I'm using traefik as a reverse proxy (and for management for the letsencrypt certificates) and I'm running a self hosted gitlab instance. GitLab image is a monolithic with all the services into it, both of the services (Registry and Git) need to be served in the same container.
With the configuration shown below gitlab is running well.
docker login registry.domain.com is also working.
But navigating to the registry in the gitlab frontend gives me a 500 error.
The gitlab logs:
Errno::EADDRNOTAVAIL (Failed to open TCP connection to localhost:5000 (Cannot assign requested address - connect(2) for "localhost" port 5000)):
In the docs I read, that the port 5000 is default for gitlab registry.
So I went into the gitlab container and tried to call for localhost:5000:
$ docker exec -it gitlab /bin/bash
root#gitlab:/# curl -v http://localhost:5000
* Rebuilt URL to: http://localhost:5000/
* Trying 127.0.0.1...
* TCP_NODELAY set
* connect to 127.0.0.1 port 5000 failed: Connection refused
* Trying ::1...
* TCP_NODELAY set
* Immediate connect fail for ::1: Cannot assign requested address
* Trying ::1...
* TCP_NODELAY set
* Immediate connect fail for ::1: Cannot assign requested address
* Failed to connect to localhost port 5000: Connection refused
* Closing connection 0
curl: (7) Failed to connect to localhost port 5000: Connection refused
Furthermore there is no 5000...
root#gitlab:/# netstat -tanpu | grep -i listen
tcp 0 0 127.0.0.1:9093 0.0.0.0:* LISTEN -
tcp 0 0 127.0.0.11:33383 0.0.0.0:* LISTEN -
tcp 0 0 127.0.0.1:9100 0.0.0.0:* LISTEN -
tcp 0 0 127.0.0.1:9229 0.0.0.0:* LISTEN -
tcp 0 0 127.0.0.1:8080 0.0.0.0:* LISTEN -
tcp 0 0 127.0.0.1:9168 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 638/nginx
tcp 0 0 127.0.0.1:8082 0.0.0.0:* LISTEN -
tcp 0 0 127.0.0.1:9236 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 21/sshd
tcp 0 0 0.0.0.0:8060 0.0.0.0:* LISTEN 638/nginx
tcp 0 0 127.0.0.1:9121 0.0.0.0:* LISTEN -
tcp 0 0 127.0.0.1:9090 0.0.0.0:* LISTEN -
tcp 0 0 127.0.0.1:9187 0.0.0.0:* LISTEN -
tcp6 0 0 :::9094 :::* LISTEN -
tcp6 0 0 :::22 :::* LISTEN 21/sshd
So what am I missing in my configuration? How do I have to handle the 5000 port in traefik?
docker-compose.yml
version: '3.3'
services:
gitlab:
image: gitlab/gitlab-ce:latest
container_name: gitlab
environment:
GITLAB_OMNIBUS_CONFIG: |
external_url = 'https://gitlab.domain.com'
registry_external_url = 'https://registry.domain.com'
gitlab_rails['gitlab_shell_ssh_port'] = 2222
gitlab_rails['registry_enabled'] = true
ports:
- '2222:22'
networks:
- proxy
labels:
- traefik.enable=true
- traefik.gitlab.frontend.rule=Host:gitlab.domain.com
- traefik.gitlab.port=80
- traefik.reg.frontend.rule=Host:registry.domain.com
- traefik.reg.port=80
- traefik.docker.network=proxy
traefik:
image: traefik:1.7.3-alpine
restart: always
ports:
- 80:80
- 443:443
networks:
- proxy
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- /opt/traefik/traefik.toml:/traefik.toml
- /opt/traefik/acme.json:/acme.json
labels:
- traefik.frontend.rule=Host:monitor.domain.com
- traefik.port=8080
container_name: traefik
networks:
proxy:
external: true
traefik.toml
defaultEntryPoints = ["https","http"]
[entryPoints]
[entryPoints.dashboard]
address = ":8080"
[entryPoints.dashboard.auth]
[entryPoints.dashboard.auth.basic]
users = ["admin:password"]
[entryPoints.http]
address = ":80"
[entryPoints.http.redirect]
entryPoint = "https"
[entryPoints.https]
address = ":443"
[entryPoints.https.tls]
[api]
entrypoint="dashboard"
[docker]
domain = "domain.com"
watch = true
network = "proxy"
[acme]
email = "notifications#domain.com"
storage = "acme.json"
entryPoint = "https"
OnHostRule = true
[acme.httpChallenge]
entryPoint = "http"
First: reading "GitLab Container Registry administration ", make sure that:
gitlab registry is activated in your Omnibus image: your gitlab.rb, by default, does not declare a registry.
you are using https, not http as an URL.
