docker make services crash or server unreachable

    • OMV 4.x

    This site uses cookies. By continuing to browse this site, you are agreeing to our Cookie Policy.

    • docker make services crash or server unreachable

      Hi,

      I'm trying to install haugene/transmission-openvpn. I've already installed on another server, but i have a problem on this one. I followed the video made by TechnoDadLife .

      When i start the container, all seems ok in logs (docker logs xxxxx) but i can't use the openmediavault web gui, transmission web gui or the SSH ... seems the server is unreachable or services crash ...

      Thanks for the help
    • well, i've made a 2nd try : i initiate another container from scratch ... same issues.

      When i save the parameters, all network's services (omv web gui, samba, ssh,rynsc server .. ) become unreachable. The only solution is to log on the server, stop the container and reboot but the container doesn't work then ...
      to avoid a IPV6 error, i've found 2 commands lines (but no idea how to make them perma and what they do) :
      sysctl -w net.ipv6.conf.default.disable_ipv6=0
      sysctl -w net.ipv6.conf.all.disable_ipv6=0
      the server answer when i ping it, it can ping my pc in the same network.

      The log of the container is :

      Brainfuck Source Code

      1. Using OpenVPN provider: HIDEMYASS
      2. No VPN configuration provided. Using default.
      3. Setting OPENVPN credentials...
      4. enabling firewall
      5. Firewall is active and enabled on system startup
      6. allowing 51413 through the firewall
      7. Skipping adding existing rule
      8. allowing 192.168.0.1 through the firewall to port 9091
      9. Skipping adding existing rule
      10. adding route to local network 192.168.0.0/24 via 192.168.0.1 dev enp3s0
      11. allowing 192.168.0.0/24 through the firewall to port 9091
      12. Skipping adding existing rule
      13. Mon Apr 15 22:45:06 2019 OpenVPN 2.4.7 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Feb 19 2019
      14. Mon Apr 15 22:45:06 2019 library versions: OpenSSL 1.0.2g 1 Mar 2016, LZO 2.08
      15. Mon Apr 15 22:45:06 2019 WARNING: --ns-cert-type is DEPRECATED. Use --remote-cert-tls instead.
      16. Mon Apr 15 22:45:06 2019 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
      17. Mon Apr 15 22:45:06 2019 TCP/UDP: Preserving recently used remote address: [AF_INET]195.181.172.162:553
      18. Mon Apr 15 22:45:06 2019 Socket Buffers: R=[212992->212992] S=[212992->212992]
      19. Mon Apr 15 22:45:06 2019 UDP link local: (not bound)
      20. Mon Apr 15 22:45:06 2019 UDP link remote: [AF_INET]195.181.172.162:553
      21. Mon Apr 15 22:45:06 2019 TLS: Initial packet from [AF_INET]195.181.172.162:553, sid=c8040f47 995396cc
      22. Mon Apr 15 22:45:06 2019 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
      23. Mon Apr 15 22:45:06 2019 VERIFY OK: depth=1, C=UK, ST=London, L=London, O=Privax Ltd, OU=HMA Pro VPN, CN=hidemyass.com, emailAddress=info@privax.com
      24. Mon Apr 15 22:45:06 2019 VERIFY OK: nsCertType=SERVER
      25. Mon Apr 15 22:45:06 2019 VERIFY OK: depth=0, C=UK, ST=London, L=London, O=Privax Ltd, OU=HMA Pro VPN, CN=server, emailAddress=info@privax.com
      26. Mon Apr 15 22:45:06 2019 Control Channel: TLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-GCM-SHA384, 2048 bit RSA
      27. Mon Apr 15 22:45:06 2019 [server] Peer Connection Initiated with [AF_INET]195.181.172.162:553
      28. Mon Apr 15 22:45:07 2019 SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)
