I am having problems using SSH to connect into a Docker container (from this image) running Alpine Linux 3.10.
SSH must be used for this connection, as I am using a backup software barman which requires an SSH connection to the PostgreSQL 11 database running inside the Docker container.
First I connected into the docker container using
docker exec -it <container_name> /bin/bash
then tried to reinstall and start sshd
bash-5.0# apk add openssh --no-cache
fetch http://dl-cdn.alpinelinux.org/alpine/v3.10/main/x86_64/APKINDEX.tar.gz
fetch http://dl-cdn.alpinelinux.org/alpine/v3.10/community/x86_64/APKINDEX.tar.gz
OK: 117 MiB in 42 packages
bash-5.0# apk add openrc --no-cache
fetch http://dl-cdn.alpinelinux.org/alpine/v3.10/main/x86_64/APKINDEX.tar.gz
fetch http://dl-cdn.alpinelinux.org/alpine/v3.10/community/x86_64/APKINDEX.tar.gz
OK: 117 MiB in 42 packages
bash-5.0# rc-update add sshd
* rc-update: sshd already installed in runlevel `sysinit'; skipping
bash-5.0# /etc/init.d/sshd start
* WARNING: sshd is already starting
However, I am unable to connect to the local sshd server from inside the Docker container
# ssh root#127.0.0.1
ssh: connect to host 127.0.0.1 port 22: Connection refused
Similarly, connecting into the Docker container via SSH from the Ubuntu host machine fails as well.
$ ssh postgres#172.26.0.4
ssh: connect to host 172.26.0.4 port 22: Connection refused
where 172.26.0.4 is the IP address shown from running ifconfig inside the Docker container.
Any ideas how we can solve this?
I didn't download the image you're referring to, but worked w/ the default docker alpine-image. To get ssh to run inside the container a few extra steps were required - there's a good chance that you need to take the same:
ssh-keygen -A
rc-status
touch /run/openrc/softlevel
/etc/init.d/sshd start
Might be relevant to your issue if you used --net=host along with docker run command:
We were facing similar issues with running SSH server inside our Ubuntu container.
We realized that the SSH server on the container's host was running and it used the same port that container's SSH server wanted to use.
We changed the port used by the SSH server to solve this issue.
Please note, our Docker container used --net=host and hence both container and host had the same IP address. Hence, the 2 SSH servers were fighting over a single port and that didn't allow the server inside the container to start properly.
I am trying to install and run splash on using Windows 10 Home. I have installed docker toolbox, as on windows 10 Home you can't install docker. Then in command prompt when I type
docker pull scrapinghub/splash
I get the error
error during connect: Post http://%2F%2F.%2Fpipe%2Fdocker_engine/v1.40/images/create?fromImage=scrapinghub%2Fsplash&tag=latest: open //./pipe/docker_engine: The system cannot find the file specified. In the default daemon configuration on Windows, the docker client must be run elevated to connect. This error may also indicate that the docker daemon is not running.
One interesting thing I noticed was that if I run Docker Quickstart Terminal I can install splash with the command
docker pull scrapinghub/splash
and then using the command
docker run -p 5023:5023 -p 8050:8050 -p 8051:8051 scrapinghub/splash
it gives me
server listening on http://0.0.0.0:8050
But then when I paste http://0.0.0.0:8050 into Chrome it gives me "This site can't be reached."
Thanks
So 1st error clearly says that your Docker container is not running, so your pull command fails
You can check by running any docker command maybe try this
docker --version
For your 2nd query, you need to use Docker IP, to access the application
You can try docker-machine ip to see, on what IP docker is running (Assuming docker-machine is installed)
Generally, on windows Docker IP is 192.168.99.100
Try these 2
192.168.99.100:8050
or
localhost:8050
I'm having a problem building Docker images on my corporate network. I'm just getting started with Docker, so I have the following Dockerfile for a hello-world type app:
# DOCKER-VERSION 0.3.4
FROM centos:6.4
# Enable EPEL for Node.js
RUN rpm -Uvh http://download.fedoraproject.org/pub/epel/6/i386/epel-release-6-8.noarch.rpm
# Install Node.js and npm
RUN yum install -y npm
# Bundle app source
ADD . /src
# Install app dependencies
RUN cd /src; npm install
EXPOSE 8080
CMD ["node", "/src/index.js"]
This works fine when I build it on my laptop at home, on my own wireless network. It pulls down the requisite dependencies and builds the image correctly.
However, when I'm on my corporate network at work, this same docker build fails when trying to pull down the RPM from download.fedoraproject.org, with this error message:
Step 2 : RUN rpm -Uvh http://download.fedoraproject.org/pub/epel/6/i386/epel-release-6-8.noarch.rpm
---> Running in e0c26afe9ed5
curl: (5) Couldn't resolve proxy 'some.proxy.address'
error: skipping http://download.fedoraproject.org/pub/epel/6/i386/epel-release-6-8.noarch.rpm - transfer failed
On my corporate network, I can access that URL just fine from my laptop. But once Docker is trying to build the container, all of a sudden it can't resolve at all. This behavior is the same for a variety of external resources (apt-get, etc.): They all can resolve just fine on my laptop on the corporate network, but Docker can't resolve them.
I don't have the network know-how to figure out what's going on here. Does anyone know why this strange behaviour would be occurring when building Docker containers?
I was able to figure out the issue. On Ubuntu, Docker sets the DNS servers for container to Google's servers at 8.8.8.x. As I understand it, this is a workaround on Ubuntu due to the fact that Ubuntu sets /etc/resolv.conf to be 127.0.0.1.
Those Google servers weren't accessible from behind our firewall, which is why we couldn't resolve any URLs.
The fix is to tell Docker which DNS servers to use. This fix depends on how you installed Docker:
Ubuntu Package
If you have the Ubuntu package installed, edit /etc/default/docker and add the following line:
DOCKER_OPTS="--dns <your_dns_server_1> --dns <your_dns_server_2>"
You can add as many DNS servers as you want to this config. Once you've edited this file you'll want to restart your Docker service:
sudo service docker restart
Binaries
If you've installed Docker via the binaries method (i.e. no package), then you set the DNS servers when you start the Docker daemon:
sudo docker -d -D --dns <your_dns_server_1> --dns <your_dns_server_2> &
I advise changing the DNS settings of the Docker daemon. You can set the default options for the docker daemon by creating a daemon configuration file at /etc/docker/daemon.json. Set DNS server according to your host machine, e.g. my DNS server is 10.0.0.2:
{"dns": ["10.0.0.2", "8.8.8.8"] }
Then you need just restart docker service:
sudo service docker restart
Step-by-step explanation is available here Fix Docker's networking DNS config
The following steps works for me ( for both docker build and docker run command). My linux version is Ubuntu 14.04.
Identify DNS using following command.
nm-tool | grep DNS
This result DNS:192.168.1.1 in my case
Create entry in /etc/default/docker.io. My current entry looks like this
DOCKER_OPTS="--dns 8.8.8.8 --dns 8.8.4.4 --dns 192.168.1.1"
Restart docker service
sudo service docker.io restart
For any Linux distribution working with SystemD (Ubuntu 16, RHEL 7...), the path will be displayed with the following command:
$ systemctl status docker
● docker.service - Docker Application Container Engine
Loaded: loaded (/lib/systemd/system/docker.service; enabled; vendor preset: enabled)
Active: active (running) since Wed 2016-06-29 08:10:33 PDT; 2min 34s ago
Docs: https://docs.docker.com
Main PID: 1169 (dockerd)
Tasks: 19
Memory: 85.0M
CPU: 1.779s
CGroup: /system.slice/docker.service
├─1169 /usr/bin/dockerd --dns 172.18.20.11 --dns 172.20.100.15 --dns 8.8.8.8 --dns 8.8.4.4 -H fd://
└─1232 docker-containerd -l unix:///var/run/docker/libcontainerd/docker-containerd.sock --shim docker-containerd-shim --met
The path would be /lib/systemd/system/docker.service. Add the DOCKER_OPTS values, which can have any of the --dns, in the line where the daemon is started.
cat /lib/systemd/system/docker.service | grep dns
ExecStart=/usr/bin/dockerd --dns 172.18.20.11 --dns 172.20.100.15 --dns 8.8.8.8 --dns 8.8.4.4 -H fd://
Docker (at least >=1.13, probably earlier) on Mac and Windows allow you configure the DNS in Preferences -> Daemon -> Advanced:
The following config sets two corporate DNS servers (use your own values here) with fallback to Google public DNS servers.
Specify your DNS to the Docker daemon.
