Connection Refused failures on new installation

Robert_Brown_III · June 21, 2023, 8:13pm

I have installed the docker version of URBackup on a Linux machine using docker-compose. My docker-compose.yml file (with redacted system information) is below:

version: '2'

services:
  urbackup:
    image: uroni/urbackup-server:latest
    container_name: urbackup
    restart: unless-stopped
    environment:
      - PUID=<redacted> # Enter the UID of the user who should own the files here
      - PGID=<redacted>  # Enter the GID of the user who should own the files here
      - TZ=America/New_York # Enter your timezone
    volumes:
      - <redacted>/urbackup/dbase:/var/urbackup
      - <redacted>/backups:/backups
      # Uncomment the next line if you want to bind-mount the www-folder
      #- /path/to/wwwfolder:/usr/share/urbackup
    network_mode: "host"
    # Uncomment the following two lines if you're using BTRFS support
    cap_add:
      - SYS_ADMIN
    # Uncomment the following two lines if you're using ZFS support
    #devices:
    #  - /dev/zfs:/dev/zfs

I started the container using the standard “docker-compose up -d”

According to the documentation, once the urbackup container is up I should be able to access it through Port 55414 (or 55413 if you read other documentation). It doesn’t matter, though: regardless of the port I keep getting “Connection refused” errors when I attempt to access it.

I have tried various means to access that port, including trying to access it locally (using localhost) and using various port probing applications. Regardless of what I do, the docker version of this application does not accept connections.

Is there some default configuration that is screwed up in the docker version? Is the docker version not listening on the ports it is supposed to be listening on?

Or is there a bug in this version that I need to report somewhere?

What is causing this connection refusal, and how do I fix it?

Robert_Brown_III · June 24, 2023, 10:39am

I have a couple of questions concerning this issue:

Is there any special reason why, in the docker-compose.yml file, the network mode needs to be set to “host”?
Do the clients communicate with the server over port 55414 or is there some other port (or ports) that they use?

Robert_Brown_III · June 24, 2023, 10:56am

By the way:

For the sake of conformity, the log entries generated by the urbackup container are below. There isn’t much to see, since the application refuses connections and as a result there are no requests received or responses sent. Still, logs are requested so they are provided:

2023-06-23 17:50:22: WARNING: Upgrading database to version 20
2023-06-23 17:50:22: WARNING: Upgrading database to version 21
2023-06-23 17:50:22: WARNING: Upgrading database to version 22
2023-06-23 17:50:22: WARNING: Upgrading database to version 23
2023-06-23 17:50:22: WARNING: Upgrading database to version 24
2023-06-23 17:50:22: WARNING: Upgrading database to version 25
2023-06-23 17:50:22: WARNING: Upgrading database to version 26
2023-06-23 17:50:22: WARNING: Upgrading database to version 27
2023-06-23 17:50:22: WARNING: Upgrading database to version 28
2023-06-23 17:50:22: WARNING: Upgrading database to version 29
2023-06-23 17:50:22: WARNING: Upgrading database to version 30
2023-06-23 17:50:22: WARNING: Upgrading database to version 31
2023-06-23 17:50:22: WARNING: Upgrading database to version 32
2023-06-23 17:50:22: WARNING: Upgrading database to version 33
2023-06-23 17:50:22: WARNING: Upgrading database to version 34
2023-06-23 17:50:22: WARNING: Upgrading database to version 35
2023-06-23 17:50:22: WARNING: Upgrading database to version 36
2023-06-23 17:50:22: WARNING: Upgrading database to version 37
2023-06-23 17:50:22: WARNING: Upgrading database to version 38
2023-06-23 17:50:22: WARNING: Upgrading database to version 39
2023-06-23 17:50:22: WARNING: Upgrading database to version 40
2023-06-23 17:50:22: WARNING: Upgrading database to version 41
2023-06-23 17:50:23: WARNING: Upgrading database to version 42
2023-06-23 17:50:23: WARNING: Upgrading database to version 43
2023-06-23 17:50:23: WARNING: Upgrading database to version 44
2023-06-23 17:50:23: WARNING: Upgrading database to version 45
2023-06-23 17:50:23: WARNING: Upgrading database to version 46
2023-06-23 17:50:23: WARNING: Upgrading database to version 48
2023-06-23 17:50:23: WARNING: Upgrading database to version 49
2023-06-23 17:50:23: WARNING: Upgrading database to version 50
2023-06-23 17:50:23: WARNING: Upgrading database to version 51
2023-06-23 17:50:23: WARNING: Upgrading database to version 52
2023-06-23 17:50:23: WARNING: Upgrading database to version 53
2023-06-23 17:50:23: WARNING: Upgrading database to version 54
2023-06-23 17:50:23: WARNING: Upgrading database to version 55
2023-06-23 17:50:23: WARNING: Upgrading database to version 56
2023-06-23 17:50:23: WARNING: Upgrading database to version 57
2023-06-23 17:50:23: WARNING: Upgrading database to version 58
2023-06-23 17:50:23: WARNING: Upgrading database to version 59
2023-06-23 17:50:23: WARNING: Upgrading database to version 60
2023-06-23 17:50:23: WARNING: Upgrading database to version 61
2023-06-23 17:50:23: WARNING: Upgrading database to version 62
2023-06-23 17:50:23: WARNING: Upgrading database to version 63
2023-06-23 17:50:23: WARNING: Upgrading database to version 64
2023-06-23 17:50:23: WARNING: Upgrading database to version 65
2023-06-23 17:50:23: WARNING: Upgrading database to version 66
2023-06-23 17:50:23: WARNING: Done.
2023-06-23 17:50:23: Deleting database journal...
2023-06-23 17:50:23: Copying/reflinking database...
2023-06-23 17:50:23: WARNING: Creating file entry index. This might take a while...
2023-06-23 17:50:23: Getting number of files...
2023-06-23 17:50:23: Dropping index...
2023-06-23 17:50:23: Starting creating files index...
2023-06-23 17:50:23: Creating backupid index...
2023-06-23 17:50:23: Syncing...
2023-06-23 17:50:23: Renaming back result...
2023-06-23 17:50:23: SQLite: recovered 1 frames from WAL file /var/urbackup/backup_server.db-wal code: 283
2023-06-23 17:50:23: SQLite: recovered 2 frames from WAL file /var/urbackup/backup_server_settings.db-wal code: 283
2023-06-23 17:50:23: Started UrBackup...
2023-06-23 17:50:23: Removing temporary files...
2023-06-23 17:50:23: ERROR: No permission to access "/backups/urbackup_tmp_files"
2023-06-23 17:50:23: Recreating temporary folder...
TEST FAILED: guestmount is missing (libguestfs-tools)
2023-06-23 17:50:23: Image mounting disabled: TEST FAILED: guestmount is missing (libguestfs-tools)
Testing for btrfs...
ERROR: not a btrfs filesystem: /backups/testA54hj5luZtlorr494
TEST FAILED: Creating test btrfs subvolume failed
Testing for zfs...
TEST FAILED: Dataset is not set via /etc/urbackup/dataset
2023-06-23 17:50:23: Backup destination cannot handle subvolumes and snapshots. Snapshots disabled.
2023-06-23 17:50:23: Broadcasting on ipv4 interface enp3s0 addr 192.168.1.140
2023-06-23 17:50:23: Broadcasting on ipv4 interface br-6901d31de09a addr 172.19.0.1
2023-06-23 17:50:23: Broadcasting on ipv4 interface docker0 addr 172.17.0.1
2023-06-23 17:50:23: Broadcasting on ipv4 interface br-d19e79969e2c addr 172.22.0.1
2023-06-23 17:50:23: Broadcasting on ipv4 interface br-e078bf808ab9 addr 172.23.0.1
2023-06-23 17:50:23: Broadcasting on ipv6 interface enp3s0 addr fe80::2e0:4cff:fe19:61c2
2023-06-23 17:50:23: Broadcasting on ipv6 interface br-6901d31de09a addr fe80::42:98ff:fec1:6057
2023-06-23 17:50:23: Broadcasting on ipv6 interface br-d19e79969e2c addr fe80::42:ceff:fe3f:c599
2023-06-23 17:50:23: Broadcasting on ipv6 interface br-e078bf808ab9 addr fe80::42:dcff:fe0f:700b
2023-06-23 17:50:23: Broadcasting on ipv6 interface vetha9ec989 addr fe80::2864:e9ff:fe9b:c048
2023-06-23 17:50:23: Broadcasting on ipv6 interface veth88d632f addr fe80::50ce:89ff:fe17:b48a
2023-06-23 17:50:23: Broadcasting on ipv6 interface veth965ad9f addr fe80::4081:a5ff:fe61:23c9
2023-06-23 17:50:23: Broadcasting on ipv6 interface vethda8fb25 addr fe80::64ba:e5ff:fe3d:4f51
2023-06-23 17:50:24: InternetService: Server started up successfully!
2023-06-23 17:50:24: UrBackup Server start up complete.
2023-06-23 17:50:24: Server started up successfully!
2023-06-23 17:50:24: Looking for old Sessions... 0 sessions
2023-06-23 17:50:25: Downloading version file...
2023-06-23 17:50:25: Downloading signature...
2023-06-23 17:50:25: Downloading old signature...
2023-06-23 17:50:25: Getting update file URL...
2023-06-23 17:50:26: Downloading update file...
2023-06-23 17:50:30: Successfully downloaded update file.
2023-06-23 17:50:30: Downloading version file...
2023-06-23 17:50:30: Downloading signature...
2023-06-23 17:50:30: Getting update file URL...
2023-06-23 17:50:30: Downloading update file...
2023-06-23 17:50:33: Successfully downloaded update file.
2023-06-23 17:50:33: Downloading server version info...
2023-06-23 17:50:33: Downloading dataplan database...

