Cannot generate report | UDP connection not yet initialized, an address has not been resolved

Question

Cannot generate report | UDP connection not yet initialized, an address has not been resolved

DavidJuanes opened this issue 2 years ago · comments

David Gonzalez Juanes commented 2 years ago

Description of Problem

I am having problems trying out the tool using the docker-compose default configuration.
I am able to start clair, and use clairctl to execute a report. The server seems to react to my request and the indexer index the image but at some point I get the following log line and the process gets stuck:

clair-indexer | 2022/05/27 11:52:27 UDP connection not yet initialized, an address has not been resolved

I cannot figure out what is wrong :(

I am running docker-compose without any specific profile, simply a docker compose up command.
I use the clairctl client from the same release (4.4.2), compiled locally.

clairctl command:
./clairctl -D report --host http://127.0.01:6060 alpine:3.4

clair logs:


clair-matcher   | 11:52AM DBG update_operation committed component=internal/vulnstore/postgres/updateVulnerabilities inserted=122874 ref=808abe7f-4a79-4b79-bd80-8f41b2728632 skipped=0 updater=ubuntu-focal-updater
clair-matcher   | 11:52AM INF successful update component=libvuln/updates/Manager.driveUpdater ref=808abe7f-4a79-4b79-bd80-8f41b2728632 updater=ubuntu-focal-updater
clair-matcher   | 11:52AM INF finished update component=libvuln/updates/Manager.driveUpdater updater=ubuntu-focal-updater
clair-matcher   | 11:52AM INF starting update component=libvuln/updates/Manager.driveUpdater updater=RHEL8-rhvh-4
clair-indexer   | 11:52AM INF handled HTTP request component=httptransport/New duration=565.594584 method=GET remote_addr=172.20.0.5:33256 request_uri=/indexer/api/v1/index_report/sha256:0325f4ff0aa8c89a27d1dbe10b29a71a8d4c1a42719a4170e0552a312e22fe88 status=200
clair-traefik   | 172.20.0.1 - - [27/May/2022:11:52:20 +0000] "GET /indexer/api/v1/index_report/sha256:0325f4ff0aa8c89a27d1dbe10b29a71a8d4c1a42719a4170e0552a312e22fe88 HTTP/1.1" 200 4141 "-" "-" 1 "indexer@file" "http://clair-indexer:6060/" 730ms
clair-indexer   | 11:52AM INF handled HTTP request component=httptransport/New duration=4.484336 method=GET remote_addr=172.20.0.5:33256 request_uri=/indexer/api/v1/index_report/sha256:0325f4ff0aa8c89a27d1dbe10b29a71a8d4c1a42719a4170e0552a312e22fe88 status=200
clair-indexer   | 11:52AM INF index request start component=libindex/Libindex.Index manifest=sha256:0325f4ff0aa8c89a27d1dbe10b29a71a8d4c1a42719a4170e0552a312e22fe88
clair-indexer   | 11:52AM DBG configured search API URL api=https://search.maven.org/solrsearch/select component=java/Scanner.Configure manifest=sha256:0325f4ff0aa8c89a27d1dbe10b29a71a8d4c1a42719a4170e0552a312e22fe88 version=3
clair-indexer   | 11:52AM DBG attempting fetch of name2repos mapping file component=rhel/rhcc/UpdatingMapper.do manifest=sha256:0325f4ff0aa8c89a27d1dbe10b29a71a8d4c1a42719a4170e0552a312e22fe88 url=https://access.redhat.com/security/data/metrics/container-name-repos-map.json
clair-traefik   | 172.20.0.1 - - [27/May/2022:11:52:22 +0000] "GET /indexer/api/v1/index_report/sha256:0325f4ff0aa8c89a27d1dbe10b29a71a8d4c1a42719a4170e0552a312e22fe88 HTTP/1.1" 200 4141 "-" "-" 2 "indexer@file" "http://clair-indexer:6060/" 8ms
clair-indexer   | 2022/05/27 11:52:22 UDP connection not yet initialized, an address has not been resolved
clair-indexer   | 11:52AM DBG atomic update of local mapping file complete component=rhel/rhcc/UpdatingMapper.do manifest=sha256:0325f4ff0aa8c89a27d1dbe10b29a71a8d4c1a42719a4170e0552a312e22fe88 url=https://access.redhat.com/security/data/metrics/container-name-repos-map.json
clair-indexer   | 11:52AM DBG attempting fetch of repo2cpe mapping file component=rhel/repo2cpe/UpdatingMapper.do manifest=sha256:0325f4ff0aa8c89a27d1dbe10b29a71a8d4c1a42719a4170e0552a312e22fe88 url=https://access.redhat.com/security/data/metrics/repository-to-cpe.json version=1.1
clair-indexer   | 11:52AM DBG atomic update of local mapping file complete component=rhel/repo2cpe/UpdatingMapper.do manifest=sha256:0325f4ff0aa8c89a27d1dbe10b29a71a8d4c1a42719a4170e0552a312e22fe88 url=https://access.redhat.com/security/data/metrics/repository-to-cpe.json version=1.1
clair-indexer   | 11:52AM DBG locking attempt component=libindex/Libindex.Index manifest=sha256:0325f4ff0aa8c89a27d1dbe10b29a71a8d4c1a42719a4170e0552a312e22fe88
clair-indexer   | 11:52AM DBG locking OK component=libindex/Libindex.Index manifest=sha256:0325f4ff0aa8c89a27d1dbe10b29a71a8d4c1a42719a4170e0552a312e22fe88
clair-indexer   | 11:52AM INF starting scan component=internal/indexer/controller/Controller.Index manifest=sha256:0325f4ff0aa8c89a27d1dbe10b29a71a8d4c1a42719a4170e0552a312e22fe88
clair-indexer   | 11:52AM INF manifest already scanned component=internal/indexer/controller/Controller.Index manifest=sha256:0325f4ff0aa8c89a27d1dbe10b29a71a8d4c1a42719a4170e0552a312e22fe88 state=CheckManifest
clair-indexer   | 11:52AM INF index request done component=libindex/Libindex.Index manifest=sha256:0325f4ff0aa8c89a27d1dbe10b29a71a8d4c1a42719a4170e0552a312e22fe88
clair-indexer   | 11:52AM INF handled HTTP request component=httptransport/New duration=1732.167299 method=POST remote_addr=172.20.0.5:33256 request_uri=/indexer/api/v1/index_report status=201
clair-traefik   | 172.20.0.1 - - [27/May/2022:11:52:22 +0000] "POST /indexer/api/v1/index_report HTTP/1.1" 201 4141 "-" "-" 3 "indexer@file" "http://clair-indexer:6060/" 1738ms
clair-indexer   | 2022/05/27 11:52:27 UDP connection not yet initialized, an address has not been resolved

