Reputation: 5239
Docker exposed network port does not reach container service
I am building and starting it:
sudo docker build -t docker_mads_dask_server ~/docker_setups/dask_cluster
echo "Stop/Remove dask_server"
sudo docker stop dask_server -t5
sudo docker rm dask_server
echo "Build tag"
sudo docker build --tag mads_servers.dask_server:0.1.2 ~/docker_setups/dask_cluster
sudo docker run --publish 0.0.0.0:8710:8710 --publish 0.0.0.0:8711:8711 --detach --name dask_server mads_servers.dask_server:0.1.2
And I can actually see how it runs:
$ sudo docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
a29f89f6929f mads_servers.dask_server:0.1.2 "python3 /code/mads/…" 4 minutes ago Up 4 minutes 0.0.0.0:8710-8711->8710-8711/tcp, 8787/tcp dask_server
Now I connect into the container:
$ sudo docker exec -it dask_server /bin/bash
root@a29f89f6929f
And see if the connection is open:
# (inside container)
$ curl -vvv http://127.0.0.1:8710
[...]
< HTTP/1.1 404 Not Found
< Server: TornadoServer/6.0.4
So the webserver is actually up and reachable within the container. Now lets check it from the outside:
# (outside container)
$ sudo netstat -tulpn | grep 87
tcp6 0 0 :::8710 :::* LISTEN 8705/docker-proxy
tcp6 0 0 :::8711 :::* LISTEN 8692/docker-proxy
Ports are open, a bit scared about tcp6 - So I changed it to explicit IP matches:
--publish 192.168.56.11:8710:8710 --publish 192.168.56.11:8711:8711
and the netstat now shows IPv4:
# (outside container)
tcp 0 0 192.168.56.11:8710 0.0.0.0:* LISTEN 13039/docker-proxy
tcp 0 0 192.168.56.11:8711 0.0.0.0:* LISTEN 13025/docker-proxy
but the same connection test gets:
$ curl -vvv http://127.0.0.1:8710
* Rebuilt URL to: http://127.0.0.1:8710/
* Trying 127.0.0.1...
* TCP_NODELAY set
* Connected to 127.0.0.1 (127.0.0.1) port 8710 (#0)
> GET / HTTP/1.1
> Host: 127.0.0.1:8710
> User-Agent: curl/7.58.0
> Accept: */*
>
* Recv failure: Connection reset by peer
* stopped the pause stream!
* Closing connection 0
curl: (56) Recv failure: Connection reset by peer
My Dockerfile:
FROM ubuntu:20.04
FROM python:3.8
RUN apt update && apt install -y cowsay tmux vim net-tools iotop
RUN python -m pip install pandas numpy dask distributed redis sqlalchemy tornado cloudpickle
RUN python -m pip install dask[dataframe] --upgrade
ADD code/ /code/
# Dashboard port
EXPOSE 8710
# Scheduler port
EXPOSE 8711
EXPOSE 8787
CMD ["python3", "/code/mads/mads_pkg/mads_servers/dask_server.py"]
So why is the dask-proxy not forwarding it to the containers exposed port?
Upvotes: 0
Views: 854
Answers (1)
Reputation: 2420
Each containers have their own network stack and do not share the same localhost.
From your host, you could do the curl command with localhost as you exposed the port, but when you use an another container, you should use the other container name to connect or find it's IP and connect with it.
On your comment, you get the internal container IP but you try to connect from the host and no more from inside the other container.
And normally, you could replace --publish 0.0.0.0:8711:8711 with --publish 8711:8711 as by default docker will publish the port on all IP.
Upvotes: 1
Related Questions
- docker not exposing the port with network host
- Docker can't connect to Container exposed port
- Cannot reach docker container - port not bound
- Expose one container port but other not reacheable from the host machine
- Docker: cannot open port from container to host
- container not accessible when using --network host
- Docker Container Can not access Docker host network
- Docker - Container cannot be connected to network endpoints
- Docker cannot access exposed port inside container
- Unable to setup networking to access docker container IPs from outside?