I'm trying to set up both Confluence and PostgreSQL in Docker. I've got them both up and running on my fully up to date CentOS 6 machine, with volume-mapping to the host file system so I can back them up easily. I can connect to PostgreSQL using pgAdmin from another machine just fine, and I can get into Confluence from a browser from that same machine. So, basically, both apps seem to be running as expected inside their respective containers and are accessible to the outside world, which of course eliminates a whole bunch of possibilities for my issue.
And that issue is that Confluence can't talk to PostgreSQL during initial setup, which is necessary for it to function. I'm getting connection failed errors (to be specific: "Can't reach database server or port : SQLState - 08001 org.postgresql.util.PSQLException: The connection attempt failed").
PostgreSQL is using the default 5432 port, which of course is exposed, otherwise I wouldn't be able to connect to it via pgAdmin, and of course I know the ID/password I'm trying is correct for the same reason (and besides, if it was an auth problem I wouldn't expect to see this error message). When I try to configure the database connection during Confluence's initial setup, I specify the IP address of the host machine, just like from pgAdmin on the other machine, but that doesn't work. I also tried some things that I basically knew wouldn't work (0.0.0.0, 127.0.0.1 and localhost).
I'm not sure what I need to do to make this work. Is there maybe some special method to specify the IP to a container from the same host machine, some nomenclature I'm not aware of?
At this point, I'm "okay" with Docker in terms of basic operations, but I'm far from an expert, so I'm a bit lost. I'm also not a big-time *nix user generally, though I can usually fumble my way through most things... but any hints would be greatly appreciated because I'm at a loss right now otherwise.
Thanks,
Frank
EDIT 1: As requested by someone below, here's my pg_hba.conf file, minus comments:
local all all trust
host all all 127.0.0.1/32 trust
host all all ::1/128 trust
local replication all trust
host replication all 127.0.0.1/32 trust
host replication all ::1/128 trust
host all all all md5
try changing the second line of the pg_hba.conf file to the following:
host all all 0.0.0.0/32 trust
this will cause PostgreSQL to start accepting calls from any source address. Since a docker container is technically not operating on localhost but on its own ip, the current configuration causes PostgreSQL to block any connections to it.
Also check if confluence is searching for the database on localhost. If that is the case change that to the ip of the hostmachine within the docker network.
Success! The solution was to create a custom network and then use the image name in the connection string to PostreSQL container from Confluence container. In other words, I ran this:
docker network create -d bridge docker-net
Then, on both of the docker run commands for the PostgreSQL and Confluence containers, I added:
--network=docker-net
That way, when I ran through the Confluence configuration wizard, when it asked for the hostname for the PostgreSQL server, I used postgres (the name I gave the container) rather than an IP address or actual hostname. Docker makes that work thanks to the custom network. This also leaves the containers available via the IP of the host machine, so for example I can still connect to PostgreSQL via 192.168.123.12:5432, and of course I can launch Confluence in the browser via 192.168.123.12:8080.
FYI, I didn't even have to alter the pg_hba.conf file, I just used the official PostgreSQL image (latest) as it was, which is ideal.
Thanks very much to RSloeserwij for the suggestions... while none of them proved to be the solution I needed, they did put me on the right track in the Docker docs, which, after some reading, led me to understand a few things I didn't before and figure out the config magic I needed.
Related
I am trying to deploy my node app to my Cpanel however the page times out with an error
503 Service unavailable
The website works on Heroku, ngrok and localhost however on my hosting service, it doesn't.
I found out that the issue was due to port 27017 not being open.
On discussing with my hosting providers, they said
"We can open the ports for you but our policy is to open non-standard ports to specific IP's for better security of the server. Is it possible to get the exact IP addresses of the database server you are trying to connect to."
So I'm not familiar with mongodb database having a specific IP address. What could they mean?
To connect to your db, your node app needs a URL something like this.
const url = 'mongodb://hostnameOfMongo.example.com:27017'
Your database's hostname is the stuff after mongodb:// and before :27017.
