Docker mosquito error address not available

docker run eclipse-mosquitto:2.0 1611227315: mosquitto version 2.0.5 starting 1611227315: Config loaded from /mosquitto/config/mosquitto.conf. 1611227315: Starting in local only mode. Connections w...

@a-wing

docker run eclipse-mosquitto:2.0
1611227315: mosquitto version 2.0.5 starting
1611227315: Config loaded from /mosquitto/config/mosquitto.conf.
1611227315: Starting in local only mode. Connections will only be possible from clients running on this machine.
1611227315: Create a configuration file which defines a listener to allow remote access.
1611227315: Opening ipv4 listen socket on port 1883.
1611227315: Opening ipv6 listen socket on port 1883.
1611227315: Error: Address not available
1611227315: mosquitto version 2.0.5 running

Error: Address not available

broox, CWSpear, stahnma, remyderuysscher, PattaFeuFeu, agross, filmkorn, gaetancollaud, ozgurguler, denysdovhan, and 36 more reacted with thumbs up emoji
denysdovhan, mohamadfaiz17, bruce0205, berbatin, and lmmentel reacted with eyes emoji

@citrusvanilla

geeze im glad i found this. i tried to pin the 2.0.5 image as well in my docker-compose yaml and your message made me think it had to do with changing the tag. i rolled back to 1.6.12 for the time being. 2.0.5 is giving me an error that i had suspected was from the mosquitto daemon possibly running in the background somehow though i could find no evidence supporting this.

@ralight

Mosquitto 2.0 binds to the loopback interface if you don’t provide a listener configuration. That loopback interface probably isn’t available to your docker container, so it fails. If you add listener 1883 to your configuration it will start working happily again — but note that you also need to configure some form of authentication, or set allow_anonymous true if you don’t want clients to have to authenticate.

Full details on moving to 2.0 are here: https://mosquitto.org/documentation/migrating-to-2-0/

csielee, p-schneider, pbek, 877dev, robwolff3, MrPaulAR, Kevin-De-Koninck, sdwagner2615, bxlouis, Mair, and 71 more reacted with thumbs up emoji
jpaulickcz, 06kellyjac, rxt30, jemand771, Glavin001, denysdovhan, 2evergr, johnDorian, bn326160, bryanberger, and 14 more reacted with heart emoji
denysdovhan and ikranjec99 reacted with eyes emoji

@Derkades

Is there any way this can be the default for the docker image, for example an environment variable that is set by default in Dockerfile and detected by the mosquitto server? It is somewhat inconvenient to mount a config in the container just to get it to work, the previous version worked fine without any configuration.

Recently the :latest tag (which I admittedly shouldn’t have been using) was switched from v1 to v2 and it broke my setup.

@ralight

@Derkades I’m sorry to hear it broke your setup.

The breaking changes have been advertised for the past two months, and the change of the latest tag was advertised a week before it happened. I appreciate that not everyone will want to / be able to follow all of the projects they are using for changes like this, but I hope you’ll appreciate we have tried to give plenty of opportunity for people to discover that there are breaking changes, and to have chance to do something about them.

Security is by its nature a bit inconvenient. The aim of the breaking changes is to require people to actively think about how they are securing their broker. If they want to allow unauthorised access, so be it, but it definitely shouldn’t be the default.

@TomasVojacek

We are using docker image as gitlab CI service in this scenario we can not expose port to host but using container to container communication. Current version image prevent this.
Can be documentation on hub.docker.com updated how to tackle this?
Or at least mention that there is this problem?
There no info about this significant change there.

@Derkades

I hope you’ll appreciate we have tried to give plenty of opportunity for people to discover that there are breaking changes

Yes, and I fully realize it is my mistake for using a :latest image instead of pinning a specific version.

Security is by its nature a bit inconvenient.

In the case of docker the problem is not that the default config is inconvenient or more secure, but it broken for nearly all use cases (connecting to it from another container or from outside docker). Applications in docker are expected to listen on all interfaces. As @TomasVojacek said the documentation on docker hub does not mention listener 1883 which means it won’t work (—ports does not work for applications binding only to 127.0.0.1 inside the container as far as I know)

@lepinkainen

Thank you for this change, it made me notice:

  1. How important Mosquitto is to my home automation setup
  2. How badly I’m monitoring that it’s actually running 🎉

This gave me the excuse to tighten up security a bit and add some basic monitoring so that I don’t spend two days figuring out why my Zigbee switches don’t work :D

@stahnma

I also found this in a docker container loading up on another node. Thus far, I haven’t figured out how to pass instruction to the daemon to bind on a public interface without loading in a whole mosquitto.conf and that’s a file I have to pass around with a docker container and not just a ENV var. Could this be made into an ENV var so it can be handled via a runtime string and not having to pass state somehow to start the container?

@mosterdt

While I think it’s a great idea to bind to the loopback interface by default, I do agree with others that the docker container documentation could at least reflect this. The official image documentation has no mention of needing a listener: https://hub.docker.com/_/eclipse-mosquitto , and the docker documentation in this repository also makes no mention: https://github.com/eclipse/mosquitto/tree/master/docker/2.0

If people follow these instructions, they end up with an unreachable mosquitto instance inside a container. While there is great value in not defaulting to all interfaces on a normal system, restricting the listener to localhost inside a docker container serves no real benefit. It forces users to always define a mosquitto.conf. And even if mosquitto binds to every address within a docker container, it is still up to the user of the container to bind this port to their own network with e.g. -p 1883:1883.

lepinkainen, Derkades, kokx, AlbinoDrought, mdiyoda, jeff-bonevich, actuallymentor, gimlichael, madgustoo, melyux, and 12 more reacted with thumbs up emoji

@lepinkainen

@mosterdt is correct, there is no added security in having a service be loopback-only inside a Docker container. I can’t even think of a use-case where that would be useful. Web servers, databases etc. become completely useless unless something can access it :)

What is allowed to access the container from the outside should be decided by the container configuration when starting up.

