change port for arminc/clair-db as a docker postgresql container is running on the same port

[abhishiktvv]

Hi, could you please let me know while running the command
docker run -p 5432:5432 -d --name db arminc/clair-db:2017-09-18 , i already have a postgres container for my project running on that 5432 port, if i simple change
docker run -p 5432:5432 -d --name db arminc/clair-db:2017-09-18 this port number to
docker run -p XXXX:XXXX -d --name db arminc/clair-db:2017-09-18 would the scanner work fine or does it gives any error?

[arminc]

You can't change the port that easily because it is configured in clair here https://github.com/arminc/clair-local-scan/blob/master/clair/config.yaml. You can do two things:

1. Create your own Docker container with Clair - here is the one I provide -> https://github.com/arminc/clair-local-scan/tree/master/clair and change the port there
2. Instead of exposing the DB port link the DB container with the Clair container trough Docker

[abhishiktvv]

Thanks , i will check it and let you know :)

[abhishiktvv]

Hi, can you just throw some light on how to build the container after modifiying the DB port in config.yaml in https://github.com/arminc/clair-local-scan/tree/master/clair

…

On Tue, Jul 31, 2018 at 12:02 PM Armin Coralic ***@***.***> wrote: You can't change the port that easily because it is configured in clair here https://github.com/arminc/clair-local-scan/blob/master/clair/config.yaml. You can do two things: 1. Create your own Docker container with Clair - here is the one I provide -> https://github.com/arminc/clair-local-scan/tree/master/clair and change the port there 2. Instead of exposing the DB port link the DB container with the Clair container trough Docker — You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub <#51 (comment)>, or mute the thread <https://github.com/notifications/unsubscribe-auth/AL2vFh8d9pnHu2Ewzkll8g5z9Ksw2fu4ks5uL_nngaJpZM4Vnjh9> .

[abhishiktvv]

i have created a container using docker build, then when i try to run modified build it says dial tcp error 172.17.0.2:XXXX XXXX(is the modified port). can you just say me where was i going wrong

[yegorski]

This is not an issue for me but posting because I'm curious what's going on.

I'm running your image by following GitLab's docs https://docs.gitlab.com/ce/ci/examples/container_scanning.html

If I use arminc/clair-db:latest the container starts up:

2019-02-22 16:31:33.014 UTC [1] LOG:  listening on IPv4 address "0.0.0.0", port 5432
2019-02-22 16:31:33.015 UTC [1] LOG:  listening on IPv6 address "::", port 5432
2019-02-22 16:31:33.021 UTC [1] LOG:  listening on Unix socket "/var/run/postgresql/.s.PGSQL.5432"
2019-02-22 16:31:33.070 UTC [18] LOG:  database system was shut down at 2019-02-21 01:43:33 UTC
2019-02-22 16:31:33.080 UTC [1] LOG:  database system is ready to accept connections

But if I clone https://github.com/arminc/clair-local-scan, docker build --tag clair-test ., and docker run clair-test I get the issue described above:

{"Event":"pgsql: could not open database: dial tcp: lookup postgres on 192.168.65.1:53: no such host","Level":"fatal","Location":"main.go:96","Time":"2019-02-22 16:30:54.080244"}

There seems to be a difference between how arminc/clair-db:latest was built and the images built using this Dockerfile https://github.com/arminc/clair-local-scan/blob/master/clair/Dockerfile.

[rkasivisvanathan]

Just in case if someone is facing the same issue with podman in 2023. Here are the steps that i followed to resolve "no such host error"..

Links feature of Docker is now deprecated and is no longer supported. Placing containers in a pod and networking them is an alternative to links functionality.

arminc/clair-db:latest image built using the Dockerfile https://github.com/arminc/clair-local-scan/blob/master/clair/Dockerfile requires postgres db to be exposed on host postgres with 5432 listener port.

Clair Config.yaml uses the following connection string to interact with postgres db

source: host=postgres port=5432 user=postgres password=password sslmode=disable statement_timeout=60000

Link parameter was previously used to set network aliases for a running container. Here clair-db can be accessed via alias name postgres

docker run -p 6060:6060 --link clair-db:postgres -d --name clair arminc/clair-local-scan:v2.0.8_fe9b059d930314b54c78f75afe265955faf4fdc1

This functionality is no longer supported ; hence created a pod with name "postgres" and expose port 5432/6060 and associate the clair-db & clair containers.

podman pod create -n postgres -p 6060:6060 -p 5432:5432
podman run -d --pod postgres --name db arminc/clair-db:latest
podman run -d --pod postgres --name clair arminc/clair-local-scan:latest

Now, Clair API Server can successfully connect to Clair postgres DB and the following logs are recorded during start-up.

Ramasubramanians-MacBook-Pro:Downloads ramkasivisvanathan$ podman logs db

PostgreSQL Database directory appears to contain a database; Skipping initialization

2023-04-06 08:32:31.018 UTC [1] LOG:  listening on IPv4 address "0.0.0.0", port 5432
2023-04-06 08:32:31.021 UTC [1] LOG:  listening on IPv6 address "::", port 5432
2023-04-06 08:32:31.028 UTC [1] LOG:  listening on Unix socket "/var/run/postgresql/.s.PGSQL.5432"
2023-04-06 08:32:31.105 UTC [16] LOG:  database system was shut down at 2023-04-11 01:08:34 UTC
2023-04-06 08:32:31.158 UTC [1] LOG:  database system is ready to accept connections

Ramasubramanians-MacBook-Pro:Downloads ramkasivisvanathan$ podman logs clair
{"Event":"running database migrations","Level":"info","Location":"pgsql.go:216","Time":"2023-04-06 08:32:59.116644"}
{"Event":"database migration ran successfully","Level":"info","Location":"pgsql.go:223","Time":"2023-04-06 08:32:59.324439"}
{"Event":"notifier service is disabled","Level":"info","Location":"notifier.go:77","Time":"2023-04-06 08:32:59.334704"}
{"Event":"starting main API","Level":"info","Location":"api.go:52","Time":"2023-04-06 08:32:59.338241","port":6060}
{"Event":"starting health API","Level":"info","Location":"api.go:85","Time":"2023-04-06 08:32:59.348191","port":6061}
{"Event":"updater service started","Level":"info","Location":"updater.go:83","Time":"2023-04-06 08:32:59.352866","lock identifier":"9d63d055-f18c-4605-95a3-10e4f8e9aa91"}