The container registry works under HTTPS by default. Using HTTP is possible but not recommended and out of the scope of this document. Read Test an insecure registry.
Second, regarding traefik, you can see an example in docker-gitlab issue 1688, which does declare a traefik front to the registry part of GitLab.
- traefik.enable=true
- traefik.backend=registry.demo.com
- traefik.frontend.rule=Host:registry.demo.com
- traefik.docker.network=traefik-00
- traefik.port=5000
If you really need to expose your internal "https port 5000" registry through an external http URL with traefik, you have an example in this thread.
Related
I have a dockerized app and I use the following docker-compose.yml to run it:
version: '3.1'
services:
db:
image: mysql:5.7
ports:
- "3306:3306"
env_file:
- ./docker/db/.env
volumes:
- ./docker/db/data:/var/lib/mysql:rw
- ./docker/db/config:/etc/mysql/conf.d
command: mysqld --sql_mode="NO_ZERO_IN_DATE,ERROR_FOR_DIVISION_BY_ZERO,NO_AUTO_CREATE_USER,NO_ENGINE_SUBSTITUTION"
php:
build: ./docker/php/7.4/
volumes:
- ./docker/php/app.ini:/usr/local/etc/php/conf.d/docker-php-ext-app.ini:ro
- ./docker/logs/app:/var/www/app/var/log:cached
- .:/var/www/app:cached
working_dir: /var/www/app
links:
- db
env_file:
- ./docker/php/.env
webserver:
image: nginx:1
depends_on:
- php
volumes:
- ./docker/webserver/app.conf:/etc/nginx/conf.d/default.conf:ro
- ./docker/logs/webserver/:/var/log/nginx:cached
- .:/var/www/app:ro
ports:
- "80:80"
I have a server that is not dockerized runing on my machine, I can access it via localhost:3000. I would like my php service to be able to access it.
I found people suggesting to add to following to my php service configuration:
extra_hosts:
- "host.docker.internal:host-gateway"
But when I add this, then docker-compose up -d and try docker exec -ti php_1 curl http://localhost:3000, I get curl: (7) Failed to connect to localhost port 3000 after 0 ms: Connection refused. I have the same error when I try to curl http://host.docker.internal:3000.
I desperatly tried to add a port mapping to the php container:
ports:
- 3000:3000
But then when I start the services I have the following error:
ERROR: for php_1 Cannot start service php: driver failed programming external connectivity on endpoint php_1 (9dacd567ee97b9a46699969f9704899b04ed0b61b32ff55c67c27cb6867b7cef): Error starting userland proxy: listen tcp4 0.0.0.0:3000: bind: address already in use
ERROR: for php Cannot start service php: driver failed programming external connectivity on endpoint php_1 (9dacd567ee97b9a46699969f9704899b04ed0b61b32ff55c67c27cb6867b7cef): Error starting userland proxy: listen tcp4 0.0.0.0:3000: bind: address already in use
Which is obvious since my server is running on that 3000 port.
I also tried to add
network_mode: host
But it fails because I already have a links. I get the following error:
Cannot create container for service php: conflicting options: host type networking can't be used with links.
I am running docker v20.10.6 on Ubuntu 21.10.
Any help appreciated, thanks in advance!
Make sure you are using version of docker that supports host.docker.internal.
If you are using linux version, then 20.10+ supports it.
For other systems you should probably consult documentation and probably some issues on github of docker-for-linux / other projects OS revelant.
After that...
Make sure extra_hosts is direct child of php service:
php:
extra_hosts:
host.docker.internal: host-gateway
build: ./docker/php/7.4/
Try using ping host.docker.internal first to check whether your host machine responds correctly.
Make sure that your service on port 3000 is working properly and there is no firewall issue.
Remember that localhost means always local ip from current container point of view. It means that localhost inside container maps to local container IP and not your host machine IP. This is a reason for sending extra_hosts section.
Also docker.host.internal is not your host loopback interface.
If service you are trying to reach listens only on localhost interface then there is no chance to reach it without doing some magic with iptables / firewall.
