Docker port mapping not working, "connection refused" - docker

I have a docker container running in Windows, as per the below.
C:\magento2-devbox>docker-compose ps
Name Command State Ports
----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
magento2devbox_db_046616a8b9fbb28b8fe4b01a66076f5e docker-entrypoint.sh mysqld Up 0.0.0.0:32776->3306/tcp
magento2devbox_elastic_046616a8b9fbb28b8fe4b01a66076f5e /docker-entrypoint.sh elas ... Up 0.0.0.0:32771->9200/tcp, 9300/tcp
magento2devbox_rabbit_046616a8b9fbb28b8fe4b01a66076f5e docker-entrypoint.sh rabbi ... Up 15671/tcp, 0.0.0.0:32773->15672/tcp, 25672/tcp, 4369/tcp, 5671/tcp, 0.0.0.0:32774->5672/tcp
magento2devbox_redis_046616a8b9fbb28b8fe4b01a66076f5e docker-entrypoint.sh redis ... Up 6379/tcp
magento2devbox_varnish_046616a8b9fbb28b8fe4b01a66076f5e /usr/local/bin/entrypoint.sh Up 0.0.0.0:32775->6081/tcp
magento2devbox_web_046616a8b9fbb28b8fe4b01a66076f5e /usr/local/bin/entrypoint.sh Up 0.0.0.0:32770->22/tcp, 44100/tcp, 0.0.0.0:32768->5000/tcp, 0.0.0.0:32769->80/tcp, 9000/tcp
However, when i try to reach to http://localhost:32769 which should map to the container web-server I get "connection refused". How can I start debugging what's happening?
Thanks.

I've found the solution. In Windows the container doesn't run on Windows per se, but inside the tocket VM in Virtualbox. Thus you have to run:
C:\magento2-devbox>docker-machine ip
192.168.99.100
And then use that IP to reach the application: http://192.168.99.100:32769 - now it works. In my specific case above, I needed to reach the Varnish IP of the application http://192.168.99.100:32775

Related

How to connect using Docker published ports? Not working after upgrade

Before upgrading my system, I was able to successfully connect to mongo running in a docker container using published ports. After upgrading, as shown in Case #1 connecting via published ports no longer work for me.
Case #1
~  docker run --rm -d -p 27017:27017 mongo:3.6
2594b7e5cbf481526589d221361c853338ff55ecb32d9e02eae17383960e971a
~  docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
2594b7e5cbf4 mongo:3.6 "docker-entrypoint.s…" 4 seconds ago Up 3 seconds 0.0.0.0:27017->27017/tcp dazzling_fermat
Robo3T Logs
Cannot connect to the MongoDB at localhost:27017.
Error:
Network is unreachable. Reason: network error while attempting to run command 'isMaster' on host 'localhost:27017'
~  sudo lsof -i -P -n | grep LISTEN
...
docker-pr 263637 root 4u IPv4 3723123 0t0 TCP *:27017 (LISTEN)
✘  ~  sudo ufw status
Status: inactive
Now I can only connect using the host networking stack.
Case #2
~  docker run --rm -d --network=host mongo:3.6
39929a8d50cc8554d256f7516d039621cd22ed8be86680ac0e1400809464b619
~  docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
39929a8d50cc mongo:3.6 "docker-entrypoint.s…" 5 seconds ago Up 4 seconds admiring_grothendieck
Robo3T Logs
4:13:20 PM Info: Connecting to localhost:27017...
4:13:20 PM Info: Establish connection successful. Connection: localhost
Pre-upgrade:
Linux Mint 19 - Tricia,
Docker version was 19.xx something I believe.
Post Upgrade:
~  lsb_release -a
No LSB modules are available.
Distributor ID: Linuxmint
Description: Linux Mint 20
Release: 20
Codename: ulyana
~  docker --version
Docker version 20.10.7, build 20.10.7-0ubuntu1~20.04.1
I verified there are no running firewalls (UFD, etc), I can connect from container to container when specifying a private docker network for both the server and client. What am I missing? How can I connect using published ports again? Thanks in advance.
Docker on Linux generally uses the host's DNS and modifies your iptables to provide the connectivity between the host and container. If there's a problem with connectivity, in your case the most likely culprits are (in order of likelihood):
DNS entry missing for localhost or wrong IP version target. Try using 127.0.0.1 or ::1 as the hostname instead.
iptables rules are missing. Check the earlier link in my response for remediations and flags that can affect this.
The container might actually have issues starting up. Check the output of docker log <container_id> for errors after you start it. I would say this option is unlikely as things work under host network but don't discount this possibility too quickly.

