I'm trying to start docker container with docker's Remote API. I could able to start the container but unable to expose and map the container's port to host port.
I need Remote API JSON for following ssh command
docker run -i -t --expose 80 -p 80:80 my_image_nodejs nodejs /var/www/server.js
Right now i'm using below JSON.
{
"Image": "f96f6e304cfcd630ee51af87baf30dfd42cf1f361da873a2f62ce6654d7a4c6b",
"Memory": 0,
"MemorySwap": 0,
"VolumesFrom": "",
"Cmd": [
"nodejs",
"/var/www/server.js",
"-D"
],
"PortBindings": {
"80/tcp": [
{
"HostIp": "0.0.0.0",
"HostPort": "80"
}
]
},
"ExposedPorts": {
"80/tcp": {}
}
}
Thanks in advance
This works for me :
Container create :
ExposedPorts: {"80/tcp": {}, "22/tcp" : {}}
Container start :
PortBindings: {"80/tcp": [{ "HostPort": "80" }],"22/tcp": [{ "HostPort": "22" }]
}
If you know how to set up Env, I've just sent my question :-)
I believe your request should be below:
curl -X POST -H "Content-Type: application/json" -d '{
"AttachStdin":false,"AttachStdout":true,"AttachStderr":true,
"ExposedPorts": { "80/tcp": {}},
"Cmd": [
"nodejs","/var/www/server.js","-D"
],
"HostConfig":{
"PortBindings": { "80/tcp": [{ "HostPort": "80" }] }
},
"Image":"my_image_nodejs",
"Tag":"latest"
}' $DOCKER_DAEMON/containers/create
where $DOCKER_DAEMON is the host listening remote requests.
The PortBindings and ExposedPorts are in different sections. You may want to refer more detail on Docker remote API v1.22.
Hope this helps.
Related
What I am working on:
nginx- openresty with mecached and docker-compose.
from nginx I am able to connect memcached container by specifying resolver = 127.0.0.11, in docker compose it working file.
But when I am deploying it on AWS multi container beanstalk I am getting time out error
failed to connect: memcache could not be resolved (110: Operation timed out)
but from nginx container I am able to ping memcahed.
NGINX.conf
location /health-check {
resolver 127.0.0.11 ipv6=off;
access_by_lua_block {
local memcached = require "resty.memcached"
local memc, err = memcached:new()
if not memc then
ngx.say("failed to instantiate memc: ", err)
return
end
memc: set_timeout(1000) -- 1 sec
local ok, err = memc:connect("memcache", 11211)
if not ok then
ngx.say("failed to connect: ", err)
return
end
DOCKER-COMPOSE.YML
version: "3"
services:
memcache:
image: memcached:alpine
container_name: memcached
ports:
- "11211:11211"
expose:
- "11211"
networks:
- default
nginx:
image: openresty/openresty:alpine
container_name: nginx
volumes:
# Nginx files
- ./nginx/:/etc/nginx/:ro
# Web files
- ./web/:/var/www/web/:ro
entrypoint: openresty -c /etc/nginx/nginx.conf
ports:
- "8080:8080"
networks:
- default
DOCKERRUN.AWS.JSON
{
"AWSEBDockerrunVersion": 2,
"volumes": [
{
"name": "current-nginx",
"host": {
"sourcePath": "/var/app/current/nginx"
}
},
{
"name": "web",
"host": {
"sourcePath": "/var/www/web/"
}
}
],
"containerDefinitions": [
{
"name": "memcache",
"image": "memcached:alpine",
"essential": true,
"memory": 1000,
"portMappings": [
{
"hostPort": 11211,
"containerPort": 11211
}
]
},
{
"name": "nginx",
"image": "openresty/openresty:alpine",
"essential": true,
"memory": 1000,
"entryPoint": [
"openresty",
"-c",
"/etc/nginx/nginx.conf"
],
"links": [
"memcache"
],
"portMappings": [
{
"hostPort": 8080,
"containerPort": 8080
},
{
"hostPort": 80,
"containerPort": 8080
}
],
"mountPoints": [
{
"sourceVolume": "web",
"containerPath": "/var/www/web/",
"readOnly": false
},
{
"sourceVolume": "current-nginx",
"containerPath": "/etc/nginx",
"readOnly": false
}
]
}
]
}
You have a typo:
memc:connect("memcache", 11211)
should be
memc:connect("memcached", 11211)
(you are missing a "d").
