-
Notifications
You must be signed in to change notification settings - Fork 1
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat: specify port binding for docker #592
Conversation
…go-kit into chore.portbind-docker
80b88c8
to
18f837b
Compare
e42be60
to
1fd6b1e
Compare
@@ -57,7 +58,8 @@ func Setup(pool *dockertest.Pool, d resource.Cleaner, opts ...func(*Config)) (*R | |||
"POSTGRES_DB=" + postgresDefaultDB, | |||
"POSTGRES_USER=" + postgresDefaultUser, | |||
}, | |||
Cmd: cmd, | |||
Cmd: cmd, | |||
PortBindings: internal.IPv4PortBindings([]string{"5432"}), | |||
}, func(hc *dc.HostConfig) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Don't we need to set PublishAllPorts to false
?
postgresContainer, err := pool.RunWithOptions(&dockertest.RunOptions{
Repository: "postgres",
Tag: c.Tag,
NetworkID: c.NetworkID,
Env: []string{
"POSTGRES_PASSWORD=" + postgresDefaultPassword,
"POSTGRES_DB=" + postgresDefaultDB,
"POSTGRES_USER=" + postgresDefaultUser,
},
Cmd: cmd,
PortBindings: internal.IPv4PortBindings([]string{"5432"}),
}, func(hc *dc.HostConfig) {
hc.ShmSize = c.ShmSize
hc.OOMKillDisable = c.OOMKillDisable
hc.Memory = c.Memory
},
internal.DefaultHostConfig,
)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Do we need to set PublishAllPorts to false in sshserver.go
and transformer.go
as well?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We should set PublishAllPorts to false in all the resources and expose ports only via port binding.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM
Description
Motivation
We have been facing overlapping issues with ipv4 ipv6 ports, causing tests to fail randomly. You can read more about the issue here.
This PR attempts to solve the problem differently by providing a cleaner solution.
Solution
We use port bindings to only bind to ipv4 host address.
Changes
Provide Host
control host for downstream libraries:
src.GetBoundIP
instead of hardcoding localhostThis gives us more control over ipv4 vs ipv6 if needed. It would allow us to use external docker hosting.
In most cases, it simplifies consumers of the API
defaults
PublishAllPorts = false
Only publish ports being mentioned explicitly.Dependants
rudder-server
rudderlabs/rudder-server#4998
Linear Ticket
https://linear.app/rudderstack/issue/PRI-29/rudder-go-kit-ipv4-port-binding
Ref PRI-29
Security