I have a problem with connecting by curl to simple akka http server living in docker container.
Here is source code:
sbt new akka/akka-http-quickstart-scala.g8
added sbt native packager plugin to plugins.sbt
addSbtPlugin("com.github.sbt" % "sbt-native-packager" % "1.9.11")
and small change in build.sbt at the end:
libraryDependencies ++= Seq(
...
),
dockerExposedPorts := Seq(8080)
)
.enablePlugins(JavaAppPackaging, DockerPlugin)
so docker exposed ports and enable plugins.
If I will run it with network host like:
docker run --network host image-name:0.1
it work fine, but without network host or -p 8080:8080 or without does not work,
every time I get
curl: (56) Recv failure: Connection reset by peer
can it be smth connected with interface param ?
Http().newServerAt("localhost", 8080).bind(routes)
Related
I have a .NET 6 web API which says this:
Now listening on: http://[::]:80
It is inside a docker container based on mcr.microsoft.com/dotnet/aspnet:6.0 and with this:
docker run -p 4300:80 ...
I get normal responses from within the docker container if I do this:
docker exec -it acs curl http://localhost:80
But I can't connect to it from the localhost. If I try this...
curl http://localhost:4300
... then I get a timeout after about 20 seconds:
curl: (28) Failed to connect to localhost port 4300 after 21031 ms: Timed out
I get the same error message if I try curl on an IP port where nobody is listening (e.g. 4301) but then it only takes 5 seconds, which leads me to suppose that something in the .NET stack is refusing the connection.
How do I get this to work?
Following the tutorial on https://docs.docker.com/get-started/part2/.
I start my docker container with docker run -p 4000:80 friendlyhello
and see
* Serving Flask app "app" (lazy loading)
* Environment: production
WARNING: This is a development server. Do not use it in a production deployment.
Use a production WSGI server instead.
* Debug mode: off
* Running on http://0.0.0.0:8088/ (Press CTRL+C to quit)
But it's inaccessible from the expected path of localhost:4000.
$ curl http://localhost:4000/
curl: (7) Failed to connect to localhost port 4000: Connection refused
$ curl http://127.0.0.1:4000/
curl: (7) Failed to connect to 127.0.0.1 port 4000: Connection refused
Okay, so maybe it's not on my local host. Getting the container ID I retrieve the IP with
docker inspect --format '{{ .NetworkSettings.IPAddress }}' 7e5bace5f69c
and it returns 172.17.0.2 but no luck! curl continues to give the same responses. I can confirm something is running on 4000....
lsof -i :4000
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
com.docke 94812 travis 18u IPv6 0x7516cbae76f408b5 0t0 TCP *:terabase (LISTEN)
I'm pulling my hair out on this. I've read through the troubleshooting guide and can confirm
* not on a proxy
* don't use a custom dns
* I'm having issues connecting to docker, not docker connecting to my pip server.
Running the app.py with python app.py the server starts and I'm able to hit it. What am I missing?
Did you accidentally put port=8088 at the bottom of your app.py file? When you are running this the last line of your output is saying that your python app is exposed on port 8088 not 80.
To confirm you can run either modify the app.py file and rebuild the image, or alternatively you could run: docker run -p 4000:8088 friendlyhello which would map your local port 4000 to 8088 in the container.
Try to run it using:
docker run -p 4000:8088 friendlyhello
As you can see from the logs, your app starts on port 8088, but you connect 4000 to 80 where on 80, nothing is actually listening.
I'm having problems to get my ssh tunnel working for my container in a docker swarm cluster.
ssh connection on my local machine:
ssh -L 7180:test.XXX:7180 user#XXX
In my Dockerfile on the remote machine:
EXPOSE 7180
Container start:
docker -H test:2379 --tlsverify run -d -p 7180:7180 --net=my-net
I tried to connect in Firefox via:
localhost:7180
Unfortunately the connection gets refused on the remote machine:
channel 3: open failed: connect failed: Connection refused
"docker container ls" prints following for the ports:
xxx:7180->7180/tcp
Inside my container "netstat -ntlp | grep LISTEN" prints:
tcp 0 0 0.0.0.0:7180 0.0.0.0:* LISTEN -
I'm new to this but after all what I've read so far this should actually work. I'm using "--net=my-net" because I want to setup my own network later. I had the same issue with "--net=host". What am I doing wrong?
The ssh command should be:
ssh -L 7180:127.0.0.1:7180 user#XXX
And then from your browser, you would go to:
http://127.0.0.1:7180
I've avoided using "localhost" because some machines map this to IPv6 even if you don't have IPv6 configured.
When testing this tunnel, make sure your application is listening on the remote server by doing an ssh to that server and run a curl command directly on the server to 127.0.0.1:7180. If it doesn't work there, you would repeat your debugging with netstat inside the container and verifying the port is published in thedocker ps` output.
