e9c8743bda8b64a2edbe63fa72190dbd3a20fda9475936/userdata/pidfile", "Pod": "", "ProcessLabel": "", "ResolvConfPath": "/run/containers/storage/overlay-containers/edf325a70128bca6f1e9c8743bda8b64a2edbe63fa72190dbd3a20fda9475936/userdata/resolv.conf", "RestartCount": 0, "Rootfs": "", "State": {"CgroupPath": "/machine.slice/libpod-edf325a70128bca6f1e9c8743bda8b64a2edbe63fa72190dbd3a20fda9475936.scope", "ConmonPid": 218187, "Dead": false, "Error": "", "ExitCode": 0, "FinishedAt": "0001-01-01T00:00:00Z", "Healthcheck": {"FailingStreak": 0, "Log": null, "Status": ""}, "OOMKilled": false, "OciVersion": "1.0.2-dev", "Paused": false, "Pid": 218191, "Restarting": false, "Running": true, "StartedAt": "2023-11-30T08:25:19.644989887Z", "Status": "running"}, "StaticDir": "/var/lib/containers/storage/overlay-containers/edf325a70128bca6f1e9c8743bda8b64a2edbe63fa72190dbd3a20fda9475936/userdata"}, "podman_actions": ["podman stop nginx", "podman rm -f nginx", "podman run --name nginx --publish 0.0.0.0:5555:80 --detach=True docker.io/nginx:1.21.1"], "podman_systemd": {"container-nginx": "# container-nginx.service\n# autogenerated by Podman 3.4.4\n# Thu Nov 30 08:25:20 UTC 2023\n\n[Unit]\nDescription=Podman container-nginx.service\nDocumentation=man:podman-generate-systemd(1)\nWants=network-online.target\nAfter=network-online.target\nRequiresMountsFor=/run/containers/storage\n\n[Service]\nEnvironment=PODMAN_SYSTEMD_UNIT=%n\nRestart=always\nTimeoutStopSec=70\nExecStart=/usr/bin/podman start nginx\nExecStop=/usr/bin/podman stop -t 10 nginx\nExecStopPost=/usr/bin/podman stop -t 10 nginx\nPIDFile=/run/containers/storage/overlay-containers/edf325a70128bca6f1e9c8743bda8b64a2edbe63fa72190dbd3a20fda9475936/userdata/conmon.pid\nType=forking\n\n[Install]\nWantedBy=default.target\n"}, "stderr": "", "stderr_lines": [], "stdout": "edf325a70128bca6f1e9c8743bda8b64a2edbe63fa72190dbd3a20fda9475936\n", "stdout_lines": ["edf325a70128bca6f1e9c8743bda8b64a2edbe63fa72190dbd3a20fda9475936"]}

