ariffazil/fastmcp-container-restart-debug
hermes-backup/daily/2026-04-28_203212/skills/devops/fastmcp-container-restart-debug/SKILL.md
Debug and fix FastMCP container restart loops in Docker Compose — stdio vs SSE transport, healthcheck pitfalls
tools
Updated May 1, 2026
$ install --global
skillsauthnpx skillsauth add ariffazil/openclaw-workspace fastmcp-container-restart-debugInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: May 1, 2026, 4:09 AM128.5s1 file scanned
SKILL.md
- name:
- fastmcp-container-restart-debug
- description:
- Debug and fix FastMCP container restart loops in Docker Compose — stdio vs SSE transport, healthcheck pitfalls
- tags:
- [docker, fastmcp, debugging, container]
FastMCP Container Restart Loop Debug
Problem
WEALTH MCP container enters restart loop in Docker Compose. App crashes within seconds of start.
Root Cause
FastMCP's mcp.run() defaults to stdio transport — it reads from stdin. When Docker starts the container without a TTY, stdin immediately receives EOF and the process exits cleanly. Docker interprets this as a crash and restarts the container. Loop.
Secondary issue: Compose healthcheck using pg_isready or ss commands that don't exist inside the WEALTH image.
Diagnostic Steps
- Check if container is restarting
docker ps --filter name=<container> --format '{{.Names}} {{.Status}}'
# Look for: "Restarting (N) X seconds ago"
- Check exit reason
docker logs <container> --tail 50
# stdio loop: no output or "INFO: Application startup complete" then silent exit
- Verify app is running at all
docker exec <container> sh -c "cat /proc/1/cmdline" | tr '\0' ' '
docker exec <container> sh -c "which ss 2>/dev/null || which netstat 2>/dev/null"
- Test transport in isolation
docker run --rm --network=host <image> python -c "from internal.monolith import mcp; mcp.run(transport='sse', show_banner=False)" &
sleep 3
curl http://localhost:8000/sse # should return something (SSE stream or 405)
kill %1 2>/dev/null
The Fix
Patching if __name__ == "__main__" in the monolith/server entrypoint:
if __name__ == "__main__":
import os
if os.isatty(0):
mcp.run() # stdio for local dev
else:
mcp.run(transport="sse", show_banner=False) # SSE for container
This replaces the original mcp.run() call. FastMCP's transport="sse" makes it bind to HTTP instead of stdio — critical for containers.
Docker Compose Healthcheck (correct pattern)
After fixing the transport, the healthcheck should test an actual HTTP endpoint:
healthcheck:
test: ["CMD-SHELL", "curl -sf http://localhost:8000/sse -o /dev/null || exit 1"]
interval: 10s
timeout: 5s
retries: 5
Note: curl must be available in the container. If not, remove healthcheck entirely and rely on restart: unless-stopped — the process staying alive is sufficient evidence of health.
Anti-patterns to Avoid
- healthcheck:
pg_isready— not in the app container - healthcheck:
ss -ltn | grep—ss/netstatoften not installed in slim images - compose
command:override for transport — escapingimportstatements in YAML is fragile network_mode: service:X— too blunt, breaks container networking
Key Insight
FastMCP defaults to stdio. Container environments have no TTY → stdin closes → process exits → restart loop. Always explicitly set transport="sse" when deploying FastMCP containers.
Related Skills
ariffazil/AAA Agentic Governance (AAA-Cockpit, canonical)
development
VerifiedTrustedCommunity
Governed intelligence skill for AAA as the abstraction, attestation, and abduction control plane across arifOS, APEX, A-FORGE, GEOX, WEALTH, WELL, and the ariffazil profile repository. Use when the user asks to explain or design AAA, route agentic work, reduce chaos/entropy in an arifOS federation task, create AREP/task declarations, classify risk, plan multi-repo changes, review governance boundaries, or translate human intent into evidence-backed, authority-safe, recursively agentic workflows. Provides deterministic F1-F13 floor checking, bounded abduction, and FederationReceipt composition.
SKILL.mdUpdated Jun 6, 2026
ariffazil/skill-trigger-linter
development
VerifiedTrustedCommunity
Check every skill’s “use when” and “do not use when” clauses for collisions, missing negatives, and vague verbs like “help,” “assist,” or “improve.” Load when linting, reviewing, or validating trigger boundaries.
SKILL.mdUpdated May 27, 2026
ariffazil/skill-creator
development
VerifiedTrustedCommunity
Bootstrap, design, and package new skills. Load when capturing user intent for a new skill or drafting its initial instruction framework.
SKILL.mdUpdated May 27, 2026
ariffazil/Federation Service Health Triage
content-media
VerifiedTrustedCommunity
Diagnose which federation services are up, down, or drifting. Produce a prioritized remediation plan.
SKILL.mdUpdated May 27, 2026