Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

docker_container keeps recreating container #934

Closed
mrdrogdrog opened this issue Jul 20, 2024 · 11 comments · Fixed by #936
Closed

docker_container keeps recreating container #934

mrdrogdrog opened this issue Jul 20, 2024 · 11 comments · Fixed by #936
Labels
bug Something isn't working docker-plain plain Docker (no swarm, no compose, no stack)

Comments

@mrdrogdrog
Copy link

mrdrogdrog commented Jul 20, 2024
edited
Loading

SUMMARY

I use ansible to deploy several docker containers on multiple servers. Ansible keep recreating containers even without changes.

ISSUE TYPE
  • Bug Report
COMPONENT NAME

docker_container

ANSIBLE VERSION
ansible [core 2.17.1]
  config file = None
  configured module search path = ['/Users/privat/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
  ansible python module location = /opt/homebrew/Cellar/ansible/10.1.0/libexec/lib/python3.12/site-packages/ansible
  ansible collection location = /Users/privat/.ansible/collections:/usr/share/ansible/collections
  executable location = /opt/homebrew/bin/ansible
  python version = 3.12.4 (main, Jun  6 2024, 18:26:44) [Clang 15.0.0 (clang-1500.3.9.4)] (/opt/homebrew/Cellar/ansible/10.1.0/libexec/bin/python)
  jinja version = 3.1.4
  libyaml = True
COLLECTION VERSION
community.docker 3.10.4
CONFIGURATION
CONFIG_FILE() = /ansible/ansible.cfg
DEFAULT_HOST_LIST(/ansible/ansible.cfg) = ['/ansible/hosts']
DEFAULT_VAULT_PASSWORD_FILE(/ansible/ansible.cfg) = /ansible/vault.key

CONNECTION:
==========

ssh:
___
pipelining(/ansible/ansible.cfg) = True
OS / ENVIRONMENT

My Machine:
MacOS 14.5, Ansible via brew

Server with bug:
Debian bookworm, Docker version 27.0.3, build 7d4bcd8

Server without bug:
Debian boomworm, Docker version 25.0.3, build 4debf41

STEPS TO REPRODUCE

One of the definitions is:

- name: Start container
  community.general.docker_container:
    name: traefik
    image: traefik:v3.1.0
    state: started
    pull: true
    init: false
    auto_remove: false
    detach: true
    interactive: false
    memory: "100M"
    paused: false
    privileged: false
    read_only: true
    tty: false
    restart_policy: unless-stopped
    image_name_mismatch: recreate
    network_mode: default
    networks:
      - name: internal
    ports:
      - "{{ traefik_ipv4 }}:80:80"
      - "{{ traefik_ipv4 }}:443:443"
      - "[{{ traefik_ipv6 }}]:80:80"
      - "[{{ traefik_ipv6 }}]:443:443"
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock
      - /etc/traefik/traefik.toml:/etc/traefik/traefik.toml:ro
      - /etc/traefik/dynamic:/etc/traefik/dynamic:ro
      - traefik-acme:/etc/traefik/acme
      - /etc/traefik/certs:/etc/traefik/certs:ro
    env:
      CLOUDFLARE_DNS_API_TOKEN: "{{ treafik_cloudflare_dns_api_token if traefik_cert_resolver == 'dns' else '' }}"

As you can see, there is nothing unusual.

For whatever reason on some of my servers ansible keep recreating the container even if there are no changes.
What I've noticed so far:

  • The bug only occurs if the remote server uses Docker 27. On Docker 25 it works as expected.
  • It doesn't happen if I add 
      comparisons:
    '*': ignore
EXPECTED RESULTS

Ansible shouldn't recreate the container.

