coturn in Docker Swarm does not connect (kurento) - docker

When I try to connect to my app I can connect and start sending and receiving ICE candidates. But the negotiation does not complete the rtc connection state eventually gets to "Checking", and then after about 30 seconds drops to "Failed"
I have this working with a local setup, but once I have deployed to AWS this starts to fail.
I went and bjorked the settings in AWS and opened all the ports and now I can reach the coturn service (returns 200 when requesting through http), and the Trickle service here works fine.
I am using the Kurento Media Server and hoping to make a websocket connection to that service. As I mentioned this works locally so I'm fairly sure that there is nothing wrong with how I'm making the request but instead it is a configuration option with AWS or my docker compose file.
I have a docker compose file with three apps in it:
version: "3.4"
services:
media-controller:
image: my-custom-images/my-server:latest.version
volumes:
- "tmp-video-storage:/tmp"
ports:
- "8899:8899"
kurento-media-service:
image: kurento/kurento-media-server:6.6.0
volumes:
- "tmp-video-storage:/tmp"
ports:
- "8888:8888"
coturn:
image: my-custom-images/coturn:lastest.version
ports:
- "3478:3478/udp"
- "3478:3478/tcp"
volumes:
tmp-video-storage:
coturn's /etc/turnserver.conf
min-port=49152
max-port=65535
fingerprint
lt-cred-mech
realm=my-domain.com
log-file stdout
user=username-placeholder:password-placeholder
external-ip=public-ip/private-ip
listening-port=3478
Output from Trickle Ice Candidates:
0.004 1 host 1019731727 udp 192.168.1.104 64702 126 | 32543 | 0
0.068 1 srflx 3180321211 udp 10.255.0.2 64702 100 | 32542 | 255
0.091 1 relay 610197926 udp 35.183.10.44 50008 2 | 32542 | 255
0.106 1 host 1917068287 tcp 192.168.1.104 9 90 | 32542 | 255
0.106 Done
0.120

Related

ElasticSearch Logstash not connecting "Connection refused" - Docker

I need help! (who would have thought, right? lol)
I have a job interview in few days and it would mean the world to me to be well prepared for it and have some working examples.
I am trying to set up an ELK pipeline to stream data from kafka, through logstash, elasticsearch and finally read it from Kibana. The usual.
I am making use of containers, but the duo logstash - elasticsearch are giving me an aneurism.
Everything else works perfectly fine. I've checked the logs off of kafka and that is working just fine. Kibana is collected to elasticsearch just fine as well. But logstash and es really don't want to match.
Here is the setup
docker-compose.yml
version: '3.6'
services:
elasticsearch:
image: elasticsearch:8.6.0
container_name: elasticsearch
#restart: always
volumes:
- elastic_data:/usr/share/elasticsearch/data/
environment:
cluster.name: elf-kafka-cluster
ES_JAVA_OPTS: "-Xmx256m -Xms256m"
discovery.type: single-node
xpack.security.enabled: false
ports:
- '9200:9200'
- '9300:9300'
networks:
- elk
kibana:
image: kibana:8.6.0
container_name: kibana
#restart: always
ports:
- '5601:5601'
environment:
- ELASTICSEARCH_HOSTS=http://elasticsearch:9200
depends_on:
- elasticsearch
networks:
- elk
logstash:
image: logstash:8.6.0
container_name: logstash
#restart: always
volumes:
- type: bind
source: ./logstash_pipeline/
target: /usr/share/logstash/pipeline
read_only: true
command: logstash -f /home/ettore/Documenti/Portfolio/ELK/logstash/logstash.conf
depends_on:
- elasticsearch
ports:
- '9600:9600'
environment:
xpack.monitoring.enabled: true
# LS_JAVA_OPTS: "-Xmx256m -Xms256m"
links:
- elasticsearch
networks:
- elk
volumes:
elastic_data: {}
networks:
elk:
driver: bridge
logstash.conf
input {
kafka {
bootstrap_servers => "localhost:9092"
topics => ["topic"]
}
}
output {
elasitcsearch {
hosts => ["http://localhost:9200"]
index => "topic"
workers => 1
}
}
These are logstash error logs when I compose up:
logstash | [2023-01-17T13:59:02,680][WARN ][deprecation.logstash.monitoringextension.pipelineregisterhook] Internal collectors option for Logstash monitoring is deprecated and targeted for removal in the next major version.