How to shut down HTTP on httpd docker image

I have created a container running apache2 http server, loaded my certificates and https://mydomain works, however http://mydomain works too, and if I digit on my browser mydomain the browser open http://mydomain. Is there a way to disable http protocol? I use only -p 443:443 while starting the container.
This is my Dockerfile
ARG version=2.4.48-alpine
FROM httpd:$version
LABEL version=1.0
COPY ./public_html/ /usr/local/apache2/htdocs/
# run web traffic over SSL/HTTPS
COPY ./cert/srv.crt /usr/local/apache2/conf/
COPY ./cert/srv.key /usr/local/apache2/conf/
RUN ["sed", "-i", "-e", "'s/^#\(Include .*httpd-ssl.conf\)/\1/'", "-e", "'s/^#\(LoadModule .*mod_ssl.so\)/\1/'", "-e", "'s/^#\(LoadModule .*mod_socache_shmcb.so\)/\1/'", "conf/httpd.conf"]
EXPOSE 443/tcp
and this is the outpuf of docker ps:
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
21678d6321e4 webserver "/bin/sh" 2 hours ago Up About an hour 80/tcp, 0.0.0.0:443->443/tcp webserver
I resolved the issue redirecting http to https exposing also the 80 port.

How do I run containerized Cypress runner against containerized server?

I'm trying to run Cypress tests against containerized Nginx:
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
7c3efd24e6e6 tdd_nginx "/docker-entrypoint.…" 19 minutes ago Up 19 minutes 0.0.0.0:80->80/tcp, :::80->80/tcp tdd_nginx_1
from official docs I learned I can use docker run -it -v $PWD:/e2e -w /e2e -e CYPRESS_baseUrl=host.docker.internal cypress/included:7.7.0
Here I learned about host.docker.internal which is how supposedly Cypress knows to look for localhost in a particular container.
Nginx container has exposed port 80 so I've tried -e CYPRESS_baseUrl=host.docker.internal:80 as well as without specifying port as port 80 is a fallback port in most cases.
error output:
Cypress could not verify that this server is running:
> http://host.docker.internal:80
We are verifying this server because it has been configured as your `baseUrl`.
Cypress automatically waits until your server is accessible before running tests.
We will try connecting to it 3 more times...
We will try connecting to it 2 more times...
We will try connecting to it 1 more time...
Cypress failed to verify that your server is running.
Please start this server and then run Cypress again.
Moving the env variable into cypress.json made no difference:
{
"baseUrl": "host.docker.internal",
"video": false
}
Changed the cypress.json to:
{
"CYPRESS_BASE_URL": "host.docker.internal",
"video": false
}
parsing CYPRESS_BASE_URL as env variable didn't help but putting it into the file did the trick. Strangely, it makes difference.
Thanks goes to #jonrsharpe

map internal port 80 to localhost port 80 in docker

I had ran the docker image and it is showing the following:
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
cbcc0a6d5c1e programming_applicationserver "bin/wait-for-it.sh …" About an hour ago Up About an hour 0.0.0.0:80->80/tcp, 5436/tcp programming_applicationserver_run_3
4cb5bdbb6c1d programming_onlineaccountverifier "bin/wait-for-it.sh …" 5 days ago Up About an hour 127.0.0.1:5435->5435/tcp programming_onlineaccountverifier_1
bf39ba383cec programming_onlineballotregulator "bin/docker_entrypoi…" 5 days ago Up About an hour 8545/tcp, 127.0.0.1:5434->5434/tcp, 30303/tcp programming_onlineballotregulator_1
but when I go to localhost:80 nothing is shown.
What should I do now ?
This is likely due to an error in the application itself and not docker.
To verify that, you can go into the container and make sure the application is port is working reachable:
docker exec -it programming_applicationserver_run_3 bash
Once you are inside the container, try accessing the port using one of the following command:
curl localhost:80
wget localhost:80
If non of these are successful, this would imply that the problem is related to the application and not to docker itself.