This was referenced

Feb 11, 2021

@michaelosthege

I’m running a mosquitto Docker container as part of a Gitlab CI for integration tests:

test-mypackage:
  stage: test
  image: python:3.7
  services:
  - name: eclipse-mosquitto:1.6.13
    alias: mqtt-ci-broker
  script:
  - pytest ...

Passing a configuration file is much much harder than passing an environment variable. In fact the Gitlab documentation on services only has examples for how to pass configuration through environment variables.

Please consider to make the listener configurable through an environment variable.

Derkades, pedantic79, gimiki, sourceperl, kokx, Ramias1, vomov, mdiyoda, pospospos2007, tablatronix, and 12 more reacted with thumbs up emoji
pospospos2007 and shoter reacted with hooray emoji

@06kellyjac

@ralight

The use of an environment variable was rejected by docker, but you can use the no authentication configuration that is provided:

docker run -it -p 1883:1883 eclipse-mosquitto:<version> mosquitto -c /mosquitto-no-auth.conf
Derkades, a-wing, taka-wang, matteocarnelos, glitchcube, tamanakid, mrpeu, Flowkap, kngjnssy, Darjusch, and 15 more reacted with thumbs up emoji
emranbm, Flowkap, kngjnssy, Darjusch, htmlboss, fblampe, luvBuzz, and qs-lll reacted with hooray emoji
luvBuzz, qs-lll, and jerome-leanspace reacted with heart emoji

denysdovhan

added a commit
to denysdovhan/smart-home
that referenced
this issue

Mar 22, 2021

@denysdovhan

@tablatronix

nothing like a point release to break everything.. ugh

@06kellyjac

@tablatronix AFAIK this was a major release going to 2.0.0, not a minor or patch version bump


It may have been latest catching up from 1.X.X straight to 2.0.5 (like the OP) or something in an effort to delay the breaking change longer for latest tag followers 🤷 Just speculating.

But an unstable tag is an unstable tag and latest users need to accept that.
The tag just 2 should give most of the benefits of latest but avoid the downside of major version breaking changes

@melyux

I don’t get it, why can’t we pass the listener configuration as an environment variable? Like we can do with MOSQUITTO_USERNAME, etc.?

@06kellyjac

I thought I read somewhere docker wouldn’t let them do that (since its an official docker image) but now I can’t find where I read that so maybe I imagined it 🙃

@Derkades

I thought I read somewhere docker wouldn’t let them do that (since its an official docker image) but now I can’t find where I read that so maybe I imagined it upside_down_face

you read it here: #2040 (comment)

@melyux

Yeah, I saw that comment but didn’t know why on earth “docker” would reject an environment variable. @06kellyjac Didn’t know that about official images.

@salzig

out of curiosity: binding an application to «0.0.0.0» inside of a container is like the classic localhost binding, in a way that only the host where the application is run (and other apps on that host inside a container) can access the application. Where is the benefit of running mosquitto only on localhost in a container? So far i can only see downsides.

edit: or to state it differently, binding to «127.0.0.1» inside of a container means mosquitto is unusable for all users, except those with very small installations where mosquitto is used with a shared loopback interface (kubernetes inside of a pod or manually) or the user gives a f*ck about security/isolation and binds with the host network.

@vava24680

For those who faced the inconvenient usage when using mosquitto image in GitLab CI, maybe you can consider using the GitLab Container Registry service to store the mosquitto images with default configuration that can listen on all the interfaces, the GitLab CI can use the images in the project’s Container Registry directly. We have used this method to overcome the inconvenience.

@Tofandel

Why just not change the default config file so it includes listener 1883 so it will work by default for everybody using docker ?

salzig, farion, PeterJ2, Obi2000, jellehempenius, paul-ridgway, octopop, perseon, me714, gnut-neygun, and 4 more reacted with thumbs up emoji

@mspoehr

This just bit me today. This command from above got me up and running:

docker run -it -p 1883:1883 eclipse-mosquitto:<version> mosquitto -c /mosquitto-no-auth.conf

@ralight why isn’t this documented on the eclipse-mosquitto’s docker hub page? Adding a short description of the available config files in the container would probably help a lot of people, especially if the default is going to be mosquitto running in local mode.

@octopop

Ran into same issue only to have adding listener 1883 to my .conf file fixing the issue. Should be added as default or at least be documented on the docker hub page.

My mosquitto.conf file:

persistence false
allow_anonymous true
connection_messages true
log_type all
listener 1883

Command I use to run the container:

docker run --name mosquitto -p 1883:1883 --rm -v `pwd`/mosquitto.conf:/mosquitto/config/mosquitto.conf eclipse-mosquitto
sky4055, kimmilde, chlorophycae, neelakanta, bn326160, paraita, csrftoken, mintbird, trivi, htmlboss, and 7 more reacted with thumbs up emoji
bn326160, kounelios13, klein0r, and vrfranco reacted with heart emoji

@06kellyjac

@ralight why isn’t this documented on the eclipse-mosquitto’s docker hub page? Adding a short description of the available config files in the container would probably help a lot of people, especially if the default is going to be mosquitto running in local mode.