I have 2 Spring Boot micro-service applications i.e web application and metastore application. This is the properties file for my web application.
spring:
thymeleaf:
prefix: classpath:/static/
application:
name: web-server
profiles:
active: native
server:
port: ${port:8383}
---
host:
metadata: http://10.**.**.***:5011
Dockerfile for web application:
FROM java:8-jre
MAINTAINER **** <******>
ADD ./ms.console.ivu-ivu.1.0.1.jar /app/
CMD chmod +x /app/*
CMD ["java","-jar", "/app/ms.console.web-web.1.0.1.jar"]
EXPOSE 8383
Dockerfile for metadata application:
FROM java:8-jre
MAINTAINER ******* <********>
ADD config/* /deploy/config/
CMD chmod +x ./deploy/config/*
COPY ./ms.metastore.1.0.1.jar /deploy/
CMD chmod +x ./deploy/ms.metastore.1.0.1.jar
CMD ["java","-jar","./deploy/ms.metastore.1.0.1.jar"]
EXPOSE 5011
I am using Mesos and Marathon for cluster management. The Marathon scripts for metastore is :-
{
"id": "/ms-metastore",
"cmd": null,
"cpus": 1,
"mem": 2000,
"disk": 0,
"instances": 0,
"acceptedResourceRoles": [
"*"
],
"container": {
"type": "DOCKER",
"docker": {
"forcePullImage": true,
"image": "*****/****:ms-metastore",
"parameters": [],
"privileged": true
},
"volumes": [],
"portMappings": [
{
"containerPort": 5011,
"hostPort": 0,
"labels": {},
"protocol": "tcp",
"servicePort": 10000
}
]
},
"networks": [
{
"mode": "container/bridge"
}
],
"portDefinitions": [],
"fetch": [
{
"uri": "file:///etc/docker.tar.gz",
"extract": true,
"executable": false,
"cache": false
}
]
}
Web marathon:
{
"id": "/ms-console",
"cmd": null,
"cpus": 1,
"mem": 2000,
"disk": 0,
"instances": 0,
"acceptedResourceRoles": [
"*"
],
"container": {
"type": "DOCKER",
"docker": {
"forcePullImage": true,
"image": "****/****:ms-console",
"parameters": [],
"privileged": true
},
"volumes": [],
"portMappings": [
{
"containerPort": 8383,
"hostPort": 0,
"labels": {},
"protocol": "tcp",
"servicePort": 10000
}
]
},
"networks": [
{
"mode": "container/bridge"
}
],
"portDefinitions": [],
"fetch": [
{
"uri": "file:///etc/docker.tar.gz",
"extract": true,
"executable": false,
"cache": false
}
]
}
Web application I am connecting to metastore with IP which is hard coded (mentioned in properties). I created docker images for both and run in my server. The metastore server now running in different machine, so my web application is unable to resolve this IP.
All you need to do here is expose 5011 as the host port on the metadata server running on "different machine" using -p -
docker run -d -p 5011:5011 metadata_image ....
Now your web application should be able to access metadata server by using http://$different_machine_ip:5011/
$different_machine_ip = Metadata server IP
However since they need to be tightly coupled, i would suggest you run web app & metadata server on the same machine in case your metadata server is stateless.
