Crash when a container with network_mode: host is running

[Niek]

Whenever a container is running in network host mode, docker-easy-haproxy refuses to start. Log is below:

Traceback (most recent call last):
  File "/usr/lib/python3.10/site-packages/docker/api/client.py", line 268, in _raise_for_status
    response.raise_for_status()
  File "/usr/lib/python3.10/site-packages/requests/models.py", line 960, in raise_for_status
    raise HTTPError(http_error_msg, response=self)
requests.exceptions.HTTPError: 400 Client Error: Bad Request for url: http+docker://localhost/v1.43/networks/ebf21d2da2ef49b72f40147ca4ea6180b5dde83622981664ae107d9491ed22e2/connect

The above exception was the direct cause of the following exception:

Traceback (most recent call last):
  File "/scripts/main.py", line 73, in <module>
    main()
  File "/scripts/main.py", line 70, in main
    start()
  File "/scripts/main.py", line 7, in start
    processor_obj = ProcessorInterface.factory(os.getenv("EASYHAPROXY_DISCOVER"))
  File "/scripts/processor/__init__.py", line 50, in factory
    return Docker()
  File "/scripts/processor/__init__.py", line 128, in __init__
    super().__init__()
  File "/scripts/processor/__init__.py", line 43, in __init__
    self.refresh()
  File "/scripts/processor/__init__.py", line 64, in refresh
    self.inspect_network()
  File "/scripts/processor/__init__.py", line 145, in inspect_network
    ha_proxy_network.connect(container.name)
  File "/usr/lib/python3.10/site-packages/docker/models/networks.py", line 58, in connect
    return self.client.api.connect_container_to_network(
  File "/usr/lib/python3.10/site-packages/docker/utils/decorators.py", line 19, in wrapped
    return f(self, resource_id, *args, **kwargs)
  File "/usr/lib/python3.10/site-packages/docker/api/network.py", line 254, in connect_container_to_network
    self._raise_for_status(res)
  File "/usr/lib/python3.10/site-packages/docker/api/client.py", line 270, in _raise_for_status
    raise create_api_error_from_http_exception(e) from e
  File "/usr/lib/python3.10/site-packages/docker/errors.py", line 39, in create_api_error_from_http_exception
    raise cls(e, response=response, explanation=explanation) from e
docker.errors.APIError: 400 Client Error for http+docker://localhost/v1.43/networks/ebf21d2da2ef49b72f40147ca4ea6180b5dde83622981664ae107d9491ed22e2/connect: Bad Request ("container sharing network namespace with another container or host cannot be connected to any other network")

Maybe the host network containers can be excluded, or at least this error be ignored?

[byjg]

EasyHAProxy manages the container's network to allow the communication. If the container network is host mode the application cannot connect.

So, general rule:

• EasyHAProxy container must publish at least the ports 80 and 443.
• Containers DON'T NEED to have the ports published. EasyHAProxy will act as a forward proxy and connect to them.
• Container network cannot be host mode.

I need to update the documentation with this.

[Niek]

This makes a lot of sense, however what is not clear is that there cannot be any other container running in host mode, even if I don't want to expose it through EasyHAProxy. Or maybe we can set something like an exclude label so it's not taken into consideration and crashing?

[byjg]

That shouldn't happen. EasyHAProxy reads all metadata, but only manages the containers with the label.

I have to create an environment on my side to reproduce this error. If you can provide a docker-compose with the containers and network you have would accelerate my process enormously.