I'm having trouble getting Docker Toolbox for Windows 10 working behind a company proxy.
I can't get docker login or docker run to work, so here's what I've done to debug.
I created an plain ubuntu machine within a virtual machine.
On my host machine, I start simple server running on port 8000.
In ubuntu:
$ curl 10.0.2.2:8000
$ [it retrieves the html being served]
$ curl www.google.com
$ curl (7) Failed to connect to www.google.com port 80: Connection refused
$ export http_proxy=http://my-proxy:3128
$ curl www.google.com
$ [302 HTTP response from google]
On boot2docker:
$ curl 10.0.2.2:8000
$ [it retrieves the html being served]
$ curl www.google.com
$ curl (7) Failed to connect to www.google.com port 80: Connection refused
$ export http_proxy=http://my-proxy:3128
$ curl www.google.com
$ curl: (7) Failed to connect to my-proxy:3128: No route to host
What's going on here?
Ok, I finally solved this.
The issue was that the company proxy exists in the same subnet as the default docker VM bridge. (ie. 172.17.x.x).
Just a quick workaround - you can solve this by changing it within the docker VM.
$ docker-machine ssh mydockervm
$ ifconfig docker0 172.18.0.1 netmask 255.255.0.0
I have experiment the same problem and I use #dwjohnston own answer to find the cause of the issue.
In my case the a docker VM bridge in conflict was related to the execution of an old docker-compose.
I solve that running :
$ docker network prune
In order to clean the network connections...
The strange point about this is that the bridge was still mapped event if all the containers started by the compose have had been already pruned.
Note : this seems to be a "I have the same issue " answer, but the given solution is different...different...
Related
SO i have a service running in my localhost:80 , and localhost:8080
I need to fetch it from within a docker container
So I enter inside my docker container cli and try the following commands.
curl http://www.example.com //a famous website --> works
curl 172.17.0.1 ---> works , this is fetching my hosts localhost port 80 , its the default docker interface and resolves on the host
curl 172.17.0.1:1112 ---> I can fetch this , i have a simple express server running there returning a hello world in my local machine , it can also be curled from withing the host with a curl localhost:1112
Above as you can see im using 172.17.0.1 to connecto to my host from within my container, and not localhost, because localhost would mean the local connection of said container, and thats not what im looking for.
Now the issue comes with the following.
I crate a ssh tunnel in my port 8888 to another machine, which can only be accessed using a vpn that is running in my host. With the following command
ssh -fN myname#database.pl -L 8888:db.env.prise:80
This creates a tunnel that I can curl in my host machine localhost:8888
If I try this from within my host
curl -s http://localhost:8888/test | jq
It correctly fetches a json. SO the idea is to do something similar from within my container.
I go ahead to my container and type
curl http://172.17.0.1:8888/test
Failed to connect to 172.17.0.1 port 8888: Connection refused
And thats the eerror that I receive.
Why can I fetch every single port except that one? I suspect it might have something to do with my docker not being in the vpn ¿?
HOw can I fix this.
I have a openvpn file for the connection but thats it.
Altho I dont really think its the vpns fault, because if I Curl from my localhost with the vpn disconnected, the curl will fail but at least it attempts to curl it being stuck for a while. WHile trying to curl that port from within the docker instantly gets rejected.
It looks like you are attempting to connect from docker to a resource that you can only access via SSH on your host.
A valid solution to this problem would be to forward the port of the external machine to your machine via:
ssh -fN myname#database.pl -L 8888:db.env.prise:80
This will redirect the external port to a local port. The problem is that docker cannot access this port.
With socat, you can open a new port that listens on all interfaces and not just on local:
socat TCP-LISTEN:8889,fork,bind=0.0.0.0.0 TCP:localhost:8888
Through this port, connections will be redirected to your target machine:
8889->8888->80
I'm having a problem, where I can't send network requests to a Docker container I've created. I've exposed the correct ports, so I'm not sure what other issues could be at fault here.
I have a server running in container alice at localhost:10009:
$ docker exec -it alice bash
bash-4.4# curl localhost:10009
curl: (52) Empty reply from server
Port 10009 is exposed from my container:
$ docker port alice
10009/tcp -> 0.0.0.0:10009
When doing the same curl from my host machine I get a different message:
$ curl localhost:10009
curl: (56) Recv failure: Connection reset by peer
I would check to see if the server application is configured to only listen to requests coming from its "localhost", this check depends on the type of server that you're using which is not mentioned.
an easy check is to start your container as follows:
docker run --network host -d yourimagename
You don't need to worry about port mapping since you're using the host network
then try to curl, if that works, then you'll just need to review your server listening IP setting.
curl localhost:10009
I think there are some problems with #Bouzid Zitouni's answer, according to Docker official documentation:
this is the same level of isolation as if the nginx process were running directly on the Docker host and not in a container
However, if you use the --network host you will not have isolated networking in the container, and the host networking driver only works on Linux hosts.
The problem of Connection refused/reset happens because your Server is listening on 127.0.0.1 inside the container and the port forwarding is going to external IP of the container (e.g. 172.17.0.2).
Solution
In your case you need to run a new container making your server to listen on all interfaces. Example using python http.server :
docker run -p 8000:8000 -it python:3.7-slim python3 -m http.server --bind 0.0.0.0
Note
The option --bind 0.0.0.0 it's specific option of http.server. Probally your server has other ways to specify this.
