If I run my docker container as
docker run -ti --privileged=true -p 5010:5000 myapp
I cannot connect to myapp by https://:5010
But if I run my docker container as
docker run -ti --privileged=true -p 5000:5000 myapp
I can connect to myapp by https://:5000 from different machine
What can be the issue? What option should I use to map container port to host port with different number?
output of nestat
Interestingly I can connect to my web server from same machine by wget command
This is the output of the netstat -ln when my docker is running.
This has been finally identified as firewall issue and the ports can be accessed if the firewall rule is changed.
Related
I'm running Geode (v1.14.0) servers/locators in Docker containers. I'm trying to run Pulse as a standalone WAR running in Tomcat in a Docker also. I can connect fine when running the Pulse WAR in Tomcat outside of the container so I suspect it's a ports or hostname issue. I'm currently mapping 8080 inside the container to 8081. I can load the Pulse UI in the browser but it keeps saying "Connecting..." in a yellowish box at the top of the page and doesn't find the Geode locator.
Looking in pulse.log, I see the following exception repeatedly:
java.net.ConnectException: Connection refused (Connection refused)
pulse.properties is configured to the defaults:
# JMX Locator/Manager Properties
pulse.useLocator=true
pulse.host=localhost
pulse.port=10334
#pulse.useSSL.locator=true
#pulse.useSSL.manager=true
Essentially I'm starting the Geode server/locator nodes with this command:
docker run -it -p 7070:7070 -p 10334:10334 -p 40404:40404 -p 40405:40405 -p 40406:40406 -p 1099:1099 apachegeode/geode
What are the Docker ports that need to be open for Pulse to work and is there any specific hostname config required?
Based on the comment from #greenPadawan (thanks) I solved this as follows:
Create a new network in Docker ref: docker network create --driver bridge geode
Inside the Pulse WAR file at /WEB-INF/classes/pulse.properties I changed the pulse.host=localhost setting to pulse.host=geode. I then re-built my Pulse Docker container with the updated WAR.
Start my two containers (one container for Geode and one for Pulse/Tomcat) both using that network:
docker run -it --network=geode --name geode -p 7070:7070 -p 10334:10334 -p 40404:40404 -p 40405:40405 -p 40406:40406 -p 1099:1099 apachegeode/geode
docker run -d -P --network=geode pulse
And when I now navigate to Pulse in the browser on the host machine, Pulse now connects to the Geode locator.
I'm having a rather awful issue with running a Redis container. For some reason, even though I have attempted to bind the port and what have you, it won't expose the Redis port it claims to expose (6379). Obviously, I've checked this by scanning the open ports on the IP assigned to the Redis container (172.17.0.3) and it returned no open ports whatsoever. How might I resolve this issue?
Docker Redis Page (for reference to where I pulled the image from): https://hub.docker.com/_/redis/
The command variations I have tried:
docker run --name ausbot-ranksync-redis -p 127.0.0.1:6379:6379 -d redis
docker run --name ausbot-ranksync-redis -p 6379:6379 -d redis
docker run --name ausbot-ranksync-redis -d redis
docker run --name ausbot-ranksync-redis --expose=6379 -d redis
https://gyazo.com/991eb379f66eaa434ad44c5d92721b55 (The last container I scan is a MariaDB container)
The command variations I have tried:
docker run --name ausbot-ranksync-redis -p 127.0.0.1:6379:6379 -d redis
docker run --name ausbot-ranksync-redis -p 6379:6379 -d redis
Those two should work and make the port available on your host.
Obviously, I've checked this by scanning the open ports on the IP assigned to the Redis container (172.17.0.3) and it returned no open ports whatsoever. How might I resolve this issue?
You shouldn't be checking the ports directly on the container from outside of docker. If you want to access the container from the host or outside, you publish the port (as done above), and then access the port on the host IP (or 127.0.0.1 on the host in your first example).