haertig · June 25, 2023, 5:47am

Is your container actually running?

docker container ls | grep urbackup

(I see that you named your container “urbackup” in your docker-compose.yml file, so this is the correct text to grep for)

What is the output of this command (run as root)?

netstat -anp | grep LISTEN | grep urbackup

Here is my output:

Linux-server-1 production # netstat -anp | grep LISTEN | grep urbackup
tcp        0      0 0.0.0.0:35621           0.0.0.0:*               LISTEN      1451/urbackupclient
tcp        0      0 0.0.0.0:35623           0.0.0.0:*               LISTEN      1451/urbackupclient
tcp        0      0 0.0.0.0:55413           0.0.0.0:*               LISTEN      4952/urbackupsrv
tcp        0      0 0.0.0.0:55414           0.0.0.0:*               LISTEN      4952/urbackupsrv
tcp        0      0 0.0.0.0:55415           0.0.0.0:*               LISTEN      4952/urbackupsrv
tcp6       0      0 :::35621                :::*                    LISTEN      1451/urbackupclient
tcp6       0      0 :::35623                :::*                    LISTEN      1451/urbackupclient
tcp6       0      0 :::55413                :::*                    LISTEN      4952/urbackupsrv
tcp6       0      0 :::55414                :::*                    LISTEN      4952/urbackupsrv
tcp6       0      0 :::55415                :::*                    LISTEN      4952/urbackupsrv
Linux-server-1 production #

You will not see the urbackupclient stuff if you are not also running the client on your docker host.

Your docker-compose.yml file looks OK to me. FWIW, the relevant parts of mine are below (I don’t see any important differences from yours - but maybe other people’s eyeballs will pick up something that I’m missing):

  urbackup:
    image: uroni/urbackup-server:production
    container_name: urbackup
    restart: unless-stopped
    network_mode: host
    volumes:
      - /backups/urbackup/database:/var/urbackup
      - /backups/urbackup/backups:/backups
      - ./app_data/urbackup/www:/usr/share/urbackup
    environment:
      - PUID=1009
      - PGID=1008
      - TZ=America/Denver

I was going to snoop around inside the container to look for potential sources of your problem, but they have a really weird assortment of commands installed in the container. Like, they do not have the “ps” command. ??? But they DO have the “wall” command, as if you are going to have a need to write to all users tty’s inside the container. No “netstat” command either. Weird choices IMHO. So I gave up on my inside-the-container snooping.

