I know this error has been posted before on StackOverflow and many solutions/answers are available too. But, I've already gone through all those answers and couldn't find any viable solution for me.
I'm running a Hyperledger Fabric network with single peer and orderer. Their Docker containers have exposed the following ports. 7051:7051 & 7053:7053 on peer, 7050:7050 on orderer. I'm trying to configure Prometheus to analyse the metrics by following the official documentation .
As mentioned in the documentation, I'm exposing my local machine's 9443 port to port 9443 of peer docker container by mapping it as 9443:9443 in ports section of docker-compose.yaml. When I run curl 0.0.0.0:9443, I get curl: (56) Recv failure: Connection reset by peer error.
However, when I run the command curl 0.0.0.0:9443/logspec in my peer container I get the desired result which is {"spec":"info"}. The two commands mentioned above are different but I've also tried running the command curl 0.0.0.0:9443/logspec in my local machine to which I got the same error response.
Running the command curl -v 0.0.0.0:9443 results in following response.
* About to connect() to 0.0.0.0 port 9443 (#0)
* Trying 0.0.0.0...
* Connected to 0.0.0.0 (0.0.0.0) port 9443 (#0)
> GET / HTTP/1.1
> User-Agent: curl/7.29.0
> Host: 0.0.0.0:9443
> Accept: */*
>
* Recv failure: Connection reset by peer
* Closing connection 0
curl: (56) Recv failure: Connection reset by peer
I read in many of the answers that I might be a firewall issue. But even after disabling my firewall using the command systemctl disable firewalld, it's not working.
cat etc/os-release response
NAME="CentOS Linux"
VERSION="7 (Core)"
ID="centos"
ID_LIKE="rhel fedora"
VERSION_ID="7"
PRETTY_NAME="CentOS Linux 7 (Core)"
CPE_NAME="cpe:/o:centos:centos:7"
HOME_URL="https://www.centos.org/"
BUG_REPORT_URL="https://bugs.centos.org/"
CENTOS_MANTISBT_PROJECT="CentOS-7"
CENTOS_MANTISBT_PROJECT_VERSION="7"
REDHAT_SUPPORT_PRODUCT="centos"
REDHAT_SUPPORT_PRODUCT_VERSION="7"
curl --version response
curl 7.29.0 (x86_64-redhat-linux-gnu) libcurl/7.29.0 NSS/3.34 zlib/1.2.7 libidn/1.28 libssh2/1.4.3
I request you not to mark this question as duplicate as I've already gone through all the possible scenarios mentioned here.
First of all please check if there is firewall. Disable it.
Then remove the IP address provided in core.yaml file in operations tab. So that line will look like a below:
operations:
# host and port for the operations server
listenAddress: :9443
This change worked for me.
Related
OS: Ubuntu 20.04 LTS
Docker version 20.10.7, build 20.10.7-0ubuntu1~20.04.2
Tried this (minimal way to reproduce), the previous day it works normally:
docker run --name nginx1 -p 8089:80 -d nginx:alpine
Works normally:
docker ps
CONTAINER ID IMAGE COMMAND CREATED
74faabf44b8e nginx:alpine "/docker-entrypoint.…" 5 minutes ago
STATUS PORTS NAMES
Up 5 minutes 0.0.0.0:8089->80/tcp, :::8089->80/tcp nginx1
curl inside docker works:
docker exec -it 74faabf44b8e sh
/ # curl localhost
<!DOCTYPE html>
<html>
<head>
....
But when accessed from the host:
netstat -antpel | grep 8089
(Not all processes could be identified, non-owned process info
will not be shown, you would have to be root to see it all.)
tcp 0 0 0.0.0.0:8089 0.0.0.0:* LISTEN 0 82748695 -
tcp6 0 0 :::8089 :::* LISTEN 0 82751546 -
curl -v localhost:8089
* Trying 127.0.0.1:8089...
* TCP_NODELAY set
* Connected to localhost (127.0.0.1) port 8089 (#0)
> GET / HTTP/1.1
> Host: localhost:8089
> User-Agent: curl/7.68.0
> Accept: */*
>
--> stuck without a response, after a while:
* Recv failure: Connection reset by peer
* Closing connection 0
curl: (56) Recv failure: Connection reset by peer
What's the possible cause of this?
This also doesn't work for another container (PostgreSQL), seems the docker-proxy does not forward back the response from docker?
already tried:
reinstall docker.io
delete all containers and re-create
docker network prune
Ubuntu version: 22.04 LTS
Docker version: 20.10.17, build 100c701
Installation procedure: https://docs.docker.com/engine/install/ubuntu/
I am encountering the same problem as you on more recent versions of Ubuntu & Docker: Everything seems to be working fine except that the host is not able to reach the container on port, as defined by the -p <docker-host-port>:<docker-container-port> option.
curl http://localhost:<port> works from within the container, but not from outside despite port binding ...
I tried to restart docker daemon, restart machine, remove container, recreate container, remove image, recreate image, uninstall completely docker, reinstall docker from scratch. I just don't understand why Docker is acting funky like this on this specific instance (Ubuntu 22.04 + Docker).
So, I have minikube 0.16.0 installed
Also istio 1.7.3
So I do envoy sidecars on each deployment I do, as per with command kubectl label namespace default istio-injection=enabled
Now, coming to the question, I'm not able to do any curl from inside any pod whatsoever, even from sleep-diag, I always get request timed out message, but it does work for non secure http
For example while installing jenkins, I try to curl against this url with no success:
bash-5.0# curl -v https://updates.jenkins.io/current/update-center.json
* Trying 92.242.132.16:443...