Yeah, this has been raised months ago: #2040 (comment)

It was added to this README here: https://github.com/eclipse/mosquitto/tree/master/docker/2.0 in this commit 12ff9d5 but the README on docker hub is either in a different location/repo or needs to be edited by hand in the Docker Hub UI.

Please update the Docker Hub page @ralight because very few people are going to find that README within the docker/2.0 dir.

@groovenectar

Running into a lot of these issues as well with the Docker method…

I saw this in mosquitto.conf which reflects some of the comments here:

#listener 1883 
#socket_domain ipv4
#uncomment 2 lines above for first run so we get LE certificates. 
#at the same time comment out all lines below. Once you have the certificate
#stop the unencrypted listener

So I tried following those directions but I still get:

mosquitto_1   | 1647606589: Opening ipv6 listen socket on port 1883.
mosquitto_1   | 1647606589: Error: Address not available
mosquitto_1   | 1647606589: mosquitto version 2.0.14 running
otrecorder_1  | ot-recorder[11]: version 0.8.8 starting with STORAGEDIR=/store
otrecorder_1  | ot-recorder[11]: connecting to MQTT on mosquitto:1883 as clientID ot-recorder-095362d0488f-11 without TLS
otrecorder_1  | Error: Connection refused
docker-recorder_otrecorder_1 exited with code 14

Trying on Rocky Linux (CentOS) 8

@groovenectar

@matloob-smartmimic

Finally it worked with below properties of conf, without this, it did not work.

listener 1883
protocol websockets
allow_anonymous true
persistence true
persistence_location /mosquitto/data
log_dest file /mosquitto/log/mosquitto.log
log_dest stdout
password_file /mosquitto/passwd
log_type all

Thanks
Matloob Ali

@sb603

getting the following in logs..

my conf file looks like:

`listener 1883
protocol websockets
allow_anonymous false
persistence true
persistence_location /mosquitto/data
log_dest file /mosquitto/log/mosquitto.log
log_dest stdout
password_file /mosquitto/passwd
log_type all