Connect to a Service running inside a docker container from outside

I have a service running in a docker container (local machine). I can see the service URL in the Ambari service config.
Now I want to connect to that service using my local development environment.
I found I can connect to that within the container but when I use that URL outside in my local I get connection refused.
Cause: org.apache.http.conn.HttpHostConnectException: Connect to
xx.xx.xx.com:12008 [xx.xx.xx.com/195.169.98.101] failed: Connection refused
How to connect to a service running inside a container from outside?
In my case code execute in my local machine.
If your container has mapped its port on the VM 12008 port, you would need to make sure you have port forwarded 12008 in your VirtualBox connection settings, as I mention in "How to connect mysql workbench to running mysql inside docker?"
VBoxManage controlvm "boot2docker-vm" --natpf1 "tcp-port12008 ,tcp,,12008,,12008"
VBoxManage controlvm "boot2docker-vm" --natpf1 "udp-port12008 ,udp,,12008,,12008"
The question needs more clarification, but I will answer with some assumptions.
I used an Ambari docker image (chose this randomly based on popularity).
Then I started 3 clusters as mentioned and my amb-settings and docker ps looked like this:
anovil#anovil-Latitude-E6440:~/tmp/docker-ambari$ amb-settings
NODE_PREFIX=amb
CLUSTER_SIZE=3
AMBARI_SERVER_NAME=amb-server
AMBARI_SERVER_IMAGE=hortonworks/ambari-server:latest
AMBARI_AGENT_IMAGE=hortonworks/ambari-agent:latest
DOCKER_OPTS=
AMBARI_SERVER_IP=172.17.0.6
CONSUL=amb-consul
CONSUL_IMAGE=sequenceiq/consul:v0.5.0-v6
EXPOSE_DNS=false
DRY_RUN=false
anovil#anovil-Latitude-E6440:~/tmp/docker-ambari$ docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
d2483a74d919 hortonworks/ambari-agent:latest "/usr/sbin/init syste" 20 minutes ago Up 20 minutes amb2
4acaec766eaa hortonworks/ambari-agent:latest "/usr/sbin/init syste" 21 minutes ago Up 20 minutes amb1
47e9419de59f hortonworks/ambari-server:latest "/usr/sbin/init syste" 21 minutes ago Up 21 minutes 8080/tcp amb-server
548730bb1824 sequenceiq/consul:v0.5.0-v6 "/bin/start -server -" 22 minutes ago Up 22 minutes 53/tcp, 53/udp, 8300-8302/tcp, 8400/tcp, 8301-8302/udp, 8500/tcp amb-consul
27c725af6531 sequenceiq/ambari "/usr/sbin/init" 23 minutes ago Up 23 minutes 8080/tcp awesome_tesla
anovil#anovil-Latitude-E6440:~/tmp/docker-ambari$
As of now, I can visit the Ambari server through: http://172.17.0.6:8080/
This works also from my host computer. However, if you want this to be connected from another computer from a similar network, then one option is to have a haproxy which does the redirection from:
localhost:8080 -> 172.17.0.6:8080
So, I created a small haproxy.cfg and Dockerfile to achieve this:
anovil#anovil-Latitude-E6440:~/tmp/docker-ambari$ cat Dockerfile
FROM haproxy:1.6
COPY haproxy.cfg /usr/local/etc/haproxy/haproxy.cfg
anovil#anovil-Latitude-E6440:~/tmp/docker-ambari$ cat haproxy.cfg
frontend localnodes
bind *:8080
mode http
default_backend ambari
backend ambari
mode http
server ambari-server 172.17.0.6:8080 check
anovil#anovil-Latitude-E6440:~/tmp/docker-ambari$ docker build --rm -t ambariproxy .
Sending build context to Docker daemon 9.635 MB
Step 1 : FROM haproxy:1.6
---> af749d0291b2
Step 2 : COPY haproxy.cfg /usr/local/etc/haproxy/haproxy.cfg
---> Using cache
---> 60cdd2c7bb05
Successfully built 60cdd2c7bb05
anovil#anovil-Latitude-E6440:~/tmp/docker-ambari$ docker run -d -p 8080:8080 ambariproxy
63dd026349bbb6752dbd898e1ae70e48a8785e792b35040e0d0473acb00c2834
Now if I say localhost:8080 or MY_HOST_IP:8080 I can see the ambari-server and this should work also from computers in the same network.
Hope I managed to answer your question :)
Thanks,

Resources