I wan to deploy a docker container with marathon, if the docker image without authorized, the image can be pull normally, but when I try to pull an image from repository which need to be authorized, task deploy fail, the response is
Failed to launch container: Failed to run 'docker -H unix:///var/run/docker.sock pull example.com/web:laest': exited with status 1; stderr='Error response from daemon: repository example.com/web not found: does not exist or no pull access '
I changed the permission of /var/run/docker.sock file to 777 on node, and master, but the issue is still appeared, that seems permission is not the root cause for the issue; I try to run "docker login" on the node, and pull the image manually, then the marathon task run correctly, my marathon json like below:
{
"id": "/web",
"cmd": "docker login --username='sam' --passwoer='123456' example.com/web:latest",
"cpus": 0.3,
"mem": 32,
"disk": 0,
"instances": 1,
"env": {
"EMAIL_USE_TLS": "False",
"DATABASE_URI": "mysql://user:123456#RDS:3306/test"
},
"container": {
"type": "DOCKER",
"volumes": [
{
"containerPath": "/data/supervisor/",
"hostPath": "/data/workspace/logs/supervisor/",
"mode": "RW"
}
],
"docker": {
"image": "daocloud.io/gizwits2015/gwaccounts:1.6.0",
"network": "BRIDGE",
"portMappings": [
{
"containerPort": 0,
"hostPort": 0,
"servicePort": 10000,
"protocol": "tcp",
"labels": {}
}
],
"privileged": false,
"parameters": [
{
"key": "add-host",
"value": "RDS:10.66.125.161"
}
],
"forcePullImage": false
}
},
"portDefinitions": [
{
"port": 10000,
"protocol": "tcp",
"name": "default",
"labels": {}
}
]
}
How can I pull the image with authorized with marathon?
You should read: https://mesosphere.github.io/marathon/docs/native-docker-private-registry.html
Follow step 1, and in step 2 replace the uris section with
"fetch" : [
{
"uri" : "https://path.to/file",
"extract" : true,
"outputFile" : "dockerConfig.tar.gz"
}
]
I've written more detailed explanation here: http://blog.itaysk.com/2017/05/22/using-a-custom-private-docker-registry-with-marathon
I have a set of containers running in Windows 10 with Docker, this is the output of docker-compose ps:
> docker-compose ps
Name Command State Ports
--------------------------------------------------------------------------------------------------------------
db_mysql docker-entrypoint.sh mysqld Up 3306/tcp
elk /usr/bin/supervisord -n -c ... Up 0.0.0.0:81->80/tcp
php71-fpm-nginx /config/bootstrap.sh Up 443/tcp, 0.0.0.0:80->80/tcp, 0.0.0.0:9001->9001/tcp
And this is the output of docker inspect:
> docker inspect php71-fpm-nginx
[
{
...
"NetworkMode": "anotherlampdocker_default",
"PortBindings": {
"80/tcp": [
{
"HostIp": "",
"HostPort": "80"
}
],
"9001/tcp": [
{
"HostIp": "",
"HostPort": "9001"
}
]
},
...
"Mounts": [
{
"Source": "/d/Development/www",
"Destination": "/data/www",
"Mode": "rw",
"RW": true,
"Propagation": "rprivate"
},
...
"NetworkSettings": {
"Bridge": "",
"SandboxID": "b96cf4c0f2c17d65659c31982b9200a79cca6f1c214770d31938204c493a6720",
"HairpinMode": false,
"LinkLocalIPv6Address": "",
"LinkLocalIPv6PrefixLen": 0,
"Ports": {
"443/tcp": null,
"80/tcp": [
{
"HostIp": "0.0.0.0",
"HostPort": "80"
}
],
"9001/tcp": [
{
"HostIp": "0.0.0.0",
"HostPort": "9001"
}
]
},
...
"Networks": {
"anotherlampdocker_default": {
"IPAMConfig": null,
"Links": [
"db_mysql:db",
"db_mysql:db_mysql"
],
"Aliases": [
"php-fpm",
"248e8c254eee"
],
"NetworkID": "de1e10b63e6e5050809af59ac4d26b7cb691afd5805d1cf7f0492c702814f34d",
"EndpointID": "ccec71967c6100c5a9f3ad82d82bbb2a371f77e12c493bf05bfd15f2d188ce00",
"Gateway": "172.18.0.1",
"IPAddress": "172.18.0.3",
"IPPrefixLen": 16,
"IPv6Gateway": "",
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": 0,
"MacAddress": "02:42:ac:12:00:03"
}
}
}
}
]
I am trying to access http://localhost but I can't. I've tried also using the container IP meaning http://172.18.0.3 and doesn't work either.
When I say I can't it means the following message:
This site can’t be reached
172.18.0.3 took too long to respond.
The same container works perfectly in Linux.
