You are not logged in.
I'm having trouble with a docker image that behaves differently on arch.
selenium/chrome-standalone exposes a VNC server one can connect to in order to see what's going on. NoVNC is integrated so you can just use the browser for that.
The thing is that establishing a connection takes exactly 154 seconds, not more, not less. Tested it a bunch of times. That's a pretty strange thing, but even stranger is that I can't reproduce this on other distributions.
I tested on Ubuntu 23.10, 24.04 (unreleased), Debian 12, Debian Sid, Windows even, everywhere the connection is established pretty much instantly as expected. But the moment I test on arch it stalls for 2.5 minutes.
The command for testing is:
docker run -p 7900:7900 -e SE_VNC_NO_PASSWORD=1 selenium/standalone-chrome:4.15.0-20231110
After it starts up you can navigate to localhost:7900 and click on connect, and you should observe that nothing happens for a while.
I opened an issue upstream for the docker image about this but at this point I'm not certain it's something to do with them. How would I even go about troubleshooting this more? I'd love to provide more details or find the cause but I have no idea how to do that now.
Last edited by earlopain (2023-12-07 17:57:30)
Offline
Do you have logs from the container that show what it's doing, on startup and when you try to connect via the browser? I'd compare that with the logs from the container running on the other host systems, see if you can tell what's different.
Offline
Thanks for your reply.
There's no difference in logs from the systems, it's exactly the same. I've reduced the Dockerfile to just x11vnc+xvfb, stripped out supervisord/novnc/anything else really, and it's still happening.
I guess I could compile them in the container so there are symbols and try to debug that somehow? But that is way out of my depth.
Could you give this a try and see if it behaves similarly for you? I find it strange that I would be the one to stumble upon this, but then again I repoduce this on a fresh install.
You just need docker and a vnc client to connect with. I'd be very nice to hear from someone else that it is the same for them.
https://gist.github.com/Earlopain/ca11f … 0f87a691f9
FROM ubuntu:jammy-20231128
ENV DEBIAN_FRONTEND=noninteractive \
DEBCONF_NONINTERACTIVE_SEEN=true
RUN apt-get update -qqy \
&& apt-get -qqy install \
x11vnc xvfb \
&& rm -rf /var/lib/apt/lists/* /var/cache/apt/*
RUN <<EOF cat >> /opt/entrypoint.sh
#!/bin/bash
/usr/bin/Xvfb :99 -listen tcp -screen 0 1360x1020x24 & \
sleep 1 && x11vnc -forever -rfbport 5900 -display :99.0 &
wait -n
exit $?
EOF
RUN chmod +x /opt/entrypoint.sh
CMD ["/opt/entrypoint.sh"]
EXPOSE 5900Offline
I figured it out. It's not doing nothing but enumerating a huge amount of file descriptors.
https://github.com/LibVNC/libvncserver/ … #L508-L527
`ulimit -n` returns 1024 on my host but 1073741816 inside the docker container.
There are PRs to fix this but it hasn't been part of a release yet. https://github.com/containerd/containerd/pull/8924, or this one https://github.com/moby/moby/pull/45534/files. Not sure on the difference/responsibilities between docker.service and containerd.service. Perhaps it's needed for both.
This being Arch I'll just have to wait, don't think fixes are incorporated into the PKGBUILD usually. I'll mark this as solved.
If anyone is interested, here's my original upstream issue about this, including a temporary fix. https://github.com/SeleniumHQ/docker-se … ssues/2045
TLDR: Just set the limit manually for now.
version: "3"
services:
selenium:
image: selenium/standalone-chrome:4.15.0-20231110
environment:
- SE_VNC_NO_PASSWORD=1
shm_size: 2gb
ports:
- ${EXPOSED_VNC_PORT:-7900}:7900
ulimits:
nofile:
soft: 65536
hard: 65536Offline