`

`1657049490: mosquitto version 2.0.14 starting
1657049490: Config loaded from /mosquitto/config/mosquitto.conf.
1657049490: Starting in local only mode. Connections will only be possible from clients running on this machine.
1657049490: Create a configuration file which defines a listener to allow remote access.
1657049490: For more details see https://mosquitto.org/documentation/authentication-methods/
1657049490: Opening ipv4 listen socket on port 1883.
1657049490: Opening ipv6 listen socket on port 1883.
1657049490: Error: Address not available
1657049490: mosquitto version 2.0.14 running
1657049951: mosquitto version 2.0.14 terminating
1657049951: Saving in-memory database to /mosquitto/data//mosquitto.db.
1657049952: mosquitto version 2.0.14 starting
1657049952: Config loaded from /mosquitto/config/mosquitto.conf.
1657049952: Error: Unable to open pwfile "/mosquitto/log/mosquitto.passwd".
1657049952: Error opening password file "/mosquitto/log/mosquitto.passwd".
1657049952: mosquitto version 2.0.14 starting
1657049952: Config loaded from /mosquitto/config/mosquitto.conf.
1657049952: Error: Unable to open pwfile "/mosquitto/log/mosquitto.passwd".
1657049952: Error opening password file "/mosquitto/log/mosquitto.passwd".
1657049953: mosquitto version 2.0.14 starting
1657049953: Config loaded from /mosquitto/config/mosquitto.conf.
1657049953: Error: Unable to open pwfile "/mosquitto/log/mosquitto.passwd".
1657049953: Error opening password file "/mosquitto/log/mosquitto.passwd".
1657049954: mosquitto version 2.0.14 starting
1657049954: Config loaded from /mosquitto/config/mosquitto.conf.
1657049954: Error: Unable to open pwfile "/mosquitto/log/mosquitto.passwd".
```

Anyone else getting the unable to open pwfile constantly? 

@github-actions
github-actions
bot

locked as resolved and limited conversation to collaborators

Oct 9, 2022

I’m trying to run mosquitto as docker container in windows 10. Getting below error log Address not available.

1614449526: mosquitto version 2.0.7 starting

1614449526: Config loaded from /mosquitto/config/mosquitto.conf.

1614449526: Starting in local only mode. Connections will only be possible from clients running on this machine.

1614449526: Create a configuration file which defines a listener to allow remote access.

1614449526: Opening ipv4 listen socket on port 1883.

1614449526: Opening ipv6 listen socket on port 1883.

**1614449526: Error: Address not available**

1614449526: mosquitto version 2.0.7 running

Could anyone advise how to solve this error?

Thank you.

Jerry Chong's user avatar

Jerry Chong

7,2104 gold badges42 silver badges38 bronze badges

asked Feb 27, 2021 at 18:18

Ajay Kumar's user avatar

3

I’d the same issue.
My solution was:
Enter to mosquitto container item from portainer.io. then you must loggin by console in mosquitto’s container. Select command : /bin/sh for loggin…
Once into command line must to adjust the mosquitto.conf located in : /mosquitto/config
Must change the following parameters: Uncomment and fixed

  • listener 1883
  • persistence true
  • allow_anonymous true

later, exit from command console and restart mosquitto container…and ready !!
check logs!

Hope to help!

answered May 17, 2021 at 4:13

azegurelabs's user avatar

azegurelabsazegurelabs

1412 silver badges3 bronze badges

I had the same issue yesterday… Generally, some OSs require more permissions to run services on ports lower than 2000. This is how I made it work for me. I’m just running this for a hobby project. For work I would do things differently.

  • added local mosquitto folder and placed mosquitto.conf file in it.
  • added allow_anonymous true
  • changed port to something higher than 2000.
  • mount local config volume in docker
allow_anonymous true
port 8883

I run it via docker compose file.

version: '3.1'
services:
  mosquitto:
      image: eclipse-mosquitto
      hostname: mosquitto
      container_name: mosquitto
      ports:
        - "8883:8883"
      volumes: 
        - ./mosquitto:/mosquitto/config
      networks:
        - webnet

networks:
  webnet:

The error is gone from my logs and I can connect to it just fine on that port.

1614505908: The 'port' option is now deprecated and will be removed in a future version. Please use 'listener' instead.
1614505908: mosquitto version 2.0.7 starting
1614505908: Config loaded from /mosquitto/config/mosquitto.conf.
1614505908: Opening ipv4 listen socket on port 8883.
1614505908: Opening ipv6 listen socket on port 8883.
1614505908: mosquitto version 2.0.7 running

looks like I’ll have to replace port with listener at some point soon.

answered Feb 28, 2021 at 21:25

Stéphane Trottier's user avatar

0

i followed Stéphane Trottier’s suggestion but ran into issues b/c of the port and an outdated config change:

allow_anonymous true
listener 2883
protocol mqtt

i also used port 2883 instead since it seems 8883 is for tls so i was getting connection refused errors on the client and protocol errors on the server. my docker compose looks like this:

  mqtt:
    image: eclipse-mosquitto:latest
    volumes:
      - ./mqtt/config:/mosquitto/config
    user: "1000:1000"
    ports:
      - 1883:2883

answered Sep 28, 2022 at 18:34

mdeanda's user avatar

mdeandamdeanda

1651 silver badge5 bronze badges

both azegurelabs and Stéphane Trottier answers worked for me.
but the easier and more accurate solution is to just run image with default provided conf

docker run -it --rm --name mosquitto -p 1883:1883 eclipse-mosquitto:2.0 mosquitto -c /mosquitto-no-auth.conf

or to run image with your config file

docker run -it -p 1883:1883 -v <absolute-path-to-configuration-file>:/mosquitto/config/mosquitto.conf eclipse-mosquitto:<version>

you can read more here: mosquitto docker github page

answered Dec 26, 2022 at 17:28

Mohammad Reza Kasnavi's user avatar

Я хочу использовать docker eclipse-mosquitto просто для связи на локальной машине. Какие настройки мне нужны для mosquitto.conf, чтобы брокер mosquitto был виден только на локальном хосте, но не снаружи? Поскольку работает второй комар, порт 1883 заблокирован, и я использую порт 1884.