logstash | Please configure Metricbeat to monitor Logstash. Documentation can be found at:
logstash | https://www.elastic.co/guide/en/logstash/current/monitoring-with-metricbeat.html
logstash | [2023-01-17T13:59:04,711][INFO ][logstash.licensechecker.licensereader] Elasticsearch pool URLs updated {:changes=>{:removed=>[], :added=>[http://elasticsearch:9200/]}}
logstash | [2023-01-17T13:59:05,373][INFO ][logstash.licensechecker.licensereader] Failed to perform request {:message=>"Connect to elasticsearch:9200 [elasticsearch/172.20.0.2] failed: Connection refused", :exception=>Manticore::SocketException, :cause=>#<Java::OrgApacheHttpConn::HttpHostConnectException: Connect to elasticsearch:9200 [elasticsearch/172.20.0.2] failed: Connection refused>}
logstash | [2023-01-17T13:59:05,379][WARN ][logstash.licensechecker.licensereader] Attempted to resurrect connection to dead ES instance, but got an error {:url=>"http://elasticsearch:9200/", :exception=>LogStash::Outputs::ElasticSearch::HttpClient::Pool::HostUnreachableError, :message=>"Elasticsearch Unreachable: [http://elasticsearch:9200/][Manticore::SocketException] Connect to elasticsearch:9200 [elasticsearch/172.20.0.2] failed: Connection refused"}
logstash | [2023-01-17T13:59:05,436][INFO ][logstash.licensechecker.licensereader] Failed to perform request {:message=>"Connect to elasticsearch:9200 [elasticsearch/172.20.0.2] failed: Connection refused", :exception=>Manticore::SocketException, :cause=>#<Java::OrgApacheHttpConn::HttpHostConnectException: Connect to elasticsearch:9200 [elasticsearch/172.20.0.2] failed: Connection refused>}
logstash | [2023-01-17T13:59:05,444][WARN ][logstash.licensechecker.licensereader] Marking url as dead. Last error: [LogStash::Outputs::ElasticSearch::HttpClient::Pool::HostUnreachableError] Elasticsearch Unreachable: [http://elasticsearch:9200/_xpack][Manticore::SocketException] Connect to elasticsearch:9200 [elasticsearch/172.20.0.2] failed: Connection refused {:url=>http://elasticsearch:9200/, :error_message=>"Elasticsearch Unreachable: [http://elasticsearch:9200/_xpack][Manticore::SocketException] Connect to elasticsearch:9200 [elasticsearch/172.20.0.2] failed: Connection refused", :error_class=>"LogStash::Outputs::ElasticSearch::HttpClient::Pool::HostUnreachableError"}
logstash | [2023-01-17T13:59:05,449][WARN ][logstash.licensechecker.licensereader] Attempt to validate Elasticsearch license failed. Sleeping for 0.02 {:fail_count=>1, :exception=>"Elasticsearch Unreachable: [http://elasticsearch:9200/_xpack][Manticore::SocketException] Connect to elasticsearch:9200 [elasticsearch/172.20.0.2] failed: Connection refused"}
logstash | [2023-01-17T13:59:05,477][ERROR][logstash.licensechecker.licensereader] Unable to retrieve license information from license server {:message=>"No Available connections"}
logstash | [2023-01-17T13:59:05,567][ERROR][logstash.monitoring.internalpipelinesource] Failed to fetch X-Pack information from Elasticsearch. This is likely due to failure to reach a live Elasticsearch cluster.
