I had a working laradock docker container and wanted to add some services, when I tried to rebuild I get the following error:-
ERROR: for laradock_nginx_1 Cannot start service nginx: Ports are not
available: listen tcp 0.0.0.0:81: bind: An attempt was made to access
a socket in a way forbidden by its access permissions.
I have tried to list services using port 81 but lsof -i TCP:81 returned no results so i tried listing everything with lsof -i which returned
node 23 chris 18u IPv4 1034 0t0 TCP localhost:38187 (LISTEN)
node 23 chris 21u IPv4 1052 0t0 TCP localhost:38187->localhost:49786 (ESTABLISHED)
node 77 chris 18u IPv4 18626 0t0 TCP localhost:49786->localhost:38187 (ESTABLISHED)
node 86 chris 18u IPv4 22566 0t0 TCP localhost:49788->localhost:38187 (ESTABLISHED)
node 106 chris 19u IPv4 1057 0t0 TCP localhost:38187->localhost:49788 (ESTABLISHED)
I thought it may be conflicting with my old setup so I have pruned everything and started from fresh with the latest release of docker desktop and laradock, still getting the same error and now i'm stuck and don't even have my old container to fall back on.
What can be causing this error?
If anyone has the same issue user binding the host port 81 did not have enough permissions quickest fix was to change docker's host port inside port binding to above 1024 (we used 8080) and it worked.
Docker nginx port issue: By default ubuntu install apache which run in 80 port. so just stop it. This can happen also for nginx. So follow same process.
sudo /etc/init.d/apache2 stop
nginx:
restart: unless-stopped
build:
context: .
dockerfile: ./docker/nginx/Dockerfile
ports:
- '80:80'
volumes:
- static_volume:/home/pos/static/
- ./docker/nginx/development:/etc/nginx/conf.d
depends_on:
- backend
Related
I installed docker using snap (during the install process of 22.04) and it was working fine, and all my containers were spun up using docker run ...
This was until I installed docker-compose using apt later on. When I attempted to bring up containers with docker-compose I would get errors stating that the port was already in use.
So I then checked what program/command was using these ports:
sudo lsof -i :9091:
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
docker-pr 1883 root 4u IPv4 28696 0t0 TCP *:9091 (LISTEN)
docker-pr 1890 root 4u IPv6 27395 0t0 TCP *:9091 (LISTEN)
sudo netstat -pna | grep 9091
tcp 0 0 0.0.0.0:9091 0.0.0.0:* LISTEN 1883/docker-proxy
tcp6 0 0 :::9091 :::* LISTEN 1890/docker-proxy
This showed that my container was still somehow running, as the port was in use. However, when running docker ps -a no containers were running...
The commands above all pointed towards docker-proxy, what is this service? Also, why is it so under the radar that docker itself can't even stop the container with commands like: docker rm $(docker ps -aq)? Also, not sure why my container became invisible and was unable to stop it without stopping the docker service entirely.
I am trying to follow a tutorial for Docker beginners (https://docs.docker.com/get-started/)
When I try to run this command:
$ docker run -d -p 80:80 docker/getting-started
I get this Error:
docker: Error response from daemon: driver failed programming external connectivity on endpoint suspicious_murdock (863f389a032ea76d187c4387701b9eb0b6d4de4d0a9ed414616fa6b4715346ab): Error starting userland proxy: listen tcp4 0.0.0.0:80: bind: address already in use.
I tried removing all the dockers docker rm -fv $(docker ps -aq) but it did nothing.
What can I do?
I had to stop apache2 from running on port :80 - sudo service apache2 stop
Or you can use a different port like docker run -d -p 8080:80 docker/getting-started. This way you do not need to stop the apache2 running on the host.
In case you change ports and still encounter the same problem especially on Ubuntu 18 try stopping your apache serve and mysql/mariadb port if you further encounter mysql/mariadb port already been used.
Try these two commands.
sudo service apache2 stop
sudo service mysql stop
sudo service mariadb stop
why is this error showing?
This error means that you have a process listening to port 80 (the default HTTP port). This is probably a server of some sorts like apache/nginx/lighttpd.
Other answers suggest closing a database (mysql/mariadb), but - if configured correctly - they will be using a different port (most often 3306). This means that stopping your database will probably not solve the issue, since they are not using port 80.
how to find out what is causing this?
from here:
In a terminal type (with sudo, so it also shows root processes):
sudo lsof -i :80
you should get something like this:
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
lighttpd 1713 www-data 4u IPv6 36989 0t0 TCP *:http (LISTEN)
lighttpd 1713 www-data 5u IPv4 36990 0t0 TCP *:http (LISTEN)
firefox-b 23384 your-user 150u IPv4 122957 0t0 TCP pop-os:37322->ef-in-f94.1e100.net:http (ESTABLISHED)
firefox-b 23384 your-user 174u IPv4 122155 0t0 TCP pop-os:37314->ef-in-f94.1e100.net:http (ESTABLISHED)
Note the (LISTEN) vs (ESTABLISHED) at the end. (LISTEN) is the culprit here, caused by the command lighttpd, which is a server. Also, the USER of lighttpd is www-data, which is not you, so it would not show without sudo.
