network_mode: host have no effect and ports does not opened (podman-compose 1.0.3)

[Hubbitus]

Describe the bug

Despite to the container used network_mode: host default network is also applied in the command line later and has precedence!

To Reproduce

Minimal docker-compose.yml file to reproduce problem:

version: '2.4'
services:
    apache:
        container_name: podman-compose-bug-reproduce
        image: docker.io/httpd:2.4.52
#        ports:
#            - 80:80
        # To use ports less than 1024 in rootless mode that require allow priveledged ports use. E.g. (or similar in sysctl.conf):
        # sudo sysctl net.ipv4.ip_unprivileged_port_start=70
        network_mode: host
        hostname: 127.0.0.1

Run it:

$ podman-compose up -d
['podman', '--version', '']
using podman version: 3.4.4
** excluding:  set()
['podman', 'network', 'exists', 'podman-compose-bug_default']
podman run --name=podman-compose-bug-reproduce -d --label io.podman.compose.config-hash=123 --label io.podman.compose.project=podman-compose-bug --label io.podman.compose.version=0.0.1 --label com.docker.compose.project=podman-compose-bug --label com.docker.compose.project.working_dir=/home/pasha/temp/podman-compose-bug --label com.docker.compose.project.config_files=docker-compose.yml --label com.docker.compose.container-number=1 --label com.docker.compose.service=apache --network host --net podman-compose-bug_default --network-alias apache --hostname 127.0.0.1 docker.io/httpd:2.4.52
72d9447da5d9680142c1ad64388d9bcff1791e0d6a2d4ba44d7094b813164667
exit code: 0

Test:

$ http http://localhost

http: error: ConnectionError: HTTPConnectionPool(host='localhost', port=80): Max retries exceeded with url: / (Caused by NewConnectionError('<urllib3.connection.HTTPConnection object at 0x7fe68286f070>: Failed to establish a new connection: [Errno 111] Connection refused')) while doing a GET request to URL: http://localhost/

Expected behavior

Get working Apache httpd welcome page.

Actual behavior

Got an error what the port is not open.

Please note, in the actual command line for the podman present sequentially: --network host --net podman-compose-bug_default, so if I manually re-run such container without --net podman-compose-bug_default that will work:

$ podman rm -vf podman-compose-bug-reproduce
72d9447da5d9680142c1ad64388d9bcff1791e0d6a2d4ba44d7094b813164667
$ podman run --name=podman-compose-bug-reproduce -d \
  --label io.podman.compose.config-hash=123 --label io.podman.compose.project=podman-compose-bug --label io.podman.compose.version=0.0.1 --label com.docker.compose.project=podman-compose-bug --label com.docker.compose.project.working_dir=/home/pasha/temp/podman-compose-bug --label com.docker.compose.project.config_files=docker-compose.yml --label com.docker.compose.container-number=1 --label com.docker.compose.service=apache \
  --network host --network-alias apache \
  --hostname 127.0.0.1 docker.io/httpd:2.4.52
855ef370efc9101aa69768b06f1300cf1ea5730c8e26f4e358269e23d31bc4f6
[pasha@hubbitus podman-compose-bug]$ http http://localhost
HTTP/1.1 200 OK
Accept-Ranges: bytes
Connection: Keep-Alive
Content-Length: 45
Content-Type: text/html
Date: Sun, 02 Jan 2022 15:01:26 GMT
ETag: "2d-432a5e4a73a80"
Keep-Alive: timeout=5, max=100
Last-Modified: Mon, 11 Jun 2007 18:53:14 GMT
Server: Apache/2.4.52 (Unix)

<html><body><h1>It works!</h1></body></html>

I also tested that behaviour with previous version of podman-compose (in Fedora 35 that is 0.1.8), and it generate expected (working) run command, please look:

$ sudo dnf downgrade podman-compose -y
...
Downgraded:
  podman-compose-0.1.8-1.fc35.noarch                                                                                                                                                                                                                                          
Complete!
$ podman-compose down
...
$ podman-compose up -d
['podman', '--version', '']
using podman version: 3.4.4
** excluding:  set()
podman pod create --name=podman-compose-bug --share net --infra-name=podman-compose-bug_infra
6aaa607fc4e2f6281d8a8b49f6005f65eb80c78fe575f17c1a8e68cd36c13d4e
exit code: 0
podman run --name=podman-compose-bug-reproduce -d --pod=podman-compose-bug --label io.podman.compose.config-hash=123 --label io.podman.compose.project=podman-compose-bug --label io.podman.compose.version=0.0.1 --label com.docker.compose.project=podman-compose-bug --label com.docker.compose.project.working_dir=/home/pasha/temp/podman-compose-bug --label com.docker.compose.project.config_files=docker-compose.yml --label com.docker.compose.container-number=1 --label com.docker.compose.service=apache --network host --add-host apache:127.0.0.1 --add-host podman-compose-bug-reproduce:127.0.0.1 --hostname 127.0.0.1 docker.io/httpd:2.4.52
4ea496ef388f8c20793f8a6027d3308f8a5e3f0af2ef4c25008819930442a6a9
exit code: 0

[pasha@hubbitus podman-compose-bug]$ http http://localhost
HTTP/1.1 200 OK
...

<html><body><h1>It works!</h1></body></html>

Versions and environment

$ podman-compose version
using podman version: 3.4.4
podman-composer version  1.0.3
podman --version 
podman version 3.4.4
exit code: 0...

Environment:

• OS: Fedora Linux 35
• podman version: 3.4.4
• podman compose version: 1.0.3

[Hubbitus]

Possibly (unsure) related to #316

[muayyad-alsadi]

it seems that --network host and --net podman-compose-bug_default canceled each other
I'll see what I can do.

[NoTuxNoBux]

I'm also encountering a similar (related?) issue without --network host in compose.yaml from versions 1.0.2 and upward; most of my applications start properly, but the PostgreSQL service from my compose.yaml doesn't have its port properly reachable - not by the other applications in the compose.yaml, nor from my host on the port mapped there (5432).

I see the following line is no longer printed on up:

podman pod create --name=myproject --share net -p 3000:3000 -p 3001:3001 -p 5432:5432 -p 3002:3002 -p 8080:8080 -p 3003:3003

Instead, all the separate containers get something like the following, which wasn't the case before:

--net myproject_default --network-alias postgresql -p 5432:5432

The applications are all reachable on their respective ports (3000, 3001, 3002, and 8080), but they don't seem to share the same network any more somehow.

[muayyad-alsadi]

@NoTuxNoBux please check this

#379

[NoTuxNoBux]

@muayyad-alsadi That was it, thanks, and sorry for the noise.

In case anyone else experiences my problem, on Arch:

1. Install podman-dnsname from the official repositories (podman-compose doesn't depend on it so it doesn't install automatically).
2. Stop all your containers.
3. Existing networks still won't use the newly installed dnsname plugin and they aren't removed automatically on podman-compose down, so explicitly remove all your networks using podman network rm (use podman network ls to see them) to force them to be recreated and upgrade.
4. Run podman-compose up, which should automatically recreate the network, and it should now properly resolve hostnames.

[muayyad-alsadi]

@Hubbitus please test the above commit

[quexten]

@muayyad-alsadi I was experiencing the same issue. With the latest development version, this works, however another related issue seems to be with network_mode: container:test. On the latest stable version, this results in two net flags, the correct one and the --net test-test_default one. On the development version, only the second flag is present. The expected outcome would be only the "--net container:test" flag being present.

Edit: Actually, since this seems to be an entirely new feature, I opened a separate issue for this: #413

[muayyad-alsadi]

@quexten you can use "network_mode: service:test" in latest devel

[transtone]

@quexten you can use "network_mode: service:test" in latest devel

Is there a plan to release 1.0.4?

[julyclyde]

I'm using 1.0.3 RPM from Almalinux and meet the bug either. I want to keep my system clean, and don't want to PIP install podman-compose. Could you release next version ASAP?