Docker error connecting to host mysql - docker

Docker version 17.03.1-ce, build c6d412e
OS: Ubuntu
I am trying to connect to host mysql from the docker container. but i am getting this error.
Error: connect ECONNREFUSED 0.0.0.0:3306
I am getting same for mysql if i use mysql container. Tried 127.0.0.1 and localhost also.
version: '2'
services:
### Applications Code Container
#############################
applications:
image: tianon/true
volumes:
- ${APPLICATION}:/var/www/html
apache2:
build:
context: ./apache2
volumes_from:
- applications
volumes:
- ${APACHE_HOST_LOG_PATH}:/var/log/apache2
- ./apache2/sites:/etc/apache2/sites-available
ports:
- "${APACHE_HOST_HTTP_PORT}:80"
- "${APACHE_HOST_HTTPS_PORT}:443"
networks:
- frontend
- backend
node:
build:
context: ./node
volumes_from:
- applications
ports:
- "4000:30001"
networks:
- frontend
- backend
### MySQL Container #########################################
mysql:
build:
context: ./mysql
environment:
- MYSQL_DATABASE=${MYSQL_DATABASE}
- MYSQL_USER=${MYSQL_USER}
- MYSQL_PASSWORD=${MYSQL_PASSWORD}
- MYSQL_ROOT_PASSWORD=${MYSQL_ROOT_PASSWORD}
volumes_from:
- applications
volumes:
- ${DATA_SAVE_PATH}/mysql:/var/lib/mysql
- ./mysql/docker-entrypoint-initdb.d:/docker-entrypoint-initdb.d
ports:
- "${MYSQL_PORT}:3306"
networks:
- backend
### Networks Setup ############################################
networks:
frontend:
driver: "bridge"
backend:
driver: "bridge"
### Volumes Setup #############################################
volumes:
mysql:
driver: "local"
mongo:
driver: "local"
node:
driver: "local"
apache2:
driver: "local"

Instead of using 0.0.0.0, 127.0.0.1 or localhost, you should use your host machine's IP. This is because each container is a individual node in the network.
Or if you can inspect your MySQL container, and get the IP of it, you can use the IP as well, since they are on the same network.

Related

Use docker compose to connect API to database

I have the below docker-compose.yaml:
version: "3.9"
services:
server:
depends_on:
- db
build:
context: .
container_name: grpc-server
hostname: grpc-server
networks:
- mynet
ports:
- 8080:8080
deploy:
restart_policy:
condition: on-failure
db:
image: postgres
container_name: postgres-db
hostname: postgres
networks:
- mynet
volumes:
- ./data/db:/var/lib/postgresql/data
environment:
- POSTGRES_DB=postgres
- POSTGRES_USER=postgres
- POSTGRES_PASSWORD=postgres
ports:
- 5432:5432
networks:
mynet:
driver: bridge
However my server container logs are indicating it can't connect to the db.
[error] failed to initialize database, got error dial tcp 127.0.0.1:5432: connect: connection refused
I'm assuming I need to inject the db path into the server somehow via the mynet?
It looks like your grpc-server container tries to connect to the database using the address 127.0.0.1:5432.
By default, docker compose creates a virtual network where each container is addressed using it's service name. However, you've overridden that by specifying hostname: postgres for your database container.
So your grpc-server needs to connect to the database using the address postgres:5432 rather than 127.0.0.1:5432.

