I have an app running inside a docker container on localhost:4200 (not 0.0.0.0:4200). How can I expose it to the host?
When I use -p 4200:4200 on docker run, I am not able to get to the app.
i.e. curl localhost:4200 or curl http://127.0.0.1:4200 or curl http://<ip from ifconfig>:4200 or curl http://0.0.0.0:4200 doesn't work.
However, docker exec <container-id> curl localhost:4200 works. This means that app started successfully but 4200 port on localhost from container is not exposed to the host.
I stopped the app and modified the app (on the same running container) to expose the app on 0.0.0.0:4200 instead of localhost:4200. After that, I am able to get to curl http://0.0.0.0:4200.
I am trying to figure out on how can I expose the port on localhost from container to host (so that I don't have to modify my app).
You can be more explicit and use:
docker run --publish=127.0.0.1:4200:4200/tcp ....
See documentation
However:
127.0.0.1 corresponds to your host's loopback adaptor
0.0.0.0 is effectively any network adaptor on this host (including 127.0.0.1)
localhost is the DNS name that is customarily mapped to 127.0.0.1
So the consequence should be the same regardless of which of these approaches you use.
HTH!
Related
SO i have a service running in my localhost:80 , and localhost:8080
I need to fetch it from within a docker container
So I enter inside my docker container cli and try the following commands.
curl http://www.example.com //a famous website --> works
curl 172.17.0.1 ---> works , this is fetching my hosts localhost port 80 , its the default docker interface and resolves on the host
curl 172.17.0.1:1112 ---> I can fetch this , i have a simple express server running there returning a hello world in my local machine , it can also be curled from withing the host with a curl localhost:1112
Above as you can see im using 172.17.0.1 to connecto to my host from within my container, and not localhost, because localhost would mean the local connection of said container, and thats not what im looking for.
Now the issue comes with the following.
I crate a ssh tunnel in my port 8888 to another machine, which can only be accessed using a vpn that is running in my host. With the following command
ssh -fN myname#database.pl -L 8888:db.env.prise:80
This creates a tunnel that I can curl in my host machine localhost:8888
If I try this from within my host
curl -s http://localhost:8888/test | jq
It correctly fetches a json. SO the idea is to do something similar from within my container.
I go ahead to my container and type
curl http://172.17.0.1:8888/test
Failed to connect to 172.17.0.1 port 8888: Connection refused
And thats the eerror that I receive.
Why can I fetch every single port except that one? I suspect it might have something to do with my docker not being in the vpn ¿?
HOw can I fix this.
I have a openvpn file for the connection but thats it.
Altho I dont really think its the vpns fault, because if I Curl from my localhost with the vpn disconnected, the curl will fail but at least it attempts to curl it being stuck for a while. WHile trying to curl that port from within the docker instantly gets rejected.
It looks like you are attempting to connect from docker to a resource that you can only access via SSH on your host.
A valid solution to this problem would be to forward the port of the external machine to your machine via:
ssh -fN myname#database.pl -L 8888:db.env.prise:80
This will redirect the external port to a local port. The problem is that docker cannot access this port.
With socat, you can open a new port that listens on all interfaces and not just on local:
socat TCP-LISTEN:8889,fork,bind=0.0.0.0.0 TCP:localhost:8888
Through this port, connections will be redirected to your target machine:
8889->8888->80
I am trying to start a jenkins container. The port 8080 is mapped to the host port 80.
docker run -p 80:8080 -p 50000:50000 -v jenkins_home:/var/jenkins_home jenkins/jenkins:lts
I can curl the jenkins app from the host, however I can not reach it from outside the host.
curl localhost:80 works inside host
but
curl <fqdn or ip address>:80 does not work outside host (same network as host) and timeout.
If I set --net=host, the above command works, but I would like to not use the host network in case I need to add more services in the future.
I think it is not a firewall issue because by setting the network to host, the link is working.
With tcpdump I can see the requests in the host main interface, however, no packets are forwarded to the docker0 interface. Is it normal behaviour ?
What can I do to resolve the issue in order to reach jenkins outside the host ?