logstash | [2023-01-17T13:59:05,661][INFO ][logstash.config.source.local.configpathloader] No config files found in path {:path=>"/home/ettore/Documenti/Portfolio/ELK/logstash/logstash.conf"}
logstash | [2023-01-17T13:59:05,664][ERROR][logstash.config.sourceloader] No configuration found in the configured sources.
logstash | [2023-01-17T13:59:06,333][INFO ][logstash.agent ] Successfully started Logstash API endpoint {:port=>9600, :ssl_enabled=>false}
logstash | [2023-01-17T13:59:06,411][INFO ][logstash.runner ] Logstash shut down.
logstash | [2023-01-17T13:59:06,419][FATAL][org.logstash.Logstash ] Logstash stopped processing because of an error: (SystemExit) exit
logstash | org.jruby.exceptions.SystemExit: (SystemExit) exit
logstash | at org.jruby.RubyKernel.exit(org/jruby/RubyKernel.java:790) ~[jruby.jar:?]
logstash | at org.jruby.RubyKernel.exit(org/jruby/RubyKernel.java:753) ~[jruby.jar:?]
logstash | at usr.share.logstash.lib.bootstrap.environment.<main>(/usr/share/logstash/lib/bootstrap/environment.rb:91) ~[?:?]
and this is to prove that everything is working as intended with es (or so it seems)
netstat -an | grep 9200
tcp 0 0 0.0.0.0:9200 0.0.0.0:* LISTEN
tcp6 0 0 :::9200 :::* LISTEN
unix 3 [ ] STREAM CONNECTED 49200
I've looked through everything and this is 100% not a duplicate because I have tried it all. I really can't figure it out. Hope anyone can help.
Thank you for you time.
You should set logstash.yml
Create a logstash.yml with values below:
http.host: "0.0.0.0"
xpack.monitoring.elasticsearch.hosts: [ "http://localhost:9200" ]
In your docker-compose.yml, add another volume in Logstash container as shown below:
./logstash.yml:/usr/share/logstash/config/logstash.yml
Additionally, its good to run with restart condition.

LocalStack stuck in "Waiting for all LocalStack services to be ready" messages

I have tried to run Localstack as it described on its GitHub page and I've used a command 'pip install localstack' as well as command 'docker-compose up' with docker-compose file from documentation:
version: "3.8"
services:
localstack:
container_name: "${LOCALSTACK_DOCKER_NAME-localstack_main}"
image: localstack/localstack
network_mode: bridge
ports:
- "127.0.0.1:53:53"
- "127.0.0.1:53:53/udp"
- "127.0.0.1:443:443"
- "127.0.0.1:4566:4566"
- "127.0.0.1:4571:4571"
environment:
- SERVICES=${SERVICES- }
- DEBUG=${DEBUG- }
- DATA_DIR=${DATA_DIR- }
- LAMBDA_EXECUTOR=${LAMBDA_EXECUTOR- }
- LOCALSTACK_API_KEY=${LOCALSTACK_API_KEY- }
- KINESIS_ERROR_PROBABILITY=${KINESIS_ERROR_PROBABILITY- }
- DOCKER_HOST=unix:///var/run/docker.sock
- HOST_TMP_FOLDER="${TMPDIR:-/tmp}/localstack"
volumes:
- "${TMPDIR:-/tmp}/localstack:/tmp/localstack"
- "/var/run/docker.sock:/var/run/docker.sock"
But in both ways I get the same output:
localstack_main | 2021-09-21 15:32:26,633 CRIT Supervisor is running as root. Privileges were not dropped because no user is specified in the config file. If you intend to run as root, you can set user=root in the config file to avoid this message.