ACTUAL RESULTS
TASK [traefik : Start container] ***********************************************************************************************************************************************
task path: /Users/privat/Coding/ansible-home/roles/traefik/tasks/main.yml:43
Trying secret ScriptVaultSecret(filename='/Users/privat/Coding/ansible-home/vault.key') for vault_id=default
Trying secret ScriptVaultSecret(filename='/Users/privat/Coding/ansible-home/vault.key') for vault_id=default
Trying secret ScriptVaultSecret(filename='/Users/privat/Coding/ansible-home/vault.key') for vault_id=default
Trying secret ScriptVaultSecret(filename='/Users/privat/Coding/ansible-home/vault.key') for vault_id=default
redirecting (type: modules) community.general.docker_container to community.docker.docker_container
redirecting (type: modules) community.general.docker_container to community.docker.docker_container
Using module file /opt/homebrew/Cellar/ansible/10.1.0/libexec/lib/python3.12/site-packages/ansible_collections/community/docker/plugins/modules/docker_container.py
Pipelining is enabled.
<mabel> ESTABLISH SSH CONNECTION FOR USER: <redacted>
<mabel> SSH: EXEC ssh -vvvv -C -o ControlMaster=auto -o ControlPersist=60s -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o 'User="<redacted>"' -o ConnectTimeout=10 -o 'ControlPath="/Users/privat/.ansible/cp/9d949ab4f2"' mabel '/bin/sh -c '"'"'sudo -H -S -p "[sudo via ansible, key=xixbrrtzeorfbdvfjxmdczaqqclsnlcg] password:" -u root /bin/sh -c '"'"'"'"'"'"'"'"'echo BECOME-SUCCESS-xixbrrtzeorfbdvfjxmdczaqqclsnlcg ; /usr/bin/python3.11'"'"'"'"'"'"'"'"' && sleep 0'"'"''
Escalation succeeded
<mabel> (0, b'\n{"changed": true, "actions": [{"stopped": "6a36cdfce73174c5699a4fb7fbc7de9a57eba43b991f9c6086177b231624fa73", "timeout": null}, {"removed": "6a36cdfce73174c5699a4fb7fbc7de9a57eba43b991f9c6086177b231624fa73", "volume_state": false, "link": false, "force": false}, {"created": "Created container", "create_parameters": {"HostConfig": {"AutoRemove": false, "Init": false, "Memory": 104857600, "NetworkMode": "default", "Privileged": false, "ReadonlyRootfs": true, "RestartPolicy": {"Name": "unless-stopped", "MaximumRetryCount": null}, "Binds": ["/var/run/docker.sock:/var/run/docker.sock:rw", "/etc/traefik/traefik.toml:/etc/traefik/traefik.toml:ro", "/etc/traefik/dynamic:/etc/traefik/dynamic:ro", "traefik-acme:/etc/traefik/acme:rw", "/etc/traefik/certs:/etc/traefik/certs:ro"], "PortBindings": {"80/tcp": [{"HostIp": "0.0.0.0", "HostPort": "80"}, {"HostIp": "::", "HostPort": "80"}], "443/tcp": [{"HostIp": "0.0.0.0", "HostPort": "443"}, {"HostIp": "::", "HostPort": "443"}]}}, "AttachStdout": false, "AttachStderr": false, "AttachStdin": false, "StdinOnce": false, "OpenStdin": false, "Env": ["CLOUDFLARE_DNS_API_TOKEN=5EpOgApOaBXrWIicnDjwiSG-X7ri4SctraOJy5xQ"], "Image": "traefik:v3.1.0", "Tty": false, "Volumes": {}, "ExposedPorts": {"80/tcp": {}, "443/tcp": {}}}}], "container": {"Id": "6a36cdfce73174c5699a4fb7fbc7de9a57eba43b991f9c6086177b231624fa73", "Created": "2024-07-17T20:46:46.538667247Z", "Path": "/entrypoint.sh", "Args": ["traefik"], "State": {"Status": "running", "Running": true, "Paused": false, "Restarting": false, "OOMKilled": false, "Dead": false, "Pid": 835826, "ExitCode": 0, "Error": "", "StartedAt": "2024-07-17T20:46:46.895513161Z", "FinishedAt": "0001-01-01T00:00:00Z"}, "Image": "sha256:b6966c4c623886228f59f9153b5b882aef72cc6fd3f3076e6e7f1b5efd248787", "ResolvConfPath": "/var/lib/docker/containers/6a36cdfce73174c5699a4fb7fbc7de9a57eba43b991f9c6086177b231624fa73/resolv.conf", "HostnamePath": "/var/lib/docker/containers/6a36cdfce73174c5699a4fb7fbc7de9a57eba43b991f9c6086177b231624fa73/hostname", "HostsPath": "/var/lib/docker/containers/6a36cdfce73174c5699a4fb7fbc7de9a57eba43b991f9c6086177b231624fa73/hosts", "LogPath": "/var/lib/docker/containers/6a36cdfce73174c5699a4fb7fbc7de9a57eba43b991f9c6086177b231624fa73/6a36cdfce73174c5699a4fb7fbc7de9a57eba43b991f9c6086177b231624fa73-json.log", "Name": "/traefik", "RestartCount": 0, "Driver": "btrfs", "Platform": "linux", "MountLabel": "", "ProcessLabel": "", "AppArmorProfile": "docker-default", "ExecIDs": null, "HostConfig": {"Binds": ["/var/run/docker.sock:/var/run/docker.sock:rw", "/etc/traefik/traefik.toml:/etc/traefik/traefik.toml:ro", "/etc/traefik/dynamic:/etc/traefik/dynamic:ro", "traefik-acme:/etc/traefik/acme:rw", "/etc/traefik/certs:/etc/traefik/certs:ro"], "ContainerIDFile": "", "LogConfig": {"Type": "json-file", "Config": {}}, "NetworkMode": "bridge", "PortBindings": {"443/tcp": [{"HostIp": "0.0.0.0", "HostPort": "443"}, {"HostIp": "::", "HostPort": "443"}], "80/tcp": [{"HostIp": "0.0.0.0", "HostPort": "80"}, {"HostIp": "::", "HostPort": "80"}]}, "RestartPolicy": {"Name": "unless-stopped", "MaximumRetryCount": 0}, "AutoRemove": false, "VolumeDriver": "", "VolumesFrom": null, "ConsoleSize": [0, 0], "CapAdd": null, "CapDrop": null, "CgroupnsMode": "private", "Dns": null, "DnsOptions": null, "DnsSearch": null, "ExtraHosts": null, "GroupAdd": null, "IpcMode": "private", "Cgroup": "", "Links": null, "OomScoreAdj": 0, "PidMode": "", "Privileged": false, "PublishAllPorts": false, "ReadonlyRootfs": true, "SecurityOpt": null, "UTSMode": "", "UsernsMode": "", "ShmSize": 67108864, "Runtime": "runc", "Isolation": "", "CpuShares": 0, "Memory": 104857600, "NanoCpus": 0, "CgroupParent": "", "BlkioWeight": 0, "BlkioWeightDevice": null, "BlkioDeviceReadBps": null, "BlkioDeviceWriteBps": null, "BlkioDeviceReadIOps": null, "BlkioDeviceWriteIOps": null, "CpuPeriod": 0, "CpuQuota": 0, "CpuRealtimePeriod": 0, "CpuRealtimeRuntime": 