I run my Docker image in the following manner:
docker run --privileged --name openvas --rm -dti -p 9392:9392 <image_name>
The container runs fine for about 8-12 minutes and then it just completely disappears. docker ps -a doesn't show the container running any more.
I haven't been able to find any "docker logs" other than container logs, which in my case no longer exists since the container is gone.
When just preparing the running processes that contain "docker" in it, here's what I can see:
root 105873 3.5 0.6 1715848 24860 ? Ssl 2022 2149:08 /usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock
root 3730648 0.0 0.0 1222272 1576 ? Sl 22:26 0:00 /usr/bin/docker-proxy -proto tcp -host-ip 0.0.0.0 -host-port 9392 -container-ip 172.17.0.2 -container-port 9392
root 3730656 0.0 0.0 1148224 1524 ? Sl 22:26 0:00 /usr/bin/docker-proxy -proto tcp -host-ip :: -host-port 9392 -container-ip 172.17.0.2 -container-port 9392
root 3732368 0.0 0.0 8624 1964 pts/1 S+ 22:33 0:00 grep --color=auto -i docker
root 105873 3.5 0.7 1715848 29228 ? Ssl 2022 2149:09 /usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock
root 3730648 0.0 0.0 1222272 1576 ? Sl 22:26 0:00 /usr/bin/docker-proxy -proto tcp -host-ip 0.0.0.0 -host-port 9392 -container-ip 172.17.0.2 -container-port 9392
root 3730656 0.0 0.0 1148224 1524 ? Sl 22:26 0:00 /usr/bin/docker-proxy -proto tcp -host-ip :: -host-port 9392 -container-ip 172.17.0.2 -container-port 9392
root 3732370 0.0 0.1 1081712 5872 ? Dl 22:33 0:00 runc --root /var/run/docker/runtime-runc/moby --log /run/containerd/io.containerd.runtime.v2.task/moby/2692e34b79618056c6896af5d2da9f539c210c739ef7bae7420862e46e695ab0/log.json --log-format json --systemd-cgroup delete 2692e34b79618056c6896af5d2da9f539c210c739ef7bae7420862e46e695ab0
root 3732372 0.0 0.0 8624 1948 pts/1 S+ 22:33 0:00 grep --color=auto -i docker
While running this in a loop, the first part of the output above showed pretty consistently. When the container decided to disappear, I noticed the other output that contained logs. However, the file doesn't exist:
# cat /run/containerd/io.containerd.runtime.v2.task/moby/2692e34b79618056c6896af5d2da9f539c210c739ef7bae7420862e46e695ab0/log.json
cat: /run/containerd/io.containerd.runtime.v2.task/moby/2692e34b79618056c6896af5d2da9f539c210c739ef7bae7420862e46e695ab0/log.json: No such file or directory
Is there a general Docker log file that I can check to see why this container continues to crash? I've tried replicating this on other systems with the same container and had no issues. So I can't tell if it's crashing because of memory or anything at the moment.
The --rm option is used to delete the container when it exits or stops for any reason:
$ docker run --help
...
--rm Automatically remove the container when it exits
Related
I've tried lsof -wni tcp:3000
But ouput is empty.
The uput of ps aux | grep puma
is
kirillo+ 139882 0.0 0.0 20504 2916 pts/1 S+ 13:43 0:00 grep --color=auto --exclude-dir=.bzr --exclude-dir=CVS
But when I submit kill -9 139882
the output is:
kill 139882 failed: no such process
What should I do to start server on localhost:3000?
Docker container was using port 3000 :)
I am trying to use https://github.com/markshust/docker-magento. Following the instructions, the setup includes a nginx container in the frontend, which is suppose to connect with a php-fpm in the backend.