Expected Outcome

The report is finished and I get a list of vulnerabilities as output

Actual Outcome

Clair is stuck, and last line logged is UDP connection not yet initialized, an address has not been resolved

Environment

Clair version/image: v4.4.2
Clair client name/version: clairctl 0.2.0
Host OS: Ubuntu 18.04
Kernel (e.g. uname -a): 4.15.0-180-generic # 189-Ubuntu SMP Wed May 18 14:13:57 UTC 2022 x86_64 x86_64 x86_64 GNU/Linux
Kubernetes version (use kubectl version):
Network/Firewall setup: using docker-compose setup with traefik

Joseph Crosland · Answer 1 · Fri May 27 2022 22:14:28 GMT+0800 (China Standard Time)

Seems like http://127.0.01:6060 is the problem, also this should be redundant for a local default setup.

Hank Donnay · Answer 2 · Fri May 27 2022 22:35:48 GMT+0800 (China Standard Time)

That log line is also not from Clair, I don't know if it's from the container engine or docker-compose or something else.

Hank Donnay · Answer 3 · Thu Jun 02 2022 03:06:26 GMT+0800 (China Standard Time)

Will close shortly if there are no new updates.

Hank Donnay · Answer 4 · Fri Jun 03 2022 04:50:46 GMT+0800 (China Standard Time)

Going to close this now. Please re-open if you have additional information to add, notably the status of all the containers. The fact it's not a log line from Clair and mentions "UDP" makes me think it might be something with a jaeger container or some networking weirdness with docker compose v2.