Open up a shell (a command window) and type
ping -n 1 hostnameOfMongo.example.com
or maybe
ping -c 1 hostnameOfMongo.example.com
It should show you the IP address associated with your mongo server.
(Obvs, put your actual db hostname into the command, not my example.)
It's a little strange that your hosting provider didn't ask for the hostname when you didn't know the IP address. If they were my hosting provider, my confidence in the competence of their support would go down a notch because of that.
And please be aware that running a db in one data center and a node app (or indeed any app that uses the db) in another data center is a formula for poor performance and unreliability. The app and the db work best with a short and private network connecting them. With respect, it doesn't seem likely you have the network engineering chops to make that sort of thing stable and reliable.
Not to mention the security problems with exposing mongodb to the public network. Your hosting service is reluctant to open a port for a very good reason. Read this. Because cybercreeps
I just installed the new version of Elementary OS and I lost the configuration that makes work my Postgresql.
I have an app that works perfectly online with a remote DB on Heroku, but when I run that on my local machine I can't reach the server. I think I miss something in the pg_hba.conf because I have all services up and running and all ports open for the DB. Actually I have this config file
# Database administrative login by Unix domain socket
local all postgres peer
# TYPE DATABASE USER ADDRESS METHOD
# "local" is for Unix domain socket connections only
local all all peer
# IPv4 local connections:
host all all 127.0.0.1/32 md5
# IPv6 local connections:
host all all ::1/128 md5
# Allow replication connections from localhost, by a user with the
# replication privilege.
local replication all peer
host replication all 127.0.0.1/32 md5
host replication all ::1/128 md5
host all all 0.0.0.0/0 md5
host all all ::/0 md5
I hope you can give me a way to contact my DB. In the last installation, I was able to, but I lost the config file.
Hello and thanks for the replies. I read the docs that says just how to connect to local service or configure a server that runs on a machine. I did all the steps before (just in case): user add, configuration of the local DB, giving admin user to the DB etc.
This line (the last)
host all all ::/0 md5
Is the one the docs say to add, but it is working for DB calls on the same machine.
I take web monitors, scanned ports and whatever I could see on linux system: ports for Postgresql are open, service runs, seems all fine. DB is reachable via PGAdmin, same credentials in the app. App is a NodeJS that calls the DB for an interactive website.
For those reasons I believe that should be a configuration problem. I have also no active firewall, no other rules than the actual config file for postgresql.
As I write the app works perfectly when it is on local or when it is all on the server. I need to have a cross config for development to have quick way to work on the actual online DB and a local copy (editable) of the web app. Or permit more people to develop at same time from different machines.
There is no error, just the app can't go online to get the DB and loops to find it. At last goes timeout.
Last time I had fix this with a similar line, obviously it is not the right form. What I ask is simply a line of config. I am not skilled in server configuration and I don't need to be anyway: once this will be online the server will have already configuration. I don't even care on what SQL type I will work, the app has a parser that makes all SQLs compatible.
I had to restore the system because of a problem, otherwise all was working before and I changed just that line, can't remember how...
Hope this will clear the situation.
I'm seeing a problem I can't explain at all:
After upgrading a Meteor app to v 1.9 and therefore Node.js 12 we also have to switch docker containers to Node.js 12 based containers. In our case we use abernix/meteord:node-12-base (git).
After booting up the updated app we get a DB timeout in the docker container of the app:
/bundle/bundle/programs/server/node_modules/fibers/future.js:313
throw(ex);
^
MongoTimeoutError: Server selection timed out after 10000 ms
at Timeout._onTimeout (/bundle/bundle/programs/server/npm/node_modules/meteor/npm-mongo/node_modules/mongodb-core/lib/sdam/topology.js:773:16)
at listOnTimeout (internal/timers.js:531:17)
at processTimers (internal/timers.js:475:7) {
name: 'MongoTimeoutError',
[Symbol(mongoErrorContextSymbol)]: {}
}
This happens with the following MONGO_URL:
❌ mongodb://root:OurPw#mongo-docker-alias:27017/meteor?authSource=admin
Funnily enough when we expose the port 27017 in the MongoDB container the following MONGO_URL just works:
✔️ mongodb://root:OurPw#docker-host:27017/meteor?authSource=admin
Now I thought we are having a docker problem but if I attach to a bash inside the Node.js 12 meteord container, apt install the MongoDB shell and try to connect with:
✔️ mongo "mongodb://root:OurPw#mongo-docker-alias:27017/meteor?authSource=admin"
that also just works.