Containers:
ubuntu#DESKTOP-HED9HVG:/mnt/c/Users/Me$ docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
8db110d5737a markoshust/magento-nginx:1.18-4 "/docker-entrypoint.…" 2 hours ago Up 2 hours 80/tcp, 0.0.0.0:80->8000/tcp, 0.0.0.0:443->8443/tcp localdev_app_1
74ff9e11646a markoshust/magento-php:7.4-fpm-5 "docker-php-entrypoi…" 2 hours ago Up 2 hours 9000-9001/tcp localdev_phpfpm_1
As far as I can understand the code, the phpfpm is listening on the docker socket.
Nginx upstream:
upstream fastcgi_backend {
server unix:/sock/docker.sock;
}
php-fpm.conf:
:
listen = /sock/docker.sock
:
this is the docker-compose.yaml file
But I can't get it to work.
php-fpm is working:
app#74ff9e11646a:~/html$ ps aux
USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND
app 1 0.0 0.2 222828 33168 ? Ss 06:57 0:00 php-fpm: master process (/usr/local/etc/php-fpm.conf)
app 6 0.0 0.0 222828 10412 ? S 06:57 0:00 php-fpm: pool www
app 7 0.0 0.0 222828 10348 ? S 06:57 0:00 php-fpm: pool www
app 8 0.0 0.0 222828 10348 ? S 06:57 0:00 php-fpm: pool www
app 9 0.0 0.0 222828 10348 ? S 06:57 0:00 php-fpm: pool www
However,from nginx to phpfpm, there is ping, but there is no telnet:
/var/www/html # ping phpfpm
PING phpfpm (172.19.0.7): 56 data bytes
64 bytes from 172.19.0.7: seq=0 ttl=64 time=0.128 m
/var/www/html # telnet phpfpm 9000
telnet: can't connect to remote host (172.19.0.7): Connection refused
/var/www/html # telnet phpfpm 9001
telnet: can't connect to remote host (172.19.0.7): Connection refused
I am windows10 wsl2. Any idea what I should check?
You are telling PHP-FPM to use a socket for communication, that's why it's not listening on TCP / port 9000.
It can either listen on a TCP Port, OR use a socket, not both.
I ran this:
docker run -ti -p 80:80 --name esproxy "$tag"
but I get this error:
docker: Error response from daemon: driver failed programming external
connectivity on endpoint esproxy
(ead1fa4f09b2326cd1ff6aa0e3b8f8bfa5c9d353eb6db4efef6d188b81ea9df7):
Error starting userland proxy: listen tcp 0.0.0.0:80: bind: address
already in use.
So I did:
root#ip-172-xx-29-110:/interos/repos/nginx# lsof -i:80
and I got:
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
docker-pr 28213 root 4u IPv6 64253 0t0 TCP *:http (LISTEN)
and so this process looks like:
root 28213 0.0 0.0 116552 2620 ? Sl 04:34 0:00 /snap/docker/384/bin/docker-proxy -proto tcp -host-ip 0.0.0.0 -host-port 80 -container-ip 172.17.0.2 -container-port 80
does anybody know what that process is?
I had the same issue.
Stoppping all runing containers and restarting the docker service fixed it for me
service docker restart
and then start your container again
If after you restart the docker service, the docker-pr service allocates some container port, your container is starting automatically.
To check if you have some container running use:
docker ps
To stop this container, we can use:
docker stop container_name
If you have more than one container, we can use:
docker stop $(docker ps -a -q)
To stop a container from starting automatically, we need to remove it from the auto restart.
To do this use the following command:
docker update --restart=no container_name
After this, you will able to restart your docker service and you will not found any container starting automatically.
I want to access the docker daemon on another machine,but it always fails.