This is the content of c:\Windows\System32\drivers\etc\hosts file:
# localhost name resolution is handled within DNS itself.
127.0.0.1 localhost
The ports from the container are mapped to the host in the docker-compose.yml file:
services:
php-fpm:
container_name: "php71-fpm-nginx"
build: php-fpm
ports:
- 80:80
- 9001:9001
environment:
PHP_ERROR_REPORTING: 'E_ALL & ~E_DEPRECATED & ~E_NOTICE'
STATUS_PAGE_ALLOWED_IP: '127.0.0.1'
volumes:
- D:\Development\www\:/data/www
What I am missing here?
You can get the docker machine IP and access the application:
1. Using command docker-machine : docker-machine ip
2.or By login to the docker image which is created when you start the docker and getting the eth1 ip
Then try : [docker-machine ip]:[port]
Try login to the php's container and check if the httpd process is running.
Use docker-compose up without -d should help you to see the log from container or use docker-compose logs -f -t after docker-compose up -d
I've got the following ReplicationController JSON defined:
{
"id": "PHPController",
"kind": "ReplicationController",
"apiVersion": "v1beta1",
"desiredState": {
"replicas": 2,
"replicaSelector": {"name": "php"},
"podTemplate": {
"desiredState": {
"manifest": {
"version": "v1beta1",
"id": "PHPController",
"volumes": [{ "name": "wordpress", "path": "/mnt/nfs/wordpress_a", "hostDir": "/mnt/nfs/wordpress_a"}],
"containers": [{
"name": "php",
"image": "internaluser/php53",
"ports": [{"containerPort": 80, "hostPort": 9021}],
"volumeMounts": [{"name": "wordpress", "mountPath": "/mnt/nfs/wordpress_a"}]
}]
}
},
"labels": {"name": "php"}
}},
"labels": {"name": "php"}
}
The container starts correctly when run with "docker run -t -i -p 0.0.0.0:9021:80 -v /mnt/nfs/wordpress_a:/mnt/nfs/wordpress_a:rw internaluser/php53".
/mnt/nfs/wordpress_a is an NFS share, mounted on all of the minions. Each minion has full RW access and I have verified that the share is present.
After creating the pod containers with the Replication Controller, I can see that the volume was never actually bound, and/or incorrectly mounted:
"Volumes": {
"/mnt/nfs/wordpress_a": "/var/lib/docker/vfs/dir/8b5dc8477958f5c1b894e68ab9412b41e81a34ef16dac81f0f9d4884352a90b7"
},
"VolumesRW": {
"/mnt/nfs/wordpress_a": true
}
"HostConfig": {
"Binds": null,
"ContainerIDFile": "",
"LxcConf": null,
"Privileged": false,
"PortBindings": {
"80/tcp": [
{
"HostIp": "",
"HostPort": "9021"
}
]
},
I find it strange that the container believes /mnt/nfs/wordpress_a is mapped to "/var/lib/docker/vfs/dir/8b5dc8477958f5c1b894e68ab9412b41e81a34ef16dac81f0f9d4884352a90b7".
From the kubelet log:
Desired [10.101.4.15]: [{Namespace:etcd Name:c823da9e-4437-11e4-a3b1-0050568421eb Manifest:{Version:v1beta1 ID:c823da9e-4437-11e4-a3b1-0050568421eb UUID:c823da9e-4437-11e4-a3b1-0050568421eb Volumes:[{Name:wordpress Source:}] Containers:[{Name:php Image:internaluser/php53 Command:[] WorkingDir: Ports:[{Name: HostPort:9021 ContainerPort:80 Protocol:TCP HostIP:}] Env:[{Name:SERVICE_HOST Value:10.1.1.1}] Memory:0 CPU:0 VolumeMounts:[{Name:wordpress ReadOnly:false MountPath:/mnt/nfs/wordpress_a}] LivenessProbe: Lifecycle: Privileged:false}] RestartPolicy:{Always:0xa99a20 OnFailure: Never:}}}]
Does anyone have experience with this sort of thing? I've been driving myself crazy troubleshooting this. Thanks!
Solved. The volumes syntax was incorrect.
https://github.com/GoogleCloudPlatform/kubernetes/issues/1446