Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Help forwarding UDP ports with websocket and setting shm size [Question] #835

Closed
stereotypy opened this issue Sep 18, 2020 · 6 comments
Closed

Help forwarding UDP ports with websocket and setting shm size [Question] #835

stereotypy opened this issue Sep 18, 2020 · 6 comments
Labels
question

Comments

@stereotypy
Copy link

Hi, I am new to Caprover and picked a tricky app to start with. The app is called neko (https://github.com/nurdism/neko), it's a cowatching app that runs Firefox in the image as well as needing UDP ports forwarded with websocket.

I found the following already: #199
#645

I was unclear in issue 199 what the resolution is currently. At the end of the post I wasn't clear how to use the init function with predeploy so if you could explain that better or if there's a cleaner way since that was posted please let me know.

With issue 645 the fix was somewhat unclear as well. I tried creating an additional server in the nginx config after creating a one click app based on the docker compose that listened to the UDP ports that Caprover uses. I tried each one since the post wasn't clear about which one I needed to forward. Since this app uses a port range I used an upstream block with the internal app's address with all 100 random ports generated with a script and then basically copied the proxy_pass and the additional websocket proxy stuff from the rest of the Nginx file.

I was able to get the main app running but login would always fail. It is hard for me to troubleshoot the port stuff because at this point I don't think I have the SHM stuff correct and I think it's dying before it gets to that point.

I'm not posting any errors for now because I'm confident I'm not even doing the shm size thing correctly and I was unclear about the approach in issue 645 or if that is the best/recommended solution. If you can give me any pointers on how to proceed correctly I can go from there and then post any errors/output.
@githubsaturn
Copy link
Collaborator

I was unclear in issue 199 what the resolution is currently. At the end of the post I wasn't clear how to use the init function with predeploy so if you could explain that better or if there's a cleaner way since that was posted please let me know.

Why do you need to init ? You only need UDP port mapping, right?

I am not very clear on what exactly the question is here. But I assume there are 2 issues here:

  • Port range
  • shm size

You can use Service Override to basically override "all docker attributes" if you need to. From there, you can completely customize your service and do what you want with it.

@githubsaturn
Copy link
Collaborator

githubsaturn commented Sep 18, 2020
edited

Keep in mind that CapRover uses Docker API, not Docker CLI. These two are somewhat different. For example, when you are talking to the API, you cannot define ports. Docker API only accept explicit port numbers. There is nothing that CapRover can do to unlock this capability:
https://docs.docker.com/engine/api/v1.30/#operation/ServiceUpdate

image

@stereotypy
Copy link
Author

stereotypy commented Sep 18, 2020
edited

I was asking about init because that was proposed as a solution to shm size. Like I said I am unclear on what the best way to set shm size is for a docker container on Caprover after reading that issue. I was reading other things about mounting volumes but I was also confused by that as the documentation doesn't go into that.

The port issue I think is only an issue because of the reverse proxy and UDP/websockets. The solution in the other issue was to use Nginx to proxy the traffic through a UDP port that Caprover uses which is what I was trying to do.

The docker compose file looks like this, this is what I was using along with the Docker Compose one click app:

version: "2.0"
services:
  neko:
    image: nurdism/neko:firefox
    restart: always
    shm_size: "1gb"
    ports:
      - "80:8080"
      - "59000-59100:59000-59100/udp"
    environment:
      DISPLAY: :99.0
      NEKO_PASSWORD: neko
      NEKO_PASSWORD_ADMIN: admin
      NEKO_BIND: :8080
      NEKO_EPR: 59000-59100

I tried the other way mentioned, which is running docker compose, adding the captain network to the docker compose file, and doing a one click app for an Nginx proxy but I had less luck with that. In both cases I could get the app to load but after login is where the issues happened. If I did this via a one click app I'd get 500 errors, if I did docker compose adding to a network I got 400 errors. It's hard to tell what's going on with the 500 errors, I want to verify that the shm size is correct before debugging the port stuff because I think it's dying when trying to run Firefox in the container with the low shm size. So if I could get the official way to set the shm size to 1gb I can play with that and the come back with more clear questions regarding the port issue. The 500 error is encouraging because it does look like it's transmitting data to the backend but I need to make sure the container isn't dying when firefox is loaded.

This all is complicated by the fact that these docker images haven't been updated for a while. There is an undocumented proxy flag that may help me out if I rebuild the images. It's just that the documentation surrounding these things specific to this image (shm size, udp only ports and reverse proxy) isn't totally clear to me.

I think that the port range is a syntactic sugar and I'm not sure how to specify UDP ports. Caprover talks about this a bit in some of the documentation but there wasn't an example.

@githubsaturn
Copy link
Collaborator

I was asking about init because that was proposed as a solution to shm size. Like I said I am unclear on what the best way to set shm size is for a docker container on Caprover after reading that issue. I was reading other things about mounting volumes but I was also confused by that as the documentation doesn't go into that.

See this: moby/moby#25303
Like I said, you'd have to use Service Override and just skip CapRover and use Docker. You can find the details in Docker docs here: https://docs.docker.com/engine/api/v1.30/#operation/ServiceUpdate

So, to map shm, you'd just do:

TaskTemplate:
  ContainerSpec:
    Mounts:
    - Target: /dev/shm
      Type: tmpfs

The docker compose file looks like this, this is what I was using along with the Docker Compose one click app:

Again, the port rage here doesn't work, because CapRover doesn't use Docker Compose CLI, it uses Docker API.

I tried the other way mentioned, which is running docker compose, adding the captain network to the docker compose file, and doing a one click app for an Nginx proxy but I had less luck with that. In both cases I could get the app to load but after login is where the issues happened.

It's an issue that you'd have to follow up with the Neko's community.

In general, think of CapRover as a think layer around Docker's API. Read CapRover goals and scope for more details. In general, CapRover provides easy to integrate experience but it is not a replacement for Docker API if you want to do advanced configurations like what you need to do here with Neko.

In these cases, instead of duplicating the Docker functionality, CapRover allows you to directly bypass CapRover's system and hook into Docker API via Service Override.

@stereotypy
Copy link
Author

Got it. I understand. The reason I am using Caprover is this, I have a dedicated server and would like to run multiple services on it without having to deal with making VMs and such or reverse proxy stuff. Caprover or a PAAS helps make it easier to get many services running on one server. I know I don't have to use Caprover to run it but it seems like an easier way to handle all the reverse proxy stuff, especially if I can run it normally hook it into the captain-overlay-network and then just use a reverse proxy on top of that. That option is given at the end of the Docker Compose documentation and in theory I guess I wouldn't run into SHM stuff although I'm not sure how docker networks work.

Ok, so this is a bit odd and would explain why I was having trouble. For some reason I can't actually see what you are screenshotting on that page. I searched the whole page for it and it's not there for me. Very odd. I searched for the text online and found it here: https://docs-stage.docker.com/engine/api/v1.24/
Is it perhaps no longer part of API 1.30?

@githubsaturn
Copy link
Collaborator

The screenshot is from here:
https://docs.docker.com/engine/api/v1.40/#operation/ServiceUpdate

That option is given at the end of the Docker Compose documentation and in theory I guess I wouldn't run into SHM stuff although I'm not sure how docker networks work

You are talking about alternative option here, right? If you do that, then you'll be directly responsible for Docker compose and setting up your application. The only benefit you get from CapRover is

  • HTTP proxying
  • HTTPS certs

You'd have to setup your port forwarding. You can read more about docker overlay network here: https://training.play-with-docker.com/docker-networking-hol/

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
question
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@githubsaturn @stereotypy