Robert_Brown_III · June 25, 2023, 8:14am

haertig:

Thanks for the reply.

I had attempted to do a docker exec to poke around in my container. The folks running this forum ask that you edit a certain file in order to set the logging to debug. I was pretty disheartened when I discovered that I couldn’t edit that file in the container or even discover what exactly is running in it(!)

Your docker-compose.yml file does have small but significant differences from mine. Mine was copied and modified from the yml file provide in the installation documentation. I suspected that yml file was flawed from the beginning. Consequently, I copied and modified your yml file. The only modifications I made were changing your image name (it seems that uroni/urbackup-server:production does not exist in the docker repo so I changed it back to uroni/urbackup-server:latest), the userID and groupID, and the paths to the three (in my yml there were only 2) volumes.

Less important, I changed the timezone. I am not in Berlin.

Anyway, I am getting a new failure now: a 502 Bad Gatewy failure. I guess that is somewhat of an improvement.

FYI: a curious hint that may be of interest:

The urbackup application is defiitely running:

$ docker ps
CONTAINER ID   IMAGE                              COMMAND                  CREATED         STATUS         PORTS                                                                            NAMES
76ecfa5ecf5f   uroni/urbackup-server:latest       "/usr/bin/entrypoint…"   4 minutes ago   Up 4 minutes                                                                                    urbackup

but when doing the netstat I am getting nothing:

$ sudo netstat -anp | grep LISTEN |grep urbackup
$

This tells me that, for some reason, there is nothing listening on the ports they should be listening on.

I do have a question for you, though: I am running a Windows client o my local network so I should see the client ports you showed on your netstat output. Does the presence of those ports indicate that the server is listening on them?

haertig · June 25, 2023, 7:27pm

In explanation, there is no “production” image. That is my personal naming convention.

I download “latest” and rename that to “test”. Then I run this “test” image for a while until I am satisfied that everything is OK. Next, I rename my old image, the one I was running before the new “test” image, from “production” to “previous”. Finally, I rename the “test” image to “production”. So in the steady state condition, I can look at my image listing and see both a “production” image (the one currently running) and a “previous” image (the one I used to run before the current one).

The commands to do this renaming are thus:

# If needed, delete the old "test" image:
docker rmi uroni/urbackup-server:test

# Pull the latest image and rename it to "test":
docker image pull uroni/urbackup-server:latest
docker tag uroni/urbackup-server:latest uroni/urbackup-server:test
docker rmi uroni/urbackup-server:latest

# After verifying the newest image runs well, rename it from "test" to "production" after renaming the old "production" image to "previous":
docker tag uroni/urbackup-server:production uroni/urbackup-server:previous
docker rmi uroni/urbackup-server:production
docker tag uroni/urbackup-server:test uroni/urbackup-server:production
docker rmi uroni/urbackup-server:test

Yes, that is exactly what it is saying. And you will indeed get “Connection Refused” if you attempt to connect to a port with no listen’er on it. Now, the question is WHY is your container not listening? This is where it would be very helpful to get inside the container and snoop around with this command:

docker exec -it urbackup /bin/bash

But when I go inside my container using the above, I find that there is no “ps” or “netstat” command available inside the container, which would be very useful for debugging this. You could add these commands and rebuild the container, but you have to balance that with “how much do I want to manually modify this non-working image?”

I think what I would try, is a different networking model for the container. Currently you are using network_mode=host (which is what the image documentation says to use). But as my netstat command shows, the container is only listening on three ports. There could be other networking concerns that we haven’t captured yet, thus the following is only a test, but you could try replacing network_mode=host with:

ports:
  - 55413:55413
  - 55414:55414
  - 55415:55415

… and see if you could connect. Note that urbackup may not work correctly configured like this, but hopefully you might at least be able to connect to the GUI interface as a test. Then, you would have to figure out why network_mode=host is not working … why you are not seeing any listen’ers running. If the logfiles in the container do not tell you why, then this might be difficult without “ps” and “netstat”.

