Search code examples
javadockerdocker-composesnmpsnmp4j

Docker issue: SNMP Listener doesn't work only when it has been deployed from docker: Permission Denied


I developed an SNMP Listener in Java with Snmp4j. This service worked without any problems, so I made the Dockerfile and the docker-compose.yaml, but when I deployed the service from Docker, I got an error:

Exception Message = Permission denied

Normally it should just wait and listen for traps, it looks like he is not allowed to listen where I ask him. I’m not comfortable with Docker and I don’t understand what I’m misconfiguring. For information, my SNMP listener listens to traps on its port 162 that come from a server external to the docker.

Do you have any idea about what can impact the network's authorisation when something is running from Docker?

Here is my Dockerfile, I tried to expose manually the ports but it didn't fix my problem:

FROM registry.access.redhat.com/ubi8/openjdk-17:1.14

ENV LANGUAGE='en_US:en'

COPY --chown=185 target/*-runner.jar /deployments/connecteur-telephonie.jar

EXPOSE 162/udp
EXPOSE 162/tcp
EXPOSE 8080
USER 185
ENV JAVA_OPTS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager"
ENV JAVA_APP_JAR="/deployments/connecteur-telephonie.jar"

And here is the part of the Docker compose that is related to my service. Since I want to listen outside I use de network_mode "host", is that right?

version: '3.9'
 services:
connecteur-telephonie:
    image: <url from where i get my image Docker>
    environment:
      - SERVER_ADRESS=192.168.1.30
      - SERVER_PORT=162
      - QUARKUS_ARTEMIS_URL=tcp://10.205.11.115:61616
      - QUARKUS_ARTEMIS_USERNAME=root
      - QUARKUS_ARTEMIS_PASSWORD=root
    network_mode: "host"`

Thanks a lot for your time and your consideration.

I tried to expose manually the ports in Dockerfile but it didn't fix my problem. I tried to listen on 0.0.0.0/162 as well but it still didn't work


Solution

  • I solved my problem. SNMP traps are using the UDP protocol. With Docker the ports are open by default only in TCP, the solution is to declare the ports like this in the docker-compose.yaml:

    ports:
      - "162:162/udp"
    

    The trap is that even if I set up UDP in my dockerfile, it didn't work for me with this:

    EXPOSE 162/udp