localstack_main | 2021-09-21 15:32:26,645 INFO supervisord started with pid 14
localstack_main | 2021-09-21 15:32:27,650 INFO spawned: 'dashboard' with pid 20
localstack_main | 2021-09-21 15:32:27,653 INFO spawned: 'infra' with pid 21
localstack_main | 2021-09-21 15:32:27,659 INFO success: dashboard entered RUNNING state, process has stayed up for > than 0 seconds (startsecs)
localstack_main | 2021-09-21 15:32:27,660 INFO exited: dashboard (exit status 0; expected)
localstack_main | (. .venv/bin/activate; exec bin/localstack start --host)
localstack_main | 2021-09-21 15:32:28,663 INFO success: infra entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
localstack_main | LocalStack version: 0.12.1
localstack_main | Starting local dev environment. CTRL-C to quit.
localstack_main | Waiting for all LocalStack services to be ready
localstack_main | Waiting for all LocalStack services to be ready
localstack_main | Waiting for all LocalStack services to be ready
localstack_main | Waiting for all LocalStack services to be ready
And then nothing appears except these recurring messages.
Does anybody know how to fix this problem?
This might not be the solution for everyone, but worth suggesting to try update your Docker version.
I had the same issue and for few days, and then I tried to update my docker version
I use Docker version 20.10.11 on apple silicon and can confirm it works fine. So far, after this update, I did not encounter any new issues with local-stack.
Also this Github issue suggests deleting your local-stack's volume before each run. It works, however this obviously can't be long term solution, but might be good mitigation when one is in need.
Update your docker-compose.yml as below and then run docker-compose up. It should work as expected.
version: "3.8"
services:
localstack:
container_name: "${LOCALSTACK_DOCKER_NAME-localstack}"
image: localstack/localstack
hostname: localstack
networks:
- test-net
ports:
- "4566:4566"
environment:
- SERVICES=s3,sqs,cloudformation,iam,cloudwatch
- DEBUG=1
- DATA_DIR=/tmp/localstack/data
- LAMBDA_EXECUTOR=docker-reuse
- LAMBDA_REMOTE_DOCKER=false
- LAMBDA_REMOVE_CONTAINERS=true
- DOCKER_HOST=unix:///var/run/docker.sock
- HOST_TMP_FOLDER=${TMPDIR}
volumes:
- "/var/run/docker.sock:/var/run/docker.sock"
networks:
test-net:
external: false
driver: bridge
name: test-net

Unable to forward/map port internaly in Docker-Compose

I am currently having an app with 3 different databases (it's for a test). I have the following docker image:
Dockerfile
FROM golang:1.15
WORKDIR /myapp
# Download wait for it tool.
ADD https://raw.githubusercontent.com/vishnubob/wait-for-it/master/wait-for-it.sh /wait-for-it
RUN chmod +x /wait-for-it
and the following docker-compose.yml
version: '3.7'
services:
app:
build:
context: .
dockerfile: Dockerfile.dev
volumes:
- .:/app
command: sh -c "/wait-for-it postgres:10001 -- /wait-for-it oracle:10000 -- /wait-for-it mongodb:10002"
depends_on:
- oracle
- mongodb
- postgres
ports:
- "8080:8080"
oracle:
image: chameleon82/oracle-xe-10g:latest
ports:
- "10000:8080"
expose:
- 10000
postgres:
image: postgres:9.6-alpine
ports:
- "10001:5432"
environment:
- POSTGRES_HOST_AUTH_METHOD=trust
- POSTGRES_DB=testdb
expose:
- 10001
mongodb:
image: mongo:latest
ports:
- "10002:27017"
expose:
- 10002
The thing is, as you saw, my app listens on 8080, but so Oracle does. I know I can change my app port, but still, I would like to switch Oracle to another port. I am trying to achieve it from port mapping, but I do feel that it only works for the host machine, not for a use from within the docker-compose, am I wrong?
Think of services within a Docker Compose network (i.e. app, oracle) as distinct hosts. Each is addressable by its service name, i.e. app should refer to the oracle service by this name (oracle).