Вот что у меня есть:

port 1884
bind_address 127.0.0.1

Виден снаружи.

port 1884
bind_address localhost

Выдает ошибку Error: Address not available.

Привязка к Docker-IP

port 1884
bind_address 172.17.0.1

Выдает ошибку Error: Address not available.

Что я могу сделать?

2 ответа

Лучший ответ

Ок, решил сам

Запуск докера с дополнительной опцией --network="host" и чем в mosquitto.conf:

port 1884
bind_address 127.0.0.1

Делает работу


0

Michael Hecht
1 Апр 2020 в 15:28

Ваш ответ — неправильный подход, вы должны действительно использовать --network="host" только для вещей, которые должны открывать необработанные сокеты или получать широковещательные сообщения из локальной сети.

Правильный ответ — не использовать параметр bind_address в файле mosquitto.conf и использовать параметр docker -p для правильного сопоставления портов (docs).

Например

docker run exec -rm -p 127.0.0.1:1884:1884/tcp mosquitto

Здесь -p 127.0.0.1:1884:1884 сопоставляет порт 1884 в контейнере с портом 1884, привязанным к петлевому ip (127.0.0.1) на хосте.


0

hardillb
3 Апр 2020 в 07:55

Модератор: immortal

sega6549

Сообщения: 529
Зарегистрирован: Чт авг 20, 2015 11:32 am
Откуда: Ярославль
Благодарил (а):
61 раз
Поблагодарили:
75 раз
Контактная информация:

Re: Docker MajorDoMo

Divan писал(а): ↑

Сб мар 20, 2021 1:06 pm


Видимо вы не удосужились поискать ответ в гугле. Повторяю, загуглите docker compose нет доступа к phpmyadmin найдете кучу статей по вашей проблеме.

pma4.jpg

попробовал так как вы сказали, к сожалению результата не дало, удалял образы что бы все перекачалось как в гуглах советуют, тоже результата 0 к сожалению, 6 день с одной проблемой сижу, вроде все просто а не получается блин(((

Вложения
Screenshot_33.jpg
Screenshot_33.jpg (60.1 КБ) 2449 просмотров

Тут можно задать вопрос по MajorDoMo VK
Канал по MajorDoMo youtube

sega6549

Сообщения: 529
Зарегистрирован: Чт авг 20, 2015 11:32 am
Откуда: Ярославль
Благодарил (а):
61 раз
Поблагодарили:
75 раз
Контактная информация:

Re: Docker MajorDoMo

Сообщение

sega6549 » Сб мар 20, 2021 4:22 pm

Ура, все заработало, сделал так, mqtt пока не хочет работать пишет Error: Unable to open config file /mosquitto/config/mosquitto.conf. пока гуглю может кто сталкивался? я так понял ошибка доступа?

Вложения
Screenshot_34.jpg
Screenshot_34.jpg (76.46 КБ) 2430 просмотров

Тут можно задать вопрос по MajorDoMo VK
Канал по MajorDoMo youtube

Аватара пользователя

nick7zmail

Сообщения: 7573
Зарегистрирован: Пн окт 28, 2013 8:14 am
Откуда: Екатеринбург
Благодарил (а):
121 раз
Поблагодарили:
2008 раз

Re: Docker MajorDoMo

Сообщение

nick7zmail » Сб мар 20, 2021 4:29 pm

sega6549 писал(а):Ура, все заработало, сделал так, mqtt пока не хочет работать пишет Error: Unable to open config file /mosquitto/config/mosquitto.conf. пока гуглю может кто сталкивался? я так понял ошибка доступа?

Да, проблема с правами.

Отправлено с моего Xperia XZ1 Compact через Tapatalk

Аватара пользователя

Divan

Сообщения: 859
Зарегистрирован: Пн июл 08, 2019 5:04 pm
Благодарил (а):
117 раз
Поблагодарили:
279 раз

Re: Docker MajorDoMo

Сообщение

Divan » Сб мар 20, 2021 4:51 pm

sega6549 писал(а): ↑

Сб мар 20, 2021 4:22 pm


Ура, все заработало, сделал так, mqtt пока не хочет работать пишет Error: Unable to open config file /mosquitto/config/mosquitto.conf. пока гуглю может кто сталкивался? я так понял ошибка доступа?

настраиваем MQTT брокер в Docker

Xpenology DSM 6.2.2 + Ubuntu Server 18.10 + Majordomo + MariaDB

sega6549

Сообщения: 529
Зарегистрирован: Чт авг 20, 2015 11:32 am
Откуда: Ярославль
Благодарил (а):
61 раз
Поблагодарили:
75 раз
Контактная информация:

Re: Docker MajorDoMo

Сообщение

sega6549 » Сб мар 20, 2021 5:35 pm

Divan писал(а): ↑

Сб мар 20, 2021 4:51 pm

sega6549 писал(а): ↑

Сб мар 20, 2021 4:22 pm


Ура, все заработало, сделал так, mqtt пока не хочет работать пишет Error: Unable to open config file /mosquitto/config/mosquitto.conf. пока гуглю может кто сталкивался? я так понял ошибка доступа?

настраиваем MQTT брокер в Docker

Спс за конфиг, права дал, конфиг записал, но подключение не происходит к сожалению, по крайней мере цикл mqtt лежит, и я не совсем уверен что контейнер поднялся верно, при перезагрузке в логе вот такое

1616250399: mosquitto version 2.0.9 terminating
1616250399: Saving in-memory database to /mosquitto/data/mosquitto.db.
1616250399: Error saving in-memory database, unable to open /mosquitto/data/mosquitto.db.new for writing.
1616250399: Error: Permission denied.
1616250404: mosquitto version 2.0.9 starting
1616250404: Config loaded from /mosquitto/config/mosquitto.conf.
1616250404: Starting in local only mode. Connections will only be possible from clients running on this machine.
1616250404: Create a configuration file which defines a listener to allow remote access.
1616250404: Opening ipv4 listen socket on port 1883.
1616250404: Opening ipv6 listen socket on port 1883.
1616250404: Error: Address not available
1616250404: mosquitto version 2.0.9 running

может конфиг неверный еще,

persistence true
persistence_location /mosquitto/data
connection_messages true
log_dest topic
log_type error
log_type warning
log_type notice
log_type information
log_timestamp true
log_dest file /mosquitto/log/mosquitto.log

скопировал у вас с видео, только слеш убрал, а то в логе было /mosquitto/data//mosquitto.db.new, подумал что неверно так

Тут можно задать вопрос по MajorDoMo VK
Канал по MajorDoMo youtube

Аватара пользователя

Divan

Сообщения: 859
Зарегистрирован: Пн июл 08, 2019 5:04 pm
Благодарил (а):
117 раз
Поблагодарили:
279 раз

Re: Docker MajorDoMo

Сообщение

Divan » Сб мар 20, 2021 5:50 pm

sega6549 писал(а): ↑

Сб мар 20, 2021 5:35 pm

Divan писал(а): ↑

Сб мар 20, 2021 4:51 pm

sega6549 писал(а): ↑

Сб мар 20, 2021 4:22 pm


Ура, все заработало, сделал так, mqtt пока не хочет работать пишет Error: Unable to open config file /mosquitto/config/mosquitto.conf. пока гуглю может кто сталкивался? я так понял ошибка доступа?