First of all get your DNS address
$ nmcli dev show | grep 'IP4.DNS'
IP4.DNS[1]: 10.0.0.2
Test if the problem is really with the DNS by launching a docker container forcing this new DNS
$ docker run --dns 10.0.0.2 <image_name> <command_name>
If this solves the problem, you can apply this fix for all the docker daemons in the following way
Edit or create a file /etc/docker/daemon.json
Add the following line to this file
{
"dns": ["10.0.0.2", "8.8.8.8"]
}
Restart docker
$ sudo service docker restart
A very nice guide for doing ALL this process can be found here.
https://development.robinwinslow.uk/2016/06/23/fix-docker-networking-dns/
Solution without restarting Docker service
It is possible to modify the DNS settings for a single Docker image without affecting other docker build calls (and without restarting the Docker service) by overriding the resolv.conf at build time:
FROM ubuntu:18.04
RUN echo "nameserver 123.123.123.123" > /etc/resolv.conf && apt update
Replace the IP 123.123.123.123 with the one which is used within your corporate network (use nmcli dev show | grep 'IP4.DNS' to get the currently used DNS server).
Downsides:
This does not affect any other line from the Dockerfile. Hence, you have to prefix every line with the fix, if it depends on DNS resolution
On my Ubuntu 16.04 machine, sometimes, Google's DNS do not work for building Docker images.
cat /etc/docker/daemon.json
{"dns": [""8.8.8.8"] }
I have to manually find out my Service Providers DNS using the following command
nmcli device show <interfacename> | grep IP4.DNS
125.22.47.102
and add it to my daemon.json as show below
cat /etc/docker/daemon.json
{"dns": ["125.22.47.102","8.8.8.8"] }
restart docker
sudo service docker restart
(PS nm-tool is deprecated from Ubuntu 15.04)
Updated info September 2021
Inspired by Jason's answer; setting DNS server in the JSON didn't work for me in the current version, but there's now another place to set it:
When you turn on the toggle, the 8.8.8.8 is already there, so I just left it and it works well enough for me in my dev environment. I didn't research it but if wanted, there may be a way to add a list, perhaps separated by commas/semicolons/spaces etc.
I installed a service on a remote Linux computer using docker. I used the following commands
git clone https://github.com/OpenVidu/openvidu-tutorials.git
npm install -g http-server
http-server openvidu-tutorials/openvidu-getaroom/web
docker run -p 4443:4443 --rm -e openvidu.secret=MY_SECRET -e openvidu.publicurl=https://187.84.228.66:4443 openvidu/openvidu-server-kms
But when I try do connect at the first time, I received the follow error menssage:
"ERR_EMPTY_RESPONSE", and sometime "ERR_CONNECTION_CLOSED"
I used the following diagnostic command in Linux computer “docker ps” and received the following response:
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
21b0620266cd openvidu/openvidu-server-kms:latest "/usr/bin/supervisor 5 days ago >Up 5 days 8443/tcp, 8888/tcp, 0.0.0.0:4443->4443/tcp, 9091/tcp sick_ritchie
What is wrong? How can I solve this?
I'm not sure sure what causes this, but when I had the same problem (with different http server) I changed listening on particular ip address (which was 127.0.0.1 in my case) to listening on all interfaces - 0.0.0.0.
I mean http server configuration, not Docker configuration.
I'm having an interesting problem running docker containers: out of the blue, I'm not able to resolve DNS from within the container.
Here's a rundown:
Nothing is resolving; apt-get, pip, one-off ping containers, etc. Running docker run -it --dns=8.8.8.8 ubuntu ping www.google.com results in ping: unknown host www.google.com both with and without the --dns flag.
I can reach 8.8.8.8 both from inside and outside the containers. docker run -it ubuntu ping 8.8.8.8 works.
I've configured the containers to use both 8.8.8.8, 8.8.8.4, and my local network DNS servers (in various permutations) both by editing /etc/sysconfig/docker to add DOCKER_OPTS="--dns 8.8.8.8 --dns 8.8.8.4" and by setting the --dns 8.8.8.8 flag on the containers at runtime. systemctl restart docker was run between each change.
ip_forward is enabled. (see here)
I've done a full reset as specified here.
I'm running Fedora 21, docker client version 1.5.0.
Any ideas? I'm at a complete loss as to what's preventing docker from accessing the Internet successfully.
They have fixed the issue in 1.8: https://github.com/docker/docker/issues/13381 Cheers.
After all this, a full reboot solved the problem - although, that still doesn't answer what it was.
If anyone knows what the actual cause was, I'm still curious, but for now the problem is gone.
You could install tools like dig inside the docker image to alanyse the issue.
use static hosts in your /etc/hosts file te make apt-get run inside the docker image. add these lines to your hosts file:
213.32.5.7 debian.mirrors.ovh.net
141.76.2.4 ftp.de.debian.org
217.196.149.233 mirror-conova-security.debian.org
212.211.132.250 lobos.debian.org
212.211.132.250 security.debian.org
5.153.231.4 http.debian.net
151.101.12.204 cdn-fastly.deb.debian.org
151.101.12.204 security-cdn.debian.org