merichar 0 Posted July 25, 2022 Share Posted July 25, 2022 Hello! I am running my Emby server in Docker on TrueNAS SCALE (although I do not think this is an issue with TrueNAS or Docker specifically). The container has access to the Kubernetes network (172.16.x.x) through one interface and my home network through another interface (10.x.x.x). However, the DLNA broadcasts that reach the 10.x.x.x network seem to sometimes or all of the time direct devices to the 172.16.x.x IP, which they cannot access. Would it be possible for any of either: Ensure that broadcasts destined for a particular NIC/interface/IP contain packets referring the client to the IP found on that interface Make the IP or hostname used on all interfaces for DLNA broadcasts configurable Allow only one interface may be used at a time for broadcasts To confirm that the two NICs are present in the container as expected: I can see them in the Emby interface, and the output of "hostname -I" from inside the container returns both correct IP addresses. Emby is accessible on both as expected. I noticed this when Home Assistant, which is present only on my home network (10.x.x.x) was producing errors while trying to access 172.16.x.x to reach Emby, which I had never directed it to. Thanks! Link to comment Share on other sites More sharing options...
Luke 37125 Posted July 25, 2022 Share Posted July 25, 2022 Hi, did you configure host or bridge networking mode on the container? Link to comment Share on other sites More sharing options...
merichar 0 Posted July 25, 2022 Author Share Posted July 25, 2022 One interface is provided by Kubernetes in the Kubernetes specific container. The other interface is a bridge to real interface on the machine. Network settings in TrueNAS: Output of Hostname -I in the container (redacted specific): 172.16.X.X 10.X.X.X Here is the output of Docker inspect: [ { "Id": "846fd5144a36c3b6831886d12da11f4f0225d025332e5554ce151c5de9df63c0", "Created": "2022-07-24T03:25:21.371608127Z", "Path": "/usr/bin/tini", "Args": [ "--", "/entrypoint.sh" ], "State": { "Status": "running", "Running": true, "Paused": false, "Restarting": false, "OOMKilled": false, "Dead": false, "Pid": 50751, "ExitCode": 0, "Error": "", "StartedAt": "2022-07-24T03:25:28.345811925Z", "FinishedAt": "0001-01-01T00:00:00Z" }, "Image": "sha256:231469d8273d190b439a155d67ed66997cd64f869ee11815004002f0d2d49342", "ResolvConfPath": "/mnt/pool-01/ix-applications/docker/containers/3a80022c82bd254d4383bab5ec86ccf999a02688250b09f6c58a89b24d11dbbd/resolv.conf", "HostnamePath": "/mnt/pool-01/ix-applications/docker/containers/3a80022c82bd254d4383bab5ec86ccf999a02688250b09f6c58a89b24d11dbbd/hostname", "HostsPath": "/var/lib/kubelet/pods/cbef6df1-bdcb-4d04-871a-82453d62d466/etc-hosts", "LogPath": "/mnt/pool-01/ix-applications/docker/containers/846fd5144a36c3b6831886d12da11f4f0225d025332e5554ce151c5de9df63c0/846fd5144a36c3b6831886d12da11f4f0225d025332e5554ce151c5de9df63c0-json.log", "Name": "/k8s_emby-01_emby-01-8566c7bbc7-hmsft_ix-emby-01_cbef6df1-bdcb-4d04-871a-82453d62d466_3", "RestartCount": 0, "Driver": "zfs", "Platform": "linux", "MountLabel": "", "ProcessLabel": "", "AppArmorProfile": "docker-default", "ExecIDs": [ "7aa466e9351fbf7aefbb34d336dba0a94d859fcda40f5504b1affef836720215" ], "HostConfig": { "Binds": [ "/mnt/pool-01/apps/nas-01/emby-01/config:/config", "/mnt/pool-01/apps/nas-01/emby-01/config-custom:/config-custom", "/mnt/pool-01/media:/mnt/media", "/var/lib/kubelet/pods/cbef6df1-bdcb-4d04-871a-82453d62d466/volumes/kubernetes.io~empty-dir/shared:/shared", "/var/lib/kubelet/pods/cbef6df1-bdcb-4d04-871a-82453d62d466/volumes/kubernetes.io~empty-dir/temp:/tmp", "/var/lib/kubelet/pods/cbef6df1-bdcb-4d04-871a-82453d62d466/volumes/kubernetes.io~empty-dir/varlogs:/var/logs", "/var/lib/kubelet/pods/cbef6df1-bdcb-4d04-871a-82453d62d466/volumes/kubernetes.io~projected/kube-api-access-pfthl:/var/run/secrets/kubernetes.io/serviceaccount:ro", "/var/lib/kubelet/pods/cbef6df1-bdcb-4d04-871a-82453d62d466/etc-hosts:/etc/hosts", "/var/lib/kubelet/pods/cbef6df1-bdcb-4d04-871a-82453d62d466/containers/emby-01/196c29bc:/dev/termination-log" ], "ContainerIDFile": "", "LogConfig": { "Type": "json-file", "Config": {} }, "NetworkMode": "container:3a80022c82bd254d4383bab5ec86ccf999a02688250b09f6c58a89b24d11dbbd", "PortBindings": null, "RestartPolicy": { "Name": "no", "MaximumRetryCount": 0 }, "AutoRemove": false, "VolumeDriver": "", "VolumesFrom": null, "CapAdd": null, "CapDrop": null, "CgroupnsMode": "host", "Dns": null, "DnsOptions": null, "DnsSearch": null, "ExtraHosts": null, "GroupAdd": [ "1002", "568" ], "IpcMode": "container:3a80022c82bd254d4383bab5ec86ccf999a02688250b09f6c58a89b24d11dbbd", "Cgroup": "", "Links": null, "OomScoreAdj": 999, "PidMode": "", "Privileged": false, "PublishAllPorts": false, "ReadonlyRootfs": false, "SecurityOpt": [ "no-new-privileges", "seccomp=unconfined" ], "UTSMode": "", "UsernsMode": "", "ShmSize": 67108864, "Runtime": "runc", "ConsoleSize": [ 0, 0 ], "Isolation": "", "CpuShares": 10, "Memory": 8589934592, "NanoCpus": 0, "CgroupParent": "/kubepods/burstable/podcbef6df1-bdcb-4d04-871a-82453d62d466", "BlkioWeight": 0, "BlkioWeightDevice": null, "BlkioDeviceReadBps": null, "BlkioDeviceWriteBps": null, "BlkioDeviceReadIOps": null, "BlkioDeviceWriteIOps": null, "CpuPeriod": 100000, "CpuQuota": 400000, "CpuRealtimePeriod": 0, "CpuRealtimeRuntime": 0, "CpusetCpus": "", "CpusetMems": "", "Devices": [], "DeviceCgroupRules": null, "DeviceRequests": null, "KernelMemory": 0, "KernelMemoryTCP": 0, "MemoryReservation": 0, "MemorySwap": 8589934592, "MemorySwappiness": null, "OomKillDisable": false, "PidsLimit": null, "Ulimits": null, "CpuCount": 0, "CpuPercent": 0, "IOMaximumIOps": 0, "IOMaximumBandwidth": 0, "MaskedPaths": [ "/proc/acpi", "/proc/kcore", "/proc/keys", "/proc/latency_stats", "/proc/timer_list", "/proc/timer_stats", "/proc/sched_debug", "/proc/scsi", "/sys/firmware" ], "ReadonlyPaths": [ "/proc/asound", "/proc/bus", "/proc/fs", "/proc/irq", "/proc/sys", "/proc/sysrq-trigger" ] }, "GraphDriver": { "Data": { "Dataset": "pool-01/ix-applications/docker/52cae19c83268c4700f61bdb871a3a4b330862e45dfeb64e2b79df090fd2c5b5", "Mountpoint": "/mnt/pool-01/ix-applications/docker/zfs/graph/52cae19c83268c4700f61bdb871a3a4b330862e45dfeb64e2b79df090fd2c5b5" }, "Name": "zfs" }, "Mounts": [ { "Type": "bind", "Source": "/mnt/pool-01/apps/nas-01/emby-01/config", "Destination": "/config", "Mode": "", "RW": true, "Propagation": "rprivate" }, { "Type": "bind", "Source": "/mnt/pool-01/apps/nas-01/emby-01/config-custom", "Destination": "/config-custom", "Mode": "", "RW": true, "Propagation": "rprivate" }, { "Type": "bind", "Source": "/mnt/pool-01/media", "Destination": "/mnt/media", "Mode": "", "RW": true, "Propagation": "rprivate" }, { "Type": "bind", "Source": "/var/lib/kubelet/pods/cbef6df1-bdcb-4d04-871a-82453d62d466/volumes/kubernetes.io~empty-dir/varlogs", "Destination": "/var/logs", "Mode": "", "RW": true, "Propagation": "rprivate" }, { "Type": "bind", "Source": "/var/lib/kubelet/pods/cbef6df1-bdcb-4d04-871a-82453d62d466/volumes/kubernetes.io~projected/kube-api-access-pfthl", "Destination": "/var/run/secrets/kubernetes.io/serviceaccount", "Mode": "ro", "RW": false, "Propagation": "rprivate" }, { "Type": "bind", "Source": "/var/lib/kubelet/pods/cbef6df1-bdcb-4d04-871a-82453d62d466/etc-hosts", "Destination": "/etc/hosts", "Mode": "", "RW": true, "Propagation": "rprivate" }, { "Type": "bind", "Source": "/var/lib/kubelet/pods/cbef6df1-bdcb-4d04-871a-82453d62d466/containers/emby-01/196c29bc", "Destination": "/dev/termination-log", "Mode": "", "RW": true, "Propagation": "rprivate" }, { "Type": "bind", "Source": "/var/lib/kubelet/pods/cbef6df1-bdcb-4d04-871a-82453d62d466/volumes/kubernetes.io~empty-dir/shared", "Destination": "/shared", "Mode": "", "RW": true, "Propagation": "rprivate" }, { "Type": "bind", "Source": "/var/lib/kubelet/pods/cbef6df1-bdcb-4d04-871a-82453d62d466/volumes/kubernetes.io~empty-dir/temp", "Destination": "/tmp", "Mode": "", "RW": true, "Propagation": "rprivate" } ], "Config": { "Hostname": "emby-01-8566c7bbc7-hmsft", "Domainname": "", "User": "989:1002", "AttachStdin": false, "AttachStdout": false, "AttachStderr": false, "ExposedPorts": { "8096/tcp": {}, "8920/tcp": {} }, "Tty": false, "OpenStdin": false, "StdinOnce": false, "Env": [ "USER_ID=568", "UMASK=2", "UMASK_SET=2", "GID=1002", "PUID=568", "UID=568", "PGID=1002", "GROUP_ID=1002", "S6_READ_ONLY_ROOT=1", "NVIDIA_VISIBLE_DEVICES=void", "TZ=America/New_York", "KUBERNETES_PORT_443_TCP_PROTO=tcp", "KUBERNETES_PORT_443_TCP_PORT=443", "KUBERNETES_PORT_443_TCP_ADDR=172.17.0.1", "KUBERNETES_SERVICE_HOST=172.17.0.1", "KUBERNETES_SERVICE_PORT=443", "KUBERNETES_SERVICE_PORT_HTTPS=443", "KUBERNETES_PORT=tcp://172.17.0.1:443", "KUBERNETES_PORT_443_TCP=tcp://172.17.0.1:443", "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin", "TARGETPLATFORM=linux/amd64", "VERSION=focal-20220531", "DEBCONF_NONINTERACTIVE_SEEN=true", "DEBIAN_FRONTEND=noninteractive", "APT_KEY_DONT_WARN_ON_DANGEROUS_USAGE=DontWarn", "LANG=en_US.UTF-8", "NVIDIA_DRIVER_CAPABILITIES=compute,video,utility" ], "Cmd": [ "/entrypoint.sh" ], "Healthcheck": { "Test": [ "NONE" ] }, "Image": "sha256:231469d8273d190b439a155d67ed66997cd64f869ee11815004002f0d2d49342", "Volumes": { "/config": {} }, "WorkingDir": "/app", "Entrypoint": [ "/usr/bin/tini", "--" ], "OnBuild": null, "Labels": { "annotation.io.kubernetes.container.hash": "dba36991", "annotation.io.kubernetes.container.ports": "[{\"name\":\"main\",\"containerPort\":80,\"protocol\":\"TCP\"}]", "annotation.io.kubernetes.container.restartCount": "3", "annotation.io.kubernetes.container.terminationMessagePath": "/dev/termination-log", "annotation.io.kubernetes.container.terminationMessagePolicy": "File", "annotation.io.kubernetes.pod.terminationGracePeriod": "10", "io.kubernetes.container.logpath": "/var/log/pods/ix-emby-01_emby-01-8566c7bbc7-hmsft_cbef6df1-bdcb-4d04-871a-82453d62d466/emby-01/3.log", "io.kubernetes.container.name": "emby-01", "io.kubernetes.docker.type": "container", "io.kubernetes.pod.name": "emby-01-8566c7bbc7-hmsft", "io.kubernetes.pod.namespace": "ix-emby-01", "io.kubernetes.pod.uid": "cbef6df1-bdcb-4d04-871a-82453d62d466", "io.kubernetes.sandbox.id": "3a80022c82bd254d4383bab5ec86ccf999a02688250b09f6c58a89b24d11dbbd", "org.opencontainers.image.authors": "Devin