настраиваем MQTT брокер в Docker

Спс за конфиг, права дал, конфиг записал, но подключение не происходит к сожалению, по крайней мере цикл mqtt лежит, и я не совсем уверен что контейнер поднялся верно, при перезагрузке в логе вот такое

1616250399: mosquitto version 2.0.9 terminating
1616250399: Saving in-memory database to /mosquitto/data/mosquitto.db.
1616250399: Error saving in-memory database, unable to open /mosquitto/data/mosquitto.db.new for writing.
1616250399: Error: Permission denied.
1616250404: mosquitto version 2.0.9 starting
1616250404: Config loaded from /mosquitto/config/mosquitto.conf.
1616250404: Starting in local only mode. Connections will only be possible from clients running on this machine.
1616250404: Create a configuration file which defines a listener to allow remote access.
1616250404: Opening ipv4 listen socket on port 1883.
1616250404: Opening ipv6 listen socket on port 1883.
1616250404: Error: Address not available
1616250404: mosquitto version 2.0.9 running

может конфиг неверный еще,

persistence true
persistence_location /mosquitto/data
connection_messages true
log_dest topic
log_type error
log_type warning
log_type notice
log_type information
log_timestamp true
log_dest file /mosquitto/log/mosquitto.log

скопировал у вас с видео, только слеш убрал, а то в логе было /mosquitto/data//mosquitto.db.new, подумал что неверно так

Проблема в последней версии MQTT. Установите версию MQTT 1.6.12 и будет вам счастье. Я не знаю что они там сделали и почему в последней версии брокер не работает, но я чисто экспериментальным путем выявил, что именно версия MQTT 1.6.12 работает норм.

Когда поставил MQTT версии 2.0.7, то у меня не стартовало, а как установил 1.6.12, то все заработало

Код: Выделить всё

1613313314: mosquitto version 2.0.7 starting
1613313314: Config loaded from /mosquitto/config/mosquitto.conf.
1613313314: Starting in local only mode. Connections will only be possible from clients running on this machine.
1613313314: Create a configuration file which defines a listener to allow remote access.
1613313314: Opening ipv4 listen socket on port 1883.
1613313314: Opening ipv6 listen socket on port 1883.
1613313314: Error: Address not available
1613313314: mosquitto version 2.0.7 running
1613313409: mosquitto version 2.0.7 terminating
1613313409: Saving in-memory database to /mosquitto/data//mosquitto.db.
1613335640: mosquitto version 1.6.12 starting
1613335640: Config loaded from /mosquitto/config/mosquitto.conf.
1613335640: Opening ipv4 listen socket on port 1883.
1613335640: Opening ipv6 listen socket on port 1883.
1613335640: mosquitto version 1.6.12 running
1613335662: New connection from 172.17.0.1 on port 1883.
1613335662: New client connected from 172.17.0.1 as docker client (p2, c1, k60).
1613335668: Client docker client disconnected.
1613335688: mosquitto version 1.6.12 terminating
1613335688: Saving in-memory database to /mosquitto/data/mosquitto.db.

Xpenology DSM 6.2.2 + Ubuntu Server 18.10 + Majordomo + MariaDB

sega6549

Сообщения: 529
Зарегистрирован: Чт авг 20, 2015 11:32 am
Откуда: Ярославль
Благодарил (а):
61 раз
Поблагодарили:
75 раз
Контактная информация:

Re: Docker MajorDoMo

Сообщение

sega6549 » Сб мар 20, 2021 6:09 pm

Divan писал(а): ↑

Сб мар 20, 2021 5:50 pm

sega6549 писал(а): ↑

Сб мар 20, 2021 5:35 pm

Divan писал(а): ↑

Сб мар 20, 2021 4:51 pm

sega6549 писал(а): ↑

Сб мар 20, 2021 4:22 pm


Ура, все заработало, сделал так, mqtt пока не хочет работать пишет Error: Unable to open config file /mosquitto/config/mosquitto.conf. пока гуглю может кто сталкивался? я так понял ошибка доступа?

настраиваем MQTT брокер в Docker

Спс за конфиг, права дал, конфиг записал, но подключение не происходит к сожалению, по крайней мере цикл mqtt лежит, и я не совсем уверен что контейнер поднялся верно, при перезагрузке в логе вот такое

1616250399: mosquitto version 2.0.9 terminating
1616250399: Saving in-memory database to /mosquitto/data/mosquitto.db.
1616250399: Error saving in-memory database, unable to open /mosquitto/data/mosquitto.db.new for writing.
1616250399: Error: Permission denied.
1616250404: mosquitto version 2.0.9 starting
1616250404: Config loaded from /mosquitto/config/mosquitto.conf.
1616250404: Starting in local only mode. Connections will only be possible from clients running on this machine.
1616250404: Create a configuration file which defines a listener to allow remote access.
1616250404: Opening ipv4 listen socket on port 1883.
1616250404: Opening ipv6 listen socket on port 1883.
1616250404: Error: Address not available
1616250404: mosquitto version 2.0.9 running

может конфиг неверный еще,

persistence true
persistence_location /mosquitto/data
connection_messages true
log_dest topic
log_type error
log_type warning
log_type notice
log_type information
log_timestamp true
log_dest file /mosquitto/log/mosquitto.log

скопировал у вас с видео, только слеш убрал, а то в логе было /mosquitto/data//mosquitto.db.new, подумал что неверно так

Проблема в последней версии MQTT. Установите версию MQTT 1.6.12 и будет вам счастье. Я не знаю что они там сделали и почему в последней версии брокер не работает, но я чисто экспериментальным путем выявил, что именно версия MQTT 1.6.12 работает норм.

Когда поставил MQTT версии 2.0.7, то у меня не стартовало, а как установил 1.6.12, то все заработало

Код: Выделить всё

1613313314: mosquitto version 2.0.7 starting
1613313314: Config loaded from /mosquitto/config/mosquitto.conf.
1613313314: Starting in local only mode. Connections will only be possible from clients running on this machine.
1613313314: Create a configuration file which defines a listener to allow remote access.
1613313314: Opening ipv4 listen socket on port 1883.
1613313314: Opening ipv6 listen socket on port 1883.
1613313314: Error: Address not available
1613313314: mosquitto version 2.0.7 running
1613313409: mosquitto version 2.0.7 terminating
1613313409: Saving in-memory database to /mosquitto/data//mosquitto.db.
1613335640: mosquitto version 1.6.12 starting