The port mapping allows you to expose (and map) service ports within a Docker Compose network to (possibly different) host ports. This is commonly because, the host has a singular dimension of port spaces (0...65535) whereas each service within the Docker Compose network has a port space. 2 services (e.g. http1 and http2) may each use port e.g. 8080 but there's only one 8080 on the host and so, to expose each of these services on your host, one would have to yield; one could also be on the host's 8080 but the other would need to be elsewhere, perhaps 8081.
In your case, e.g. oracle runs on 8080 within the Docker Compose network and is exposed on the host's port 10000. As far as the app service is concerned, this service is available as oracle:8080 (8080 not 10000) within the Docker Compose network.
The expose syntax is purely documentary and has no functional effect.
Responding to comments
If I run your Compose script as-is, it does not work. This is expected because e.g. postgres is available on 5432 within the Compose network not on 10001
docker-compose logs app
Attaching to 63690852_app_1
app_1 | wait-for-it: waiting 15 seconds for postgres:10001
app_1 | wait-for-it: timeout occurred after waiting 15 seconds for postgres:10001
app_1 | wait-for-it: waiting 15 seconds for oracle:10000
app_1 | wait-for-it: timeout occurred after waiting 15 seconds for oracle:10000
app_1 | wait-for-it: waiting 15 seconds for mongodb:10002
app_1 | wait-for-it: timeout occurred after waiting 15 seconds for mongodb:10002
If I correct the ports:
command: sh -c "/wait-for-it postgres:5432 -- /wait-for-it oracle:8080 -- /wait-for-it mongodb:27017"
It works as expected:
docker-compose logs app
Attaching to 63690852_app_1
app_1 | wait-for-it: waiting 15 seconds for postgres:5432
app_1 | wait-for-it: postgres:5432 is available after 0 seconds
app_1 | wait-for-it: waiting 15 seconds for oracle:8080
app_1 | wait-for-it: oracle:8080 is available after 8 seconds
app_1 | wait-for-it: waiting 15 seconds for mongodb:27017
app_1 | wait-for-it: mongodb:27017 is available after 0 seconds

Browser request hanging when running the latest Docker ColdFusion image

I installed the Docker release of ColdFusion with the following command:
docker pull eaps-docker-coldfusion.bintray.io/cf/coldfusion:latest
I then created a compose file:
version: "3.7"
services:
coldfusion:
image: eaps-docker-coldfusion.bintray.io/cf/coldfusion:latest
ports:
- "8500:8500"
networks:
coldfusion:
hostname: coldfusion
volumes:
- "~/dev/docker/projects/coldfusion/volumes/app:/app"
- "~/dev/docker/projects/coldfusion/volumes/logs:/opt/coldfusion/cfusion/logs"
environment:
acceptEULA: "YES"
password: "ColdFusion123"
enableSecureProfile: "false"
HOST_USER_ID: ${CURRENT_UID}
HOST_GROUP_ID: ${CURRENT_GID}
deploy:
replicas: 1
restart_policy:
condition: any
delay: 5s
max_attempts: 3
window: 10s
healthcheck:
test: curl --fail http://localhost:8500 || exit 1
interval: 1m
timeout: 3s
retries: 3
networks:
coldfusion:
name: coldfusion
common:
external: true
name: common
and started it with the command:
docker stack deploy --compose-file docker-compose-dev.yml coldfusion
The log shows:
stephane#stephane-pc:~/dev/docker/projects/coldfusion$ docker service logs -f coldfusion_coldfusion
coldfusion_coldfusion.1.rlhixv3jctvm#stephane-pc | Updating webroot to /app
coldfusion_coldfusion.1.rlhixv3jctvm#stephane-pc | Configuring virtual directories
coldfusion_coldfusion.1.rlhixv3jctvm#stephane-pc | Updating password
coldfusion_coldfusion.1.rlhixv3jctvm#stephane-pc | Skipping language updation
coldfusion_coldfusion.1.rlhixv3jctvm#stephane-pc | Serial Key: Not Provided
coldfusion_coldfusion.1.rlhixv3jctvm#stephane-pc | Previous Serial Key: Not Provided
coldfusion_coldfusion.1.rlhixv3jctvm#stephane-pc | Starting ColdFusion
coldfusion_coldfusion.1.rlhixv3jctvm#stephane-pc | Starting ColdFusion 2018 server ...
