am having a confussion (I think) regarding how to manage ports and TCP connections in docker. Currently I have a server A that is running some dockers containers, I am more interested in a application that s running in the port 4444, when I type docker container ls I get:
4d2c0db7e23c oryd/hydra:latest "/bin/sh" 27 minutes ago Up 27 minutes 4444/tcp, 0.0.0.0:9010->4445/tcp determined_snyder
7c586393ef61 oryd/hydra:latest "/bin/sh -c '/go/b..." 34 minutes ago Up 34 minutes 0.0.0.0:9000->4444/tcp someContainer
So, 1) I dont know how it's read 4444/tcp, 0.0.0.0:9010->4445/tcp what it means?
Then,I have a Server B with others apps (not docker) that are trying to connect to the container that is listening in the port 4444, but I get:
connectex: No connection could be made because the target machine actively refused it.
2) it's really the app running in the port 4444? that's why am interested in how to read the point 1
I must say that I typed in the server A this: sudo lsof -i -P -n and the only registers related with docker show this:
docker-pr 15057 root 4u IPv6 486152035 0t0 TCP *:9000 (LISTEN)
docker-pr 15224 root 4u IPv6 486156778 0t0 TCP *:9010 (LISTEN)
So, 1) I dont know how it's read 4444/tcp, 0.0.0.0:9010->4445/tcp what
it means?
This means that port 4445 from the container will be available as port 9010 on the host server from any interface.
To access your container from Server B, you should use the following: hostname-of-container-host:9010
If you want the service to be available from port 4445 of the host, you need to use -p 4445:port-of-the-service-from-the-container
Related
Trying investigate my issue with docker container. I lost a day when I thought that issue is in nodejs code (it has server and I am trying to connect to this server).
After investigations I found interesting thing for me.
For example - Lets run some test docker image:
docker run -p 888:888 -it ubuntu:16 /bin/bash
After that, prepare and install "simple server to listen our port":
apt-get update
apt-get install -y netcat
nc -l 888
After that I going to try to telnet localhost 888 from my system and got telnet: connect to address 127.0.0.1: Connection refused. The same with nodejs image.
But if you try to use, for example, nginx container -
docker run -p 888:888 -it nginx /bin/bash
I will be successfull:
$telnet 127.0.0.1 888
Trying 127.0.0.1...
Connected to localhost.
How it is possible, what I am missing? Why I can bind and use any port in nginx but not for other images?
When you run nc -l 888, you are creating a port that is listening explicitly for IPv4 connections. If we run ss -tln, we will see:
State Recv-Q Send-Q Local Address:Port Peer Address:Port Process
LISTEN 0 1 0.0.0.0:888 0.0.0.0:*
When you run telnet localhost 888 on your host, there's a good chance it's trying to connect to the IPv6 localhost address, ::1. This connection fails if you're trying to connect an IPv4-only socket.
If you explicitly use the IPv4 loopback address by typing telnet 127.0.0.1 888, it should work as expected.
If you enable IPv6 support in nc by adding the -6 parameter:
nc -6 -l 8888
Then you get a socket that listen for both IPv4 and IPv6 connections:
State Recv-Q Send-Q Local Address:Port Peer Address:Port Process
LISTEN 0 1 *:888 *:*
And if you attempt to connect to this socket using telnet localhost 888, it will work as expected (as will telnet 127.0.0.1 888).
Most programs (like nginx) open multi-protocol sockets by default, so this isn't normally an issue.
I installed docker using snap (during the install process of 22.04) and it was working fine, and all my containers were spun up using docker run ...
This was until I installed docker-compose using apt later on. When I attempted to bring up containers with docker-compose I would get errors stating that the port was already in use.
So I then checked what program/command was using these ports:
sudo lsof -i :9091:
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
docker-pr 1883 root 4u IPv4 28696 0t0 TCP *:9091 (LISTEN)
docker-pr 1890 root 4u IPv6 27395 0t0 TCP *:9091 (LISTEN)
sudo netstat -pna | grep 9091
tcp 0 0 0.0.0.0:9091 0.0.0.0:* LISTEN 1883/docker-proxy
tcp6 0 0 :::9091 :::* LISTEN 1890/docker-proxy
This showed that my container was still somehow running, as the port was in use. However, when running docker ps -a no containers were running...