0, "CpusetCpus": "", "CpusetMems": "", "Devices": null, "DeviceCgroupRules": null, "DeviceRequests": null, "MemoryReservation": 0, "MemorySwap": 209715200, "MemorySwappiness": null, "OomKillDisable": null, "PidsLimit": null, "Ulimits": null, "CpuCount": 0, "CpuPercent": 0, "IOMaximumIOps": 0, "IOMaximumBandwidth": 0, "MaskedPaths": ["/proc/asound", "/proc/acpi", "/proc/kcore", "/proc/keys", "/proc/latency_stats", "/proc/timer_list", "/proc/timer_stats", "/proc/sched_debug", "/proc/scsi", "/sys/firmware", "/sys/devices/virtual/powercap"], "ReadonlyPaths": ["/proc/bus", "/proc/fs", "/proc/irq", "/proc/sys", "/proc/sysrq-trigger"], "Init": false}, "GraphDriver": {"Data": null, "Name": "btrfs"}, "Mounts": [{"Type": "bind", "Source": "/etc/traefik/traefik.toml", "Destination": "/etc/traefik/traefik.toml", "Mode": "ro", "RW": false, "Propagation": "rprivate"}, {"Type": "bind", "Source": "/etc/traefik/dynamic", "Destination": "/etc/traefik/dynamic", "Mode": "ro", "RW": false, "Propagation": "rprivate"}, {"Type": "volume", "Name": "traefik-acme", "Source": "/var/lib/docker/volumes/traefik-acme/_data", "Destination": "/etc/traefik/acme", "Driver": "local", "Mode": "rw", "RW": true, "Propagation": ""}, {"Type": "bind", "Source": "/etc/traefik/certs", "Destination": "/etc/traefik/certs", "Mode": "ro", "RW": false, "Propagation": "rprivate"}, {"Type": "bind", "Source": "/var/run/docker.sock", "Destination": "/var/run/docker.sock", "Mode": "rw", "RW": true, "Propagation": "rprivate"}], "Config": {"Hostname": "6a36cdfce731", "Domainname": "", "User": "", "AttachStdin": false, "AttachStdout": false, "AttachStderr": false, "ExposedPorts": {"443/tcp": {}, "80/tcp": {}}, "Tty": false, "OpenStdin": false, "StdinOnce": false, "Env": ["CLOUDFLARE_DNS_API_TOKEN=5EpOgApOaBXrWIicnDjwiSG-X7ri4SctraOJy5xQ", "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"], "Cmd": ["traefik"], "Image": "traefik:v3.1.0", "Volumes": null, "WorkingDir": "", "Entrypoint": ["/entrypoint.sh"], "OnBuild": null, "Labels": {"org.opencontainers.image.description": "A modern reverse-proxy", "org.opencontainers.image.documentation": "https://docs.traefik.io", "org.opencontainers.image.source": "https://github.com/traefik/traefik", "org.opencontainers.image.title": "Traefik", "org.opencontainers.image.url": "https://traefik.io", "org.opencontainers.image.vendor": "Traefik Labs", "org.opencontainers.image.version": "v3.1.0"}}, "NetworkSettings": {"Bridge": "", "SandboxID": "b6d32a1a6af7f02edada2071eb95be36abd3303b8c6e9d35b2ad2b8b7c9cc828", "SandboxKey": "/var/run/docker/netns/b6d32a1a6af7", "Ports": {"443/tcp": [{"HostIp": "0.0.0.0", "HostPort": "443"}, {"HostIp": "::", "HostPort": "443"}], "80/tcp": [{"HostIp": "0.0.0.0", "HostPort": "80"}, {"HostIp": "::", "HostPort": "80"}]}, "HairpinMode": false, "LinkLocalIPv6Address": "", "LinkLocalIPv6PrefixLen": 0, "SecondaryIPAddresses": null, "SecondaryIPv6Addresses": null, "EndpointID": "764403cc2aaea85ed1d3128a8f3f39e4098b386c211ead240e27c4a165cba3e4", "Gateway": "172.17.0.1", "GlobalIPv6Address": "<redacted>", "GlobalIPv6PrefixLen": 64, "IPAddress": "172.17.0.3", "IPPrefixLen": 16, "IPv6Gateway": "<redacted>", "MacAddress": "02:42:ac:11:00:03", "Networks": {"bridge": {"IPAMConfig": null, "Links": null, "Aliases": null, "MacAddress": "02:42:ac:11:00:03", "DriverOpts": null, "NetworkID": "2c6ef28a257590bd51add33de668a1ea818d30777f77869f9d6ccdcd794e98f3", "EndpointID": "764403cc2aaea85ed1d3128a8f3f39e4098b386c211ead240e27c4a165cba3e4", "Gateway": "172.17.0.1", "IPAddress": "172.17.0.3", "IPPrefixLen": 16, "IPv6Gateway": "<redacted>", "GlobalIPv6Address": "<redacted>", "GlobalIPv6PrefixLen": 64, "DNSNames": null}, "internal": {"IPAMConfig": null, "Links": null, "Aliases": null, "MacAddress": "02:42:ac:12:00:04", "DriverOpts": null, "NetworkID": "cab67bddb4ca37c55a72a7196d6d9564a835cf1e65fbacbaa56989d6ebe9b82e", "EndpointID": "cfe87b9dc4a3246da6899d9e8ec74d1ef06e986c510d45cf64b73e5545a981e0", "Gateway": "172.18.0.1", "IPAddress": "172.18.0.4", "IPPrefixLen": 16, "IPv6Gateway": "<redacted>", "GlobalIPv6Address": "<redacted>", "GlobalIPv6PrefixLen": 64, "DNSNames": ["traefik", "6a36cdfce731"]}}}}, "invocation": {"module_args": {"name": "traefik", "image": "traefik:v3.1.0", "state": "started", "pull": true, "init": false, "auto_remove": false, "detach": true, "interactive": false, "memory": "100M", "paused": false, "privileged": false, "read_only": true, "tty": false, "restart_policy": "unless-stopped", "image_name_mismatch": "recreate", "network_mode": "default", "networks": [{"name": "internal", "ipv4_address": null, "ipv6_address": null, "aliases": null, "links": null, "mac_address": null, "id": "cab67bddb4ca37c55a72a7196d6d9564a835cf1e65fbacbaa56989d6ebe9b82e"}], "ports": ["0.0.0.0:80:80", "0.0.0.0:443:443", "[::]:80:80", "[::]:443:443"], "volumes": ["/var/run/docker.sock:/var/run/docker.sock", "/etc/traefik/traefik.toml:/etc/traefik/traefik.toml:ro", "/etc/traefik/dynamic:/etc/traefik/dynamic:ro", "traefik-acme:/etc/traefik/acme", "/etc/traefik/certs:/etc/traefik/certs:ro"], "env": {"CLOUDFLARE_DNS_API_TOKEN": "5EpOgApOaBXrWIicnDjwiSG-X7ri4SctraOJy5xQ"}, "published_ports": ["0.0.0.0:80:80", "0.0.0.0:443:443", "[::]:80:80", "[::]:443:443"], "docker_host": "unix:///var/run/docker.sock", "api_version": "auto", "timeout": 