References:
https://pythonspeed.com/articles/docker-connection-refused/
https://docs.docker.com/network/network-tutorial-host/
I would like to expand on #Bouzid Zitouni's answer. It seems there is indeed an issue with the address(es) the server binds to.
Connection reset by peer usually indicates that one has defined a port mapping for the container that does not point to a listening server. Here is an example to illustrate this:
docker run -p 10009:10009 -it ubuntu bash
Install nmap in container:
apt-get update && apt install -y nmap
Run ncat (localhost only)
# ncat -v --listen localhost 10009
...
Ncat: Listening on 127.0.0.1:10009
Run curl on host:
# curl localhost:10009
curl: (56) Recv failure: Connection reset by peer
You actually get the same result even if you don't have any server process at all.
Run ncat (all IPs)
# ncat -v --listen 10009
...
Ncat: Listening on :::10009
Ncat: Listening on 0.0.0.0:10009
Curl on host connects successfully. Hope that helps.
I faced the same error with the docker container running locally on my machine/laptop.
I ran multiple containers and was using the same port number say 8080 for each container run.
After killing all docker process and restarting docker i am now able to connect to the container on the mentioned port 8080 in my case.
$ sudo service docker stop
Warning: Stopping docker.service, but it can still be activated by:
docker.socket
$ sudo service docker start
My Problem is similar to the other two Questions:starting tutorial and Timeout on windows 2016. But none of it resolved my problem. (on my other search I didn't find any articles that could help my case > search timeout)
For any of the following commands:
docker run hello-world
docker pull hello-world
docker login -u user -p pass
I get the same error:
My proxies are correctly set to my cntlm service:
when I try to get the address with curl I get the following answer:
My docker version:
Docker info:
I've tried all the troubleshoot from this link (create a new default docker machine and so on)
Do you have any idea what could I do to download hello-world (or other) container?
Finally I got it:
First of all the client should be the same Version as the Server (now both are 1.13.1)
Second because I am using a Cntlm I have to create a Tunnel to forward my port from the Cntlm configuration.
ssh -R tunnelPort:proxy-Cntlm docker#ip.docker.machine
where:
tunnelPort will be used on the docker-machine (ex: 3000 for 127.0.0.1:3000)
proxy-Cntlm is the ip + port from cntlm.ini (ex: 127.0.0.1:3128)
ip.docker.machine it can be found simply by running docker-machine ls
One more thing! you have to adjust the ~/.ssh/config (at least for cygwin)
Host docker 192.168.99.100
Hostname 192.168.99.100
IdentityFile "path/to/id_rsa"
#on windows it is C:/Users/user/.docker/machine/machines/default/id_rsa when you have a default Machine
I am using boot2docker. I run one image at the daemon mode which starts grunt server at port 3000. This is the command I used to start it up.
That image has already exposed port 3000
docker run -d -P --name dummy image_name grunt server
docker ps
3af4ba19c539 image_name:latest "grunt server" 54 minutes ago Up 54 minutes 0.0.0.0:45000->3000/tcp dummy
and then run into the same container to "curl" the web server.
docker exec -it 3af4ba19c539 /bin/bash
curl localhost:3000
It gets the html.
However, when I try to connect it in my mac pc. It said "Connection refused."
curl $(boot2docker ip):45000
//curl: (7) Failed connect to 192.168.59.103:45000; Connection refused
I try to solve this problem by using VBoxManage, but it is not working either
VBoxManage modifyvm "boot2docker-vm" --natpf1 "tcp-port45000,tcp,,45000,,45000"
May I know how to solve this problem. Many thanks in advance
I need to see the source of your application to be sure, but I'm willing to bet you've bound to the local loopback interface (127.0.0.1 or localhost) in your application. If you instead bind to 0.0.0.0 to listen to all interfaces, you should find it is accessible from the outside.
I have a docker daemon started in the host machine listen to some ip address and port, say 10.10.10.10, and port 1234, then I start a container by invoking
sudo docker -H 10.10.10.10:1234 centos /bin/bash
Meanwhile, I have a web service runnig on the host machine, running on the port 8080. Then from inside the container, I cannot connect to this server. I tried
curl http://10.10.10.10:8080
but got an error message:
curl: (7) couldn't connect to host
But I can access the server in other machines, like http://10.10.10.11:8080
It seems that docker container cannot access the service in its own host machine? Is there anyway to fix this? Thanks
That was discussed in issue 1143 and there might be one day a --link-host option.
In the meantime, the blog post "Accessing the Docker Host Server Within a Container" lists a few option:
The Gateway Approach: netstat -nr | grep '^0\.0\.0\.0' | awk '{print $2}'
The IP Approach: boot2docker ip address is 192.168.59.103.
Although there’s no way to introspect the host’s ip address (AFAIK) you can pass this in via an environment variable:
docker#boot2docker:~$ docker run -i -t -e DOCKER_HOST=192.168.59.103 ubuntu /bin/bash
root#07561b0607f4:/# env
HOSTNAME=07561b0607f4
DOCKER_HOST=192.168.59.103
You have other options in "Network Configuration", with the virtual interface named docker0 on the host machine.