* TCP_NODELAY set
* connect to 92.242.132.16 port 443 failed: Operation timed out
* Failed to connect to updates.jenkins.io port 443: Operation timed out
* Closing connection 0
curl: (28) Failed to connect to updates.jenkins.io port 443: Operation timed out
But even if I try let's say:
bash-5.0# curl -v https://www.google.com
* Trying 92.242.132.16:443...
* TCP_NODELAY set
* connect to 92.242.132.16 port 443 failed: Operation timed out
* Failed to connect to www.google.com port 443: Operation timed out
* Closing connection 0
curl: (28) Failed to connect to www.google.com port 443: Operation timed out
While I'm able to outside of any pod in my local cluster, any ideas on this?
For example, tried installing jenkins like this, with helm:
helm install --set Master.ServiceType=ClusterIP jenkins/jenkins --generate-name
Obviously it will fail because I cannot access any https from my local cluster, even specifying NodePort I have the same issue:
helm install --set Master.ServiceType=NodePort jenkins/jenkins --generate-name
Any ideas?
Inside a docker container I create the following tunnel in an interactive shell:
ssh -4 root#remotehost.com -L 8443:127.0.0.1:80
In another shell on the same container I can successfully run the following:
curl http://localhost:8443
The server (remotehost.com) does respond with HTML content.
(Note: I'm using plain HTTP for now to make it easier to debug. In the end I need to be using HTTPS, that's why I choose the local port to be 8443.)
This docker container does expose its port 8443:
# docker port be68e57bc3e0
8443/tcp -> 0.0.0.0:8443
But when I try to connect from the host to that port I get the following:
# curl --verbose http://localhost:8443
* Trying ::1...
* TCP_NODELAY set
* Connected to localhost (::1) port 8443 (#0)
> GET / HTTP/1.1
> Host: localhost:8443
> User-Agent: curl/7.64.1
> Accept: */*
>
* Empty reply from server
* Connection #0 to host localhost left intact
curl: (52) Empty reply from server
* Closing connection 0
Here I'm lost. Why doesn't it behave exactly the same way as when connecting from inside the container? Am I misunderstanding something about SSH tunnels?
The solution was to add the -g flag to the ssh line that creates the tunnel.
I managed to set up ghost blog on my raspberry pi.I was able to access the index page on curl without issues. But I had to restart my container. After restarting the container, I cannot access the site anymore.
I get the following error when I run the command
curl http://localhost:4500
curl: (56) Recv failure: Connection reset by peer
If I spin up a new container it works fine. How can I rectify the above error?
I managed to isolate the issue. It's seems to be an issue with ip binding but am unsure how to reolve it.
Docker Rails app fails to be served - curl: (56) Recv failure: Connection reset by peer
As suggested in the above question, I tried curl inside the container and it works. I also tried from the host using the container ip and that works as well. It fails when i curl usint localhost:portnumber.
I installed docker on a new dedicated server (on a generic ubuntu 14.0 - linux kernel 3.13.0-71).
I installed an ubuntu docker image to test the environment. ( docker run -it ubuntu bash ) and I installed curl with openssl support.
When I try to get the content of an HTTP page, I have no problem. When I try to load an HTTPS page, my connection is refused:
root#835f01fef568:/# curl https://www.google.com
curl: (7) Failed to connect to www.google.com port 443: Connection refused
in verbose mode I have:
root#835f01fef568:/# curl -V https://www.google.com
curl 7.35.0 (x86_64-pc-linux-gnu) libcurl/7.35.0 OpenSSL/1.0.1f zlib/1.2.8 libidn/1.28 librtmp/2.3
Protocols: dict file ftp ftps gopher http https imap imaps ldap ldaps pop3 pop3s rtmp rtsp smtp smtps telnet tftp
Features: AsynchDNS GSS-Negotiate IDN IPv6 Largefile NTLM NTLM_WB SSL libz TLS-SRP
and if I try to log the trace in a file, I have:
== Info: Rebuilt URL to: https://www.google.com/
== Info: Hostname was NOT found in DNS cache
== Info: Trying 173.194.123.81...
== Info: connect to 173.194.123.81 port 443 failed: Connection refused
== Info: Trying 173.194.123.84...
== Info: connect to 173.194.123.84 port 443 failed: Connection refused
== Info: Trying 173.194.123.80...
== Info: connect to 173.194.123.80 port 443 failed: Connection refused
== Info: Trying 173.194.123.82...
== Info: connect to 173.194.123.82 port 443 failed: Connection refused
== Info: Trying 173.194.123.83...
== Info: connect to 173.194.123.83 port 443 failed: Connection refused
== Info: Trying 2607:f8b0:4006:80c::1013...
== Info: Immediate connect fail for 2607:f8b0:4006:80c::1013: Network is unreachable
== Info: Failed to connect to www.google.com port 443: Connection refused
== Info: Closing connection 0
I am a bit lost on what I can do :(
It is not a DNS problem since I can ping server or CURL http content on port 80. It only related to SSL connections.
Is there someone here with any idea about this issue?
Thanks
I found the source of the problem. Here it was related to an iptables issue of the main host
with the command iptables -L -t nat I discovered that there was a pre-routing activated on all https traffic redirected to the port 9092, used by another service.
I had the same problem. I found that setting the interface of the iptables rule to ‘eth0’ instead of ‘any’ solved the problem.
Here is an example that worked on the host for me:
iptables -t nat -A PREROUTING -p tcp -i eth0 --dport 443 -j DNAT --to-destination 172.17.0.3:8443
Once the interface change to ‘eth0’ wget https://... worked again from within docker.
Hope this helps.
echo ipv4 >> ~/.curlrc
run this command on terminal. its working for me