TASK [podman : Enable & start auto-generated systemd service] *************************************
task path: /ansible/roles/podman/tasks/configure_container.yml:6
ok: [dataspace] => {"changed": false, "enabled": true, "name": "container-nginx.service", "state": "started", "status": {"ActiveEnterTimestamp": "Wed 2023-11-29 23:22:14 UTC", "ActiveEnterTimestampMonotonic": "59423609", "ActiveExitTimestamp": "Thu 2023-11-30 08:21:05 UTC", "ActiveExitTimestampMonotonic": "32391160162", "ActiveState": "activating", "After": "systemd-journald.socket -.mount system.slice basic.target sysinit.target network-online.target", "AllowIsolate": "no", "AssertResult": "yes", "AssertTimestamp": "Thu 2023-11-30 08:24:23 UTC", "AssertTimestampMonotonic": "32589318257", "Before": "graphical.target shutdown.target", "BlockIOAccounting": "no", "BlockIOWeight": "[not set]", "CPUAccounting": "yes", "CPUAffinityFromNUMA": "no", "CPUQuotaPerSecUSec": "infinity", "CPUQuotaPeriodUSec": "infinity", "CPUSchedulingPolicy": "0", "CPUSchedulingPriority": "0", "CPUSchedulingResetOnFork": "no", "CPUShares": "[not set]", "CPUUsageNSec": "318273000", "CPUWeight": "[not set]", "CacheDirectoryMode": "0755", "CanFreeze": "yes", "CanIsolate": "no", "CanReload": "no", "CanStart": "yes", "CanStop": "yes", "CapabilityBoundingSet": "cap_chown cap_dac_override cap_dac_read_search cap_fowner cap_fsetid cap_kill cap_setgid cap_setuid cap_setpcap cap_linux_immutable cap_net_bind_service cap_net_broadcast cap_net_admin cap_net_raw cap_ipc_lock cap_ipc_owner cap_sys_module cap_sys_rawio cap_sys_chroot cap_sys_ptrace cap_sys_pacct cap_sys_admin cap_sys_boot cap_sys_nice cap_sys_resource cap_sys_time cap_sys_tty_config cap_mknod cap_lease cap_audit_write cap_audit_control cap_setfcap cap_mac_override cap_mac_admin cap_syslog cap_wake_alarm cap_block_suspend cap_audit_read cap_perfmon cap_bpf cap_checkpoint_restore", "CleanResult": "success", "CollectMode": "inactive", "ConditionResult": "yes", "ConditionTimestamp": "Thu 2023-11-30 08:24:23 UTC", "ConditionTimestampMonotonic": "32589318255", "ConfigurationDirectoryMode": "0755", "Conflicts": "shutdown.target", "ControlGroup": "/system.slice/container-nginx.service", "ControlPID": "0", "CoredumpFilter": "0x33", "DefaultDependencies": "yes", "DefaultMemoryLow": "0", "DefaultMemoryMin": "0", "Delegate": "no", "Description": "Podman container-nginx.service", "DevicePolicy": "auto", "Documentation": "\"man:podman-generate-systemd(1)\"", "DynamicUser": "no", "EffectiveCPUs": "0-1", "EffectiveMemoryNodes": "0", "Environment": "PODMAN_SYSTEMD_UNIT=container-nginx.service", "ExecMainCode": "0", "ExecMainExitTimestamp": "n/a", "ExecMainExitTimestampMonotonic": "0", "ExecMainPID": "0", "ExecMainStartTimestamp": "n/a", "ExecMainStartTimestampMonotonic": "0", "ExecMainStatus": "0", "ExecStart": "{ path=/usr/bin/podman ; argv[]=/usr/bin/podman start nginx ; ignore_errors=no ; start_time=[Thu 2023-11-30 08:24:23 UTC] ; stop_time=[Thu 2023-11-30 08:24:24 UTC] ; pid=216853 ; code=exited ; status=0 }", "ExecStartEx": "{ path=/usr/bin/podman ; argv[]=/usr/bin/podman start nginx ; flags= ; start_time=[Thu 2023-11-30 08:24:23 UTC] ; stop_time=[Thu 2023-11-30 08:24:24 UTC] ; pid=216853 ; code=exited ; status=0 }", "ExecStop": "{ path=/usr/bin/podman ; argv[]=/usr/bin/podman stop -t 10 nginx ; ignore_errors=no ; start_time=[n/a] ; stop_time=[n/a] ; pid=0 ; code=(null) ; status=0/0 }", "ExecStopEx": "{ path=/usr/bin/podman ; argv[]=/usr/bin/podman stop -t 10 nginx ; flags= ; start_time=[n/a] ; stop_time=[n/a] ; pid=0 ; code=(null) ; status=0/0 }", "ExecStopPost": "{ path=/usr/bin/podman ; argv[]=/usr/bin/podman stop -t 10 nginx ; ignore_errors=no ; start_time=[n/a] ; stop_time=[n/a] ; pid=0 ; code=(null) ; status=0/0 }", "ExecStopPostEx": "{ path=/usr/bin/podman ; argv[]=/usr/bin/podman stop -t 10 nginx ; flags= ; start_time=[n/a] ; stop_time=[n/a] ; pid=0 ; code=(null) ; status=0/0 }", "FailureAction": "none", "FileDescriptorStoreMax": "0", "FinalKillSignal": "9", "FragmentPath": "/etc/systemd/system/container-nginx.service", "FreezerState": "running", "GID": "[not set]", "GuessMainPID": "yes", "IOAccounting": "no", "IOReadBytes": "18446744073709551615", "IOReadOperations": "18446744073709551615", "IOSchedulingClass": "2", "IOSchedulingPriority": "4", "IOWeight": "[not set]", "IOWriteBytes": "18446744073709551615", "IOWriteOperations": "18446744073709551615", "IPAccounting": "no", "IPEgressBytes": "[no data]", "IPEgressPackets": "[no data]", "IPIngressBytes": "[no data]", "IPIngressPackets": "[no data]", "Id": "container-nginx.service", "IgnoreOnIsolate": "no", "IgnoreSIGPIPE": "yes", "InactiveEnterTimestamp": "Thu 2023-11-30 