      29. Mon Apr 15 22:45:07 2019 PUSH: Received control message: 'PUSH_REPLY,dhcp-option DNS 100.120.82.1,redirect-gateway def1,ping 9,ping-restart 30,explicit-exit-notify 1,sndbuf 196608,rcvbuf 196608,route-gateway 100.120.82.1,topology subnet,redirect-gateway def1,ifconfig-ipv6 2001:db8:123::2/64 2001:db8:123::1,route-ipv6 2000::/3 2001:db8:123::1,explicit-exit-notify 2,compress,ifconfig 100.120.83.51 255.255.254.0,peer-id 10,cipher AES-256-GCM'
      30. Mon Apr 15 22:45:08 2019 OPTIONS IMPORT: timers and/or timeouts modified
      31. Mon Apr 15 22:45:08 2019 OPTIONS IMPORT: explicit notify parm(s) modified
      32. Mon Apr 15 22:45:08 2019 OPTIONS IMPORT: compression parms modified
      33. Mon Apr 15 22:45:08 2019 OPTIONS IMPORT: --sndbuf/--rcvbuf options modified
      34. Mon Apr 15 22:45:08 2019 Socket Buffers: R=[212992->393216] S=[212992->393216]
      35. Mon Apr 15 22:45:08 2019 OPTIONS IMPORT: --ifconfig/up options modified
      36. Mon Apr 15 22:45:08 2019 OPTIONS IMPORT: route options modified
      37. Mon Apr 15 22:45:08 2019 OPTIONS IMPORT: route-related options modified
      38. Mon Apr 15 22:45:08 2019 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
      39. Mon Apr 15 22:45:08 2019 OPTIONS IMPORT: peer-id set
      40. Mon Apr 15 22:45:08 2019 OPTIONS IMPORT: adjusting link_mtu to 1625
      41. Mon Apr 15 22:45:08 2019 OPTIONS IMPORT: data channel crypto options modified
      42. Mon Apr 15 22:45:08 2019 Data Channel: using negotiated cipher 'AES-256-GCM'
      43. Mon Apr 15 22:45:08 2019 Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
      44. Mon Apr 15 22:45:08 2019 Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
      45. Mon Apr 15 22:45:08 2019 ROUTE_GATEWAY 192.168.0.1/255.255.0.0 IFACE=enp3s0 HWADDR=74:27:ea:2d:4f:88
      46. Mon Apr 15 22:45:08 2019 GDG6: remote_host_ipv6=n/a
      47. Mon Apr 15 22:45:08 2019 ROUTE6: default_gateway=UNDEF
      48. Mon Apr 15 22:45:08 2019 TUN/TAP device tun0 opened
      49. Mon Apr 15 22:45:08 2019 TUN/TAP TX queue length set to 100
      50. Mon Apr 15 22:45:08 2019 /sbin/ip link set dev tun0 up mtu 1500
      51. Mon Apr 15 22:45:08 2019 /sbin/ip addr add dev tun0 100.120.83.51/23 broadcast 100.120.83.255
      52. Mon Apr 15 22:45:08 2019 /sbin/ip -6 addr add 2001:db8:123::2/64 dev tun0
      53. Mon Apr 15 22:45:08 2019 /etc/openvpn/tunnelUp.sh tun0 1500 1553 100.120.83.51 255.255.254.0 init
      54. Up script executed with tun0 1500 1553 100.120.83.51 255.255.254.0 init
      55. Updating TRANSMISSION_BIND_ADDRESS_IPV4 to the ip of tun0 : 100.120.83.51
      56. Using Transmission Web Control UI, overriding TRANSMISSION_WEB_HOME
      57. Generating transmission settings.json from env variables
      58. sed'ing True to true
      59. Enforcing ownership on transmission config directories
      60. Applying permissions to transmission config directories
      61. Setting owner for transmission paths to 1000:100
      62. Setting permission for files (644) and directories (755)
      63. -------------------------------------
      64. Transmission will run as
      65. -------------------------------------
      66. User name: abc
      67. User uid: 1000
      68. User gid: 100
      69. -------------------------------------
      70. STARTING TRANSMISSION
      71. NO PORT UPDATER FOR THIS PROVIDER
      72. Transmission startup script complete.
      73. Mon Apr 15 22:45:08 2019 /sbin/ip route add 195.181.172.162/32 via 192.168.0.1
      74. Mon Apr 15 22:45:08 2019 /sbin/ip route add 0.0.0.0/1 via 100.120.82.1
      75. Mon Apr 15 22:45:08 2019 /sbin/ip route add 128.0.0.0/1 via 100.120.82.1
      76. Mon Apr 15 22:45:08 2019 add_route_ipv6(2000::/3 -> 2001:db8:123::1 metric 1) dev tun0
      77. Mon Apr 15 22:45:08 2019 /sbin/ip -6 route add 2000::/3 dev tun0 metric 1
      78. Mon Apr 15 22:45:08 2019 Initialization Sequence Completed
      Display All
    • bart70 wrote:

      up , please, i need help
      I can't help with your problem as I don't use that particular docker but @TechnoDadLife videos usually just work, but I can give you some insight which might help.
      I use mergerfs and snapraid and I've found that some docker configs will not work if placed on a share within a mergerfs pool, but they work if deployed on a share on a standalone drive.

      bart70 wrote:

      i've tryed to put volumes to another disk in ext4 out of the mergeFS
      I'm not sure if I understand the above, is this a standalone drive? To give you an example on my system I have a drive with the label docker it has one single share AppData (TechnoDadLife uses that folder to store/locate any docker configs).
      One of things I do if I find something does not work is to ensure I know exactly where the config and other volume bind mounts are or where they are going to be installed, stop the running container, then delete it, delete the image, if there any left over config files delete them as well, then start again.
      Raid is not a backup! Would you go skydiving without a parachute?
    • thank you very much for your answer.

      Yes, i made a standalone drive to avoid to use the mergeFS ...
      I followed your advices, deleted all, remake the container. ... when i start it, all still crash , can't access anymore through SSH, samba, web interface of OMV .... and log of the containers seems ok ...

      I really don't understand, the same container works with almost same parameters on my other NAS ... (i want to transfert it because all the network services use the openVPN ... and i don't want that, i have plex and some others ... so i make my backup NAS with transmission/openvpn in docker and the main with all my services...)

      i'm totally lost :/
    • bart70 wrote:

      I really don't understand, the same container works with almost same parameters on my other NAS
      When you say almost have you compared the two i.e. compared the settings on the one that will not work with the one that does.

      bart70 wrote:

      i want to transfert it because all the network services use the openVPN ... and i don't want that,
      Ok, I'm trying to understand the above, I understand that as you have openVPN running but you want to use transmission-openvpn as per the video.
      Raid is not a backup! Would you go skydiving without a parachute?
    • i'm sorry, as many frenchies , i'm bad in english ... thank you for your time !

      About openvpn, on the main NAS, it work (in a container, haugene/transmission-openvpn) but, because of it, i can't use plex or nextcloud or others services when i'm not at home, that's why i'd like to move it to the other NAS ... it's easier to understand ?(sry again ... )

      i said almost .. but it's the same parameters, i've set the new container on the 2nd NAS with alot of copy/paste ;) ... My VPN (hydemyass) accept many VPN connections ...

      Do you want the logs or thoses i've posted are ok ? They are the same atm , they say (as far as i undestand) all is ok ... but this container break all until i stop it manually and reboot the NAS ... and i can't access to the transmission web :/
      The weird thing is i never had this bug on the main NAS ... i use some others containers (nextcloud, mariadb, and ofc haugene transmission OpenVPN) allways works with videos tutorials and time :( .... that never crashed like that
    • bart70 wrote:

      i've set the new container on the 2nd NAS with alot of copy/paste
      TBH I'm not going to be able help solve the problem, I usually work things out by a process of elimination, but the above I can tell you can be a problem by using a copy/paste rather typing in the settings. Why? don't know but found the solution by typing in the settings.
      Watching that video any misconfiguration will prevent from working the way it should, the fact that you cannot access anything (gui, ssh etc.) would suggest that.
      Raid is not a backup! Would you go skydiving without a parachute?
    • Users Online 1

      1 Guest

    • Tags