Buhl <devin.kray@gmail.com>, Bernd Schorgers <me@bjw-s.dev>", "org.opencontainers.image.base.name": "ghcr.io/k8s-at-home/ubuntu-focal", "org.opencontainers.image.base.version": "focal-20220531", "org.opencontainers.image.created": "2022-06-21 01:22:04+00:00", "org.opencontainers.image.source": "https://github.com/truecharts/containers" } }, "NetworkSettings": { "Bridge": "", "SandboxID": "", "HairpinMode": false, "LinkLocalIPv6Address": "", "LinkLocalIPv6PrefixLen": 0, "Ports": {}, "SandboxKey": "", "SecondaryIPAddresses": null, "SecondaryIPv6Addresses": null, "EndpointID": "", "Gateway": "", "GlobalIPv6Address": "", "GlobalIPv6PrefixLen": 0, "IPAddress": "", "IPPrefixLen": 0, "IPv6Gateway": "", "MacAddress": "", "Networks": {} } } ] Output of kubectl describe: Name: emby-01-8566c7bbc7-hmsft Namespace: ix-emby-01 Priority: 0 Node: ix-truenas/10.X.X.X (REDACTED) Start Time: Wed, 20 Jul 2022 16:57:32 -0400 Labels: app.kubernetes.io/instance=emby-01 app.kubernetes.io/name=emby pod-template-hash=8566c7bbc7 Annotations: k8s.v1.cni.cncf.io/network-status: [{ "name": "ix-net", "interface": "eth0", "ips": [ "172.16.X.X" (REDACTED) ], "mac": "REDACTED", "default": true, "dns": {} },{ "name": "ix-emby-01/ix-emby-01-0", "interface": "net1", "ips": [ "10.X.X.X" (REDACTED) ], "mac": "REDACTED", "dns": {} }] k8s.v1.cni.cncf.io/networks: ix-emby-01-0 k8s.v1.cni.cncf.io/networks-status: [{ "name": "ix-net", "interface": "eth0", "ips": [ "172.16.X.X" (REDACTED) ], "mac": "REDACTED", "default": true, "dns": {} },{ "name": "ix-emby-01/ix-emby-01-0", "interface": "net1", "ips": [ "10.X.X.X" (REDACTED) ], "mac": "REDACTED", "dns": {} }] Status: Running IP: 172.16.X.X REDACTED IPs: IP: 172.16.X.X REDACTED Controlled By: ReplicaSet/emby-01-8566c7bbc7 Init Containers: prepare: Container ID: docker://f4970442412fc258f3c154feaf547ac59e22cd5d3ed98b5db16e8c604f7e3d79 Image: ghcr.io/truecharts/multi-init:v0.0.1@sha256:41185dcea1e6f6a035d8090da40aecc6a69cef66b91dc1332a90c9d22861d367 Image ID: docker-pullable://ghcr.io/truecharts/multi-init@sha256:41185dcea1e6f6a035d8090da40aecc6a69cef66b91dc1332a90c9d22861d367 Port: <none> Host Port: <none> Command: /bin/sh -c /bin/bash <<'EOF' echo "Automatically correcting permissions..." echo "Automatically correcting permissions for /config..." if nfs4xdr_getfacl && nfs4xdr_getfacl | grep -qv "Failed to get NFSv4 ACL"; then echo "NFSv4 ACLs detected, using nfs4_setfacl to set permissions..." nfs4_setfacl -R -a A:g:1002:RWX '/config' else echo "No NFSv4 ACLs detected, trying chown/chmod..." chown -R :1002 '/config' chmod -R g+rwx '/config' fi echo "Automatically correcting permissions for /config-custom..." if nfs4xdr_getfacl && nfs4xdr_getfacl | grep -qv "Failed to get NFSv4 ACL"; then echo "NFSv4 ACLs detected, using nfs4_setfacl to set permissions..." nfs4_setfacl -R -a A:g:1002:RWX '/config-custom' else echo "No NFSv4 ACLs detected, trying chown/chmod..." chown -R :1002 '/config-custom' chmod -R g+rwx '/config-custom' fi echo "Automatically correcting permissions for /mnt/media..." if nfs4xdr_getfacl && nfs4xdr_getfacl | grep -qv "Failed to get NFSv4 ACL"; then echo "NFSv4 ACLs detected, using nfs4_setfacl to set permissions..." nfs4_setfacl -R -a A:g:1002:RWX '/mnt/media' else echo "No NFSv4 ACLs detected, trying