Re: [SR-Users] Kamailio Dockerization

Hi, I am working on a project involving Kamailio dockerezation, which is meant to run alongside Freeswitch and RTPEngine containers, on the basis of a Docker-Compose file which is launched on top of a CentOS 7.7 host system. I was able to create and run the containers successfully, they are starting and listening to the correct ports, but for some unexplained reason - the incoming SIP traffic is not getting picked up by Kamailio. I can easily trace the traffic from the host, but when SSHing the container and running a test from within, no traffic goes by. I've used netcat to generate plain UDP traffic to the container, and it was logged into the Kamailio log files, but real-life traffic doesn't seem to work. I've tried moving to host mode (from bridge), but it didn't make any difference. All required firewall rules were opened obviously, I've also tried shutting the firewall off completely but it didn't help. Does anyone experienced anything similar while running Kamailio in Dockers, and could provide me a go-through on what steps did he take to fix it? EXCERPT FROM MY DOCKERFILE # Getting Kamailio source code from GIT RUN mkdir -p /usr/local/src/kamailio-5.3 WORKDIR /usr/local/src/kamailio-5.3 RUN git clone --depth 1 --no-single-branch https://github.com/kamailio/kamailio WORKDIR /usr/local/src/kamailio-5.3/kamailio RUN git checkout -b 5.3.2 # Compile the source code and install Kamailio RUN make include_modules="phonenum db_mysql xmlrpc http_async_client jansson auth_db nathelper websocket tls outbound topoh http_client" cfg && \ make all && make install # Default setting is to run Kamailio as user “kamailio” and group “kamailio” RUN adduser --quiet --system --group --disabled-password \ --shell /bin/false --gecos "Kamailio" \ --home /var/run/kamailio kamailio # To use init.d script for starting/stopping the Kamailio server COPY Init/kamailio /etc/init.d/ RUN chmod 755 /etc/init.d/kamailio COPY Default/kamailio /etc/default/ COPY kamailio.service /etc/systemd/system/ RUN mkdir -p /var/run/kamailio RUN chown kamailio:kamailio /var/run/kamailio COMPOSE (BRIDGE NETWORK VERSION) kamailioegress: build: kamailio_egress image: kamailioegress:latest container_name: kamailioegress restart: always environment: - DATABASE=kamailioe - SIP_DOMAIN=XXX - DBHOST=kamailiodb - DBROOTUSER=root - DBROOTPASS=XXX - PUBLIC_IPV4=XXX depends_on: - Kamailio-Base - kmdb - freeswitch - rtpengine expose: - "5060/udp" - "5060/tcp" ports: - "XXX:5060:5060/udp" networks: private-net: ipv4_address: "172.18.0.30" deploy: mode: replicated replicas: 1 restart_policy: condition: always delay: 5s max_attempts: 3 window: 120s networks: private-net: driver: bridge ipam: config: - subnet: 172.18.0.0/16 driver_opts: com.docker.network.bridge.name: wrtcpriv public-net: external: name: host ​COMPOSE (HOST MODE VERSION) kamailioegress: build: kamailio_egress image: kamailioegress:latest container_name: kamailioegress network_mode: host restart: always environment: - DATABASE=kamailioe - SIP_DOMAIN=XXX - DBHOST=172.18.0.10 - DBROOTUSER=root - DBROOTPASS=XXX - PUBLIC_IPV4=XXX - EGPORT=5060 - LINTE=ens224 - LINTI=ens192 - RTPENGINE=localhost depends_on: - Kamailio-Base - kmdb - freeswitch - rtpengine expose: - "5060/udp" ports: - "213.8.76.13:5060:5060/udp" deploy: mode: replicated replicas: 1 restart_policy: condition: always delay: 5s max_attempts: 3 window: 120s CONFIG FILE /* uncomment and configure the following line if you want Kamailio to * bind on a specific interface/port/proto (default bind on all available) */ listen=udp:0.0.0.0:LPORT advertise PUBLIC_IP:LPORT KAMAILIO-LOCALE #!define DBURL "mysql://root:XXX@DBHOST/kamailioe" #!substdef "!MY_DBURL!mysql://root:XXX@DBHOST/kamailioe!g" #!substdef "!RTPENGINE!MY_RTPENGINE!g" #!substdef "!SIP_DOMAIN!MY_SIP_DOMAIN!g" #!substdef "!PUBLIC_IP!MY_PUBLIC_IP!g" #!substdef "!PRIVATE_IP!MY_PRIVATE_IP!g" #!substdef "!LPORT!MY_LPORT!g" #!substdef "!LINT!MY_LINT!g" #!substdef "!HOMER_IP!10.1.0.100!g" #!substdef "!API_URL!http://localhost:3000/v1/mock!g" #!substdef "/CCODES/972|380/" #!substdef "/NUM_TRANSLATE_OUT_RE/\\\\+?(CCODES)([0-9]+)/" #!substdef "/NUM_TRANSLATE_IN_RE/0([0-9]+)/" ​FIREWALL RULES -bash-4.2# firewall-cmd --list-all public (active) target: default icmp-block-inversion: no interfaces: ens192 ens224 sources: 192.168.1.39 services: dhcpv6-client http https sip ssh ports: 9323/tcp 9323/udp protocols: masquerade: no forward-ports: source-ports: icmp-blocks: rich rules: rule family="ipv4" destination address="XXX" port port="5060" protocol="udp" accept rule family="ipv4" destination address="XXX" port port="5060" protocol="tcp" accept NETSTAT OUTPUT Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name udp 0 0 XXX:5060 0.0.0.0:* 22479/kamailio Edward _______________________________________________ Kamailio (SER) - Users Mailing List sr-users(a)lists.kamailio.org https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users