Docker status always shows "unhealthy"

gmo · June 11, 2024, 10:18pm

I’m using the current official Docker release (v1.27.8), and I’m having the odd problem as listed above, where the status is always “unhealthy”. Oddly, Syncthing itself works perfectly fine, I’d only noticed this when working on something else.

When started via docker compose, syncthing first sits at “Starting” for several minutes, then switches over to “unhealthy”. I don’t see anything obvious in the logs; when I first checked, something had killed it via signal 15 a while back (and it restarted), but of course now that I’m using killsnoop, nothing is bothering it, so I don’t think that’s related.

Any ideas on what may be causing this? I only see one other person who asked, and (a) they didn’t get it resolved, and (b) their instance didn’t work, unlike mine.

Here’s my docker-compose.yml file & slightly redacted logs. The UID/GID are a dedicated user account that cannot log in. I’m not completely sure why I left the STGUIADDRESS environmental variable in; the only way to access the UI is over a SSH tunnel. I’m behind CG-NAT, so I can’t forward any ports from the wider internet.

Thanks for any advice!

docker-compose.yml

services:
  syncthing:
    image: syncthing/syncthing
    container_name: syncthing
    hostname: <redacted>
    environment:
      - PUID=1006
      - PGID=1006
      - STGUIADDRESS=
    volumes:
      - st-sync:/var/syncthing
    ports:
      - 8385:8385       # Web UI
      - 22000:22000/tcp # TCP file transfers
      - 22000:22000/udp # QUIC file transfers
    network_mode: host
    restart: unless-stopped

volumes:
  st-sync:

logs

$ sudo docker container logs syncthing
[start] 2024/06/11 21:24:43 INFO: syncthing v1.27.8 "Gold Grasshopper" (go1.22.3 linux-amd64) docker@github.syncthing.net 2024-05-30 08:49:22 UTC [noupgrade]
[CGEDJ] 2024/06/11 21:24:43 INFO: My ID: <removed>
[CGEDJ] 2024/06/11 21:24:44 INFO: Single thread SHA256 performance is 457 MB/s using crypto/sha256 (456 MB/s using minio/sha256-simd).
[CGEDJ] 2024/06/11 21:24:44 INFO: Hashing performance is 392.84 MB/s
[CGEDJ] 2024/06/11 21:24:44 INFO: Overall send rate is unlimited, receive rate is unlimited
[CGEDJ] 2024/06/11 21:24:44 INFO: Using discovery mechanism: global discovery server https://discovery.syncthing.net/v2/?noannounce&id=LYXKCHX-VI3NYZR-ALCJBHF-WMZYSPK-QG6QJA3-MPFYMSO-U56GTUK-NA2MIAW
[CGEDJ] 2024/06/11 21:24:44 INFO: Using discovery mechanism: global discovery server https://discovery-v4.syncthing.net/v2/?nolookup&id=LYXKCHX-VI3NYZR-ALCJBHF-WMZYSPK-QG6QJA3-MPFYMSO-U56GTUK-NA2MIAW
2024/06/11 21:24:44 failed to sufficiently increase receive buffer size (was: 208 kiB, wanted: 7168 kiB, got: 416 kiB). See https://github.com/quic-go/quic-go/wiki/UDP-Buffer-Sizes for details.
[CGEDJ] 2024/06/11 21:24:44 INFO: Using discovery mechanism: global discovery server https://discovery-v6.syncthing.net/v2/?nolookup&id=LYXKCHX-VI3NYZR-ALCJBHF-WMZYSPK-QG6QJA3-MPFYMSO-U56GTUK-NA2MIAW
[CGEDJ] 2024/06/11 21:24:44 INFO: Using discovery mechanism: IPv4 local broadcast discovery on port 21027
[CGEDJ] 2024/06/11 21:24:44 INFO: Using discovery mechanism: IPv6 local multicast discovery on address [ff12::8384]:21027
[CGEDJ] 2024/06/11 21:24:44 INFO: TCP listener ([::]:22000) starting
[CGEDJ] 2024/06/11 21:24:44 INFO: GUI and API listening on 127.0.0.1:8385
[CGEDJ] 2024/06/11 21:24:44 INFO: Access the GUI via the following URL: https://127.0.0.1:8385/
[CGEDJ] 2024/06/11 21:24:44 INFO: Relay listener (dynamic+https://relays.syncthing.net/endpoint) starting
[CGEDJ] 2024/06/11 21:24:44 INFO: My name is "<removed>"
[CGEDJ] 2024/06/11 21:24:44 INFO: Device <removed> is "<removed>" at [dynamic]
[CGEDJ] 2024/06/11 21:24:44 INFO: Device <removed> is "<removed>" at [dynamic]
[CGEDJ] 2024/06/11 21:24:44 INFO: QUIC listener ([::]:22000) starting
[CGEDJ] 2024/06/11 21:24:44 INFO: Ready to synchronize "<removed>" (<removed>) (sendreceive)
[CGEDJ] 2024/06/11 21:24:44 INFO: Completed initial scan of sendreceive folder "<removed>" (<removed>)
[CGEDJ] 2024/06/11 21:24:44 INFO: Established secure connection to GSXMU6I at [::]:22000-192.168.1.189:22000/quic-client/TLS1.3-TLS_AES_128_GCM_SHA256/LAN-P20-5UO20R87SJCI0O2ENUC7BM85VA
[CGEDJ] 2024/06/11 21:24:44 INFO: Device GSXMU6I client is "syncthing v1.27.8" named "<removed>" at [::]:22000-192.168.1.189:22000/quic-client/TLS1.3-TLS_AES_128_GCM_SHA256/LAN-P20-5UO20R87SJCI0O2ENUC7BM85VA
[CGEDJ] 2024/06/11 21:24:49 INFO: Established secure connection to GSXMU6I at 192.168.1.7:22000-192.168.1.189:22000/tcp-client/TLS1.3-TLS_AES_128_GCM_SHA256/LAN-P10-5UO20RQSVIAJ4R9TJJ56SRJ3NK
[CGEDJ] 2024/06/11 21:24:49 INFO: Additional connection (+1) for device GSXMU6I at 192.168.1.7:22000-192.168.1.189:22000/tcp-client/TLS1.3-TLS_AES_128_GCM_SHA256/LAN-P10-5UO20RQSVIAJ4R9TJJ56SRJ3NK
[CGEDJ] 2024/06/11 21:24:49 INFO: Lost primary connection to GSXMU6I at [::]:22000-192.168.1.189:22000/quic-client/TLS1.3-TLS_AES_128_GCM_SHA256/LAN-P20-5UO20R87SJCI0O2ENUC7BM85VA: replacing connection (1 remain)
[CGEDJ] 2024/06/11 21:25:04 INFO: quic://0.0.0.0:22000 detected NAT type: Port restricted NAT
[CGEDJ] 2024/06/11 21:25:04 INFO: quic://0.0.0.0:22000 resolved external address quic://204.144.215.80:58414 (via stun.syncthing.net:3478)
[CGEDJ] 2024/06/11 21:25:08 INFO: Detected 1 NAT service
[CGEDJ] 2024/06/11 21:25:39 INFO: Joined relay relay://45.33.16.96:443

Swarfega · June 12, 2024, 6:03am

Probably unrelated, but you’re using ports and configuring it as host network mode.

calmh · June 12, 2024, 6:04am

You moved the GUI/API to another port, and the health check expects it on the standard port.

gmo · June 12, 2024, 5:33pm

Oh, it is, isn’t it. Well, it was a really long day (night), in my defense

gmo · June 12, 2024, 5:43pm

I have 3 different instances that I administer over SSH tunnels (including my desktop), and using different ports was about the best I could think of (I’ll often have a putty window open to a different machine, and the tunnels go along with it). I’d assumed that since I changed the port in the GUI, that it would be OK. Is Docker directly testing port 8384 externally, or could I get around it with 8385:8384?

gmo · June 12, 2024, 6:34pm

Well, to answer my own question, yep, changing the port to 8385:8384 (having removed host network mode…) works fine! I also removed the STGUIADDRESS flag, since Docker will take care of everything. Thanks much!

For any future reference, here’s the relevant chunk of the docker compose file.

docker-compose.yml

  image: syncthing/syncthing
  container_name: syncthing
  hostname: NAME
  environment:
    - PUID=1006
    - PGID=1006
  volumes:
    - st-sync:/var/syncthing
  ports:
    - 8385:8384       # Web UI
    - 22000:22000/tcp # TCP file transfers
    - 22000:22000/udp # QUIC file transfers
    - 21027:21027/udp # Receive local discovery broadcasts
  restart: unless-stopped

system · July 12, 2024, 6:34pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.