You can check what service is listening on which interface / ip address running following command on your host machine: netstat -tulpn
This should return something like following output:
$ netstat -tulpn
(Not all processes could be identified, non-owned process info will not be shown, you would have to be root to see it all.)
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN -
tcp 0 0 127.0.0.1:631 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:39195 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:3306 0.0.0.0:* LISTEN -
tcp6 0 0 :::22 :::* LISTEN -
tcp6 0 0 ::1:631 :::* LISTEN -
From docker container I can reach services listening on 0.0.0.0 (all interfaces) but cannot access 631 port as it is only on 127.0.0.1
$ docker run --rm -it --add-host="host.docker.internal:host-gateway" busybox
/ # ping host.docker.internal
PING host.docker.internal (172.17.0.1): 56 data bytes
64 bytes from 172.17.0.1: seq=0 ttl=64 time=0.124 ms
64 bytes from 172.17.0.1: seq=1 ttl=64 time=0.060 ms
^C
--- host.docker.internal ping statistics ---
2 packets transmitted, 2 packets received, 0% packet loss
round-trip min/avg/max = 0.060/0.092/0.124 ms
/ # telnet host.docker.internal 631
telnet: can't connect to remote host (172.17.0.1): Connection refused
/ # telnet host.docker.internal 22
Connected to host.docker.internal
SSH-2.0-OpenSSH_8.6
I am having ubuntu 18.04 running on a server. I am got a JasperServer image running on docker in it. I am trying to access it from my system. But it throws the following error:
jamshaid#jamshaid:~$ telnet my_server_address 9095
Trying my_server_ip...
telnet: Unable to connect to remote host: Connection refused
Here is the output for sudo docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
69c31ba800ab bitnami/jasperreports "/app-entrypoint.sh …" 5 hours ago Up 5 hours 0.0.0.0:9095->8080/tcp, 0.0.0.0:443->8443/tcp ceyedev_jasperreports_1
2a7cb72da0c7 bitnami/mariadb:10.3 "/opt/bitnami/script…" 5 hours ago Up 5 hours 0.0.0.0:3306->3306/tcp ceyedev_mariadb_1
if I telnet on localhost, it connects and then connection closes which means it is running well.
Here is the output when I telnet it from localhost:
ceyedev#ub18servertiny:~$ telnet localhost 9095
Trying ::1...
Connected to localhost.localdomain.
Escape character is '^]'.
Connection closed by foreign host.
Here is the docker-compose file
version: '2'
services:
mariadb:
restart: always
image: 'bitnami/mariadb:10.3'
environment:
- MARIADB_USER=bn_jasperreports
- MARIADB_DATABASE=bitnami_jasperreports
- ALLOW_EMPTY_PASSWORD=yes
ports:
- 3306:3306
volumes:
- 'mariadb_data:/bitnami'
jasperreports:
restart: always
image: 'bitnami/jasperreports'
environment:
- MARIADB_HOST=mariadb
- MARIADB_PORT_NUMBER=3306
- JASPERREPORTS_DATABASE_USER=bn_jasperreports
- JASPERREPORTS_DATABASE_NAME=bitnami_jasperreports
- ALLOW_EMPTY_PASSWORD=yes
ports:
- '9095:8080'
- '443:8443'
volumes:
- 'jasperreports_data:/bitnami'
depends_on:
- mariadb
volumes:
mariadb_data:
driver: local
jasperreports_data:
driver: local
Here is the output for sudo docker logs container_id_for_jasper
I can telnet other ports from my local machine but having an issue with this one. Any ideas? thanks
keeping in the view of bullet 2 from answers, I executed the below command and found that 9095 is allocated by the server. Any ideas, please?
ceyedev#ub18servertiny:~$ netstat -atn
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 127.0.0.53:53 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN
tcp 0 0 127.0.0.1:5432 0.0.0.0:* LISTEN
tcp 0 244 10.0.114.15:22 182.185.223.147:54326 ESTABLISHED
tcp6 0 0 :::22 :::* LISTEN
tcp6 0 0 ::1:5432 :::* LISTEN
tcp6 0 0 :::443 :::* LISTEN
tcp6 0 0 :::9095 :::* LISTEN
tcp6 0 0 :::3306 :::* LISTEN
To people who got there and didn't find solution:
Make sure your web server is listening on 0.0.0.0 to listen ALL interfaces, including docker bridge to outer network
Based on your question, you know:
Docker container is running
Docker container is listening to port 9095
telnet from Linux server to docker container is working
telnet from other client somewhere in Internet to docker container is NOT working
I guess your Ubuntu server is not accepting incoming requests from Internet on port 9095.