chown/chmod..." chown -R :1002 '/mnt/media' chmod -R g+rwx '/mnt/media' fi echo "increasing inotify limits..." ( sysctl -w fs.inotify.max_user_watches=524288 || echo "error setting inotify") && ( sysctl -w fs.inotify.max_user_instances=512 || echo "error setting inotify") EOF State: Terminated Reason: Completed Exit Code: 0 Started: Sat, 23 Jul 2022 23:25:00 -0400 Finished: Sat, 23 Jul 2022 23:25:20 -0400 Ready: True Restart Count: 3 Limits: cpu: 4 memory: 8Gi Requests: cpu: 10m memory: 50Mi Environment: <none> Mounts: /config from config (rw) /config-custom from config-custom (rw) /mnt/media from media (rw) /var/run/secrets/kubernetes.io/serviceaccount from kube-api-access-pfthl (ro) Containers: emby-01: Container ID: docker://846fd5144a36c3b6831886d12da11f4f0225d025332e5554ce151c5de9df63c0 Image: tccr.io/truecharts/emby:v4.7.4.0@sha256:02ef31aa2040f82de124f8595140705ca403f8bbc74fd2682d7ddf6769877723 Image ID: docker-pullable://tccr.io/truecharts/emby@sha256:02ef31aa2040f82de124f8595140705ca403f8bbc74fd2682d7ddf6769877723 Port: 80/TCP Host Port: 0/TCP State: Running Started: Sat, 23 Jul 2022 23:25:28 -0400 Last State: Terminated Reason: Error Exit Code: 255 Started: Sat, 23 Jul 2022 00:40:51 -0400 Finished: Sat, 23 Jul 2022 23:24:15 -0400 Ready: True Restart Count: 3 Limits: cpu: 4 memory: 8Gi Requests: cpu: 10m memory: 50Mi Liveness: tcp-socket :80 delay=10s timeout=5s period=10s #success=1 #failure=5 Readiness: tcp-socket :80 delay=10s timeout=5s period=10s #success=1 #failure=5 Startup: tcp-socket :80 delay=10s timeout=2s period=5s #success=1 #failure=60 Environment: PUID: 568 USER_ID: 568 UID: 568 UMASK: 2 UMASK_SET: 2 PGID: 1002 GROUP_ID: 1002 GID: 1002 S6_READ_ONLY_ROOT: 1 NVIDIA_VISIBLE_DEVICES: void TZ: America/New_York Mounts: /config from config (rw) /config-custom from config-custom (rw) /mnt/media from media (rw) /shared from shared (rw) /tmp from temp (rw) /var/logs from varlogs (rw) /var/run/secrets/kubernetes.io/serviceaccount from kube-api-access-pfthl (ro) Conditions: Type Status Initialized True Ready True ContainersReady True PodScheduled True Volumes: config: Type: HostPath (bare host directory volume) Path: /mnt/pool-01/apps/nas-01/emby-01/config HostPathType: config-custom: Type: HostPath (bare host directory volume) Path: /mnt/pool-01/apps/nas-01/emby-01/config-custom HostPathType: media: Type: HostPath (bare host directory volume) Path: /mnt/pool-01/media HostPathType: shared: Type: EmptyDir (a temporary directory that shares a pod's lifetime) Medium: SizeLimit: <unset> temp: Type: EmptyDir (a temporary directory that shares a pod's lifetime) Medium: SizeLimit: <unset> varlogs: Type: EmptyDir (a temporary directory that shares a pod's lifetime) Medium: SizeLimit: <unset> kube-api-access-pfthl: Type: Projected (a volume that contains injected data from multiple sources) TokenExpirationSeconds: 3607 ConfigMapName: kube-root-ca.crt ConfigMapOptional: <nil> DownwardAPI: true QoS Class: Burstable Node-Selectors: <none> Tolerations: node.kubernetes.io/not-ready:NoExecute op=Exists for 300s node.kubernetes.io/unreachable:NoExecute op=Exists for 300s Events: <none> Link to comment Share on other sites More sharing options...
Luke 37125 Posted August 19, 2022 Share Posted August 19, 2022 hi @merichar does your Emby Server dashboard display the correct local (LAN) IP address? Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now