No, the client is listening on them. Not the server. The server would connect outgoing from your docker container to these client ports. This is what triggers my uncertainty about you being able to run the urbackup server container in other than “host” networking mode. I am not that familiar with the Docker networking model. By not running the container in host networking mode, could you possibly impact these client connections? I wouldn’t think so, since containers can connect outgoing (in my experience) without being in host mode. But there could be some nuance in Docker that could screw things up for this container if it’s not in host mode. I would think the probability of that is low, but not zero. Also, we have not figured out why your current host mode use of the container is not working. Could there be something in your higher level/generic Docker setup that is nuking your host mode for containers? Not knowing Docker networking in great detail, I can’t answer that.

Robert_Brown_III · June 25, 2023, 10:21pm

I did try setting up the docker-compose file so that it stopped using the Host network and instead used the ports you mention. I was able to connect to the management page. Unfortunately, it looks like none of the Windows clients I have can connect to the server.

I also considered exec’ing into the container and installing what was necessary so that I can actually debug this problem, but I agree with you: it would be more work than it is worth. The quickest way to handle this would be for me to access the executable and the docker file and make changes so that a more complete operating system would be baked into a test urbackup image. I am not willing to do this.

Besides: I suspect that the problem may have to do with my docker installation. I think that makes more sense because it is clear that the application is listening on the ports (I can access them when I am not in Host mode), but in host mode the container is clearly not able to listen on the ports. This suggests that, as you hypothesized, there may be something about the container that is not interacting well with my docker installation.

I have some knowledge of Docker networking as well as what goes into a docker container (I have published several applications that I created in Docker containers). I will look more into Host Mode issues and see what I can find out.

This is, however, going to be low priority. It is clear to me from what you and I have discovered that the docker- based installation of this application is fairly poorly implemented, and the fact that I am not getting any assistance from those who actually developed and maintained this application makes it clear to me that they have little interest in actually supporting it. If they aren’t interested, why should I be?

Because I am seeking to use backup for cloud data and cloud applications running in my private cloud, I need a working Docker installation of my backup software. For reasons related to my software development schedule, I cannot continue putting up this much effort to get this installation working.

I don’t have time to continue working on this, so I am looking into using another backup system.

If you or someone else comes up with some idea how I might be able to get urBackup to work, please feel free to let me know here and I will revisit using urBackup. Otherwise, I am moving on.

Thanks, haertig, for the assistance you have given me.

haertig · June 26, 2023, 5:13am

I agree with your decision to “try something else”. Personally, I like urbackup. I’ve been using it for years. As a server install on a Raspberry Pi of all things (it ran fine, just slowly), as an install on better hardware, and currently in a Docker container. All servers were on Linux (or the Pi’s version of it -Raspbian).

I have done a lot of head scratching with urbackup. It works, but in many instances not in the way I would expect. You pretty much can’t try to make urbackup work the way you want, you have to accept the way it works and YOU do the adapting to IT, not it to YOU.

When I was first deciding what backup system I wanted to use I did a lot of digging into the internals of how backups are stored. There have been reports for decades and decades, for every backup solution out there, “The backups all worked, but when I tied a restore, it failed”. So I wanted a backup solution where I could manually dig into the stored backups and do my own restore, using scripts that I wrote myself, if need be. That means no proprietary formats, no encryption, and a file system based storage arrangement. I have never needed to actually brute force things in this manner by using my own code, but I am convinced that if I had to, I could. This was a big deal for me in choosing urbackup. I can accept warts on the surface if the internals are solid. And as I said, I can understand the way the backups are stored enough to be able to restore my computers on my own, using software that I am capable of writing, rather than the “official way” using urbackup restore software.

I will mention that I have done a bare metal restore from a binary image of a Windows box using the official urbackup software/method and that proceeded flawlessly. And I have done many single and multiple file restores to both Windows and Linux clients without a hitch. So I do believe the internals of urbackup are solid. But there are warts on the surface. One of those warts is a lack of support resources. This forum is it. Sometimes a post will be met with help, but much of the time a response is never received, from anybody, especially if the problem is an uncommon and highly technical one - like yours.