coldfusion_coldfusion.1.rlhixv3jctvm#stephane-pc | The ColdFusion 2018 server is starting up and will be available shortly.
coldfusion_coldfusion.1.rlhixv3jctvm#stephane-pc | ======================================================================
coldfusion_coldfusion.1.rlhixv3jctvm#stephane-pc | ColdFusion 2018 server has been started.
coldfusion_coldfusion.1.rlhixv3jctvm#stephane-pc | ColdFusion 2018 will write logs to /opt/coldfusion/cfusion/bin/../logs/coldfusion-out.log
coldfusion_coldfusion.1.rlhixv3jctvm#stephane-pc | ======================================================================
coldfusion_coldfusion.1.rlhixv3jctvm#stephane-pc | [000] Checking server startup status...
coldfusion_coldfusion.1.rlhixv3jctvm#stephane-pc | % Total % Received % Xferd Average Speed Time Time Time Current
coldfusion_coldfusion.1.rlhixv3jctvm#stephane-pc | Dload Upload Total Spent Left Speed
0 0 0 0 0 0 0 0 --:--:-- 0:00:01 --:--:-- 0
coldfusion_coldfusion.1.rlhixv3jctvm#stephane-pc | External Addons: Disabled
coldfusion_coldfusion.1.rlhixv3jctvm#stephane-pc | External Session Storage: Disabled
coldfusion_coldfusion.1.rlhixv3jctvm#stephane-pc | Skipping setup script invocation
coldfusion_coldfusion.1.rlhixv3jctvm#stephane-pc | Secure Profile: Disabled
coldfusion_coldfusion.1.rlhixv3jctvm#stephane-pc | Cleaning up setup directories
But it hangs when typing the http://localhost:8500/ request in the browser.
The log remains empty:
tail -f volumes/logs/coldfusion-out.log
I created an index.cfm page in the /app directory:
hi
<cfset firstName = "World">
Hello <cfoutput>#firstName#</cfoutput>!
This CFML tutorial was designed for
<cfif firstName eq "World">
you!
<cfelse>
the world to see.
</cfif>
UPDATE: A 200 response comes back fine when using 127.0.0.1 instead of localhost
Opening the firewall ports does not change anything to the issue:
stephane#stephane-pc:~$ sudo ufw allow from 127.0.0.0 to any port 8500;
Rules updated
stephane#stephane-pc:~$ sudo ufw allow from any to any port 8500;
Rules updated
Rules updated (v6)
My host /etc/hosts file contains the line:
127.0.0.1 localhost
The nmap command responds:
stephane#stephane-pc:~/dev/docker/projects/coldfusion$ nmap -p 8500 localhost
Starting Nmap 7.80 ( https://nmap.org ) at 2020-09-08 12:09 CEST
Nmap scan report for localhost (127.0.0.1)
Host is up (0.00038s latency).
PORT STATE SERVICE
8500/tcp open fmtp
Nmap done: 1 IP address (1 host up) scanned in 0.22 seconds
Your docker compose file shows
hostname: coldfusion
so shouldn't it be available at http://coldfusion:8500?
If it's docker compose v3, it should be
services:
dns:
hostname: 'your-domain'

Docker + webdevops: "This site can’t be reached"

On a current project I use Docker. I must clarify that I am pretty inexperienced at it.
My project is a PHP/Symfony project. Until then, I used nginx:alpine and phpdocker/php-fpm to have my project running on my dev environment. However, I found these unfit to my case as my production actually uses Apache.
I found another project I'm on uses the webdevops Docker images without trouble. I want to replace the two containers listed above with a single one, the webdevops/php-apache-dev:alpine docker image.
Although the configuration between the two projects seems almost identical, my dev environment does not seem to work properly: I end up with this:
This site can’t be reached - 172.18.0.7 refused to connect.
(I also use Traefik, but the routed URI does not work any better. The error message is slightly different though: Bad Gateway).
I find myself unable to debug this. I don't even know where to look.
Below is the docker-compose.yml configuration I want to use:
version: '3.2'
services:
app:
image: webdevops/php-apache-dev:alpine
container_name: my-app
working_dir: /app
env_file: .env
environment:
WEB_DOCUMENT_ROOT: /public
WEB_DOCUMENT_INDEX: index.php
LOG_STDOUT: ./var/log/app.stdout.log
LOG_STDERR: ./var/log/app.stderr.log
# #todo list of unwanted PHP modules, cf. https://dockerfile.readthedocs.io/en/latest/content/DockerImages/dockerfiles/php-apache-dev.html#php-modules
# PHP_DISMOD:
php.error_reporting: E_ALL
PHP_DISPLAY_ERRORS: 1
PHP_POST_MAX_SIZE: 80M
PHP_UPLOAD_MAX_FILESIZE: 200M
PHP_MEMORY_LIMIT: 521M
PHP_MAX_EXECUTION_TIME: 300
PHP_DATE_TIMEZONE: Europe/Paris
volumes:
- .:/app
# - ./docker/apache2/conf.d:/opt/docker/etc/httpd/conf.d
- ~/.ssh:/home/application/.ssh:ro
- ~/.composer:/home/application/.composer
depends_on:
- elasticsearch
- database
The other containers work just as well as they did before. This one is the only one that fails.
When calling docker-compose up no error is thrown. All the logs I could find within the container remain silent. As far I as can tell, Traefik does not seem to be the problem. Here is the result of docker ps:
[/var/www/html/citizen-game]$ docker ps *[master]
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
6e9639e7a84d webdevops/php-apache-dev:alpine "/entrypoint supervi…" 4 hours ago Up 4 hours 80/tcp, 443/tcp, 9000/tcp my-app-app
be1b90fdf768 docker.elastic.co/elasticsearch/elasticsearch:6.2.4 "/usr/local/bin/dock…" 4 hours ago Up 4 hours (healthy) 9200/tcp, 9300/tcp my-app-elasticsearch
76fb8743a12f phpmyadmin/phpmyadmin "/run.sh supervisord…" 4 hours ago Up 4 hours 80/tcp, 9000/tcp my-app-phpmyadmin
dd41b4afe267 mysql:5.7 "docker-entrypoint.s…" 4 hours ago Up 4 hours (healthy) 3306/tcp, 33060/tcp my-app-database
91893783bcb1 rabbitmq:3.7-management "docker-entrypoint.s…" 4 hours ago Up 4 hours 4369/tcp, 5671/tcp, 0.0.0.0:5672->5672/tcp, 15671/tcp, 25672/tcp, 0.0.0.0:15672->15672/tcp my-app-rabbitmq
63f551884bbf traefik:maroilles "/traefik --web --do…" 4 hours ago Up 4 hours 0.0.0.0:80->80/tcp, 0.0.0.0:443->443/tcp, 0.0.0.0:8080->8080/tcp
My question is, I guess: how can I debug this? Am I missing something trivial?