Now, to stop it, use:
sudo service stop lighttpd
where you replace lighttpd with whatever the command is (of course you kind of want to know what you're doing here, since you don't accidentally want to pull your website offline).
I want to get a Laravel application running in Docker, but am failing at the first hurdle, I have tried to use the docker/getting started Docker image with the following command but am getting the below blockage.
$docker run -p 80:80 docker/getting-started
docker: Error response from daemon: Ports are not available: listen tcp 0.0.0.0:80: bind: address already in use.
Listing out what is running is here:
$sudo lsof -i :80
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
nginx 143 root 6u IPv4 0x17106caf335097c7 0t0 TCP localhost:http (LISTEN)
nginx 10145 Jeremyrrsmith 6u IPv4 0x17106caf335097c7 0t0 TCP localhost:http (LISTEN)
nginx 10218 Jeremyrrsmith 6u IPv4 0x17106caf335097c7 0t0 TCP localhost:http (LISTEN)
nginx 10296 Jeremyrrsmith 6u IPv4 0x17106caf335097c7 0t0 TCP localhost:http (LISTEN)
nginx 10372 Jeremyrrsmith 6u IPv4 0x17106caf335097c7 0t0 TCP localhost:http (LISTEN)
From what I read I needed to kill whatever was running on port 80, so have killed them (exception of 143 which errors), but they restart with a new PID. Should I actually be killing these?
The
Docker: Error response from daemon: Ports are not available: listen tcp 0.0.0.0:80: bind: address already in use. error is causing me a headache.
netstat -ltnp | grep 80 is a common command to run according to other threads, but i get netstat: option requires an argument -- p as a response. Having read into that, is that the first is a Linux command (was not clear to me in other threads). I'm on a Mac. lsof -n -i4TCP:80 | grep LISTEN is the command on mac (hope it helps others). That provides
nginx 10145 Jeremyrrsmith 6u IPv4 0x17106caf335097c7 0t0 TCP 127.0.0.1:http (LISTEN)
nginx 10218 Jeremyrrsmith 6u IPv4 0x17106caf335097c7 0t0 TCP 127.0.0.1:http (LISTEN)
nginx 10296 Jeremyrrsmith 6u IPv4 0x17106caf335097c7 0t0 TCP 127.0.0.1:http (LISTEN)
nginx 10372 Jeremyrrsmith 6u IPv4 0x17106caf335097c7 0t0 TCP 127.0.0.1:http (LISTEN)
I kill these PID and they just restart with a new PID, I don't think that I need them, but are they system related? How do I kill them for good and are they actually blocking me from using port 80 for Docker?
The easiest and most common way around used ports is using a different port-mapping e.g.
docker run -p 8080:80 docker/getting-started and accessing via localhost:8080
If you want to use port 80 you probably have to stop the nginx service rather than killing the process.
I think it's laravel valet. I have just $valet stop which i think has solved it. As lsof -n -i4TCP:80 | grep LISTEN now returns nothing and running the docker command has set up a container. So port 80 was blocked by nginx, which was added by laravel valet, and to use port 80 you need to stop valet, and restart it when you dont need the port anymore. I think.
You have nginx running on your device which is blocking port 80, just as you said yourself.
Have you installed nginx yourself?
Is it installed as a system service, that is started automatically when you power up your device?
If it runs as a system service, you probably will need to gradually shut it down using the appropriate system command, instead of trying to kill the processes. I don't know what the command for this is on Mac, but you will find out if you search for it.
On linux, depending on your system, this could e.g. be systemctl stop nginx.
Do you know where the nginx process comes from?
Docker nginx port issue: By default ubuntu install apache which run in 80 port.This can happen also for nginx. So follow same process.
sudo /etc/init.d/apache2 stop
docker-compose.yml file
nginx:
build:
context: .
dockerfile: ./Dockerfile
ports:
- '80:80'
volumes:
- static_volume:/home/pos/static/
- ./docker/nginx/development:/etc/nginx/conf.d
I'm using Docker Compose to run a DNS server (PowerDNS) within a container. Here is the config:
version: "2.4"
networks:
dnsnet:
driver: bridge
driver_opts:
com.docker.network.bridge.name: "dnsbr0"
ipam:
driver: default
config:
-
subnet: 192.168.193.0/24
gateway: 192.168.193.1
power-dns:
image: "my_image"
restart: on-failure
networks:
dnsnet:
ipv4_address: 192.168.193.170
ports:
- "x.x.x.x:53:53/tcp"
- "x.x.x.x:53:53/udp"
- "aaaa::ffff:53:53/tcp"
- "aaaa::ffff:53:53/udp"
From the host machine (running on Ubuntu 18.04 on DigitalOcean), I can dig #x.x.x.x and dig #aaaa::ffff without issue. From another machine (bbbb::ffff) in the same datacenter, I can still dig #x.x.x.x, but dig #aaaa::ffff times out. I can ping #aaaa::ffff no problem—works great, just a 1.5ms round-trip.