The commands above all pointed towards docker-proxy, what is this service? Also, why is it so under the radar that docker itself can't even stop the container with commands like: docker rm $(docker ps -aq)? Also, not sure why my container became invisible and was unable to stop it without stopping the docker service entirely.
I am trying to follow a tutorial for Docker beginners (https://docs.docker.com/get-started/)
When I try to run this command:
$ docker run -d -p 80:80 docker/getting-started
I get this Error:
docker: Error response from daemon: driver failed programming external connectivity on endpoint suspicious_murdock (863f389a032ea76d187c4387701b9eb0b6d4de4d0a9ed414616fa6b4715346ab): Error starting userland proxy: listen tcp4 0.0.0.0:80: bind: address already in use.
I tried removing all the dockers docker rm -fv $(docker ps -aq) but it did nothing.
What can I do?
I had to stop apache2 from running on port :80 - sudo service apache2 stop
Or you can use a different port like docker run -d -p 8080:80 docker/getting-started. This way you do not need to stop the apache2 running on the host.
In case you change ports and still encounter the same problem especially on Ubuntu 18 try stopping your apache serve and mysql/mariadb port if you further encounter mysql/mariadb port already been used.
Try these two commands.
sudo service apache2 stop
sudo service mysql stop
sudo service mariadb stop
why is this error showing?
This error means that you have a process listening to port 80 (the default HTTP port). This is probably a server of some sorts like apache/nginx/lighttpd.
Other answers suggest closing a database (mysql/mariadb), but - if configured correctly - they will be using a different port (most often 3306). This means that stopping your database will probably not solve the issue, since they are not using port 80.
how to find out what is causing this?
from here:
In a terminal type (with sudo, so it also shows root processes):
sudo lsof -i :80
you should get something like this:
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
lighttpd 1713 www-data 4u IPv6 36989 0t0 TCP *:http (LISTEN)
lighttpd 1713 www-data 5u IPv4 36990 0t0 TCP *:http (LISTEN)
firefox-b 23384 your-user 150u IPv4 122957 0t0 TCP pop-os:37322->ef-in-f94.1e100.net:http (ESTABLISHED)
firefox-b 23384 your-user 174u IPv4 122155 0t0 TCP pop-os:37314->ef-in-f94.1e100.net:http (ESTABLISHED)
Note the (LISTEN) vs (ESTABLISHED) at the end. (LISTEN) is the culprit here, caused by the command lighttpd, which is a server. Also, the USER of lighttpd is www-data, which is not you, so it would not show without sudo.
Now, to stop it, use:
sudo service stop lighttpd
where you replace lighttpd with whatever the command is (of course you kind of want to know what you're doing here, since you don't accidentally want to pull your website offline).
I want to get a Laravel application running in Docker, but am failing at the first hurdle, I have tried to use the docker/getting started Docker image with the following command but am getting the below blockage.
$docker run -p 80:80 docker/getting-started
docker: Error response from daemon: Ports are not available: listen tcp 0.0.0.0:80: bind: address already in use.
Listing out what is running is here:
$sudo lsof -i :80
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
nginx 143 root 6u IPv4 0x17106caf335097c7 0t0 TCP localhost:http (LISTEN)
nginx 10145 Jeremyrrsmith 6u IPv4 0x17106caf335097c7 0t0 TCP localhost:http (LISTEN)
nginx 10218 Jeremyrrsmith 6u IPv4 0x17106caf335097c7 0t0 TCP localhost:http (LISTEN)
nginx 10296 Jeremyrrsmith 6u IPv4 0x17106caf335097c7 0t0 TCP localhost:http (LISTEN)
nginx 10372 Jeremyrrsmith 6u IPv4 0x17106caf335097c7 0t0 TCP localhost:http (LISTEN)
From what I read I needed to kill whatever was running on port 80, so have killed them (exception of 143 which errors), but they restart with a new PID. Should I actually be killing these?