60, "tls": false, "use_ssh_client": false, "validate_certs": false, "debug": false, "cleanup": false, "container_default_behavior": "no_defaults", "command_handling": "correct", "force_kill": false, "ignore_image": false, "image_comparison": "desired-image", "image_label_mismatch": "ignore", "keep_volumes": true, "networks_cli_compatible": true, "output_logs": false, "pull_check_mode_behavior": "image_not_present", "purge_networks": false, "recreate": false, "restart": false, "tls_hostname": null, "ca_path": null, "client_cert": null, "client_key": null, "ssl_version": null, "comparisons": null, "default_host_ip": null, "kill_signal": null, "removal_wait_timeout": null, "blkio_weight": null, "capabilities": null, "cap_drop": null, "cgroupns_mode": null, "cgroup_parent": null, "command": null, "cpu_period": null, "cpu_quota": null, "cpuset_cpus": null, "cpuset_mems": null, "cpu_shares": null, "entrypoint": null, "cpus": null, "devices": null, "device_read_bps": null, "device_write_bps": null, "device_read_iops": null, "device_write_iops": null, "device_requests": null, "dns_servers": null, "dns_opts": null, "dns_search_domains": null, "domainname": null, "env_file": null, "etc_hosts": null, "groups": null, "healthcheck": null, "hostname": null, "ipc_mode": null, "kernel_memory": null, "labels": null, "links": null, "log_driver": null, "log_options": null, "mac_address": null, "memory_reservation": null, "memory_swap": null, "memory_swappiness": null, "stop_timeout": null, "oom_killer": null, "oom_score_adj": null, "pid_mode": null, "pids_limit": null, "platform": null, "restart_retries": null, "runtime": null, "security_opts": null, "shm_size": null, "stop_signal": null, "storage_opts": null, "sysctls": null, "tmpfs": null, "ulimits": null, "user": null, "userns_mode": null, "uts": null, "volume_driver": null, "volumes_from": null, "working_dir": null, "mounts": null, "exposed_ports": null, "publish_all_ports": null}}}\n', b"OpenSSH_9.6p1, LibreSSL 3.3.6\r\ndebug1: Reading configuration data /Users/privat/.ssh/config\r\ndebug1: /Users/privat/.ssh/config line 1: Applying options for *\r\ndebug1: /Users/privat/.ssh/config line 15: Applying options for mabel\r\ndebug1: Reading configuration data /etc/ssh/ssh_config\r\ndebug1: /etc/ssh/ssh_config line 21: include /etc/ssh/ssh_config.d/* matched no files\r\ndebug1: /etc/ssh/ssh_config line 54: Applying options for *\r\ndebug3: expanded UserKnownHostsFile '~/.ssh/known_hosts' -> '/Users/privat/.ssh/known_hosts'\r\ndebug3: expanded UserKnownHostsFile '~/.ssh/known_hosts2' -> '/Users/privat/.ssh/known_hosts2'\r\ndebug1: Authenticator provider $SSH_SK_PROVIDER did not resolve; disabling\r\ndebug1: auto-mux: Trying existing master at '/Users/privat/.ansible/cp/9d949ab4f2'\r\ndebug2: fd 3 setting O_NONBLOCK\r\ndebug2: mux_client_hello_exchange: master version 4\r\ndebug3: mux_client_forwards: request forwardings: 0 local, 0 remote\r\ndebug3: mux_client_request_session: entering\r\ndebug3: mux_client_request_alive: entering\r\ndebug3: mux_client_request_alive: done pid = 58197\r\ndebug3: mux_client_request_session: session request sent\r\ndebug1: mux_client_request_session: master session id: 2\r\ndebug3: mux_client_read_packet_timeout: read header failed: Broken pipe\r\ndebug2: Received exit status from master 0\r\n")
changed: [mabel] => {
    "actions": [
        {
            "stopped": "6a36cdfce73174c5699a4fb7fbc7de9a57eba43b991f9c6086177b231624fa73",
            "timeout": null
        },
        {
            "force": false,
            "link": false,
            "removed": "6a36cdfce73174c5699a4fb7fbc7de9a57eba43b991f9c6086177b231624fa73",
            "volume_state": false
        },
        {
            "create_parameters": {
                "AttachStderr": false,
                "AttachStdin": false,
                "AttachStdout": false,
                "Env": [
                    "CLOUDFLARE_DNS_API_TOKEN=5EpOgApOaBXrWIicnDjwiSG-X7ri4SctraOJy5xQ"
                ],
                "ExposedPorts": {
                    "443/tcp": {},
                    "80/tcp": {}
                },
                "HostConfig": {
                    "AutoRemove": false,
                    "Binds": [
                        "/var/run/docker.sock:/var/run/docker.sock:rw",
                        "/etc/traefik/traefik.toml:/etc/traefik/traefik.toml:ro",
                        "/etc/traefik/dynamic:/etc/traefik/dynamic:ro",
                        "traefik-acme:/etc/traefik/acme:rw",
                        "/etc/traefik/certs:/etc/traefik/certs:ro"
                    ],
                    "Init": false,
                    "Memory": 104857600,
                    "NetworkMode": "default",
                    "PortBindings": {
                        "443/tcp": [
                            {
                                "HostIp": "0.0.0.0",
                                "HostPort": "443"
                            },
                            {
                                "HostIp": "::",
                                "HostPort": "443"
                            }
                        ],
                        "80/tcp": [
                            {
                                "HostIp": "0.0.0.0",
                                "HostPort": "80"
                            },
                            {
                                "HostIp": "::",
                                "HostPort": "80"
                            }
                        ]
                    },
                    "Privileged": false,
                    "ReadonlyRootfs": true,
                    "RestartPolicy": {
                        "MaximumRetryCount": null,
                        "Name": "unless-stopped"
                    }
                },
                "Image": "traefik:v3.1.0",
