-
Notifications
You must be signed in to change notification settings - Fork 2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Connectivity issue after php:8.0-fpm #1489
Comments
I guess that this is likely due to seccomp -- so, need to update Docker, |
Thanks for the reply.
|
Did anything about your k3d change recently too? |
Not really, the problem is happening even outside k3d, I cannot curl our domain while running php:8.3-fpm local docker image but I can do so with the old ones, I can however nslookup it on both. I even updated k3d version to latest. |
Does |
Yes, it works. |
One key thing I just noticed, is that the issue is not with the domain at all, its with what it points to. our domain example.com points to loopback address 127.0.0.1, so you can achieve the same results trying to access this address from the image locally. |
Oh that's strange -- 127.0.0.1 will connect to loopback inside the container (not the host), regardless of which base image you're from. 🤔 |
I guess the caveat to that is that in k8s, that's shared across a whole pod -- are you running multiple containers in your pods? Is there any reason that the bookworm tests might not be running one of the containers in the pod as the bullseye tests? |
maybe I was not clear, I didn't mean the host as in the host machine, I meant the server, curling 127.0.0.1 from bullseye is able to reach the server but the request is refused because nothing is running on port 80.
non-bullseye:
|
Fpm isn't like a regular server and doesn't use port 80 or http. Also, by overriding the entrypoint the fpm process doesn't get started. The following works!
|
I dont need to override the entrypoint to get the same outputs
I know port 80 is not used that is why I would expect to see connection refused not couldn't connect. |
@mohammedx3 those 2 tags have different base debian version (Bookworm vs Bullseye) which coukld explain the difference in error messages, but regardless, curl is not a valid way to test FPM. |
We have encountered an issue that sounds very similar if not the same. We found a container which makes external requests (via a web-proxy) first will then fail when making internal requests to another container, with the error |
Description
We are running our dev environment with devspace on k3d cluster, and all services could reach each other on our domains (pod1.example.com) and (pod2.example.com), etc ... until we decided to upgrade one image from php:8.0-fpm to php:8.3-fpm, now the pod having the newer image cannot access other services anymore.
outputs on php:8.3-fpm:
outputs on php:8.0-fpm:
Outside our dev environment, running the docker image locally,
curl
seems to have different outputs for our domain:php:8.3-fpm:
php:8.0-fpm:
We've encountered a connectivity issue that arises specifically when using PHP-FPM versions greater than 8.0, excluding the bullseye images for versions 8.1 and above which works fine. Although DNS resolutions via
nslookup
is successful, attempts to connect to services usingcurl
ortelnet
on port 80 fail. This problem is not present in PHP-FPM version 8.0 or earlier, nor does it occur in the bullseye images of PHP-FPM versions 8.1 and above.Context (Environment)
The text was updated successfully, but these errors were encountered: