I need help with configuring docker on Debian 9.
I installed docker and docker-compose successfully.
I can access my host by IP (ex. 172.18.0.7), but cannot access by domain name (sitename.loc). I see an error "ERR_NAME_NOT_RESOLVED" or "DNS_PROBE_FINISHED_NXDOMAIN".
Commands
$ docker-compose up -d
$ docker ps
works fine.
I tried disable firewall, it didn't help.
What's wrong? iptables?
Thanks in advance.
You can add the IP and name to your hosts file, but the container IP can change everytime you start it, so a better approach is to map the ports to your host, and then add to the hosts file this mapping:
sitename.loc 127.0.0.1
Related
From a Spring Boot application running on a docker container, I am trying to connect to Rabbit MQ, Storm and other services which are also running on a docker container. It is working fine when using IP address like x.x.x.x but the same is not working when using the DNS name for that IP. In the command prompt I am able to ping and get a successful response for the same DNS name. Requesting for your help and support in this issue.
You said that you can resolve DNS on the command line. If you mean the command line of the host machine (outside of of the docker container), then the issue is probably with the container's own DNS settings.
A container has it's own network settings. Take a look at the /etc/resolv.conf file being used by the Spring Boot container - this will show you that container's DNS settings.
TL;DR: how do I get a client in my container to make an HTTPS connection to a service on the host?
I've got a service running on a VM on my local dev machine (macOS) that's serving HTTPS on port 8443; it's got a certificate for dev.mycoolproject.com and dev.mycoolproject.com has an A record pointing to 127.0.0.1. So, if I run my client on my local machine and point it to https://dev.mycoolproject.com:8443 it makes a secure connection to my local service.
I want to run my client inside a docker container and still have it connect to that local server on the host. But obviously dev.mycoolproject.com pointing at 127.0.0.1 won't work, and I can't just use /etc/hosts to redirect it because the host's IP is dynamic. I can reach the local server at host.docker.internal:8443, but I'll get TLS errors because the hostname doesn't match.
Is there any way I can get docker's DNS to map dev.mycoolproject.com to the host IP? I looked into running dnsmasq locally in the container but I had trouble getting it to work.
In a container where you might not have access to tools like dig or nslookup and don't want to install another 55MB package (like debian's dnsutils) just to get the host.docker.internal IP it might be better to use getent instead of dig:
getent hosts host.docker.internal | awk '{ print $1 }'
I ran into a similar issue yesterday and came up with a workaround that adds an entry to /etc/hosts resolving to the the host IP.
You'll need dig or another DNS tool to query for the IP.
If you are running as root you can use:
echo "$(dig +short host.docker.internal) dev.mycoolproject.com" >> /etc/hosts
If you have sudo you can run:
echo "$(dig +short host.docker.internal) dev.mycoolproject.com" | sudo tee -a /etc/hosts
Initially I was hoping the --add-host run option would allow for special docker entries in the host ip argument (like host.docker.internal) but unfortunately they don't.
I wanted to avoid more container configuration so I went with this. Setting up dnsmasq would be a more stable solution.
I run the images in docker terminal:
docker run -p 4000:80 friendlyhello
Localhost does not connect and display images.
This site can’t be reached
localhost refused to connect.
- Did you mean http://localhost4000.org/?
- Search Google for localhost 4000
ERR_CONNECTION_REFUSED
i think maybe you visit http://localhost:4000 in browser on Windows,then you should use the docker default machine ip(generally 192.168.99.100).
just try http://192.168.99.100:4000.
I had this problem too, solved following this part of the documentation:
Note: If you are using Docker Toolbox on Windows 7, use the Docker
Machine IP instead of localhost. For example,
http://192.168.99.100:4000/. To find the IP address, use the command
docker-machine ip.
If you running a nodejs app in the docker container, try '0.0.0.0' instead of 'localhost'.
example: suppose your app works on port 3000
server.listen(3000, 'localhost' () => {
console.log('listening for requests on port 3000');
});
server.listen(3000, '0.0.0.0' () => {
console.log('listening for requests on port 3000');
});
then you can do port-mapping in docker to your web app.
docker run -p 4000:3000 --name 'your_container_name' 'your_image_name'
start the container and see the port using the below command on your cmd or terminal.
docker port <your_container_name>
I also had this error using docker for windows.
Despite numerous attempts it wasnt resolved by playing with the port numbers and image rebuilds, or complete wipe of the docker container.
It took me a while to resolve so want to save you all some time.
1- enter the command Run docker network ls
Look for output similar to the below-
Network ID Name Driver Scope
cd6a217449e3 nat nat local
2- Copy the network ID
3-enter the command docker network inspect THENETWORKID
4- You will receive some outpuut to screen which looks like a json output, look for text similar to the below:-
"Containers": {
"4b953b6a597e38eac1de39119d30fb4c87bca6faae7da444b02e223685eed5c7": {
"Name": "jolly_rosalind",
"EndpointID": "5919da54af323505e18d9807742fd12bb3acbe260dcee28911ffdf56fb905baf",
"MacAddress": "00:15:5d:3c:50:58",
"IPv4Address": "172.30.49.218/16",
"IPv6Address": ""
}
5- enter 'http://THEIPV4ADDRESS:5000/' in your web browser, and you may be presnted with a beautiful '0'.
Good Luck!
With that docker run command, you should access to the container from your host using http://127.0.0.1:4000 as #Black said on comments. Anyway, your "friendlyhello" image what exactly is? because there are a lot of "friendlyhello" images on dockerhub, but yours is not any of them. There is no official friendlyhello image. Can you put your Dockerfile? Anyway, it is suppossed that a standard "friendlyhello" will run a web server on port 80 with a Hello World welcome page. It should work.
I already tested with docker run -p 4000:80 movila/friendlyhello and is working for me.
If is not working for you, it sounds like you have some kind of iptables problem. Reboot your machine in order to restore iptables rules (docker does it automatically) and try again.
Other possibility is to access directly to the container's ip instead of hosts ip. When you launch your docker container, if you don't specify -d parameter, it's going to get your terminal to print its log. On that log there is an ip. That ip is the container's ip. Example of my log:
* Running on http://0.0.0.0:80/ (Press CTRL+C to quit)
172.17.0.1 - - [10/May/2017 07:13:53] "GET / HTTP/1.1" 200 -
172.17.0.1 - - [10/May/2017 07:13:53] "GET /favicon.ico HTTP/1.1" 404 -
You can try to use http://172.17.0.1 to access to it.
It will be good if you could share the Docker version and OS you are working on. Meanwhile, please try these steps:
Check if your container is actually running on port 80
Instead of using http://localhost:4000, try http://{CONTAINER_IP}:4000/ you should get your container IP by
docker inspect -f '{{range .NetworkSettings.Networks}}{{.IPAddress}}{{end}}' container_name_or_id
Maybe your app is on HTTPS. Try that as well
I resolved this situation on MacOS by installing and starting docker-machine
This is because a Virtual Machine is required to run docker on MacOS.
An alternative is to use Docker Desktop.
Even I was facing same problem and after implement the below solution where I replaced the "localhost" with docker ip address and it worked fine for me.
Just assigned the port and use below url
http://192.168.99.100:5050/ instead of http://localhost:5050
. Just replce your port number with "5050", it will work fine.
i think maybe you visit http://localhost:4000 in browser on Windows,then you should use the docker default machine ip(generally 192.168.99.100). just try http://192.168.99.100:4000.
I'm trying to access Docker remote API from within a container because I need to start other containers.
The host address is 172.19.0.1, so I'm using http://172.19.0.1:2375/images/json to get the list of images (from host, http://localhost:2375/images/json works as expected.
The connection is refused, I guess because Docker (for Windows) listens on 127.0.0.1 and not on 0.0.0.0.
I've tried to change configuration (both from UI and daemon.json) adding the entry:
"hosts": ["tcp://0.0.0.0:2375"]
but the daemon fails to start. How can I access the api?
You can set DOCKER_OPTS in windows as below and try. In Windows, Docker runs inside a VM. So, you have to ssh into the VM and make the changes.
DOCKER_OPTS='-H tcp://0.0.0.0:4243 -H unix:///var/run/docker.sock'
Check if it works for you.
Update :- To ssh into the VM (assuming default is the VM name you have created using Docker toolbox), enter the following command in the Docker Quickstart Terminal,
docker-machine ssh default
You can find more details here.
You could link the host's /var/run/docker.sock within the container where you need it. This way, you don't expose the Docker Remote API via an open port.
Be aware that it does provide root-like access to docker.
-v /var/run/docker.sock:/var/run/docker.sock
You should use "tcp://host.docker.internal:2375" to connect to host machine from container. Please make sure that you can ping the "host.docker.internal" address
https://github.com/docker/for-win/issues/1976
I have installed docker on my Windows m/c.
I am trying to install Gerrit on that.
Pull image is done-Successfully
Run image is also done -->
docker run -d -p 8080:8080 -p 29418:29418 ******/gerrit
I try to connect it through browser with my container id:8080 but it throws error
This site can’t be reached
What is oing wrong.. Please help with suggestions.
BR,
Rash
You need to access your container by IP of virtual machine. You can obtain it with command: docker-machine ls. Then access container in browser by (replace ip) http://192.168.99.100:8080
This is a known limitation of windows containers at the moment as per the docker documentation (https://docs.docker.com/docker-for-windows/troubleshoot/#limitations-of-windows-containers-for-localhost-and-published-ports).
As of Windows 10 Creator's update this has kinda been fixed where you can use host IP with the bounded host port(http://<hostIp>:<hostBoundedPort>), but still not localhost or any of it's aliases.
Alternatively you can avoid port mapping hit the container IP directly. There is numerous ways to get your container IP. Personally I would use:
docker ps
This lists out all the the running docker containers allowing you to find the Container ID for the container that you want to hit followed by:
docker inspect <initial_part_or_full_id>
This will output low level information about the container, including it's Network settings where you will find the NAT-ed endpoint details containing the IP. Then simply http://<containerIP>:<containerPort>.