                "OpenStdin": false,
                "StdinOnce": false,
                "Tty": false,
                "Volumes": {}
            },
            "created": "Created container"
        }
    ],
    "changed": true,
    "container": {
        "AppArmorProfile": "docker-default",
        "Args": [
            "traefik"
        ],
        "Config": {
            "AttachStderr": false,
            "AttachStdin": false,
            "AttachStdout": false,
            "Cmd": [
                "traefik"
            ],
            "Domainname": "",
            "Entrypoint": [
                "/entrypoint.sh"
            ],
            "Env": [
                "CLOUDFLARE_DNS_API_TOKEN=5EpOgApOaBXrWIicnDjwiSG-X7ri4SctraOJy5xQ",
                "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
            ],
            "ExposedPorts": {
                "443/tcp": {},
                "80/tcp": {}
            },
            "Hostname": "6a36cdfce731",
            "Image": "traefik:v3.1.0",
            "Labels": {
                "org.opencontainers.image.description": "A modern reverse-proxy",
                "org.opencontainers.image.documentation": "https://docs.traefik.io",
                "org.opencontainers.image.source": "https://github.com/traefik/traefik",
                "org.opencontainers.image.title": "Traefik",
                "org.opencontainers.image.url": "https://traefik.io",
                "org.opencontainers.image.vendor": "Traefik Labs",
                "org.opencontainers.image.version": "v3.1.0"
            },
            "OnBuild": null,
            "OpenStdin": false,
            "StdinOnce": false,
            "Tty": false,
            "User": "",
            "Volumes": null,
            "WorkingDir": ""
        },
        "Created": "2024-07-17T20:46:46.538667247Z",
        "Driver": "btrfs",
        "ExecIDs": null,
        "GraphDriver": {
            "Data": null,
            "Name": "btrfs"
        },
        "HostConfig": {
            "AutoRemove": false,
            "Binds": [
                "/var/run/docker.sock:/var/run/docker.sock:rw",
                "/etc/traefik/traefik.toml:/etc/traefik/traefik.toml:ro",
                "/etc/traefik/dynamic:/etc/traefik/dynamic:ro",
                "traefik-acme:/etc/traefik/acme:rw",
                "/etc/traefik/certs:/etc/traefik/certs:ro"
            ],
            "BlkioDeviceReadBps": null,
            "BlkioDeviceReadIOps": null,
            "BlkioDeviceWriteBps": null,
            "BlkioDeviceWriteIOps": null,
            "BlkioWeight": 0,
            "BlkioWeightDevice": null,
            "CapAdd": null,
            "CapDrop": null,
            "Cgroup": "",
            "CgroupParent": "",
            "CgroupnsMode": "private",
            "ConsoleSize": [
                0,
                0
            ],
            "ContainerIDFile": "",
            "CpuCount": 0,
            "CpuPercent": 0,
            "CpuPeriod": 0,
            "CpuQuota": 0,
            "CpuRealtimePeriod": 0,
            "CpuRealtimeRuntime": 0,
            "CpuShares": 0,
            "CpusetCpus": "",
            "CpusetMems": "",
            "DeviceCgroupRules": null,
            "DeviceRequests": null,
            "Devices": null,
            "Dns": null,
            "DnsOptions": null,
            "DnsSearch": null,
            "ExtraHosts": null,
            "GroupAdd": null,
            "IOMaximumBandwidth": 0,
            "IOMaximumIOps": 0,
            "Init": false,
            "IpcMode": "private",
            "Isolation": "",
            "Links": null,
            "LogConfig": {
                "Config": {},
                "Type": "json-file"
            },
            "MaskedPaths": [
                "/proc/asound",
                "/proc/acpi",
                "/proc/kcore",
                "/proc/keys",
                "/proc/latency_stats",
                "/proc/timer_list",
                "/proc/timer_stats",
                "/proc/sched_debug",
                "/proc/scsi",
                "/sys/firmware",
                "/sys/devices/virtual/powercap"
            ],
            "Memory": 104857600,
            "MemoryReservation": 0,
            "MemorySwap": 209715200,
            "MemorySwappiness": null,
            "NanoCpus": 0,
            "NetworkMode": "bridge",
            "OomKillDisable": null,
            "OomScoreAdj": 0,
            "PidMode": "",
            "PidsLimit": null,
            "PortBindings": {
                "443/tcp": [
                    {
                        "HostIp": "0.0.0.0",
                        "HostPort": "443"
                    },
                    {
                        "HostIp": "::",
                        "HostPort": "443"
                    }
                ],
                "80/tcp": [
                    {
                        "HostIp": "0.0.0.0",
                        "HostPort": "80"
                    },
                    {
                        "HostIp": "::",
                        "HostPort": "80"
                    }
                ]
            },
            "Privileged": false,
            "PublishAllPorts": false,
            "ReadonlyPaths": [
                "/proc/bus",
                "/proc/fs",
                "/proc/irq",
                "/proc/sys",
                "/proc/sysrq-trigger"
            ],
            "ReadonlyRootfs": true,
            "RestartPolicy": {
                "MaximumRetryCount": 0,
                "Name": "unless-stopped"
            },
            "Runtime": "runc",
            "SecurityOpt": null,
