CODEWITHSUNDEEP
amazon-web-servicesgoamazon-ec2docker
IvRRimUm
IvRRimUm

Reputation: 1834

Docker - Cant access docker port from outside

So i created a new EC2 Instance and installed docker on it.

I deployed code from ( https://github.com/commonsearch/cosr-front/blob/master/INSTALL.md ) and followed install instructions.

Install was successfull and i started the server:

[ec2-user@ip-172-30-0-127 cosr-front]$ make docker_devserver
docker run -e DOCKER_HOST --rm -v "/home/ec2-user/cosr-front:/go/src/github.com/commonsearch/cosr-front:rw" -w /go/src/github.com/commonsearch/cosr-front -p 9700:9700 -i -t commonsearch/local-front make devserver
mkdir -p build
go build -o build/cosr-front.bin ./server
GODEBUG=gctrace=1 COSR_DEBUG=1 ./build/cosr-front.bin
2016/05/28 16:32:38 Using Docker host IP: 172.17.0.1
2016/05/28 16:32:38 Server listening on 127.0.0.1:9700 - You should open http://127.0.0.1:9700 in your browser!

Well, now when i want to access it from outside, i cant! Not even curl the local server.

When i run docker ps it gives me correct port forwarding: 

[ec2-user@ip-172-30-0-127 ~]$ docker ps
CONTAINER ID        IMAGE                                       COMMAND                  CREATED             STATUS              PORTS                                              NAMES
1a9f77e1eeb1        commonsearch/local-front                    "make devserver"         4 minutes ago       Up 4 minutes        0.0.0.0:9700->9700/tcp                             stoic_hopper
9ff00fe3e70d        commonsearch/local-elasticsearch-devindex   "/docker-entrypoint.s"   4 minutes ago       Up 4 minutes        0.0.0.0:39200->9200/tcp, 0.0.0.0:39300->9300/tcp   kickass_wilson

These are my docker images:

REPOSITORY                                  TAG                 IMAGE ID            CREATED             VIRTUAL SIZE
<none>                                      <none>              3e205118cd3f        17 minutes ago      853.3 MB
<none>                                      <none>              1d233da1fa59        2 hours ago         955.7 MB
debian                                      jessie              ce58426c830c        4 days ago          125.1 MB
commonsearch/local-front                    latest              30de7ab48d43        7 weeks ago         1.024 GB
commonsearch/local-elasticsearch-devindex   latest              b1156ada5a24        11 weeks ago        383.2 MB
commonsearch/local-elasticsearch            latest              808e72f49b4a        3 months ago        355.2 MB

I have tryed disabling ipv6 and all kind of nonsense google offered me, but without success.

Any ideas ?

EDIT:

Also, if i enter the docker container for frontend( using docker exec ), then I CAN PING AND CULR the frontend.

But i cant from the outside( nor ssh, not from my home pc using browser ).

Also my docker version:

Client:
 Version:      1.9.1
 API version:  1.21
 Go version:   go1.4.2
 Git commit:   a34a1d5/1.9.1
 Built:        
 OS/Arch:      linux/amd64

Server:
 Version:      1.9.1
 API version:  1.21
 Go version:   go1.4.2
 Git commit:   a34a1d5/1.9.1
 Built:        
 OS/Arch:      linux/amd64

Upvotes: 4

Views: 6973

Answers (2)

IvRRimUm
IvRRimUm

Reputation: 1834

I made a issue at github as swell and one guy saved the day.

Here's he's response:

Server listening on 127.0.0.1:9700 Your application is listening on localhost. localhost is scoped to the container itself. Thus to be able to connect to it, you would have to be inside the container. To fix, you need to get your application to listen on 0.0.0.0 instead.

Upvotes: 10

Opnauticus
Opnauticus

Reputation: 670

127.0.0.1 is the loopback address for the local (EC2) instance. I just recreated your problem following the same instructions and setting up the server in a docker container on an EC2 instance.

If you open another ssh session to your EC2 instance you CAN curl the loopback address, which just spits out the HTML shown below. 

<!DOCTYPE html><html lang="en"><head><title>
      Common Search
    </title><meta content="/apple-touch-icon-precomposed.png" itemprop="image"><link href="/favicon.ico" rel="shortcut icon"><!-- CSS: This will be replaced in templates.go:preprocessTemplate() by the inline, compiled CSS
              if the file build/static/css/index.css exists --><link rel="stylesheet" href="/css/global.css"/><link rel="stylesheet" href="/css/header.css"/><link rel="stylesheet" href="/css/footer.css"/><link rel="stylesheet" href="/css/hits.css"/><link rel="stylesheet" href="/css/responsive.css"/><!-- ENDCSS --><meta name="viewport" content="width=device-width, initial-scale=1"></head><body  class="full"><header id="h"><div class="about"><a href="https://about.commonsearch.org/" tabindex="1">About</a></div><form id="f" action="/" method="GET" data-init="{&#34;q&#34;:&#34;&#34;,&#34;p&#34;:1,&#34;g&#34;:&#34;&#34;}"><a href="/" id="logo" tabindex="2">Common Search</a><div id="w"><div id="qw"><input id="q" name="q" type="text" size="60" value="" autofocus tabindex="3"/></div><span id="g"><select name="g" tabindex="4"><option  value="ar">AR</option><option  value="de">DE</option><option selected value="en">EN</option><option  value="es">ES</option><option  value="fr">FR</option><option  value="it">IT</option><option  value="ja">JA</option><option  value="ko">KO</option><option  value="nl">NL</option><option  value="pl">PL</option><option  value="pt">PT</option><option  value="ru">RU</option><option  value="vi">VI</option><option  value="zh">ZH</option><option  value="all">ALL</option></select></span><input id="s" type="submit" value="&#x1f50d;" tabindex="5"/></div></form></header><div id="hits"></div><div id="dbg"></div><div id="pager" data-page="1"></div><script src="/js/index.js" type="text/javascript"></script></body></html>

However I doubt this is what you actually want..

If you want to be able to access the hosted server from your (or any other) computer you need to edit the security group for your EC2 instance.

From the nav bar on the left side of the AWS console, select Network & Security -> Security Groups. Select the security group that applies to your current EC2 instance (assuming you made it with the launch wizard, it will have a name like: 'launch-wizard-1 created 2016-05-28T12:57:23.487-04:00'). In the lower half of the console, select the Inbound tab. Edit a new rule to allow TCP on port 9700 from any (or a specific range of) IP(s). The resulting entry should look something like this:AWS Security Group Rule Example

My TCP rule is set up to allow inbound traffic from ANY IP address on that port, you may want to configure it differently for security purposes.

Once the rule is set up, you should be able to access the web server at the public IP of your EC2 instance (which can be found on the Instances page of the AWS console). The address you should access should be :9700

Hope this helps!

Upvotes: 3

Related Questions