The first thing I checked was lsof:
$ sudo lsof -i -n
docker-pr 7258 root 4u IPv6 97854 0t0 TCP [aaaa::ffff]:domain (LISTEN)
docker-pr 7272 root 4u IPv4 97877 0t0 TCP x.x.x.x:domain (LISTEN)
docker-pr 7285 root 4u IPv4 97919 0t0 UDP x.x.x.x:domain
docker-pr 7290 root 4u IPv6 98382 0t0 UDP [aaaa::ffff]:domain
That all looks correct. So next I checked a tcpdump, first of a ping:
$ sudo tcpdump -n host "aaaa::ffff"
01:24:36.570272 IP6 bbbb::ffff > aaaa::ffff: ICMP6, echo request, seq 0, length 16
01:24:36.570322 IP6 aaaa::ffff > bbbb::ffff: ICMP6, echo reply, seq 0, length 16
01:24:37.574518 IP6 bbbb::ffff > aaaa::ffff: ICMP6, echo request, seq 1, length 16
01:24:37.574558 IP6 aaaa::ffff > bbbb::ffff: ICMP6, echo reply, seq 1, length 16
And now of a dig:
$ sudo tcpdump -n host "aaaa::ffff"
00:42:03.291922 IP6 bbbb::ffff.51642 > aaaa::ffff.53: 60840+ [1au] A? example.net. (49)
00:42:08.297904 IP6 bbbb::ffff.51642 > aaaa::ffff.53: 60840+ [1au] A? example.net. (49)
00:42:13.301566 IP6 bbbb::ffff.51642 > aaaa::ffff.53: 60840+ [1au] A? example.net. (49)
$ sudo tcpdump -i dnsbr0 -n host "192.168.193.170"
<nothing>
So there doesn't appear to be a reply and, importantly, the docker-proxy process never forwards the packets on to the container. Note that a dig to the IPv4 address shows up as expected in the dump:
$ sudo tcpdump -n host "x.x.x.x"
00:46:16.129744 IP y.y.y.y.55183 > x.x.x.x.53: 989+ [1au] A? example.net. (49)
00:46:16.131823 IP x.x.x.x.53 > y.y.y.y.55183: 989*- 1/0/1 A 1.2.3.4 (65)
$ sudo tcpdump -i dnsbr0 -n host "192.168.193.170"
00:46:16.129905 IP y.y.y.y.62620 > 192.168.193.170.53: 16666+ [1au] A? example.net. (49)
00:46:16.131569 IP 192.168.193.170.53 > y.y.y.y.62620: 16666*- 1/0/1 A 1.2.3.4 (65)
I also tried doing the ports differently:
ports:
- "53:53/tcp"
- "53:53/udp"
This resulted in a different (and expected) lsof output but the same behavior and tcpdump results.
$ sudo lsof -i -n
docker-pr 6982 root 4u IPv6 95863 0t0 TCP *:domain (LISTEN)
docker-pr 6995 root 4u IPv6 95894 0t0 UDP *:domain
So what am I missing here? Why is this not working? Have I found a Docker bug?
I have determined this must be a Docker bug. I have filed a new bug here: https://github.com/docker/for-linux/issues/566
I will accept this as "the" answer if/when the Docker folks agree that I've found a bug.
am having a confussion (I think) regarding how to manage ports and TCP connections in docker. Currently I have a server A that is running some dockers containers, I am more interested in a application that s running in the port 4444, when I type docker container ls I get:
4d2c0db7e23c oryd/hydra:latest "/bin/sh" 27 minutes ago Up 27 minutes 4444/tcp, 0.0.0.0:9010->4445/tcp determined_snyder
7c586393ef61 oryd/hydra:latest "/bin/sh -c '/go/b..." 34 minutes ago Up 34 minutes 0.0.0.0:9000->4444/tcp someContainer
So, 1) I dont know how it's read 4444/tcp, 0.0.0.0:9010->4445/tcp what it means?
Then,I have a Server B with others apps (not docker) that are trying to connect to the container that is listening in the port 4444, but I get:
connectex: No connection could be made because the target machine actively refused it.
2) it's really the app running in the port 4444? that's why am interested in how to read the point 1
I must say that I typed in the server A this: sudo lsof -i -P -n and the only registers related with docker show this:
docker-pr 15057 root 4u IPv6 486152035 0t0 TCP *:9000 (LISTEN)
docker-pr 15224 root 4u IPv6 486156778 0t0 TCP *:9010 (LISTEN)
So, 1) I dont know how it's read 4444/tcp, 0.0.0.0:9010->4445/tcp what
it means?
This means that port 4445 from the container will be available as port 9010 on the host server from any interface.
To access your container from Server B, you should use the following: hostname-of-container-host:9010
If you want the service to be available from port 4445 of the host, you need to use -p 4445:port-of-the-service-from-the-container