Develop Reference

Unable to remotely connect to docker container

I am new to docker, this is my first attempt at using it.
I have setup a docker container on a AWS DEBIAN 9 host and started it:
#docker-compose up -d
This is the section related to the web app:
waweb:
image: docker.whatsapp.biz/web:v${WA_API_VERSION:?Run docker-compose with env var WA_API_VERSION (ex. WA_API_VERSION=2.29.2 docker-compose <command> <options>)}
command: ["/opt/whatsapp/bin/wait_on_mysql.sh", "/opt/whatsapp/bin/launch_within_docker.sh"]
ports:
- "9090:443"
volumes:
- whatsappMedia:/usr/local/wamedia
env_file:
- db.env
environment:
WACORE_HOSTNAME: wacore
# This is the version of the docker templates being used to run WhatsApp Business API
WA_RUNNING_ENV_VERSION: v2.2.3
ORCHESTRATION: DOCKER-COMPOSE
depends_on:
- "db"
- "wacore"
links:
- db
- wacore
network_mode: bridge
When I test this it shows that all appears to be correct and it is listening on 9090:
# docker-compose ps
Name Command State Ports
------------------------------------------------------------------------------------------------
wabiz_db_1 docker-entrypoint.sh mysqld Up 0.0.0.0:33060->3306/tcp, 33060/tcp
wabiz_wacore_1 /opt/whatsapp/bin/wait_on_ ... Up 6250/tcp, 6251/tcp, 6252/tcp, 6253/tcp
wabiz_waweb_1 /opt/whatsapp/bin/wait_on_ ... Up 0.0.0.0:9090->443/tcp
and:
# netstat -tulpn | grep LISTEN
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 18818/sshd
tcp6 0 0 :::22 :::* LISTEN 18818/sshd
tcp6 0 0 :::9090 :::* LISTEN 32144/docker-proxy
tcp6 0 0 :::33060 :::* LISTEN 32361/docker-proxy
I can test-connect to this locally:
# telnet localhost 9090
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
Connection closed by foreign host.
Yet when I attempt connect to it remotely, the connection is refused.
The firewall ports are all open to my IP (1-65535), I can remotely telnet to port 22 and also create a python simple-http-server and connect to that remotely too.
I thought that maybe IPV6 was being forced, but it is not:
# sysctl net.ipv6.bindv6only
net.ipv6.bindv6only = 0
Any suggestions on what the issue may be ?

Connection to MongoDb server hosted on CentOS is failing

Mongo up and running on CentOs Machine
All IPs enabled, no authorization
# network interfaces
net:
port: 27017
bindIp: 0.0.0.0
# security: none
# authorization: 'enabled
Port enabled
netstat -tulnp
(No info could be read for "-p": geteuid()=1001 but you should be root.)
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:27017 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN -
tcp 0 0 127.0.0.1:5432 0.0.0.0:* LISTEN -
Connection from the server itself using the IP works fine
mongo --host 10.X.X.16
MongoDB shell version v4.2.2
connecting to: mongodb://10.X.X.16:27017/?compressors=disabled&gssapiServiceName=mongodb
MongoDB server version: 4.2.2
Server has startup warnings:
2020-01-21T15:48:26.297-0800 I CONTROL [initandlisten]
Doing the same thing from a remote Windows Machine
mongo --host 10.X.X.16
MongoDB shell version v4.2.1
connecting to: mongodb://10.X.X.16:27017/?compressors=disabled&gssapiServiceName=mongodb
2020-01-21T15:59:07.563-0800 E QUERY [js] Error: couldn't connect to server 10.65.5.16:27017, connection attempt failed: NetworkTimeout: Error connecting to 10.X.X.16:27017 :: caused by :: Socket operation timed out :
connect#src/mongo/shell/mongo.js:341:17
#(connect):2:6
2020-01-21T15:59:07.571-0800 F - [main] exception: connect failed
2020-01-21T15:59:07.571-0800 E - [main] exiting with code 1
Thanks!