There can be many reasons for that:
Your server has firewall settings, which block connection
Your server did not publish port 9095 to Internet
Your client has no Internet access, when using port 9095
So I would investigate these aspects.
The docker part seems to be ok, because telnet to localhost is working.
Dears
I am running PiHole on Docker Swarm but I only see 2 clients: 10.0.0.3 and localhost.
If I understood correctly from various discussion over the web, I should be able to see all the clients in PiHole if I expose the DNS ports with Host mode (pihole is forced to run on a single swarm node) in this way:
ports:
- published: 53
target: 53
protocol: tcp
mode: host
- published: 53
target: 53
protocol: udp
mode: host
- published: 67
target: 67
protocol: udp
mode: ingress
- published: 8053
target: 80
protocol: tcp
mode: ingress
Unfortunately, if I expose ports in this way, the dns service does not work anymore: I can see the port exposed on the container:
pi#raspy3:~ $ docker port 3be0321961a6
53/tcp -> 0.0.0.0:53
53/udp -> 0.0.0.0:53
but i cannot see them with NETSTAT:
pi#raspy3:~ $ netstat -atu | grep LISTEN
tcp 0 0 0.0.0.0:ssh 0.0.0.0:* LISTEN
tcp6 0 0 [::]:8053 [::]:* LISTEN
tcp6 0 0 [::]:domain [::]:* LISTEN
tcp6 0 0 [::]:ssh [::]:* LISTEN
tcp6 0 0 [::]:https [::]:* LISTEN
tcp6 0 0 [::]:8000 [::]:* LISTEN
tcp6 0 0 [::]:9000 [::]:* LISTEN
tcp6 0 0 [::]:2377 [::]:* LISTEN
tcp6 0 0 [::]:7946 [::]:* LISTEN
tcp6 0 0 [::]:http [::]:* LISTEN
and nslookup does not work:
pi#raspy4:~ $ nslookup google.com 192.168.32.2
;; connection timed out; no servers could be reached
Could you help me understanding what I am loosing, please?
Thanks :)
Solved changing the Interface Listening Behaviour to Listen on all interfaces, permit all origins.
Obviously be sure to follow all the security points from the PiHole's team ;)
The main goal is to link prometheus as a backend in grafana, but entering http://localhost:9090 as the url in grafana returns HTTP Error Bad Gateway
I started a prometheus docker image but it's not listening on port 9090 on IPv4.
netstat -ntulp
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 15895/nginx: master
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 3190/sshd
tcp 0 0 127.0.0.1:5432 0.0.0.0:* LISTEN 24970/postmaster
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 3148/master
tcp 0 0 0.0.0.0:443 0.0.0.0:* LISTEN 15895/nginx: master
tcp6 0 0 :::9100 :::* LISTEN 16652/node_exporter
tcp6 0 0 :::80 :::* LISTEN 15895/nginx: master
tcp6 0 0 :::22 :::* LISTEN 3190/sshd
tcp6 0 0 :::3000 :::* LISTEN 28436/docker-proxy
tcp6 0 0 ::1:5432 :::* LISTEN 24970/postmaster
tcp6 0 0 ::1:25 :::* LISTEN 3148/master
tcp6 0 0 :::9090 :::* LISTEN 31648/docker-proxy
udp 0 0 0.0.0.0:68 0.0.0.0:* 2806/dhclient
udp 0 0 127.0.0.1:323 0.0.0.0:* 1639/chronyd
udp6 0 0 ::1:323 :::* 1639/chronyd
This is my docker command:
docker run -d -p 9090:9090 --name prometheus -v /etc/prometheus.yml:/etc/prometheus/prometheus.yml -v /mnt/vol-0001/prometheus_data/:/etc/prometheus/data prom/prometheus --log.level=debug
I used -p 9090:9090 and -p 0.0.0.0:9090 with same results
docker logs prometheus returns:
level=info ts=2018-12-19T21:07:59.332452641Z caller=main.go:243 msg="Starting Prometheus" version="(version=2.6.0, branch=HEAD, revision=dbd1d58c894775c0788470944b818cc724f550fb)"
level=info ts=2018-12-19T21:07:59.332554622Z caller=main.go:244 build_context="(go=go1.11.3, user=root#bf5760470f13, date=20181217-15:14:46)"
level=info ts=2018-12-19T21:07:59.332584047Z caller=main.go:245 host_details="(Linux 3.10.0-957.1.3.el7.x86_64 #1 SMP Thu Nov 29 14:49:43 UTC 2018 x86_64 9dd3a9318064 (none))"
level=info ts=2018-12-19T21:07:59.332610547Z caller=main.go:246 fd_limits="(soft=65536, hard=65536)"
level=info ts=2018-12-19T21:07:59.332631287Z caller=main.go:247 vm_limits="(soft=unlimited, hard=unlimited)"
level=info ts=2018-12-19T21:07:59.334232116Z caller=main.go:561 msg="Starting TSDB ..."
