Hi,
I use the docker image of CEE 1.6.0p20 (sind 1.6.0p14 arlready) but always after I updated to latest version all my hosts are shown as DOWN.
but they are not down, they are UP and all service checks work fine.
I use the docker image on my Synology NAS within the same network as the host.
i have no idea why all the hosts are shown as DOWN
pls help me to find a solution on this
podman is nearly the same as what you do with your docker command.
Or what container environment do you use?
Many of the container problems are side effects from the used container environment.
looks more a Linux issue. There are some hints that this behaviour belongs to a permission problem.
When you google âping: socket: Operation not permittedâ you will find a lot of hints.
I understand that there is a âsuidâ problem , B U T
this is a pure DOCKER IMANGE directly from CheckMK - so if there is a problem with this and all the last DOCKER IMAGES, who can I ask to investigate and find a solution?
because I have no idea where to search and find âpingâ or âcheck_icmpâ to whatever the reason is, and because I am not sure whether this is a bug or a wanted behavior, I intend to ask the checkMK community (with hope that a checkMK related person might also read it ).
The problem is not the image. The problem is your docker host. You need to setup the container in a way that the container is allowed to do what he wantâs.
Inside the container you need root rights to access these sockets. Some container host platforms donât allow this.
You can check with different capability settings on your host.
The command line switches are like ââset-cap=SYS_ADMINâ in the GUI you should find options like âExecute container using high privilegeâ.
I just tried 3 diff. waysâŚ
1st i set the âExecute container using high privilege" within Synology Docker settings.
2nd I tried with ââcap-add=SYS_ADMINâ
and 3rd I tired with ââprivilegedâ
but none of these give success
when I check the cmc.log.
tail -f /omd/sites/cmk/var/log/cmc.log
i see:
2021-02-03 20:21:52 [5] [icmpsender 1701] started, commandline: /omd/sites/cmk/lib/cmc/icmpsender 8 0 1000
2021-02-03 20:21:52 [4] [icmpsender 1701] Cannot create raw socket (missing SUID root?): Operation not permitted
2021-02-03 20:22:22 [4] [icmpsender 1701] Cannot send IP addresses to icmpsender: Broken pipe
2021-02-03 20:22:22 [3] [icmpsender 1701] exited with status 1
2021-02-03 20:22:22 [5] [icmpsender 1850] started, commandline: /omd/sites/cmk/lib/cmc/icmpsender 8 0 1000
2021-02-03 20:22:22 [4] [icmpsender 1850] Cannot send IP addresses to icmpsender: Broken pipe
2021-02-03 20:22:22 [3] [icmpsender 1850] exited with status 1
2021-02-03 20:22:22 [5] [icmpsender 1851] started, commandline: /omd/sites/cmk/lib/cmc/icmpsender 8 0 1000
2021-02-03 20:22:22 [4] [icmpsender 1851] Cannot create raw socket (missing SUID root?): Operation not permitted
2021-02-03 20:22:52 [4] [icmpsender 1851] Cannot send IP addresses to icmpsender: Broken pipe
2021-02-03 20:22:52 [3] [icmpsender 1851] exited with status 1
2021-02-03 20:22:52 [5] [icmpsender 2037] started, commandline: /omd/sites/cmk/lib/cmc/icmpsender 8 0 1000
2021-02-03 20:22:52 [4] [icmpsender 2037] Cannot send IP addresses to icmpsender: Broken pipe
2021-02-03 20:22:52 [3] [icmpsender 2037] exited with status 1
so i did:
chmod u+s ./opt/omd/sites/cmk/lib/cmc/icmpsender
but now the error is gone within the cmc.log - BUT still all hosts are down
I think inside the container it will not work.
It is important how the docker runtime starts the container.
The following article shows the problem also with docker containers and capabilities.
This topic was automatically closed 365 days after the last reply. New replies are no longer allowed. Contact @fayepal if you think this should be re-opened.