Problem fixed:
I had to disable the firewall for the mongo port
sudo firewall-cmd --zone=public --add-port=27017/tcp --permanent
sudo firewall-cmd --reload

All of a sudden -- tcp connect (localhost:5432): connection refused - :econnrefused

For a few months all has been ok, but now I have a lot of:
mix phoenix.server
[error] Postgrex.Protocol (#PID<0.302.0>) failed to connect: ** (DBConnection.ConnectionError) tcp connect (localhost:5432): connection refused - :econnrefused
[error] Postgrex.Protocol (#PID<0.303.0>) failed to connect: ** (DBConnection.ConnectionError) tcp connect (localhost:5432): connection refused - :econnrefused
on localhost.
But:
Postgresql is running
Its config is the same
The config of my phoenix/elixir application is the same too.
systemctl status postgresql shows everything is ok
nothing bad in the log
I can connect to Pg via Pg GUI tool
What's the matter?
$ netstat -tulnp
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp6 0 0 ::1:5432 :::* LISTEN -
udp 0 0 192.168.1.37:68 0.0.0.0:* -
udp 0 0 0.0.0.0:5353 0.0.0.0:* 25117/libpepflashpl
udp6 0 0 :::5353 :::* 25117/libpepflashpl

Cannot access Django webpage when using Docker to run a virtualized Django project on Linux server

I set up a docker for a Django project on a Linux server. However, when I run the Django project, it cannot be accessed through the Internet. The project is set up using Docker automatic build and pulled using docker-compose. The docker-compose ps command gives the following output, indicating the project is running.
~/otree-docker$ docker-compose ps
Name Command State Ports
------------------------------------------------------------------------------------
otreedocker_database_1 docker-entrypoint.sh postgres Up 5432/tcp
otreedocker_otree_1 /bin/sh -c /opt/otree/entr ... Up 0.0.0.0:80->80/tcp
otreedocker_redis_1 docker-entrypoint.sh redis ... Up 6379/tcp
When I use nginx to set up a test webpage, however, it can be accessed without any issue.
Most importantly, I used the same Docker automatic build on another server, it ran without any issue, so the issue must be the setup of the server, not the Django project or the Docker automatic build. Anyone can suggest where to identify the issue? I have been struggling with this issue for several days, and have no idea where to check.
BTW, when I check the usage of the ports when running the Django project, I get the following:
~$ netstat -ntl
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 0.0.0.0:49471 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:10050 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:25 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:4410 0.0.0.0:* LISTEN
tcp6 0 0 :::4000 :::* LISTEN
tcp6 0 0 :::10050 :::* LISTEN
tcp6 0 0 :::9390 :::* LISTEN
tcp6 0 0 :::111 :::* LISTEN
tcp6 0 0 :::80 :::* LISTEN
tcp6 0 0 :::5555 :::* LISTEN
tcp6 0 0 :::46361 :::* LISTEN
tcp6 0 0 :::25 :::* LISTEN
tcp6 0 0 :::4410 :::* LISTEN
When I put up a test webpage using nginx, I get the following:
~$ netstat -ntl
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 0.0.0.0:49471 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:10050 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:25 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:4410 0.0.0.0:* LISTEN
tcp6 0 0 :::4000 :::* LISTEN
tcp6 0 0 :::10050 :::* LISTEN
tcp6 0 0 :::9390 :::* LISTEN
tcp6 0 0 :::111 :::* LISTEN
tcp6 0 0 :::5555 :::* LISTEN
tcp6 0 0 :::46361 :::* LISTEN
tcp6 0 0 :::25 :::* LISTEN
tcp6 0 0 :::4410 :::* LISTEN
Django uses tcp6 while nginx uses tcp. I don't know too much about the server setup, but might this issue be caused by some restriction on the tcp6 protocol on the server?
My docker-compose.yml is as follows
ersion: "2"
services:
database:
image: postgres:9.5
environment:
POSTGRES_DB: ${POSTGRES_DATABASE}
POSTGRES_USER: ${POSTGRES_USER}
POSTGRES_PASSWORD: ${POSTGRES_PASSWORD}
POSTGRES_DATA: /var/lib/postgresql/data/pgdata
logging:
options:
max-size: "10m"
max-file: "3"
restart: always
read_only: true
volumes:
- "database:/var/lib/postgresql/data"
tmpfs:
- "/tmp"
- "/run"
networks:
db-net:
otree:
# if using Docker Hub, leave "build: ./" commented out.
# if you want to build an image locally, uncomment it.
# build: ./
image: myusername/otree_experiment:latest
environment:
DATABASE_URL: "postgres://${POSTGRES_USER}:${POSTGRES_PASSWORD}#database/${POSTGRES_DATABASE}"
OTREE_ADMIN_PASSWORD: ${OTREE_ADMIN_PASSWORD}
OTREE_PRODUCTION: ${OTREE_PRODUCTION}
OTREE_AUTH_LEVEL: ${OTREE_AUTH_LEVEL}
ports:
- ${OTREE_PORT}:80
volumes:
volumes:
- "otree-resetdb:/opt/init"
# Uncomment for live editing
# - ./:/opt/otree
restart: always
logging:
options:
max-size: "10m"
max-file: "3"
networks:
- db-net
- redis-net
redis:
image: redis
command: "redis-server"
logging:
options:
max-size: "10m"
max-file: "3"
restart: always
read_only: true
networks:
- redis-net
volumes:
database:
otree-resetdb:
networks:
db-net:
redis-net:

docker-compose v3 + apache spark, connection refused on port 7077

I'm not sure if this is 100% programming or sysadmin related question.
I'm trying to setup a docker-compose file, in the version 3, for docker-swarm, docker version 1.13 to test spark for my local workflow.
Sadly the port 7077 does only get bound to localhost on my swarm cluster and so is not reachable from the outside world, where my spark app is trying to connect to it.
Does anyone have an idea, how to get docker-compose in swarm mode to bind to all interfaces?
I publish my ports and this works fine for say 8080, but not for 7070.
nmap output:
Starting Nmap 7.01 ( https://nmap.org ) at 2017-03-02 11:27 PST
Nmap scan report for localhost (127.0.0.1)
Host is up (0.000096s latency).
Other addresses for localhost (not scanned): ::1
Not shown: 994 closed ports
PORT STATE SERVICE
22/tcp open ssh
80/tcp open http
443/tcp open https
8080/tcp open http-proxy
8081/tcp open blackice-icecap
8888/tcp open sun-answerbook
Explanation of ports
8081 is my spark worker
8080 is my spark master frontend
8888 is the spark hue frontend
nmap does not list 7077
Using netstat:
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 1641/sshd
tcp6 0 0 :::4040 :::* LISTEN 1634/dockerd
tcp6 0 0 :::2377 :::* LISTEN 1634/dockerd
tcp6 0 0 :::7946 :::* LISTEN 1634/dockerd
tcp6 0 0 :::80 :::* LISTEN 1634/dockerd
tcp6 0 0 :::8080 :::* LISTEN 1634/dockerd
tcp6 0 0 :::8081 :::* LISTEN 1634/dockerd
tcp6 0 0 :::6066 :::* LISTEN 1634/dockerd
tcp6 0 0 :::22 :::* LISTEN 1641/sshd
tcp6 0 0 :::8888 :::* LISTEN 1634/dockerd
tcp6 0 0 :::443 :::* LISTEN 1634/dockerd
tcp6 0 0 :::7077 :::* LISTEN 1634/dockerd
And I can connect to 7077 over telnet on localhost without any issues, but outside of localhost I'm receiving a connection refused error.
At this point in time (please bear with me, I'm not a sysadmin, I'm a software guy), I'm starting to have the feeling this is somehow related to the docker mesh network.
Docker compose section for my master configuration:
#the spark master, having to run on the frontend of the cluster
master:
image: eros.fiehnlab.ucdavis.edu/spark
command: bin/spark-class org.apache.spark.deploy.master.Master -h master
hostname: master
environment:
MASTER: spark://master:7077
SPARK_CONF_DIR: /conf
SPARK_PUBLIC_DNS: blonde.fiehnlab.ucdavis.edu
ports:
- 4040:4040
- 6066:6066
- 8080:8080
- 7077:7077
volumes:
- /tmp:/tmp/data
networks:
- spark
- frontends
deploy:
placement:
#only run on manager node
constraints:
- node.role == manager
The networks spark and frontend are both overlay networks

The issue was a configuration error in the docker-compose file. The -h master in the original configuration always bound to the local host interface.
Even after specifying the SPARK_LOCAL_IP value
master:
image: eros.fiehnlab.ucdavis.edu/spark:latest
command: bin/spark-class org.apache.spark.deploy.master.Master
hostname: master
environment:
SPARK_CONF_DIR: /conf
SPARK_PUBLIC_DNS: blonde.fiehnlab.ucdavis.edu
SPARK_LOCAL_IP: 0.0.0.0
ports:
- 4040:4040
- 6066:6066
- 8080:8080
- 7077:7077
volumes:
- /tmp:/tmp/data
deploy:
placement:
#only run on manager node
constraints:
- node.role == manager