Both machines are virtual machines.
systemctl status docker service
[root#localhost ~]# systemctl status docker.service
● docker.service - Docker Application Container Engine
Loaded: loaded (/usr/lib/systemd/system/docker.service; disabled; vendor preset: disabled)
Active: active (running) since Tue 2019-04-16 07:38:52 EDT; 3s ago
Docs: https://docs.docker.com
Main PID: 5191 (dockerd)
Memory: 128.5M
CGroup: /system.slice/docker.service
└─5191 /usr/bin/dockerd -H unix://var/run/docker.sock -H tcp://0.0.0.0:2375
ps -ef | grep docker
[root#localhost ~]# ps -ef | grep docker
root 5191 1 1 07:38 ? 00:00:01 /usr/bin/dockerd -H unix://var/run/docker.sock -H tcp://0.0.0.0:2375
root 5800 5161 0 07:40 pts/0 00:00:00 grep --color=auto docker
netstat -tulp
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 localhost:smtp 0.0.0.0:* LISTEN 4373/master
tcp 0 0 0.0.0.0:ssh 0.0.0.0:* LISTEN 4134/sshd
tcp6 0 0 localhost:smtp [::]:* LISTEN 4373/master
tcp6 0 0 [::]:2375 [::]:* LISTEN 5191/dockerd
tcp6 0 0 [::]:2377 [::]:* LISTEN 5191/dockerd
tcp6 0 0 [::]:7946 [::]:* LISTEN 5191/dockerd
tcp6 0 0 [::]:ssh [::]:* LISTEN 4134/sshd
Result of access on another machine
[root#localhost dack]# docker -H tcp://192.168.233.150:2375 images
error during connect: Get http://192.168.233.150:2375/v1.39/images/json: dial tcp 192.168.233.150:2375: connect: no route to host
[root#localhost dack]# docker -H tcp://192.168.233.150:2375 info
error during connect: Get http://192.168.233.150:2375/v1.39/info: dial tcp 192.168.233.150:2375: connect: no route to host
Can you check for firewall, if 2375 port is allowed to connect from other servers.
Running a Jenkins image in my container which is bound to the host port 9090
sudo docker run -itd -p 9090:8080 -p 50000:50000 --name=myjenkins -t jenkins-custom /bin/bash
The output of running $docker port myjenkins
50000/tcp -> 0.0.0.0:50000
8080/tcp -> 0.0.0.0:9090
I can also see the binding from the host perspective ps -Af | grep proxy
root 15314 15194 0 17:52 ? 00:00:00 /usr/bin/docker-proxy -proto tcp -host-ip 0.0.0.0 -host-port 50000 -container-ip 172.17.0.2 -container-port 50000
root 15325 15194 0 17:52 ? 00:00:00 /usr/bin/docker-proxy -proto tcp -host-ip 0.0.0.0 -host-port 9090 -container-ip 172.17.0.2 -container-port 8080
After starting my jenkins server i try connect to the container using the host ip and the forwarded port (9090).
I'm new to Docker so may have missed something however would appreciate suggestions
Update: including dockerfile
From local-artifiactory/jenkinsci/jenkins:2.9
ENV java_opts="-Xmx8192m"
This is not an answer to this specific question. It is a possible answer to "port mapping doesn't work"
I've been caught by this twice.
The image name must come last when creating a container from the command line
This syntax:
docker run --name MyContainer MyImage -p 8080:80
will create container MyContainer from MyImage without issue
But the -p 8080:80 part will be silently ignored and your port mapping won't work
This syntax will work - you'll see exactly the same outcome except that port mapping will actually work.
docker run --name MyContainer -p 8080:80 MyImage
Same for this:
docker run MyImage --name MyContainer
This will create a container from MyImage but it won't give it the explicit name, it'll assign a random name
I hope this saves someone some time.
Port binding/publishing in docker is actually publishing container's port to docker-machine's, instead of to localhost's. For example, with
docker run -p 9090:8080 jenkins
you will be able to access the service by curl <your-docker-machine>:9090, NOT curl localhost:9090 or curl 127.0.0.1:9090
To get your docker-machine's IP, do: docker-machine ls and check the URL
The problem is that no service is running at those ports. The only process running is /bin/bash (as specified in the end of the line). You must start Jenkins inside the container.