08:24:23 UTC", "InactiveEnterTimestampMonotonic": "32589318199", "InactiveExitTimestamp": "Thu 2023-11-30 08:24:23 UTC", "InactiveExitTimestampMonotonic": "32589333218", "InvocationID": "78b41764b5e2406a805d0c21913b45ce", "Job": "63460", "JobRunningTimeoutUSec": "infinity", "JobTimeoutAction": "none", "JobTimeoutUSec": "infinity", "KeyringMode": "private", "KillMode": "control-group", "KillSignal": "15", "LimitAS": "infinity", "LimitASSoft": "infinity", "LimitCORE": "infinity", "LimitCORESoft": "0", "LimitCPU": "infinity", "LimitCPUSoft": "infinity", "LimitDATA": "infinity", "LimitDATASoft": "infinity", "LimitFSIZE": "infinity", "LimitFSIZESoft": "infinity", "LimitLOCKS": "infinity", "LimitLOCKSSoft": "infinity", "LimitMEMLOCK": "65536", "LimitMEMLOCKSoft": "65536", "LimitMSGQUEUE": "819200", "LimitMSGQUEUESoft": "819200", "LimitNICE": "0", "LimitNICESoft": "0", "LimitNOFILE": "524288", "LimitNOFILESoft": "1024", "LimitNPROC": "15195", "LimitNPROCSoft": "15195", "LimitRSS": "infinity", "LimitRSSSoft": "infinity", "LimitRTPRIO": "0", "LimitRTPRIOSoft": "0", "LimitRTTIME": "infinity", "LimitRTTIMESoft": "infinity", "LimitSIGPENDING": "15195", "LimitSIGPENDINGSoft": "15195", "LimitSTACK": "infinity", "LimitSTACKSoft": "8388608", "LoadState": "loaded", "LockPersonality": "no", "LogLevelMax": "-1", "LogRateLimitBurst": "0", "LogRateLimitIntervalUSec": "0", "LogsDirectoryMode": "0755", "MainPID": "0", "ManagedOOMMemoryPressure": "auto", "ManagedOOMMemoryPressureLimit": "0", "ManagedOOMPreference": "none", "ManagedOOMSwap": "auto", "MemoryAccounting": "yes", "MemoryAvailable": "infinity", "MemoryCurrent": "4096", "MemoryDenyWriteExecute": "no", "MemoryHigh": "infinity", "MemoryLimit": "infinity", "MemoryLow": "0", "MemoryMax": "infinity", "MemoryMin": "0", "MemorySwapMax": "infinity", "MountAPIVFS": "no", "NFileDescriptorStore": "0", "NRestarts": "4", "NUMAPolicy": "n/a", "Names": "container-nginx.service", "NeedDaemonReload": "yes", "Nice": "0", "NoNewPrivileges": "no", "NonBlocking": "no", "NotifyAccess": "none", "OOMPolicy": "stop", "OOMScoreAdjust": "0", "OnFailureJobMode": "replace", "OnSuccessJobMode": "fail", "PIDFile": "/run/containers/storage/overlay-containers/2ef3d90d01cd04d5704555ddef6031f53a6bb08f1c4f4cbe31dea8a25604868c/userdata/conmon.pid", "Perpetual": "no", "PrivateDevices": "no", "PrivateIPC": "no", "PrivateMounts": "no", "PrivateNetwork": "no", "PrivateTmp": "no", "PrivateUsers": "no", "ProcSubset": "all", "ProtectClock": "no", "ProtectControlGroups": "no", "ProtectHome": "no", "ProtectHostname": "no", "ProtectKernelLogs": "no", "ProtectKernelModules": "no", "ProtectKernelTunables": "no", "ProtectProc": "default", "ProtectSystem": "no", "RefuseManualStart": "no", "RefuseManualStop": "no", "ReloadResult": "success", "RemainAfterExit": "no", "RemoveIPC": "no", "Requires": "sysinit.target system.slice -.mount", "RequiresMountsFor": "/run/containers/storage", "Restart": "always", "RestartKillSignal": "15", "RestartUSec": "100ms", "RestrictNamespaces": "no", "RestrictRealtime": "no", "RestrictSUIDSGID": "no", "Result": "success", "RootDirectoryStartOnly": "no", "RuntimeDirectoryMode": "0755", "RuntimeDirectoryPreserve": "no", "RuntimeMaxUSec": "infinity", "SameProcessGroup": "no", "SecureBits": "0", "SendSIGHUP": "no", "SendSIGKILL": "yes", "Slice": "system.slice", "StandardError": "inherit", "StandardInput": "null", "StandardOutput": "journal", "StartLimitAction": "none", "StartLimitBurst": "5", "StartLimitIntervalUSec": "10s", "StartupBlockIOWeight": "[not set]", "StartupCPUShares": "[not set]", "StartupCPUWeight": "[not set]", "StartupIOWeight": "[not set]", "StateChangeTimestamp": "Thu 2023-11-30 08:24:23 UTC", "StateChangeTimestampMonotonic": "32589333218", "StateDirectoryMode": "0755", "StatusErrno": "0", "StopWhenUnneeded": "no", "SubState": "start", "SuccessAction": "none", "SyslogFacility": "3", "SyslogLevel": "6", "SyslogLevelPrefix": "yes", "SyslogPriority": "30", "SystemCallErrorNumber": "2147483646", "TTYReset": "no", "TTYVHangup": "no", "TTYVTDisallocate": "no", "TasksAccounting": "yes", "TasksCurrent": "0", "TasksMax": "4558", "TimeoutAbortUSec": "1min 10s", "TimeoutCleanUSec": "infinity", "TimeoutStartFailureMode": "terminate", "TimeoutStartUSec": "1min 30s", "TimeoutStopFailureMode": "terminate", "TimeoutStopUSec": "1min 10s", "TimerSlackNSec": "50000", "Transient": "no", "Type": "forking", "UID": "[not set]", "UMask": "0022", "UnitFilePreset": "enabled", "UnitFileState": "enabled", "UtmpMode": "init", "WantedBy": "graphical.target", "Wants": "network-online.target", "WatchdogSignal": "6", "WatchdogTimestamp": "n/a", "WatchdogTimestampMonotonic": "0", "WatchdogUSec": "0"}}

