-
-
Notifications
You must be signed in to change notification settings - Fork 512
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
fix: Add HTTPStrategy WithForcedIPv4LocalHost To Fix Docker Port Map #1775
fix: Add HTTPStrategy WithForcedIPv4LocalHost To Fix Docker Port Map #1775
Conversation
Associated docker port mapping bugs: moby/moby#42442 moby/moby#42375 If ipv6 is enabled in docker then these bugs affect this library. This is even if we build the docker network with ipv6 disabled since the ipv6 ports are still forwarded. This creates the potential for localhost for a container to be mapped to two different ports between ipv4 and ipv6. This is fine if you only have one container but once you have multiple containers spun up these ports can overlap where one containers ipv4 port is the same as another containers ipv6 port, at which point if you use localhost you are not guaranteed the ipv4 address and thus can end up calling into the wrong container.
✅ Deploy Preview for testcontainers-go ready!
To edit notification comments on pull requests, go to your Netlify site configuration. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Hi @tateexon thanks for submitting this PR, and sorry for the late response, I had a few conference trips since October and did not pay attention to this one 😞
I added a comment regarding the testable example, and I'd like to change the bug into a feature: we are adding new features to the wait strategy to resolve a bug elsewhere. So for me this is providing support for a non-covered use case. But I'm open to listen to your thoughts on this.
Nevertheless, the changes LGTM! I'm waiting for the CI to pass, also the changes in my comments.
Thanks for your time here!
* main: (74 commits) chore(deps): bump github.com/docker/compose/v2 in /modules/compose (testcontainers#2162) feat(modules.cockroachdb) Adds cockroachdb module (testcontainers#2131) chore(deps): bump golang.org/x/crypto in /modules/minio (testcontainers#2161) chore(deps): bump golang.org/x/crypto in /modules/openldap (testcontainers#2165) chore(deps): bump github.com/google/uuid from 1.5.0 to 1.6.0 (testcontainers#2169) chore(deps): bump google.golang.org/api from 0.156.0 to 0.159.0, google.golang.org/grpc from 1.60.1 to 1.61.0, cloud.google.com/go/pubsub from 1.33.0 to 1.35.0 in /modules/gcloud (testcontainers#2168) chore(deps): bump github.com/hashicorp/consul/api in /examples/consul (testcontainers#2152) chore(deps): bump github.com/couchbase/gocb/v2 in /modules/couchbase (testcontainers#2145) chore(deps): bump k8s.io/api, k8s.io/apimachinery and k8s.io/client-go from 0.29.0 to 0.29.1 in /modules/k3s (testcontainers#2167) chore: do not compile modules on macos workers on GH (testcontainers#2164) Openldap module support (testcontainers#2117) Adding inbucket module (testcontainers#2142) testifylint: enable compares rule (testcontainers#2143) Bump containerd version to v1.7.12 (testcontainers#2137) feat: Add Minio module (testcontainers#2132) Adding LogConsumers start as part of the ContainerRequest (testcontainers#2073) chore: bring back assertion for network aliases for bridge in rootless mode (testcontainers#2141) chore(deps): bump github.com/docker/compose/v2 from 2.23.3 to 2.24.0 in /modules/compose (testcontainers#2096) chore(deps): bump github.com/dvsekhvalnov/jose2go in /modules/pulsar (testcontainers#2136) fix: skip-host-cache option removed in latest MySQL 8.3.0 version (testcontainers#2130) ...