The
Docker: Error response from daemon: Ports are not available: listen tcp 0.0.0.0:80: bind: address already in use. error is causing me a headache.
netstat -ltnp | grep 80 is a common command to run according to other threads, but i get netstat: option requires an argument -- p as a response. Having read into that, is that the first is a Linux command (was not clear to me in other threads). I'm on a Mac. lsof -n -i4TCP:80 | grep LISTEN is the command on mac (hope it helps others). That provides
nginx 10145 Jeremyrrsmith 6u IPv4 0x17106caf335097c7 0t0 TCP 127.0.0.1:http (LISTEN)
nginx 10218 Jeremyrrsmith 6u IPv4 0x17106caf335097c7 0t0 TCP 127.0.0.1:http (LISTEN)
nginx 10296 Jeremyrrsmith 6u IPv4 0x17106caf335097c7 0t0 TCP 127.0.0.1:http (LISTEN)
nginx 10372 Jeremyrrsmith 6u IPv4 0x17106caf335097c7 0t0 TCP 127.0.0.1:http (LISTEN)
I kill these PID and they just restart with a new PID, I don't think that I need them, but are they system related? How do I kill them for good and are they actually blocking me from using port 80 for Docker?
The easiest and most common way around used ports is using a different port-mapping e.g.
docker run -p 8080:80 docker/getting-started and accessing via localhost:8080
If you want to use port 80 you probably have to stop the nginx service rather than killing the process.
I think it's laravel valet. I have just $valet stop which i think has solved it. As lsof -n -i4TCP:80 | grep LISTEN now returns nothing and running the docker command has set up a container. So port 80 was blocked by nginx, which was added by laravel valet, and to use port 80 you need to stop valet, and restart it when you dont need the port anymore. I think.
You have nginx running on your device which is blocking port 80, just as you said yourself.
Have you installed nginx yourself?
Is it installed as a system service, that is started automatically when you power up your device?
If it runs as a system service, you probably will need to gradually shut it down using the appropriate system command, instead of trying to kill the processes. I don't know what the command for this is on Mac, but you will find out if you search for it.
On linux, depending on your system, this could e.g. be systemctl stop nginx.
Do you know where the nginx process comes from?
Docker nginx port issue: By default ubuntu install apache which run in 80 port.This can happen also for nginx. So follow same process.
sudo /etc/init.d/apache2 stop
docker-compose.yml file
nginx:
build:
context: .
dockerfile: ./Dockerfile
ports:
- '80:80'
volumes:
- static_volume:/home/pos/static/
- ./docker/nginx/development:/etc/nginx/conf.d
I am new to restcomm, and just followed the get started guide to set up the docker, but found out the websocket connection cannot be established.
WebSocket connection to 'wss://mydomainname:5063/' failed: Error in connection establishment: net::ERR_CONNECTION_TIMED_OUT
WSMessageChannel.createWebSocket # jain-sip.js:25448
jain-sip.js:25466 WSMessageChannel:createWebSocket(): websocket connection has failed:[object Event]
websocket.onerror # jain-sip.js:25466
WebRTComm.js:1561 PrivateJainSipClientConnector:processConnectionError(): SIP connection has failed, error:[object Event]
And I checked the port using lsof -i TCP:5063, the port is listened
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
docker-pr 10420 root 4u IPv6 5902547 0t0 TCP *:5063 (LISTEN)
and when I issue docker ps, I got
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
263bad288971 restcomm/restcomm:stable "/sbin/my_init" 10 hours ago Up 10 hours 0.0.0.0:80->80/tcp, 0.0.0.0:443->443/tcp, 5080-5083/tcp, 8080/tcp, 0.0.0.0:5060-5063->5060-5063/tcp, 0.0.0.0:5060->5060/udp, 5080/udp, 0.0.0.0:9990->9990/tcp, 0.0.0.0:65000-65050->65000-65050/udp, 8443/tcp, 65051-65535/udp restcomm-myInstance
I have tried set STATIC_ADDRESS to both public IP and ethernet IP, but it did not work. Anyone can help me out?
I found out the reason, my cloud provider blocks some ports and it works when I open these ports