I've been following this tutorial for beginners about docker which basically instructs you to create an apache container and map a localhost port to the one on the container.
when I try localhost:80 it doesn't connect, although the container is up and running.
I even made a rule in the firewall to allow connection to port 80, but couldn't get connected to the localhost.
Any ideas ?
On Windows/OS X, Docker is running inside a Linux virtual machine (Docker Toolbox) with a default IP address of 192.168.99.100. Thus, when you use docker run -p 80:80 to bind the container port to host port, it in fact binds to the virtual machine's port 80. Thus the address you need is http://192.168.99.100.
The 172.17.0.3 address is the address of the docker container inside that virtual machine, and is not accessible directly from Windows/OS X.
Add a line to your DockerFile before restarting apache.
RUN echo 'ServerName localhost' >> /etc/apache2/apache2.conf
I stumbled upon this question as I was looking for a way to bind my local HTTP port (80) to the HTTP port of my container, an Apache container running on Docker Desktop for Windows - through WSL2 (this is important)
I couldn't find a quick and easy way to do this, so I figured it out myself.
What you must do is bind your local port (on Windows) to the port on WSL.
Here is how I did it :
$wsl_ip = (wsl -d "docker-desktop" -- "ifconfig" "eth0" "|" "grep" "inet addr:").trim("").split(":").split()[2]
netsh interface portproxy add v4tov4 listenport=443 listenaddress=0.0.0.0 connectport=443 connectaddress=$wsl_ip
netsh interface portproxy add v4tov4 listenport=80 listenaddress=0.0.0.0 connectport=80 connectaddress=$wsl_ip
You can either create a Powershell Script (.ps1) and run it with Powershell, or copy/paste each command line into Windows Terminal / Powershell running with Administrator Privileges.
What this does is :
attach to the "docker-desktop" distribution running in WSL2 2
run "ifconfig eth0 | grep inet addr:" to get the local IP address of
the "virtual machine"
parse the result, and use Netsh to
create a portproxy between port 80 of your Windows machine and port
80 of your Linux machine. Same is done for port 443. You can easily
map other ports if you understand what the command is doing.
More explanation :
Since Docker for Windows 10/11 uses WSL2, when you expose a port (through docker-compose or with an EXPOSE command in your Dockerfile), it is exposed to a Linux Distribution called "docker-desktop" that is ran with WSL2. For some reason, ports 80 and 443 that are exposed from a container are NOT forwarded to the host.
The official documentation acknoledges some issues but their solution is just to use another port (for example, 8080 mapped to 80).
Issues with this method :
Each time you reboot your system (or WSL2), the Linux machine gets assigned a new IP and you have to do it again. What you could do is setup a command to run when your container starts that connects through ssh to the host and runs the script, but I'm too lazy to have done it myself.
Related
I am trying to create an application for a server that runs in a docker container and can be accessed over the network via an IP address. However, I can't get it to connect with anything other than localhost:port.
I am using Docker for Windows on Windows 10 with Linux Containers.
To keep it simple, I am currently trying to achieve this effect with a simple apache server.
I am using this dockerfile:
FROM ubuntu:12.04
RUN apt-get update
RUN apt-get install -y apache2
ENV APACHE_RUN_USER www-data
ENV APACHE_RUN_GROUP www-data
ENV APACHE_LOG_DIR /var/log/apache2
RUN echo 'Hello, docker' > /var/www/index.html
ENTRYPOINT ["/usr/sbin/apache2"]
CMD ["-D", "FOREGROUND"]
I can build and run it (via docker run -p 8080:80 apache-server), and access the apache server from my local windows machine's webbrowser via localhost:8080. In that case, the "hello docker"-Apache starting page is displayed, as intended.
However, I have not been able to access it using an actual IP address (other than 127.0.0.1, of course).
Addresses I tried are:
The local network address of my computer in my home network
The Subnet Address (10.0.75.0) and Mask (255.255.255.240) in the Docker for Windows Network settings
My public IP Address
None of these have worked.
Ideally, I would like to be able to access the containerized apache server from anywhere within my local network, and very ideally, I would also like to access it from outside the network.
How can I achieve this?
Edit:
I found out a way to connect to the Apache server from my local machine. Using the following Address in a web browser works: http://10.0.75.1:8080/.
If I understand it correctly, that's the subnet address.
However, I still have no idea how I can connect to the Apache-server in the container from another machine in the network. What I am looking for is for an IP address that I can input into a web browser, and that will display the "hello docker" apache-page.