I got it working with
ssh -D localhost:7180 -f -C -q -N user#XXX
and using
xxx:7180
in my browser (instead of localhost).
localhost and --net=host did not work for me with ssh -L.
getting this error while curl the application ip
curl (56) Recv failure: Connection reset by peer - when hitting docker container
Do a small check by running:
docker run --network host -d <image>
if curl works well with this setting, please make sure that:
You're mapping the host port to the container's port correctly:
docker run -p host_port:container_port <image>
Your service application (running in the container) is running on localhost or 0.0.0.0 and not something like 127.0.0.1
I GOT the same error
umesh#ubuntu:~/projects1$ curl -i localhost:49161
curl: (56) Recv failure: Connection reset by peer
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
in my case it was due wrong port no
|---MY Projects--my working folder
--------|Dockerfile ---port defined 8080
--------|index.js-----port defined 3000
--------|package.json
then i was running ::::
docker run -p 49160:8080 -d umesh1/node-web-app1
so as the application was running in port 3000 in index.js it was not able to connect to the application got the error as u were getting
So TO SOLVE THE PROBLEM
deleted the last container/image that was created my worong port
just change the port no of INDEX.JS
|---MY Projects--my working folder
--------|Dockerfile ---port defined 8080
--------|index.js-----port defined 8080
--------|package.json
then build the new image
docker build -t umesh1/node-web-app1 .
running the image in daemon mode with exposed port
docker run -p 49160:8080 -d umesh1/node-web-app1
THUS MY APPLICATION WAS RUNNING without any error listing on port 49161
I have same when bind to port that is not lissened by any service inside container.
So check -p option
-p 9200:9265
-p <port in container>:<port in host os to be binded to>
I have a go grpc service. I'm developing on a mac, sierra. When running a grpc client against the service locally, all is well, but when running same client against same service in the docker container I get this error:
transport: http2Client.notifyError got notified that the client transport was broken EOF.
FATA[0000] rpc error: code = Internal desc = transport is closing
this is my docker file:
FROM golang:1.7.5
RUN mkdir -p /go/src/github.com/foo/bar
WORKDIR /go/src/github.com/foo/bar
COPY . /go/src/github.com/foo/bar
# ONBUILD RUN go-wrapper download
RUN go install
ENTRYPOINT /go/bin/bar
EXPOSE 51672
my command to build the image:
docker build -t bar .
my command to launch the docker container:
docker run -p 51672:51672 --name bar-container bar
Other info:
client program runs fine from within the docker container
connecting to a regular rest endpoint works fine (http2, grpc related?)
running the lsof command in OS X yields these results
$lsof -i | grep 51672
com.docke 984 oldDave 21u IPv4 0x72779547e3a32c89 0t0 TCP *:51672 (LISTEN)
com.docke 984 oldDave 22u IPv6 0x72779547cc0fd161 0t0 TCP localhost:51672 (LISTEN)
here's a snippet of my server code:
server := &Server{}
endpoint := "localhost:51672"
lis, err := net.Listen("tcp", endpoint)
if err != nil {
log.Fatalf("failed to listen: %v", err)
}
s := grpc.NewServer(grpc.Creds(creds))
pb.RegisterExpServiceServer(s, server)
// Register reflection service on gRPC server.
reflection.Register(s)
log.Info("Starting Exp server: ", endpoint)
if err := s.Serve(lis); err != nil {
log.Fatalf("failed to serve: %v", err)
}
When you specify a hostname or IP address​ to listen on (in this case localhost which resolves to 127.0.0.1), then your server will only listen on that IP address.
Listening on localhost isn't a problem when you are outside of a Docker container. If your server only listens on 127.0.0.1:51672, then your client can easily connect to it since the connection is also made from 127.0.0.1.
When you run your server inside a Docker container, it'll only listen on 127.0.0.1:51672 as before. The 127.0.0.1 is a local loopback address and it not accessible outside the container.
When you fire up the docker container with "-p 51672:51672", it'll forward traffic heading to 127.0.0.1:51672 to the container's IP address, which in my case is 172.17.0.2.
The container gets an IP addresses within the docker0 network interface (which you can see with the "ip addr ls" command)
So, when your traffic gets forwarded to the container on 172.17.0.2:51672, there's nothing listening there and the connection attempt fails.
The fix:
The problem is with the listen endpoint:
endpoint := "localhost:51672"
To fix your problem, change it to
endpoint := ":51672"
That'll make your server listen on all it container's IP addresses.
Additional info:
When you expose ports in a Docker container, Docker will create iptables rules to do the actual forwarding. See this. You can view these rules
with:
iptables -n -L
iptables -t nat -n -L
If you use docker container to run grpc service,you should make sure grpc service and grpc client on ths same bridge
if you are using docker container, u can define network by IP and give this IP to your IP address(like: 178.20.0.5).