Hey I m trying to start a docker agent on CentOS7 via prefec

Question

Hey I m trying to start a docker agent on CentOS7 via prefect agent docker start and get this error urllib3 exceptions MaxRetryError HTTPConnectionPool host= host docker internal port=4200 Max retries exceeded with url graphql Caused by NewConnectionError lt urllib3 connection HTTPConnection object at 0x7f2881d77350 gt Failed to establish a new connection Errno 113 No route to host I thought maybe it was this bug <https github com PrefectHQ server issues 25> but I still can t figure out how to work around it Any suggestions on how to move forward I m stuck

nicholas · Answer

Hi < Garret Cook> is this against Cloud or a local Server

Garret Cook · Answer

local server

nicholas · Answer

Local to the agent as well is that correct

Garret Cook · Answer

Correct

nicholas · Answer

Great can you confirm that you ve run `prefect backend server` before attempting to start your agent

Garret Cook · Answer

Confirmed

Garret Cook · Answer

I can get to the UI on 8080 also

nicholas · Answer

Ok fantastic From the same terminal can you run `curl <http localhost 4200 graphql>` and see what s returned

Garret Cook · Answer

root prefect ~ curl v <http localhost 4200 graphql> About to connect to localhost port 4200 0 Trying 1 Connected to localhost 1 port 4200 0 gt GET graphql HTTP 1 1 gt User Agent curl 7 29 0 gt Host localhost 4200 gt Accept gt lt HTTP 1 1 400 Bad Request lt X Powered By Express lt Access Control Allow Origin lt Content Type text html charset=utf 8 lt Content Length 18 lt ETag W 12 7JEJwpG8g89ii7CR 6hhfN27Q+k lt Date Fri 22 Jan 2021 17 03 45 GMT lt Connection keep alive lt Keep Alive timeout=5 lt Connection 0 to host localhost left intact GET query missing

nicholas · Answer

Ok cool And the docker host is accessible as well correct

Garret Cook · Answer

root prefect ~ docker run hello world Unable to find image hello world latest locally Trying to pull repository latest Pulling from 0e03bdcc26d7 Pull complete Digest sha256 31b9c7d48790f0d8c50ab433d9c3b7e17666d6993084c002c2ff1ca09b96391d Status Downloaded newer image for Hello from Docker This message shows that your installation appears to be working correctly To generate this message Docker took the following steps 1 The Docker client contacted the Docker daemon 2 The Docker daemon pulled the hello world image from the Docker Hub amd64 3 The Docker daemon created a new container from that image which runs the executable that produces the output you are currently reading 4 The Docker daemon streamed that output to the Docker client which sent it to your terminal To try something more ambitious you can run an Ubuntu container with $ docker run it ubuntu bash Share images automate workflows and more with a free Docker ID For more examples and ideas visit

Garret Cook · Answer

Yes it responds readily

nicholas · Answer

Ok great that narrows down the issue significantly Can you run this for me ```echo from prefect utilities docker util import get docker ip nprint get docker ip gt docker ip py amp amp python docker ip py```

nicholas · Answer

Oops hold off on that

nicholas · Answer

Actually that should be fine

Garret Cook · Answer

` root prefect ~ cat docker ip py` `from prefect utilities docker util import get docker ip` `print get docker ip ` ` root prefect ~ python3 6 docker ip py` `172 17 0 1` ` root prefect ~ `

Garret Cook · Answer

I had to edit the command a little but I think I got what you wanted

nicholas · Answer

Ah yeah you got it I m not familiar with CentOS

nicholas · Answer

Ok I suspect this could be an issue with `firewalld` you re able to communicate with the API over http from a variety of sources but not through the docker host You ll need to allow container to container communication to enable this I think which you can do with `firewall cmd zone=public add masquerade permanent amp amp firewall cmd reload`

