I'm struggling to set up SSH tunneling for a Splunk instance running inside a Docker container. I drew out a diagram describing the situation:
I'm trying to connect to the Splunk instance running inside the Docker container running on the server. The client is a Windows machine, and the server is a CentOS virtual machine (VM). I've pulled a Splunk image from DockerHub.
When researching this, I came across a blog where the poster had a similar goal (to set up SSH tunneling for Splunk) and attempted to follow the instructions. I was able to reconfigure the Splunk Web service so that it's only accesible locally (i.e., set the socket IP address to 127.0.0.1). However, I'm unable to make an SSH connection to the Splunk server. When I try to, I always receive an invalid password error (after I'm prompted for my credentials).
The command I'm entering is:
ssh -L 8000:127.0.0.1:8000 <hostname of server>
My guess is this happens because in my case, Splunk is running inside Docker which is running inside the server, but in the blog, Splunk was running directly on the server.
So maybe the command needs to be something along the lines of:
ssh -L 8000:127.0.0.1:8000 <Docker container>
So I probably need to expose a port in Docker to allow the tunnel. But I'm not certain, and I've never performed SSH tunneling before.
Any suggestions?
Related
I have two docker container one with Jenkins and one is remote container. I want to Run a Jenkins job on remote container.
For that I have given the private keys in credentials, but still connection is not successful.
I am able to ping remote container using Jenkins container also I am able to ssh to remote container using Jenkins container.
See the screenshot below.
How are you connecting with remote host ?? Can you please share the ssh command ?
Can you please share output of below command from your Jenkins container :
cat /etc/hosts
There might be possibility that Jenkins container is able to connect using IP but not using the host_name. Try updating the the /etc/hosts file with remote container host name and then connect.
eg: 172.0.0.1 remote_host local_host
Also If you have used port forwarding, then you can simply connect with base server IP and different ports assigned to those containers.
I'm new to both docker and Nifi, I found this command that installs via docker and used it on a virtual machine that I have in GCP but I would like to access this container via webserver. In docker ps this appears to me:
What command do I need to execute to gain access to the tool via port 8080?
The container has already exposed port 8080 on the host, as evidence by the output 0.0.0.0:8080->8080/tcp. You read that as {HOST_INTERFACE}:{HOST_PORT}->{CONTAINER_PORT}/{PROTOCOL}.
Navigate to http://SERVER_ADDRESS:8080/ (or maybe http://SERVER_ADDRESS:8080/nifi) using your web browser. You may need to modify the firewall rules applied to your VM to ensure that you can access that port from your local machine.
I'm trying to access the contents of remote docker containers on a linux server from my windows machine by forwarding the remote docker socket over SSH. However, the localhost port I am forwarding it to just gives me {"message":"page not found"}, and the remote docker containers are not detected.
Ideally, I want to access the contents of the remote containers in VSCode. I've been following their walkthrough (https://code.visualstudio.com/docs/remote/containers-advanced#_option-2-connect-using-an-ssh-tunnel) on how to connect to a remote docker container. Per their walkthrough, I've also made sure to set "AllowStreamLocalForwarding yes" on the server's sshd_config
C:\Users\me> ssh -nNT -L localhost:23750:/var/run/docker.sock user#remote_server
goto http://localhost:23750/:
{"message":"page not found"}
Following the VSCode instructions:
In settings,
"docker.host":"tcp://localhost:23750"
however, clicking "Remote-Containers: Attach to a Running Container" only lists my local containers, to the server ones
I've not gotten any error messages from following these steps; however, I still don't have any access to the remote docker containers
Solved - I was entering the docker.host setting wrong on vscode
(I had entered
"docker.host":""tcp://localhost:23750""
instead of
"docker.host":"tcp://localhost:23750"
)
Sorry for spam
I have a running graylog2 docker container on a remote machine with ports 3000 and 12900 exposed (3000 routes to port 9000 within docker) and I can open graylog web UI on that port. So that works as expected. But for some reason I can't add logs from outside the container. Running this from the cli WORKS from INSIDE the container, but DOESN'T WORK from OUTSIDE:
curl -XPOST http://localhost:3000/gelf -p0 -d '{"short_message":"Hello there", "host":"example.org", "facility":"test", "_foo":"bar"}'
Running this command from outside the docker container I get:
{"type":"ApiError","message":"HTTP 404 Not Found"}
Edit: Found some information that this could possibly be solved by setting GRAYLOG_REST_TRANSPORT_URI to a public IP when running the docker container. Unfortunately when I start it like that, I run into another problem - can't start any inputs to receive logs. Bind address: 0.0.0.0 Port: 3000 It throws:
Request to start input 'project' failed. Check your Graylog logs for more information.
Edit2: Moved my testing environment to a local machine, to rule out possible server misconfigurations. Getting same errors and same problems.
Edit3: Decided to test out the graylog1 docker image and with that one everything actually works as expected right off the bat! So as a backup I could use an old version, but I'd rather avoid that if possible.
You have to start a GELF HTTP input to be able to receive GELF messages via HTTP.
The Graylog REST API does not provide this type of input.
I'm trying to access Docker remote API from within a container because I need to start other containers.
The host address is 172.19.0.1, so I'm using http://172.19.0.1:2375/images/json to get the list of images (from host, http://localhost:2375/images/json works as expected.
The connection is refused, I guess because Docker (for Windows) listens on 127.0.0.1 and not on 0.0.0.0.
I've tried to change configuration (both from UI and daemon.json) adding the entry:
"hosts": ["tcp://0.0.0.0:2375"]
but the daemon fails to start. How can I access the api?
You can set DOCKER_OPTS in windows as below and try. In Windows, Docker runs inside a VM. So, you have to ssh into the VM and make the changes.
DOCKER_OPTS='-H tcp://0.0.0.0:4243 -H unix:///var/run/docker.sock'
Check if it works for you.
Update :- To ssh into the VM (assuming default is the VM name you have created using Docker toolbox), enter the following command in the Docker Quickstart Terminal,
docker-machine ssh default
You can find more details here.
You could link the host's /var/run/docker.sock within the container where you need it. This way, you don't expose the Docker Remote API via an open port.
Be aware that it does provide root-like access to docker.
-v /var/run/docker.sock:/var/run/docker.sock
You should use "tcp://host.docker.internal:2375" to connect to host machine from container. Please make sure that you can ping the "host.docker.internal" address
https://github.com/docker/for-win/issues/1976