level=info ts=2018-12-19T21:07:59.334671887Z caller=repair.go:48 component=tsdb msg="found healthy block" mint=1545204931123 maxt=1545220800000 ulid=01CZ3PHTVQQTW7Q122X7Y15WV4
level=info ts=2018-12-19T21:07:59.334756938Z caller=repair.go:48 component=tsdb msg="found healthy block" mint=1545242400000 maxt=1545249600000 ulid=01CZ44997810VTYP3GV0KJXXN1
level=info ts=2018-12-19T21:07:59.334819198Z caller=repair.go:48 component=tsdb msg="found healthy block" mint=1545220800000 maxt=1545242400000 ulid=01CZ4499ASP4RG8BPR8PE5WAKY
level=info ts=2018-12-19T21:07:59.346244745Z caller=web.go:429 component=web msg="Start listening for connections" address=0.0.0.0:9090
level=info ts=2018-12-19T21:07:59.461554488Z caller=main.go:571 msg="TSDB started"
level=info ts=2018-12-19T21:07:59.461625871Z caller=main.go:631 msg="Loading configuration file" filename=prometheus.yml
level=debug ts=2018-12-19T21:07:59.462558422Z caller=manager.go:213 component="discovery manager scrape" msg="Starting provider" provider=string/0 subs=[prometheus]
level=info ts=2018-12-19T21:07:59.462601563Z caller=main.go:657 msg="Completed loading of configuration file" filename=prometheus.yml
level=info ts=2018-12-19T21:07:59.462615458Z caller=main.go:530 msg="Server is ready to receive web requests."
level=debug ts=2018-12-19T21:07:59.462669264Z caller=manager.go:231 component="discovery manager scrape" msg="discoverer channel closed" provider=string/0
I also tried disabling the firewall to make sure it wasn't the cause of this headache.
I'm no docker/kubernetes expert, you help is appreciate.
The localhost you're referring in Grafana Datasource input it's the Grafana container itself since Grafana internally resolves localhost as 127.0.0.1: probably since you're using the GUI you was expecting that the queries were issued via AJAX/frontend calls but nope, it's all backed by the backend.
Let orchestrate containers using even Docker Compose with services that connect container using Networks:
# docker-compose.yaml
version: "3"
services:
grafana:
image: grafana/grafana:5.4.1
ports:
- 3000:3000
prometheus:
image: prom/prometheus:v2.5.0
After docker-compose up -d you can visit your Docker Machine IP (or localhost if running Docker for Mac) at port :3000 and then set the Prometheus data source URL to http://prometheus:9090 and it will work!
I am trying to run gitlab from a Docker (gitlab/gitlab-ce, latest) container using the instruction given here.
Docker version
Docker version 1.12.4, build 1564f02
I first run
docker run --detach --hostname <myIP> --publish 8000:443--publish 8001:80 --publish 8002:22 --name gitlab --restart always --volume /docker/app/gitlab/config:/etc/gitlab --volume /docker/app/gitlab/logs:/var/log/gitlab --volume /docker/app/gitlab/data:/var/opt/gitlab gitlab/gitlab-ce:latest
Then I edited the container's /etc/gitlab/gitlab.rb to set
external_url 'http://<myIP>:8001'
gitlab_rails['gitlab_shell_ssh_port'] = 8002
Then I restarted the container with
docker restart gitlab
Now.
When I try to connect to <myIP>:8001 I get a (110) Connection timed out.