1613335640: Config loaded from /mosquitto/config/mosquitto.conf.
1613335640: Opening ipv4 listen socket on port 1883.
1613335640: Opening ipv6 listen socket on port 1883.
1613335640: mosquitto version 1.6.12 running
1613335662: New connection from 172.17.0.1 on port 1883.
1613335662: New client connected from 172.17.0.1 as docker client (p2, c1, k60).
1613335668: Client docker client disconnected.
1613335688: mosquitto version 1.6.12 terminating
1613335688: Saving in-memory database to /mosquitto/data/mosquitto.db.

Не подскажите как? просто image: eclipse-mosquitto:latest заменить на image: eclipse-mosquitto:1.6.12?

Тут можно задать вопрос по MajorDoMo VK
Канал по MajorDoMo youtube

Аватара пользователя

Divan

Сообщения: 859
Зарегистрирован: Пн июл 08, 2019 5:04 pm
Благодарил (а):
117 раз
Поблагодарили:
279 раз

Re: Docker MajorDoMo

Сообщение

Divan » Сб мар 20, 2021 6:32 pm

Не подскажите как? просто image: eclipse-mosquitto:latest заменить на image: eclipse-mosquitto:1.6.12?

1) Удаляете контейнер MQTT
2) Удаляете образ MQTT
3) Скачиваете образ MQTT версии 1.6.12
4) Ставите из скачанного образа MQTT версии 1.6.12

За это сообщение автора Divan поблагодарил:
Samir77 (Сб мар 20, 2021 7:25 pm)

Xpenology DSM 6.2.2 + Ubuntu Server 18.10 + Majordomo + MariaDB

sega6549

Сообщения: 529
Зарегистрирован: Чт авг 20, 2015 11:32 am
Откуда: Ярославль
Благодарил (а):
61 раз
Поблагодарили:
75 раз
Контактная информация:

Re: Docker MajorDoMo

Сообщение

sega6549 » Сб мар 20, 2021 6:54 pm

Divan писал(а): ↑

Сб мар 20, 2021 6:32 pm

Не подскажите как? просто image: eclipse-mosquitto:latest заменить на image: eclipse-mosquitto:1.6.12?

1) Удаляете контейнер MQTT
2) Удаляете образ MQTT
3) Скачиваете образ MQTT версии 1.6.12
4) Ставите из скачанного образа MQTT версии 1.6.12

хм, я просто добавил версию, оно само все перекачалось и запустилось, уже работает даже, топики приходят, свет включается

Тут можно задать вопрос по MajorDoMo VK
Канал по MajorDoMo youtube

    • #1

    I believe that i have installed mqtt into docker however these is an error Address not Available. I completed the authentication steps but i unable to test if it actually working.

    Any ideas please

         -1 }">1619706882: mosquitto version 2.0.10 starting
     -1 }">
    1619706882: Config loaded from /mosquitto/config/mosquitto.conf.
     -1 }">
    1619706882: Starting in local only mode. Connections will only be possible from clients running on this machine.
     -1 }">
    1619706882: Create a configuration file which defines a listener to allow remote access.
     -1 }">
    1619706882: For more details see https://mosquitto.org/documentation/authentication-methods/
     -1 }">
    1619706882: Opening ipv4 listen socket on port 1883.
     -1 }">
    1619706882: Opening ipv6 listen socket on port 1883.
     -1 }">
    1619706882: Error: Address not available
     -1 }">
    1619706882: mosquitto version 2.0.10 running

    Alles anzeigen

a-wing

docker eclipse-mosquitto:2.0 Error: Address not available

docker run eclipse-mosquitto:2.0
1611227315: mosquitto version 2.0.5 starting
1611227315: Config loaded from /mosquitto/config/mosquitto.conf.
1611227315: Starting in local only mode. Connections will only be possible from clients running on this machine.
1611227315: Create a configuration file which defines a listener to allow remote access.
1611227315: Opening ipv4 listen socket on port 1883.
1611227315: Opening ipv6 listen socket on port 1883.
1611227315: Error: Address not available
1611227315: mosquitto version 2.0.5 running

Error: Address not available

citrusvanilla

geeze im glad i found this. i tried to pin the 2.0.5 image as well in my docker-compose yaml and your message made me think it had to do with changing the tag. i rolled back to 1.6.12 for the time being. 2.0.5 is giving me an error that i had suspected was from the mosquitto daemon possibly running in the background somehow though i could find no evidence supporting this.

ralight

Mosquitto 2.0 binds to the loopback interface if you don’t provide a listener configuration. That loopback interface probably isn’t available to your docker container, so it fails. If you add listener 1883 to your configuration it will start working happily again — but note that you also need to configure some form of authentication, or set allow_anonymous true if you don’t want clients to have to authenticate.

Full details on moving to 2.0 are here: https://mosquitto.org/documentation/migrating-to-2-0/

Derkades

Is there any way this can be the default for the docker image, for example an environment variable that is set by default in Dockerfile and detected by the mosquitto server? It is somewhat inconvenient to mount a config in the container just to get it to work, the previous version worked fine without any configuration.

Recently the :latest tag (which I admittedly shouldn’t have been using) was switched from v1 to v2 and it broke my setup.

ralight

@Derkades I’m sorry to hear it broke your setup.

The breaking changes have been advertised for the past two months, and the change of the latest tag was advertised a week before it happened. I appreciate that not everyone will want to / be able to follow all of the projects they are using for changes like this, but I hope you’ll appreciate we have tried to give plenty of opportunity for people to discover that there are breaking changes, and to have chance to do something about them.

Security is by its nature a bit inconvenient. The aim of the breaking changes is to require people to actively think about how they are securing their broker. If they want to allow unauthorised access, so be it, but it definitely shouldn’t be the default.

TomasVojacek

We are using docker image as gitlab CI service in this scenario we can not expose port to host but using container to container communication. Current version image prevent this.
Can be documentation on hub.docker.com updated how to tackle this?
Or at least mention that there is this problem?