            "ShmSize": 67108864,
            "UTSMode": "",
            "Ulimits": null,
            "UsernsMode": "",
            "VolumeDriver": "",
            "VolumesFrom": null
        },
        "HostnamePath": "/var/lib/docker/containers/6a36cdfce73174c5699a4fb7fbc7de9a57eba43b991f9c6086177b231624fa73/hostname",
        "HostsPath": "/var/lib/docker/containers/6a36cdfce73174c5699a4fb7fbc7de9a57eba43b991f9c6086177b231624fa73/hosts",
        "Id": "6a36cdfce73174c5699a4fb7fbc7de9a57eba43b991f9c6086177b231624fa73",
        "Image": "sha256:b6966c4c623886228f59f9153b5b882aef72cc6fd3f3076e6e7f1b5efd248787",
        "LogPath": "/var/lib/docker/containers/6a36cdfce73174c5699a4fb7fbc7de9a57eba43b991f9c6086177b231624fa73/6a36cdfce73174c5699a4fb7fbc7de9a57eba43b991f9c6086177b231624fa73-json.log",
        "MountLabel": "",
        "Mounts": [
            {
                "Destination": "/etc/traefik/traefik.toml",
                "Mode": "ro",
                "Propagation": "rprivate",
                "RW": false,
                "Source": "/etc/traefik/traefik.toml",
                "Type": "bind"
            },
            {
                "Destination": "/etc/traefik/dynamic",
                "Mode": "ro",
                "Propagation": "rprivate",
                "RW": false,
                "Source": "/etc/traefik/dynamic",
                "Type": "bind"
            },
            {
                "Destination": "/etc/traefik/acme",
                "Driver": "local",
                "Mode": "rw",
                "Name": "traefik-acme",
                "Propagation": "",
                "RW": true,
                "Source": "/var/lib/docker/volumes/traefik-acme/_data",
                "Type": "volume"
            },
            {
                "Destination": "/etc/traefik/certs",
                "Mode": "ro",
                "Propagation": "rprivate",
                "RW": false,
                "Source": "/etc/traefik/certs",
                "Type": "bind"
            },
            {
                "Destination": "/var/run/docker.sock",
                "Mode": "rw",
                "Propagation": "rprivate",
                "RW": true,
                "Source": "/var/run/docker.sock",
                "Type": "bind"
            }
        ],
        "Name": "/traefik",
        "NetworkSettings": {
            "Bridge": "",
            "EndpointID": "764403cc2aaea85ed1d3128a8f3f39e4098b386c211ead240e27c4a165cba3e4",
            "Gateway": "172.17.0.1",
            "GlobalIPv6Address": "<redacted>",
            "GlobalIPv6PrefixLen": 64,
            "HairpinMode": false,
            "IPAddress": "172.17.0.3",
            "IPPrefixLen": 16,
            "IPv6Gateway": "<redacted>",
            "LinkLocalIPv6Address": "",
            "LinkLocalIPv6PrefixLen": 0,
            "MacAddress": "02:42:ac:11:00:03",
            "Networks": {
                "bridge": {
                    "Aliases": null,
                    "DNSNames": null,
                    "DriverOpts": null,
                    "EndpointID": "764403cc2aaea85ed1d3128a8f3f39e4098b386c211ead240e27c4a165cba3e4",
                    "Gateway": "172.17.0.1",
                    "GlobalIPv6Address": "<redacted>",
                    "GlobalIPv6PrefixLen": 64,
                    "IPAMConfig": null,
                    "IPAddress": "172.17.0.3",
                    "IPPrefixLen": 16,
                    "IPv6Gateway": "<redacted>",
                    "Links": null,
                    "MacAddress": "02:42:ac:11:00:03",
                    "NetworkID": "2c6ef28a257590bd51add33de668a1ea818d30777f77869f9d6ccdcd794e98f3"
                },
                "internal": {
                    "Aliases": null,
                    "DNSNames": [
                        "traefik",
                        "6a36cdfce731"
                    ],
                    "DriverOpts": null,
                    "EndpointID": "cfe87b9dc4a3246da6899d9e8ec74d1ef06e986c510d45cf64b73e5545a981e0",
                    "Gateway": "172.18.0.1",
                    "GlobalIPv6Address": "fd8a:d35:aec7:3417::4",
                    "GlobalIPv6PrefixLen": 64,
                    "IPAMConfig": null,
                    "IPAddress": "172.18.0.4",
                    "IPPrefixLen": 16,
                    "IPv6Gateway": "fd8a:d35:aec7:3417::1",
                    "Links": null,
                    "MacAddress": "02:42:ac:12:00:04",
                    "NetworkID": "cab67bddb4ca37c55a72a7196d6d9564a835cf1e65fbacbaa56989d6ebe9b82e"
                }
            },
            "Ports": {
                "443/tcp": [
                    {
                        "HostIp": "0.0.0.0",
                        "HostPort": "443"
                    },
                    {
                        "HostIp": "::",
                        "HostPort": "443"
                    }
                ],
                "80/tcp": [
                    {
                        "HostIp": "0.0.0.0",
                        "HostPort": "80"
                    },
                    {
                        "HostIp": "::",
                        "HostPort": "80"
                    }
                ]
            },
            "SandboxID": "b6d32a1a6af7f02edada2071eb95be36abd3303b8c6e9d35b2ad2b8b7c9cc828",
            "SandboxKey": "/var/run/docker/netns/b6d32a1a6af7",
            "SecondaryIPAddresses": null,
            "SecondaryIPv6Addresses": null
        },
        "Path": "/entrypoint.sh",
        "Platform": "linux",
        "ProcessLabel": "",