Edit
Here is (part of) the content of the docker-compose.override.yml file:
version: '3.2'
services:
app:
volumes:
- ~/.ssh:/home/application/.ssh
- ~/.composer:/home/application/.composer
labels:
- "traefik.backend=my-app"
- "traefik.frontend.rule=Host:my-app.docker"
- "traefik.docker.network=proxy"
networks:
- internal
- proxy
environment:
PHP_DEBUGGER: xdebug
#XDEBUG_REMOTE_HOST: <your host IP address>
XDEBUG_REMOTE_PORT: 9000
XDEBUG_REMOTE_AUTOSTART: 1
XDEBUG_REMOTE_CONNECT_BACK: 1
XDEBUG_PROFILER_ENABLE: 1
XDEBUG_PROFILER_ENABLE_TRIGGER: 1000
traefik:
image: traefik
container_name: citizen-game-traefik
command: --web --docker --docker.domain=docker --logLevel=DEBUG
ports:
- "80:80"
- "443:443"
- "8080:8080"
volumes:
- /var/run/docker.sock:/var/run/docker.sock
restart: always
networks:
- internal
- proxy
rabbitmq:
networks:
- internal
- proxy
networks:
proxy:
external:
name: traefik
internal:
EDIT 2:
#Mostafa
I ran the following:
docker inspect -f '{{range .NetworkSettings.Networks}}{{.IPAddress}}{{end}}' my-app-app
Result is:
172.18.0.7172.19.0.5
Trying these directly from the browser fails "This site can't be reached". I suppose it was to be expected.
I ran the following from inside the container:
bash-4.4# supervisorctl status apache:apached
apache:apached RUNNING pid 13575, uptime 0:00:00
As suggested, I used ss -plant | grep 80. This does not work from within the container. Here is the result when called outside of it:
[/var/www/html/my-app]$ ss -plant | grep 80
LISTEN 0 80 127.0.0.1:3306 0.0.0.0:*
ESTAB 0 0 192.168.1.88:39360 198.252.206.25:443 users:(("chromium-browse",pid=4203,fd=80))
SYN-SENT 0 1 192.168.1.88:50680 192.241.181.178:443 users:(("chromium-browse",pid=4203,fd=41))
LISTEN 0 128 *:80 *:*
LISTEN 0 128 *:8080 *:*
I'm not sure it tells much though. I tried to install ss from inside the container with apk but:
bash-4.4# apk add ss
ERROR: unsatisfiable constraints:
ss (missing):
required by: world[ss]
EDIT 3:
Here is the result of calling netstat:
bash-4.4# netstat -plant
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 229/sshd
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN -
tcp 0 0 127.0.0.11:32843 0.0.0.0:* LISTEN -
tcp 0 0 :::22 :::* LISTEN 229/sshd
tcp 0 0 :::9000 :::* LISTEN 225/php-fpm.conf)
bash-4.4# netstat -plant | grep httpd
(nothing)
I'm not sure how much this helps though, since my other project, that works, yields the same result n bash-4.4# netstat -plant | grep httpd. Without the grep, it includes much more lines, though.
As the output that you have posted described the exposed ports 80,443,9000 for the container from this image webdevops/php-apache-dev:alpine
Then you can access the container using its IP directly from the browser. So first you need to ensure from the following:
Check if 172.18.0.7 is the actual IP of my-app-app container, use the following command to check the IP of your running container
docker inspect -f '{{range .NetworkSettings.Networks}}{{.IPAddress}}{{end}}' my-app-app
Or just docker inspect my-app-app to get all info about the container
Check the logs for my-app-app and you may need to enter the container itself and check if apache is actually running by executing the following supervisorctl command which will tell you about the status of apache service
$ supervisorctl status apache:apached
apache:apached RUNNING pid 72, uptime 0:07:43
If apache is running correctly then you should be able to browse the content using the container IP, in my case it gives me something like this as I don't have an actual application
Regarding your issue with traefik which is Bad Gateway that's because traefik itself cannot reach your backend service which is the my-app-app container in our case. you need to ensure that both traefik and my-app-app are within the same network or at least they can ping each other's IPs
Update:
Instead of ss it turns out the image contains netstat command, in order to check what port is used by apache you can do the following from inside the container:
# netstat -plant | grep httpd
tcp 0 0 :::80 :::* LISTEN 98/httpd
tcp 0 0 :::443 :::* LISTEN 98/httpd

Resources