My gut is telling me that your problem is with Docker or Docker’s interaction with your host OS. Not with urbackup. I have no proof of this, just a hunch. But we have run into one of the urbackup warts - there is not much inside the container to help do any troubleshooting. It would be nice to see more of what is going on inside the container to help point to, or rule out, things that may be going on with Docker or your host OS.

Were I in your situation, when I had time, I might try installing a few other Docker images for various applications - just to test if host networking mode works for them. This might help debug your problem so that the root cause - if it is indeed Docker/OS and not urbackup - can be identified and corrected. But if you need backups NOW (and who doesn’t?!) then your efforts should probably be on getting that going first, and then as time allows, mess around with Docker and networking some more.

Good luck!

Robert_Brown_III · June 26, 2023, 3:06pm

Greetings again
Actually, I suspect that a bare- metal installation of urbackup would work better than the docker installation. I searched this forum and other places on the Internet and, aside from one youtube video from AwsomeOpenSource, I could find nothing else describing any experience with urbackup on docker. I suspect that the docker container is mostly ignored and as a result nobody is being very serious about supporting it.

Unfortunately, I need to use the docker container due to my particular cloud setups. I may try setting up a VM to run it – later.

FYI: I have been attempting to run the urbackup system on regular server hardware running docker on Almalinux. This system runs a number of other dockerized applications, including Jitsi Meet, Nextcloud, and GitLab. Some of my applicaions also use the host mode for their network communications.

None of these other containers are having any problems with my docker installation, and doing a netstat I can see the ports they are all listening on. The only application I am having problems with is urbackup.

Of course, my server is not the only one I have. I have several other machines, including several Zimaboards that are also running dockerized applications (some I created, some I have installed from Dockerhub). These zimaboards are also running Almalinux.

I actually tried putting another docker installation of urbackup on one of these Zimaboards. I had the same problems (connection refused, problems communicating with clients) as on my standard machine. urbackup’s behavior is consistent regardless of the machine or docker instance I am running on.

Your hunch about urbackup having problems with my docker/host is probably correct. Unfortunately, whatever the problem is, it is unique to urbackup. No other dockerized applications on any of my systems are having this problem.

It is possible that urbackup docker in host mode may have problems running on Almalinux. That is a small matter that I can look into quickly. Eventually.

Robert_Brown_III · July 7, 2023, 5:05pm

haertig:

It is confirmed: the problems I had with urbackup in Docker are not with the application itself, but with the Linux distribution I was running. urbackup’s docker container does not work well when run on Almalinux.

I had to install Ubuntu on on of my systems, and for grins and giggles ran the urbackup container on it. I used the original docker-compose file that runs in Host mode.

When attempting to access it from a browser, the main page came up immediately.

Looking on the Internet, I discovered that a number of containers – all running in Host mode – have been having connection issues on Almalinux.

It is clear thar we cannot run urbackup containers on Almalinux. Since this distro is based on CentOS, it is possible that all CentOS distros have this problem. That, however, is not my concern. I will be running urbackup docker on Ubuntu from now on.

haertig · July 7, 2023, 11:00pm

Thanks for reporting back on the cause. This is good information to make known. It will not affect me personally as I tend to use distros that trace back to Debian. But it’s still good to understand what the issue was, for people to tuck away in the back of our brains.

stone1978 · November 3, 2023, 9:04am

I have a similar problem

but I do not use docker

I have installed it on the QNAP as a package.
Has actually been running for years without any problems

Yesterday I updated to 2.5.32.0
Update worked without errors

After the update I get a connection refused

At first I thought it was due to the firewall because the Qnap firewall was also updated in the same context, but that is not the problem.
I have now seen in the article

netstat -anp | grep LISTEN | grep urbackup

Should return the usual ports.
For me it returns NOTHING although Urbackup is running.

I have already tried to install the update over it without success.

How can I solve the problem.
It is obviously due to the integrated web server.
But I can only install one package.

I do not want to lose the settings, backups !!!
This is really very important

Thanks for the help