        "ResolvConfPath": "/var/lib/docker/containers/6a36cdfce73174c5699a4fb7fbc7de9a57eba43b991f9c6086177b231624fa73/resolv.conf",
        "RestartCount": 0,
        "State": {
            "Dead": false,
            "Error": "",
            "ExitCode": 0,
            "FinishedAt": "0001-01-01T00:00:00Z",
            "OOMKilled": false,
            "Paused": false,
            "Pid": 835826,
            "Restarting": false,
            "Running": true,
            "StartedAt": "2024-07-17T20:46:46.895513161Z",
            "Status": "running"
        }
    },
    "invocation": {
        "module_args": {
            "api_version": "auto",
            "auto_remove": false,
            "blkio_weight": null,
            "ca_path": null,
            "cap_drop": null,
            "capabilities": null,
            "cgroup_parent": null,
            "cgroupns_mode": null,
            "cleanup": false,
            "client_cert": null,
            "client_key": null,
            "command": null,
            "command_handling": "correct",
            "comparisons": null,
            "container_default_behavior": "no_defaults",
            "cpu_period": null,
            "cpu_quota": null,
            "cpu_shares": null,
            "cpus": null,
            "cpuset_cpus": null,
            "cpuset_mems": null,
            "debug": false,
            "default_host_ip": null,
            "detach": true,
            "device_read_bps": null,
            "device_read_iops": null,
            "device_requests": null,
            "device_write_bps": null,
            "device_write_iops": null,
            "devices": null,
            "dns_opts": null,
            "dns_search_domains": null,
            "dns_servers": null,
            "docker_host": "unix:///var/run/docker.sock",
            "domainname": null,
            "entrypoint": null,
            "env": {
                "CLOUDFLARE_DNS_API_TOKEN": "5EpOgApOaBXrWIicnDjwiSG-X7ri4SctraOJy5xQ"
            },
            "env_file": null,
            "etc_hosts": null,
            "exposed_ports": null,
            "force_kill": false,
            "groups": null,
            "healthcheck": null,
            "hostname": null,
            "ignore_image": false,
            "image": "traefik:v3.1.0",
            "image_comparison": "desired-image",
            "image_label_mismatch": "ignore",
            "image_name_mismatch": "recreate",
            "init": false,
            "interactive": false,
            "ipc_mode": null,
            "keep_volumes": true,
            "kernel_memory": null,
            "kill_signal": null,
            "labels": null,
            "links": null,
            "log_driver": null,
            "log_options": null,
            "mac_address": null,
            "memory": "100M",
            "memory_reservation": null,
            "memory_swap": null,
            "memory_swappiness": null,
            "mounts": null,
            "name": "traefik",
            "network_mode": "default",
            "networks": [
                {
                    "aliases": null,
                    "id": "cab67bddb4ca37c55a72a7196d6d9564a835cf1e65fbacbaa56989d6ebe9b82e",
                    "ipv4_address": null,
                    "ipv6_address": null,
                    "links": null,
                    "mac_address": null,
                    "name": "internal"
                }
            ],
            "networks_cli_compatible": true,
            "oom_killer": null,
            "oom_score_adj": null,
            "output_logs": false,
            "paused": false,
            "pid_mode": null,
            "pids_limit": null,
            "platform": null,
            "ports": [
                "0.0.0.0:80:80",
                "0.0.0.0:443:443",
                "[::]:80:80",
                "[::]:443:443"
            ],
            "privileged": false,
            "publish_all_ports": null,
            "published_ports": [
                "0.0.0.0:80:80",
                "0.0.0.0:443:443",
                "[::]:80:80",
                "[::]:443:443"
            ],
            "pull": true,
            "pull_check_mode_behavior": "image_not_present",
            "purge_networks": false,
            "read_only": true,
            "recreate": false,
            "removal_wait_timeout": null,
            "restart": false,
            "restart_policy": "unless-stopped",
            "restart_retries": null,
            "runtime": null,
            "security_opts": null,
            "shm_size": null,
            "ssl_version": null,
            "state": "started",
            "stop_signal": null,
            "stop_timeout": null,
            "storage_opts": null,
            "sysctls": null,
            "timeout": 60,
            "tls": false,
            "tls_hostname": null,
            "tmpfs": null,
            "tty": false,
            "ulimits": null,
            "use_ssh_client": false,
            "user": null,
            "userns_mode": null,
            "uts": null,
            "validate_certs": false,
            "volume_driver": null,
            "volumes": [
                "/var/run/docker.sock:/var/run/docker.sock",
                "/etc/traefik/traefik.toml:/etc/traefik/traefik.toml:ro",
                "/etc/traefik/dynamic:/etc/traefik/dynamic:ro",
                "traefik-acme:/etc/traefik/acme",
                "/etc/traefik/certs:/etc/traefik/certs:ro"
            ],
            "volumes_from": null,
            "working_dir": null
        }
    }
}
@mrdrogdrog mrdrogdrog mentioned this issue Jul 20, 2024
Closed
1 task
@mrdrogdrog
Copy link
Author