There no info about this significant change there.

Derkades

I hope you’ll appreciate we have tried to give plenty of opportunity for people to discover that there are breaking changes

Yes, and I fully realize it is my mistake for using a :latest image instead of pinning a specific version.

Security is by its nature a bit inconvenient.

In the case of docker the problem is not that the default config is inconvenient or more secure, but it broken for nearly all use cases (connecting to it from another container or from outside docker). Applications in docker are expected to listen on all interfaces. As @TomasVojacek said the documentation on docker hub does not mention listener 1883 which means it won’t work (—ports does not work for applications binding only to 127.0.0.1 inside the container as far as I know)

lepinkainen

Thank you for this change, it made me notice:

  1. How important Mosquitto is to my home automation setup
  2. How badly I’m monitoring that it’s actually running 🎉

This gave me the excuse to tighten up security a bit and add some basic monitoring so that I don’t spend two days figuring out why my Zigbee switches don’t work :D

stahnma

I also found this in a docker container loading up on another node. Thus far, I haven’t figured out how to pass instruction to the daemon to bind on a public interface without loading in a whole mosquitto.conf and that’s a file I have to pass around with a docker container and not just a ENV var. Could this be made into an ENV var so it can be handled via a runtime string and not having to pass state somehow to start the container?

mosterdt

While I think it’s a great idea to bind to the loopback interface by default, I do agree with others that the docker container documentation could at least reflect this. The official image documentation has no mention of needing a listener: https://hub.docker.com/_/eclipse-mosquitto , and the docker documentation in this repository also makes no mention: https://github.com/eclipse/mosquitto/tree/master/docker/2.0

If people follow these instructions, they end up with an unreachable mosquitto instance inside a container. While there is great value in not defaulting to all interfaces on a normal system, restricting the listener to localhost inside a docker container serves no real benefit. It forces users to always define a mosquitto.conf. And even if mosquitto binds to every address within a docker container, it is still up to the user of the container to bind this port to their own network with e.g. -p 1883:1883.

lepinkainen

@mosterdt is correct, there is no added security in having a service be loopback-only inside a Docker container. I can’t even think of a use-case where that would be useful. Web servers, databases etc. become completely useless unless something can access it :)

What is allowed to access the container from the outside should be decided by the container configuration when starting up.

michaelosthege

I’m running a mosquitto Docker container as part of a Gitlab CI for integration tests:

test-mypackage:
  stage: test
  image: python:3.7
  services:
  - name: eclipse-mosquitto:1.6.13
    alias: mqtt-ci-broker
  script:
  - pytest ...

Passing a configuration file is much much harder than passing an environment variable. In fact the Gitlab documentation on services only has examples for how to pass configuration through environment variables.

Please consider to make the listener configurable through an environment variable.

06kellyjac

ralight

The use of an environment variable was rejected by docker, but you can use the no authentication configuration that is provided:

docker run -it -p 1883:1883 eclipse-mosquitto:<version> mosquitto -c /mosquitto-no-auth.conf

tablatronix

nothing like a point release to break everything.. ugh

06kellyjac

@tablatronix AFAIK this was a major release going to 2.0.0, not a minor or patch version bump


It may have been latest catching up from 1.X.X straight to 2.0.5 (like the OP) or something in an effort to delay the breaking change longer for latest tag followers 🤷 Just speculating.

But an unstable tag is an unstable tag and latest users need to accept that.
The tag just 2 should give most of the benefits of latest but avoid the downside of major version breaking changes

melyux

I don’t get it, why can’t we pass the listener configuration as an environment variable? Like we can do with MOSQUITTO_USERNAME, etc.?

06kellyjac

I thought I read somewhere docker wouldn’t let them do that (since its an official docker image) but now I can’t find where I read that so maybe I imagined it 🙃

Derkades

I thought I read somewhere docker wouldn’t let them do that (since its an official docker image) but now I can’t find where I read that so maybe I imagined it upside_down_face

you read it here: #2040 (comment)

melyux

Yeah, I saw that comment but didn’t know why on earth “docker” would reject an environment variable. @06kellyjac Didn’t know that about official images.

salzig

out of curiosity: binding an application to «0.0.0.0» inside of a container is like the classic localhost binding, in a way that only the host where the application is run (and other apps on that host inside a container) can access the application. Where is the benefit of running mosquitto only on localhost in a container? So far i can only see downsides.

edit: or to state it differently, binding to «127.0.0.1» inside of a container means mosquitto is unusable for all users, except those with very small installations where mosquitto is used with a shared loopback interface (kubernetes inside of a pod or manually) or the user gives a f*ck about security/isolation and binds with the host network.

Понравилась статья? Поделить с друзьями:
  • Docker login error cannot perform an interactive login from a non tty device
  • Docker level error msg stream copy error reading from a closed fifo
  • Docker iptables error
  • Docker initdb error directory var lib postgresql data exists but is not empty
  • Docker gpg error