docker compose: restrict internet access

I want to run with a container that is a copy of a production container, so I want to restrict access to the internet to prevent that call production servers.
But I need to access the container from the host machine with internet access
This is what I am trying to do:
version: '2.1'
services:
proxy:
image: traefik
command: --api.insecure=true --providers.docker
networks:
- no-internet
- internet
ports:
- "80:80"
- "8080:8080"
volumes:
- /var/run/docker.sock:/var/run/docker.sock
prod-service:
image: ....
depends_on:
- db
ports:
- "8094:8094"
labels:
- "traefik.http.routers.blog.rule=Host(`localhost`)"
- "traefik.port=8094"
networks:
- no-internet
db:
container_name: db
image: postgres:11
hostname: ap-db
expose:
- 5433
ports:
- 5433:5432
environment:
- POSTGRES_USER=postgres
- POSTGRES_PASSWORD=postgres
networks:
- no-internet
- internet
networks:
internet:
driver: bridge
no-internet:
internal: true
driver: bridge
But the trafic configuration is not working for me.
What is the best option to do this?
the answers I found do not take into account the access from the host machine, the container without internet is isolated
I appreciate any advice

multiple docker compose files with traefik (v2.1) and database networks

I would like to build a docker landscape. I use a container with a traefik (v2. 1) image and a mysql container for multiple databases.
traefik/docker-compose.yml
version: "3.3"
services:
traefik:
image: "traefik:v2.1"
container_name: "traefik"
restart: always
command:
- "--log.level=DEBUG"
- "--api=true"
- "--api.dashboard=true"
- "--providers.docker=true"
- "--providers.docker.exposedbydefault=false"
- "--providers.docker.network=proxy"
- "--entrypoints.web.address=:80"
- "--entrypoints.websecure.address=:443"
- "--entrypoints.traefik-dashboard.address=:8080"
- "--certificatesresolvers.devnik-resolver.acme.httpchallenge=true"
- "--certificatesresolvers.devnik-resolver.acme.httpchallenge.entrypoint=web"
#- "--certificatesresolvers.devnik-resolver.acme.caserver=https://acme-staging-v02.api.letsencrypt.org/directory"
- "--certificatesresolvers.devnik-resolver.acme.email=####"
- "--certificatesresolvers.devnik-resolver.acme.storage=/letsencrypt/acme.json"
ports:
- "80:80"
- "443:443"
- "8080:8080"
volumes:
- "./letsencrypt:/letsencrypt"
- "./data:/etc/traefik"
- "/var/run/docker.sock:/var/run/docker.sock:ro"
networks:
- "proxy"
labels:
- "traefik.enable=true"
- "traefik.http.routers.traefik.rule=Host(`devnik.dev`)"
- "traefik.http.routers.traefik.entrypoints=traefik-dashboard"
- "traefik.http.routers.traefik.tls.certresolver=devnik-resolver"
#basic auth
- "traefik.http.routers.traefik.service=api#internal"
- "traefik.http.routers.traefik.middlewares=auth"
- "traefik.http.middlewares.auth.basicauth.usersfile=/etc/traefik/.htpasswd"
#Docker Networks
networks:
proxy:
database/docker-compose.yml
version: "3.3"
services:
#MySQL Service
mysql:
image: mysql:5.7
container_name: mysql
restart: always
ports:
- "3306:3306"
volumes:
#persist data
- ./mysqldata/:/var/lib/mysql/
- ./init:/docker-entrypoint-initdb.d
networks:
- "mysql"
environment:
MYSQL_ROOT_PASSWORD: ####
TZ: Europe/Berlin
#Docker Networks
networks:
mysql:
driver: bridge
For the structure I want to control all projects via multiple docker-compose files. These containers should run on the same network as the traefik container and some with the mysql container.
This also works for the following case (but only sometimes)
dev-releases/docker-compose.yml
version: "3.3"
services:
backend:
image: "registry.gitlab.com/devnik/dev-releases-backend/master:latest"
container_name: "dev-releases-backend"
restart: always
volumes:
#laravel logs
- "./logs/backend:/app/storage/logs"
#cron logs
- "./logs/backend/cron.log:/var/log/cron.log"
labels:
- "traefik.enable=true"
- "traefik.http.routers.dev-releases-backend.rule=Host(`dev-releases.backend.devnik.dev`)"
- "traefik.http.routers.dev-releases-backend.entrypoints=websecure"
- "traefik.http.routers.dev-releases-backend.tls.certresolver=devnik-resolver"
networks:
- proxy
- mysql
environment:
TZ: Europe/Berlin
#Docker Networks
networks:
proxy:
external:
name: "traefik_proxy"
mysql:
external:
name: "database_mysql"
As soon as I restart the containers in dev-releases/ via docker-compose up -d I get the typical error "Gateway timeout" when calling them in the browser.
As soon as I comment the network networks: #- mysql and restart the docker-compose in dev-releases/ it works again.
My guess is that I have not configured the external networks correctly. Is it not possible to use 2 external networks?
I'd like some container have access to the 'mysql' network but it should not be accessible for the whole traefik network.
Let me know if you need more information
EDIT (26.03.2020)
I make it running.
I put all my containers into one network "proxy". It seems mysql also have to be in the proxy network.
So I add following to database/docker-compose.yml
networks:
proxy:
external:
name: "traefik_proxy"
And removed the database_mysql network out of dev-releases/docker-compose.yml
based on the names of the files, your mysql network should be mysql_mysql.
you can verify this by executing
$> docker network ls
You are also missing a couple of labels for your services such as
traefik command line
- '--providers.docker.watch=true'
- '--providers.docker.swarmMode=true'
labels
- traefik.docker.network=proxy
- traefik.http.services.dev-releases-backend.loadbalancer.server.port=yourport
- traefik.http.routers.dev-releases-backend.service=mailcatcher
You can check this for more info