@tateexon I went ahead and merged the branch with the current state of main, to not cause you more trouble with it. Please let me know if the added changes (ultra minor changes, not feature related) are fine with your initial implementation. Cheers! |
* main: (33 commits) feat (postgres): support for creating and restoring Snapshots (testcontainers#2199) fix: apply volume options only to volumes (testcontainers#2201) redpanda/test: add admin client call (testcontainers#2200) chore(deps): bump cloud.google.com/go/spanner from 1.55.0 to 1.56.0 in /modules/gcloud, cloud.google.com/go/pubsub from 1.35.0 to 1.36.1 in /modules/gcloud, cloud.google.com/go/bigquery from 1.57.1 to 1.58.0 in /modules/gcloud (testcontainers#2197) chore(deps): bump github.com/docker/docker from 25.0.1+incompatible to 25.0.2+incompatible (testcontainers#2196) fix: go doc reference broken image (testcontainers#2195) Add Support for WASM Transforms to Redpanda Module (testcontainers#2170) feat(modules.clickhouse): Add zookeeper for clickhouse clusterization (testcontainers#1995) redpanda: allow using SASL and TLS together (testcontainers#2140) chore: do not panic in testable examples (testcontainers#2193) fix: all mounts should contain the testcontainers labels (testcontainers#2191) [redpanda] sasl test for wrong mechanism (testcontainers#2048) fix: deprecate BindMounts correctly (testcontainers#2190) chore(docker_mounts): stop doing misleading logging (testcontainers#2178) fix: Add HTTPStrategy WithForcedIPv4LocalHost To Fix Docker Port Map (testcontainers#1775) chore(deps): bump github.com/docker/compose/v2 in /modules/compose (testcontainers#2162) feat(modules.cockroachdb) Adds cockroachdb module (testcontainers#2131) chore(deps): bump golang.org/x/crypto in /modules/minio (testcontainers#2161) chore(deps): bump golang.org/x/crypto in /modules/openldap (testcontainers#2165) chore(deps): bump github.com/google/uuid from 1.5.0 to 1.6.0 (testcontainers#2169) ...
* main: (33 commits) feat (postgres): support for creating and restoring Snapshots (testcontainers#2199) fix: apply volume options only to volumes (testcontainers#2201) redpanda/test: add admin client call (testcontainers#2200) chore(deps): bump cloud.google.com/go/spanner from 1.55.0 to 1.56.0 in /modules/gcloud, cloud.google.com/go/pubsub from 1.35.0 to 1.36.1 in /modules/gcloud, cloud.google.com/go/bigquery from 1.57.1 to 1.58.0 in /modules/gcloud (testcontainers#2197) chore(deps): bump github.com/docker/docker from 25.0.1+incompatible to 25.0.2+incompatible (testcontainers#2196) fix: go doc reference broken image (testcontainers#2195) Add Support for WASM Transforms to Redpanda Module (testcontainers#2170) feat(modules.clickhouse): Add zookeeper for clickhouse clusterization (testcontainers#1995) redpanda: allow using SASL and TLS together (testcontainers#2140) chore: do not panic in testable examples (testcontainers#2193) fix: all mounts should contain the testcontainers labels (testcontainers#2191) [redpanda] sasl test for wrong mechanism (testcontainers#2048) fix: deprecate BindMounts correctly (testcontainers#2190) chore(docker_mounts): stop doing misleading logging (testcontainers#2178) fix: Add HTTPStrategy WithForcedIPv4LocalHost To Fix Docker Port Map (testcontainers#1775) chore(deps): bump github.com/docker/compose/v2 in /modules/compose (testcontainers#2162) feat(modules.cockroachdb) Adds cockroachdb module (testcontainers#2131) chore(deps): bump golang.org/x/crypto in /modules/minio (testcontainers#2161) chore(deps): bump golang.org/x/crypto in /modules/openldap (testcontainers#2165) chore(deps): bump github.com/google/uuid from 1.5.0 to 1.6.0 (testcontainers#2169) ...
What does this PR do?
Associated docker port mapping bugs:
moby/moby#42442
moby/moby#42375
If ipv6 is enabled in docker then these bugs affect this library. This is even if we build the docker network with ipv6 disabled since the ipv6 ports are still forwarded. This creates the potential for localhost for a container to be mapped to two different ports between ipv4 and ipv6. This is fine if you only have one container but once you have multiple containers spun up these ports can overlap where one containers ipv4 port is the same as another containers ipv6 port, at which point if you use localhost you are not guaranteed the ipv4 address and thus can end up calling into the wrong container.
Why is it important?
When waiting for a container to be ready it is important that we are waiting for the container we expect when ipv6 is enabled in docker.
Related issues
Note: It may make sense to do this for the Container.Endpoint and Container.Host methods in some way as well. These are nasty docker bugs and are very hard to triage since they only happen when docker happens to forward the ports out of sync.