Postgres not allowing `127.0.0.1` but works with `localhost`

Question

Postgres is ran in a container, using postgres:14.1-alpine image.

When ran A) with --network host, then

PGPASSWORD=postgres psql -d db -U postgres -h localhost  # works 
PGPASSWORD=postgres psql -d db -U postgres -h 127.0.0.1  # fails

When ran B) without --network host, then both hosts above work.

The error is

psql: error: connection to server at "127.0.0.1", port 5432 failed: 
FATAL:  password authentication failed for user "postgres"

Why would -h 127.0.0.1 in A) fail? I've provided details below. What else should one check?

Exact replay of commands

Run both containers pgA and pgB:

> docker run -d --rm -it --network host \
  -e POSTGRES_PASSWORD=postgres -ePOSTGRES_USER=postgres -e POSTGRES_DB=db \
  --name pgA \
  postgres:14.1-alpine

OUTPUT: <containerA_id>


> docker run -d --rm -it \
  -e POSTGRES_PASSWORD=postgres -ePOSTGRES_USER=postgres -e POSTGRES_DB=db \
  --name pgB \
  postgres:14.1-alpine

OUTPUT: <containerB_id>

Try to connect to both using -h 127.0.0.1:

> docker exec -it \
  pgA \
  bash -c ' PGPASSWORD=postgres psql -h 127.0.0.1 -d db -U postgres'

OUTPUT: psql: error: connection to server at "127.0.0.1", port 5432 failed: 
FATAL:  password authentication failed for user "postgres"


> docker exec -it \
  pgB \
  bash -c ' PGPASSWORD=postgres psql -h 127.0.0.1 -d db -U postgres'

OUTPUT: psql (14.1)
Type "help" for help.

db=#

Env

> docker --version
Docker version 20.10.11, build dea9396

> uname -a
Darwin foo.local 20.6.0 Darwin Kernel Version 20.6.0: 
Mon Aug 30 06:12:20 PDT 2021; root:xnu-7195.141.6~3/RELEASE_ARM64_T8101 arm64

Comparisons between the two containers pgA and pgB

• All files that are direct descendants of /var/lib/postgresql/data/ are identical (except for the different PID in postmaster.pid). For example, postgresql.conf contains

  listen_addresses = '*' 
  

  in both A) and B) container.

  Similarly, pg_hba.conf is identical

  local   all             all                                     trust
  # IPv4 local connections:
  host    all             all             127.0.0.1/32            trust
  # IPv6 local connections:
  host    all             all             ::1/128                 trust
  # Allow replication connections from localhost, by a user with the
  # replication privilege.
  local   replication     all                                     trust
  host    replication     all             127.0.0.1/32            trust
  host    replication     all             ::1/128                 trust
  

  (Child directories of /var/lib/postgresql/data/, such as pg_wal/, base/, etc. are likely different - haven't checked.)

• netstat -anpt | grep 5432 is identical

tcp        0      0 0.0.0.0:5432            0.0.0.0:*            LISTEN      -
tcp        0      0 :::5432                 :::*                 LISTEN

• /etc/hosts is almost identical ...

  127.0.0.1       localhost
  ::1     localhost ip6-localhost ip6-loopback
  fe00::0 ip6-localnet
  ff00::0 ip6-mcastprefix
  ff02::1 ip6-allnodes
  ff02::2 ip6-allrouters
  

  ... except that B) with --network bridge, this line is appended:

  <container_ip>    <container_id>
  

Related questions

• an exact opposite problem: Postgres not allowing localhost but works with 127.0.0.1
• similar #1
• similar #2

Answer 1

It was a silly oversight of not realising that yet another, a third PG instance had already bridge-bound the HostPort 5432.

Thanks to @jjanes for the logs and IPv6 hints. For the posterity, check your logs!

LOG: could not bind IPv4 address "0.0.0.0": Address in use