Connecting 2 docker containers to the same TCP/IP or UNIX socket

I have 2 docker containers and I would like to deploy them using Ansible. They are deployed in the same host. Also, I need these 2 docker containers to communicate with each other via socketing either it's a TCP/IP socket or UNIX domain socket. However, I do not know what is the best practice to allow them to do so.
You could check network settings in docker-compose command
https://docs.docker.com/compose/networking/
I have a running Zabbix configured in this way, in which I had to set-up static IPs in order to link all the 3 containers in a stable way even after a server restart.
Network details are at the bottom.
version: '2'
services:
zabbix-server4:
container_name: zabbix-server4
image: zabbix/zabbix-server-mysql:alpine-4.0.5
networks:
zbx_net:
aliases:
- zabbix-server4
ipv4_address: 172.16.238.5
zabbix-web4:
container_name: zabbix-web4
image: zabbix/zabbix-web-nginx-mysql:alpine-4.0.5
ports:
- 127.0.0.1:11011:80
links:
- zabbix-server4
networks:
zbx_net:
aliases:
- zabbix-web4
ipv4_address: 172.16.238.10
zabbix-agent4:
container_name: zabbix-agent4
image: zabbix/zabbix-agent:alpine-4.0.5
links:
- zabbix-server4
networks:
zbx_net:
aliases:
- zabbix-agent4
ipv4_address: 172.16.238.15
networks:
zbx_net:
driver: bridge
driver_opts:
com.docker.network.enable_ipv6: "false"
ipam:
driver: default
config:
- subnet: 172.16.238.0/24
gateway: 172.16.238.1

Docker bind host to container

I have two containers nginx and php how to configure docker-compose so when I make wget http://example.com from inside php container this host should point to nginx container
Map your nginx port to host port.
If you host has name example.com and nginx runs on 8080 port, set up your docker-compose like
nginx:
image: nginx
hostname: nginx
ports:
- "8080:80"
In this case request to http://example.com will be really executed as http://nginx:8080.
I've specified static ips for my containers in docker-compose.yml and added extra_host:
services:
nginx:
image: nginx
ports:
- "8200:80"
- "8201:443"
volumes:
- .:/var/www/html
networks:
test:
ipv4_address: 10.5.0.5
php:
build: ./docker/php
volumes:
- .:/var/www/html
environment:
APP_ENV: "dev"
networks:
test:
ipv4_address: 10.5.0.6
extra_hosts:
- "example.com:10.5.0.5"
networks:
test:
driver: bridge
ipam:
config:
- subnet: 10.5.0.0/16

Resources