For docker networking, you need to run your application listening on all interfaces (not localhost/loopback). The official redis image already does this, and you can verify with:
docker run --rm --net container:ausbot-ranksync-redis nicolaka/netshoot netstat -lnt
or
docker run --rm --net container:ausbot-ranksync-redis nicolaka/netshoot ss -lnt
To access the container from outside of docker, you need to publish the port (docker run -p ... or ports in the docker-compose.yml). Then you connect to the host IP and the published port.
To access the container from inside of docker, you create a shared network, run your containers there, and access using docker's DNS and the container port (publish and expose are not needed for this):
docker network create app
docker run --name ausbot-ranksync-redis --net app -d redis
docker run --name redis-cli --rm --net app redis redis-cli -h ausbot-ranksync-redis ping
I have a program running inside a docker container and I expose the port 8888. However, when I try to connect the program from a device (in the same LAN as host machine but not the host machine) it failed.
Here is my docker file
FROM golang:1.10.1
......
RUN go build -buildmode=plugin -o plugin.so plugin.go
EXPOSE 8666:8888
And I start the container with
docker run -it -P --network host plugin:v0.3 bash
and run
go run program.go
in bash.
It says
2018/07/30 01:51:43 listening port 8888
But I cannot connect to the port from other device(which is in the same LAN as host machine but not the host machine)
then I tried
docker ps -a
It looks different in that the ports column are empty(Usually there should be a mapping?)
Expose won’t create port mappings for you, they’re just a “note from the designer to the user”. Add -p 8666:8888 to your Docker run command line.
I've solved the problem by replacing
go run program.go
afer
docker run -it -P --network host plugin:v0.3 bash
with
docker run -p 8666:8888 plugin:v0.5 go run program.go
It's like magic I still don't know why but it works.(seems like docker will only do the port forwarding when the container starts)
I'll dig into it later.
I am really confused about this problem. I have two computer in our internal network. Both computers can ping internal servers.
Both computers have same docker version.
I run simple docker container with docker run -it --rm --name cont1 --net=host java:8 command on both computers. Then ssh into containers and try to ping internal server. One of the container can ping an internal server but other one can't reach any internal server.
How it can be possible? Do you have any idea about that?
Thank you
connect container to other systems in the same network is done by port mapping .
for that you need to run docker container with port mapping.
like - docker run -it --rm --name cont1 -p host_ip:host_port:container_port java:8
e.g., docker run -it --rm --name cont1 -p 192.168.134.122:1234:1500 java:8
NOTE : container port given in docker run is exposed in Dockerfile
now for example container ip will be - 172.17.0.2 port given in run is :1500
Now the request send to host_ip(192.168.134.122) and host_port(1234) is redirect to container with ip (172.17.0.2) and port (1500).
See the binding details in iptables -L -n -t nat
Thanks
I have found a similar thread, but failed to get it to work. So, the use case is
I start a container on my Linux host
docker run -i -t --privileged -p 8080:2375 mattgruter/doubledocker
When in that container, I want to start another one with GAE SDK devserver running.
At that, I need to access a running app from the host system browser.
When I start a container in the container as
docker run -i -t -p 2375:8080 image/name
I get an error saying that 2375 port is in use. I start the app, and can curl 0.0.0.0:8080 when inside both containers (when using another port 8080:8080 for example) but cannot preview the app from the host system, since lohalhost:8080 listens to 2375 port in the first container, and that port cannot be used when launching the second container.
I'm able to do that using the image jpetazzo/dind. The test I have done and worked (as an example):
From my host machine I run the container with docker installed:
docker run --privileged -t -i --rm -e LOG=file -p 18080:8080
jpetazzo/dind
Then inside the container I've pulled nginx image and run it with
docker run -d -p 8080:80 nginx
And from the host environment I can browse the nginx welcome page with http://localhost:18080
With the image you were using (mattgruter/doubledocker) I have some problem running it (something related to log attach).