I have the following setup:
A Windows 10 Pro Laptop ("Win10Laptop") that has a Windows 10 Pro VM ("Win10VM") running on Hyper-V. I have created an nginx container by running the following command on the host machine:
docker run -d -p 80:80 --name webserver nginx
While the container is running I can access http://localhost from Win10Laptop and this works fine. My question is what do I need to configure to access nginx from Win10VM? Win10VM has only one network adaptor which is configured to use the "External" Vswitch connected to my Wifi interface.
Let me know if you need any more details. I've tried all sorts and can't figure it out!
Thanks,
Michael
You need to connect to the IP the VM has acquired on the External switch. Run ipconfig inside the VM to see what IP it has, then open http://<vm-ip> from your host.
I recently started using docker toolbox on windows and its been quite a hard experience. A lot of things are different compared to running docker on linux as here docker is actually running inside virtual machine.
one of the issues i was still not able to resolve is how to create reverse ssh tunnel to my docker-toolbox VM and bind it to 0.0.0.0 (or to docker0 interface)
i have docker toolbox 1.10.2 and am running windows 7.
motivation: I have mysql server running on my windows machine and i would like to connect to it from my docker containers.
problem: i first tried connecting directly to 192.168.99.1 (the ip of my host windows box inside my containers) ... however that doesnt work. i think the reason is that my windows box is blocking all external connections to it. i cant change windows firewall settings as those are managed by domain.
workaround: i setup ssh connection to my VM (boot2docker inside virtualbox) with putty and i try to setup reverse proxy:
i check the "Remote ports do the same" under SSH tunnels in putty
source port i enter 0.0.0.0:3306
destination i enter localhost:3306
i check "remote" radio button
i then ssh to boot2docker ... netstat -natp | grep 3306 shows me its actually bound to 127.0.0.1
i opened /usr/local/etc/ssh/sshd_config
i set GatewayPorts yes
i restard sshd with /usr/local/etc/init.d/openssh restart
i get disconnected ... when i create new connection and netstat -natp | grep 3306 i see 3306 is still bound to 127.0.0.1 only
same settings in putty (and in sshd_config) work on my debian box ... but not inside boot2docker.
any idea whats wrong ? thanks a lot.
I have used these instructions for Running Gui Apps with Docker to create images that allow me to launch GUI based applications.
It all works flawlessly when running Docker on the same machine, but it stops working when running it on a remote host.
Locally, I can run
docker --rm --ti -e DISPLAY -e <X tmp> <image_name> xclock
And I can get xclock running on my host machine.
When connecting remotely to a host with XForwarding, I am able to run X applications that show up on my local X Server, as anyone would expect.
However if in the remote host I try to run the above docker command, it fails to connect to the DISPLAY (usually localhost:10.0)
I think the problem is that the XForwarding is setup on the localhost interface of the remote host.
So the docker host has no way to connect to DISPLAY=localhost:10.0 because that localhost means the remote host, unreachable from docker itself.
Can anyone suggest an elegant way to solve this?
Regards
Alessandro
EDIT1:
One possible way I guess is to use socat to forward the remote /tmp/.X11-unix to the local machine. This way I would not need to use port forwarding.
It also looks like openssh 6.7 will natively support unix socket forwarding.
When running X applications through SSH (ssh -X), you are not using the /tmp/.X11-unix socket to communicate with the X server. You are rather using a tunnel through SSH reached via "localhost:10.0".
In order to get this to work, you need to make sure the SSH server supports X connections to the external address by setting
X11UseLocalhost no
in /etc/ssh/sshd_config.
Then $DISPLAY inside the container should be set to the IP address of the Docker host computer on the docker interface - typically 172.17.0.1. So $DISPLAY will then be 172.17.0.1:10
You need to add the X authentication token inside the docker container with "xauth add" (see here)
If there is any firewall on the Docker host computer, you will have to open up the TCP ports related to this tunnel. Typically you will have to run something like
ufw allow from 172.17.0.0/16 to any port $TCPPORT proto tcp
if you use ufw.
Then it should work. I hope it helps. See also my other answer here https://stackoverflow.com/a/48235281/5744809 for more details.
I am trying to execute the container named redis which is running right now.But the error Could not connect to Redis at redis:6379: Name or service not known. Any one please hell me to figure out the issue and fix it.
This is because both the containers are not in same network, Add a network property inside service name and make sure its same for both
redis:
networks:
- redis-net
Naming the container doesn't alter your hosts file or DNS, and depending on how you ran the container it may not be accessible via the standard port as Docker does port translation.
Run docker inspect redis and examine the ports output, it will tell you what port it is accessible on as well as the IP. Note, however, that this will only be connectable over that IP from that host. To access it from off of the host you will need to use the port from the above command and the host's IP address. That assumes your local firewall rules allow it, which are beyond the scope of this site.
Try below command
src/redis-cli -h localhost -p 6379