mrdrogdrog commented Jul 20, 2024
edited
Loading

It seems to be linked to the network configuration.

comparisons:
    '*': ignore

doesnt recreate but

comparisons:
    '*': ignore
    networks: strict

does

@felixfontein felixfontein added bug Something isn't working docker-plain plain Docker (no swarm, no compose, no stack) labels Jul 20, 2024
@felixfontein
Copy link
Collaborator

Thanks for the report! Did you pass --diff to ansible-playbook to see what the module thinks has changed?

@mrdrogdrog
Copy link
Author

No, i didn't know this option. I'm gonna try this and will post the result.

@mrdrogdrog
Copy link
Author

mrdrogdrog commented Jul 20, 2024
edited
Loading 

TASK [traefik : Start container] ******************
--- before
+++ after
@@ -1,3 +1,3 @@
 {
-    "network_mode": "bridge"
+    "network_mode": "default"
 }

changed: [mabel]

@mrdrogdrog
Copy link
Author

mrdrogdrog commented Jul 20, 2024
edited
Loading

If I set network_mode to anything except default then it works without recreation.

@felixfontein
Copy link
Collaborator

Hmm, default is a special value that is handled differently depending on the Docker daemon's platform: for Linux/Unix it corresponds to bridge, and for Windows to nat.

If you are always using one of these sort, better always use bridge or nat instead of default as a workaround.

@felixfontein
Copy link
Collaborator

Note to self for fixing this: the /info endpoint returns OSType (either linux or windows, no other values currently supported), which can be used to figure out what default means.

@mrdrogdrog
Copy link
Author

Hm. As you can see in the "os environment" all my remote machines are running on Linux. The only difference is only the used docker version.

@felixfontein felixfontein mentioned this issue Jul 20, 2024
Merged
@felixfontein
Copy link
Collaborator

My guess is that the older Docker version returned default, while the newer one returns the effective used network mode.

After looking through the Docker commits, I found out that this was changed in moby/moby@4eed3dc, which first appeared in Docker 26.1.0 apparently. Basically this commit broke idempotency when using network_mode=default in the docker_container module.

@felixfontein felixfontein mentioned this issue Jul 20, 2024
Merged
@felixfontein
Copy link
Collaborator

#936 should fix this. Can you try it out?

@mrdrogdrog
Copy link
Author

mrdrogdrog commented Jul 28, 2024
edited
Loading

@felixfontein Thank you very much!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working docker-plain plain Docker (no swarm, no compose, no stack)
Projects
None yet
Milestone
No milestone
2 participants
@felixfontein @mrdrogdrog