And now I'm left without a clue. I tried multiple MongoDB docker images between v4.0 and 4.2.3 as well as Node.js 12.14 and 12.10. And I also tried without MongoDB auth one time just to rule it out as the problem but the outcome is always the same.
Any idea would be very much appreciated since I'd like to avoid having to connect via an exposed port and the docker host's name because that is prone to errors obviously...
Check the /etc/mOngd.conf file for the network binding. You may need to allow it to respond on all network interfaces as the network might be a different ip/subnet when exposed (or not) which might explain why it works in some scenarios
tl;dr:
setting dns_search: '' for the backend in the docker-compose.yml (or via the docker CLI or other means) fixes the problem.
More information:
Docker seems to add any search directive of the host's /etc/resolv.conf to the container's /etc/resolv.conf per default. However resolving something like mongo-docker-alias.actual-intranet-domain.tld is likely to be problematic since the outside network and DNS has no knowledge of this subdomain. Actually we found out that it got still resolved inside the container in our case, it just took a few seconds (vs <1ms normally). And since the backend tries to establish multiple DB connection it always runs into the timeout.
Docker's DNS search option luckily allows to divert from the default behavior including setting a blank value. Knowing the problem another workaround should be to use docker aliases with a dot in it since then the search shouldn't be used, but we haven't tried that.
A few questions remain but they are not so important. Like in our case why did this happen with the Meteor update, maybe the actual reason was that also the docker version on the host changed since we wouldn't be aware of an infrastructure change. And in general why is docker adding these entries to /etc/resolv.conf? It doesn't seem very useful but if it is maybe there is in general a better approach for this?
A very helpful blog post on this matter was also published by davd.io.
I just setup a MongoDB instance to be running in EC2 using the Bitnami MEAN stack. I am trying to connect to the MongoDB instance in my node application, but I don't know what the URL path would be.
I am familiar with paths that look like this:
mongodb://username:password#candidate.37.mongolayer.com:port/database
But am unclear how I would figure out what the equivalent path is for my EC2 instance. I found that there is a mongodb-27017.sock file in one of the directories, but the below didn't work.
mongodb://{USERNAME}:{PASSWORD}#{EC2LINK}/stack/mongodb/tmp/mongodb-27017.sock/{DATABASENAME}
Is there any way to figure out what the path is?
Make sure mongo service is running: service mongod status
Make sure the port is open in the security group. (mongo defaults to 27017)
Use this connection URL (same as you're used to): mongodb://{USERNAME}:{PASSWORD}#{EC2 INSTANCE IP / HOSTNAME}/{DATABASENAME} . See Examples
Note: changing the port would require specifying it in the connection string.
Thanks for the help Reut, your suggestions helped me to narrow things down. (I wasn't completely off track).
I finally figured out that my issue was I needed to change the bind_ip config variable in my mongodb.conf file. The bind_IP variable was set (by default) to 127.0.0.1. This prevents remote connections from making their way to the db.
I've since changed that to 0.0.0.0 to allow remote connections.
I keep getting an error when trying to connect to psql database, "connection closed by remote host". I have tried modifying the pg_hba.conf file to allow the IP of my computer to have access, but I still get the same error, what am I doing wrong? Do I have to restart the server or something?
host all all <ip>/32 md5
As well, I have seen /24 instead of /32, how do I know which number to use?
The notation "/32" refers to a single IP address whereas the notation "192.168.1.0/24" refers to all addresses on the 192.168.1.x network.
And yes, you will probably have to do an SQL restart, something like:
service postmaster restart
But make sure your IP address is restrictive so that hackers won't be visiting your database all day. Use "localhost" if you can (127.0.0.1).