nicholas · Answer

There s a possibility you ll need to restart the docker service as well

Garret Cook · Answer

Ok shall I retry the docker agent now

Garret Cook · Answer

ok I ll reboot the whole system

nicholas · Answer

Any luck

Garret Cook · Answer

Progress I think

Garret Cook · Answer

` root prefect ~ prefect agent docker start` ` ` `| | | | | | ` `| | | | | | ` | | |` `| | | | | | | | | | | | | ` `| | | | | | | | | | | | | | |` `| ` ` 2021 01 22 17 27 21 044 INFO agent | Starting DockerAgent with labels ` ` 2021 01 22 17 27 21 045 INFO agent | Agent documentation can be found at ` ` 2021 01 22 17 27 21 045 INFO agent | Agent connecting to the Prefect API at ` ` 2021 01 22 17 27 21 079 INFO agent | Waiting for flow runs ` ` 2021 01 22 17 27 21 316 INFO agent | Found 1 flow run s to submit for execution ` ` 2021 01 22 17 27 21 513 INFO agent | Deploying flow run 2d740d95 feb3 4ae9 b002 c4581595abf8` ` 2021 01 22 17 27 21 518 INFO agent | Pulling image prefecthq prefect 0 14 3 ` ` 2021 01 22 17 27 24 245 INFO agent | Successfully pulled image prefecthq prefect 0 14 3 ` ` 2021 01 22 17 28 08 008 INFO agent | Found 1 flow run s to submit for execution ` ` 2021 01 22 17 28 08 175 INFO agent | Deploying flow run 980ddf94 76c8 4e90 8219 59c80a3b30e5` ` 2021 01 22 17 28 08 181 INFO agent | Pulling image prefecthq prefect 0 14 3 ` ` 2021 01 22 17 28 08 933 INFO agent | Successfully pulled image prefecthq prefect 0 14 3 `

nicholas · Answer

That looks good

Garret Cook · Answer

It deploys the flow without error but they don t seem to finish

nicholas · Answer

Hm that seems like a different issue then could be code related

nicholas · Answer

Or perhaps infra related

Garret Cook · Answer

` root prefect production flows cat task py` `import prefect` `from prefect run configs docker import DockerRun` `from prefect import task Flow` ` task` `def say hello ` `logger = prefect context get logger ` `<http logger info|logger info> Hello Cloud ` `with Flow hello flow as flow ` `say hello ` `flow run config = DockerRun ` ` env= SOME VAR VALUE ` ` image= example image name with tag ` ` ` ` builds the Docker image and pushes Flow metadata to the Prefect Cloud database` ` flow deploy project name= Backups ` `flow register project name= Backups `

nicholas · Answer

Hm any messages in the UI Are the runs entering a `Running` state

Garret Cook · Answer

Just sitting in submitted

nicholas · Answer

Oh you know what it doesn t look like you re specifying an image to use with `DockerRun` you ll either need to specify an image for that OR add <https docs prefect io orchestration execution storage options html docker|docker storage> to the flow ```from prefect storage import Docker flow storage = Docker ```

nicholas · Answer

The agent is probably submitting the flow to the docker daemon but the daemon doesn t know what to do with it since there s no image

Garret Cook · Answer

Interesting

nicholas · Answer

that s my suspicion anyway

Garret Cook · Answer

Def a part of the API I didn t understand well

Garret Cook · Answer

Why does it download the prefect docker image then I thought it was going to try to run my commands inside that

Garret Cook · Answer

` 2021 01 22 17 43 53 340 INFO agent | Pulling image prefecthq prefect 0 14 3 `

Garret Cook · Answer

^^What is it doing that for

nicholas · Answer

Good question I m not entirely sure why that s happening

nicholas · Answer

Let me know when you ve added docker storage and how it works out I ll ping the core team if that doesn t fix the issue

Garret Cook · Answer

Ok so I apologize the original issue remains It only shows up when debugging is turned on via `prefect agent docker start show flow logs`

Garret Cook · Answer

I had stopped using show flow logs which meant it didn t show up

Garret Cook · Answer

I added docker storage with no change

nicholas · Answer

Sorry when you say the original issue do you mean that you can t start your agent any longer

nicholas · Answer

Or that the flows are still stuck in submitted

Garret Cook · Answer

The agent runs fine but every flow stays in submitted and the agent shows this error for every docker flow `urllib3 exceptions MaxRetryError HTTPConnectionPool host= host docker internal port=4200 Max retries exceeded with url graphql Caused by NewConnectionError lt urllib3 connection HTTPConnection object at 0x7f0166b2a908 gt Failed to establish a new connection Errno 113 No route to host `

Garret Cook · Answer

I tried adding the interface bridge to the firewalld trusted zone

Garret Cook · Answer

and turned on masquerade

Garret Cook · Answer

no effect

Garret Cook · Answer

Ok cooking with gas Had to add docker0 to the trusted zone

Garret Cook · Answer

br 8a166a45514d bridge also

Garret Cook · Answer

now it can communicate

nicholas · Answer

Oh interesting so it needed even more access than we thought

nicholas · Answer

So now the runs are being submitted correctly

Garret Cook · Answer

yep perfectly fast and snappy

nicholas · Answer

Amazing well done

Garret Cook · Answer

Well I appreciate you tipping me off that it might be a firewall issue

Garret Cook · Answer

That bug made me think it was a docker problem I hadn t looked past that

nicholas · Answer

Of course I updated the link above with what we discovered^ feel free to put in your 2 cents as well

nicholas · Answer

I m not totally sure they re the same issue but it may help others that are in a similar spot

Garret Cook · Answer

yeah that is one of the most popular google results good idea