When I try from the Docker container's host I get
xxx#xxx:~$ curl localhost:8001
curl: (56) Recv failure: Connection reset by peer
Logs (just the end)
==> /var/log/gitlab/gitlab-workhorse/current <==
2017-07-26_14:53:41.50465 localhost:8001 # - - [2017-07-26 14:53:41.223110228 +0000 UTC] "GET /help HTTP/1.1" 200 33923 "" "curl/7.53.0" 0.281484
==> /var/log/gitlab/nginx/gitlab_access.log <==
127.0.0.1 - - [26/Jul/2017:14:53:41 +0000] "GET /help HTTP/1.1" 200 33967 "-" "curl/7.53.0"
==> /var/log/gitlab/gitlab-monitor/current <==
2017-07-26_14:53:47.27460 ::1 - - [26/Jul/2017:14:53:47 UTC] "GET /sidekiq HTTP/1.1" 200 3399
2017-07-26_14:53:47.27464 - -> /sidekiq
2017-07-26_14:53:49.22004 ::1 - - [26/Jul/2017:14:53:49 UTC] "GET /database HTTP/1.1" 200 42025
2017-07-26_14:53:49.22007 - -> /database
2017-07-26_14:53:51.48866 ::1 - - [26/Jul/2017:14:53:51 UTC] "GET /process HTTP/1.1" 200 7132
2017-07-26_14:53:51.48873 - -> /process
==> /var/log/gitlab/gitlab-rails/production.log <==
Started GET "/-/metrics" for 127.0.0.1 at 2017-07-26 14:53:55 +0000
Processing by MetricsController#index as HTML
Filter chain halted as :validate_prometheus_metrics rendered or redirected
Completed 404 Not Found in 1ms (Views: 0.7ms | ActiveRecord: 0.0ms)
Docker ps
xxx#xxx:~$ docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
67e013741b6d gitlab/gitlab-ce:latest "/assets/wrapper" 2 hours ago Up About an hour (healthy) 0.0.0.0:8002->22/tcp, 0.0.0.0:8001->80/tcp, 0.0.0.0:8000->443/tcp gitlab
Netstat
xxx#xxx:~$ netstat --listen
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 localhost:smtp *:* LISTEN
tcp 0 0 *:2020 *:* LISTEN
tcp 0 0 *:git *:* LISTEN
tcp 0 0 *:43918 *:* LISTEN
tcp 0 0 *:sunrpc *:* LISTEN
tcp6 0 0 localhost:smtp [::]:* LISTEN
tcp6 0 0 [::]:8000 [::]:* LISTEN
tcp6 0 0 [::]:8001 [::]:* LISTEN
tcp6 0 0 [::]:8002 [::]:* LISTEN
tcp6 0 0 [::]:2020 [::]:* LISTEN
tcp6 0 0 [::]:git [::]:* LISTEN
tcp6 0 0 [::]:sunrpc [::]:* LISTEN
tcp6 0 0 [::]:http [::]:* LISTEN
tcp6 0 0 [::]:43730 [::]:* LISTEN
udp 0 0 *:54041 *:*
udp 0 0 *:sunrpc *:*
udp 0 0 *:snmp *:*
udp 0 0 *:958 *:*
udp 0 0 localhost:969 *:*
udp 0 0 *:37620 *:*
udp6 0 0 [::]:54611 [::]:*
udp6 0 0 [::]:sunrpc [::]:*
udp6 0 0 localhost:snmp [::]:*
udp6 0 0 [::]:958 [::]:*
I cannot find what is wrong. Anybody can help ?
Here is a docker-compose.yml which worked fine for me
version: '2'
services:
gitlab:
image: gitlab/gitlab-ce:latest
ports:
- "8002:22"
- "8000:8000"
- "8001:443"
environment:
- "GITLAB_OMNIBUS_CONFIG=external_url 'http://192.168.33.100:8000/'"
volumes:
- ./config:/etc/gitlab
- ./logs:/var/log/gitlab
- ./data:/var/opt/gitlab
The thing is that when you configure external url as <MyIP>:8000 the listening port inside the container also is updated to 8000. In your case you are mapping port 8000 to 80 and you should be mapping 8000 to 8000 only
Read the below url for details on the same
https://docs.gitlab.com/omnibus/settings/nginx.html#setting-the-nginx-listen-port
If you need to override this port then you can do that in gitlab.rb
nginx['listen_port'] = 8081
I prefer to launch Gitlab using a docker-compose file instead of commands, as it is easy to configure, start, restart gitlab