PLAY RECAP ****************************************************************************************
dataspace                  : ok=4    changed=1    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0

Additional environment details (AWS, VirtualBox, physical, etc.):
@sshnaidm
Copy link
Member

I think it's by default bind to 0.0.0.0, so no need to specify it actually.

@Apollo3zehn
Copy link
Contributor Author

Oh yes, your are right, thanks. I started being explicit when I accidentally exposed my services to the public. I will remove the 0.0.0.0 now, but this issue remains valid I think.

sshnaidm added a commit to sshnaidm/ansible-podman-collections that referenced this issue Nov 30, 2023
@sshnaidm
Fix idempotency when using 0.0.0.0 in ports
ba988b3 
Fix containers#678
Signed-off-by: Sagi Shnaidman <[email protected]>
@sshnaidm sshnaidm mentioned this issue Nov 30, 2023
Merged
sshnaidm added a commit to sshnaidm/ansible-podman-collections that referenced this issue Nov 30, 2023
@sshnaidm
Fix idempotency when using 0.0.0.0 in ports
e29af6b 
Fix containers#678
Signed-off-by: Sagi Shnaidman <[email protected]>
sshnaidm added a commit that referenced this issue Nov 30, 2023
@sshnaidm
Fix idempotency when using 0.0.0.0 in ports (#679)
2d00639 
Fix #678
Signed-off-by: Sagi Shnaidman <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Fix idempotency when using 0.0.0.0 in ports sshnaidm/ansible-podman-collections
2 participants
@sshnaidm @Apollo3zehn