I can curl localhost:5000 inside container but not from outside even when port binding added as 5000:5000
pramodjangam#Pramods-MacBook-Pro:~/code/helloworld$ curl localhost:5000/WeatherForecast
curl: (52) Empty reply from server
pramodjangam#Pramods-MacBook-Pro:~/code/helloworld$ docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
5f0c986867d9 kitematic/hello-world-nginx:latest "sh /start.sh" 10 minutes ago Up 10 minutes 0.0.0.0:32768->80/tcp hello-world-nginx
1200a6c8c7df helloworlddotnet "/bin/sh -c out/Hell…" 19 minutes ago Up 19 minutes 0.0.0.0:5000-5001->5000-5001/tcp great_haslett
pramodjangam#Pramods-MacBook-Pro:~/code/helloworld$ docker exec -it 1200a6c8c7df bash
root#1200a6c8c7df:/# curl localhost:5000
root#1200a6c8c7df:/# curl localhost:5000/WeatherForecast
[{"date":"2019-12-07T19:00:43.0919669+00:00","temperatureC":5,"temperatureF":40,"summary":"Balmy"},{"date":"2019-12-08T19:00:43.0920037+00:00","temperatureC":13,"temperatureF":55,"summary":"Cool"},{"date":"2019-12-09T19:00:43.0920128+00:00","temperatureC":52,"temperatureF":125,"summary":"Warm"},{"date":"2019-12-10T19:00:43.0920303+00:00","temperatureC":-3,"temperatureF":27,"summary":"Balmy"},{"date":"2019-12-11T19:00:43.0920383+00:00","temperatureC":46,"temperatureF":114,"summary":"Balmy"}]root#1200a6c8c7df:/#
root#1200a6c8c7df:/# exit
exit
I have ran into this sort of issues. Please make sure that your dotnet application running inside your docker container is also listening on all network interfaces.
For instance, whenever I run a Django application (in dev mode), I always make sure to see a message like this:
Starting development server at http://0.0.0.0:8000/
The key here is 0.0.0.0:8000 which indicates that my app, inside the container, is listening on all network interfaces.
Another option is to run your container with host networking mode (https://docs.docker.com/network/network-tutorial-host/)
I am having the same problem. It seems to be a dotnet 3.1 problem. When I start the app in the container it only binds to localhost:5000 and not to the other network interface. The problem is that localhost is always only reachable from the host (or in this case the container) itself, even if you port forward in docker it will not work.
I tried adding
.UseUrls("http://0.0.0.0:5000")
to the hostbuilder to make the app listen to all available network devices but it does not work, neither does adding:
ENV ASPNETCORE_URLS http://*:5000
This to the Dockerfile or
environment:
- ASPNETCORE_URLS=http://*:5000
to the docker-compose.
These options used to work fine in dotnet 2 but in 3.1 they do not have any effect. I also tried 0.0.0.0 instead of * nothing seems to work.
So basically dotnet always starts the Server on localhost (even on my developmachine) which makes your app only reachable from the host it is running on.
Inside the container, localhost refers to the container. Outside the container, localhost is your machine, not the container. When you want to access something running in the container outside the container, you need to use the container's IP address, not localhost.
You can get the container's IP address using:
docker inspect -f '{{range .NetworkSettings.Networks}}{{.IPAddress}}{{end}}' [container_name_here]
I was doing some devops and writing a script to turn my current host/nginx server/nginx setup into a host/docker/nginx server/docker/nginx set up so I can keep directories and etc the same between them.
The problem is that any ports I expose on a docker container are only accessible on the host and not from any other machines on the host network.
When typing 192.168.0.2 from a machine such as 192.168.0.3 it just says took too long to respond, but typing 192.168.0.2 from 192.168.0.2 will bring up the welcome to nginx page?! The interesting part is I did a wireshark analysis on en0 on port 80 and there are actually some packets coming through
See pastebins of packet inspections:
LAN to docker: https://pastebin.com/4qR2d1GV
Host to docker: https://pastebin.com/Wbng9nDB
I've tried using docker run -p 80:80 nginx/nginx and docker run -p 192.168.0.2:80:80 nginx/nginx and docker run -p 127.0.0.1:80:80 nginx/nginx but this doesn't seem to fix anything.
Should see welcome to nginx when connecting from 192.168.0.3 to 192.168.0.2.
this is in my dev environment which is an osx 10.13.5 system.
when I push this to my ubuntu 16.04 server it works just fine with the containerized nginx accessible from the www and when I run ngnix on my host without docker I can connect from external machines on the network too
Your description is a bit confusing the 127.0.0.1 within the port line will bind it to localhost only - you won't be able to access the docker from another machine. Remove the IP address and you should be able to access the docker from outside localhost.
I'm using ASP Core image to create a new container.
I've developed simple service which uses port 5000.
Now I created Dockerfile and built container which exposes
EXPOSE 5000
Running this container with a command
docker run -it -p 8080:5000 <name>
or even
docker run -it -p 127.0.0.1:8080:5000 <name>
doesn't lead to navigation to the 127.0.0.1:8080. So my browser says this site can't be reached.
p.s. I've checked the service without docker - it works correctly
UPD1
docker ps
shows my launched container with ports mapping information:
127.0.0.1:8080->5000/tcp
UPD2
this is netstat output from the host
tcp 0 0 localhost:5000 *:* LISTEN
lynx 127.0.0.1:5000 shows 200 OK
netstat -a on a client box doesn't show 8081 port or 5000
UPD3
I've just created a new container for NodeJs using public image.
Created a simple server with exposed port. After running it works as expected.
Actually it looks like the problem with exact Asp image
Which OS are you using? If you're running on OSX or Windows you will need to use the IP of your boot2docker virtual machine, not 127.0.0.1.
docker-machine ip will show you the IP of your current host.