I run nginx container on my azure Vm, centos 7 with this command:
docker run --name nginx2 --detach -p 0.0.0.0:90:80 nginx
Now If I run this command on the host machine: curl localhost:90 I got the error:
curl: (56) Recv failure: Connection reset by peer
What I tried:
On my local machine
I follow the same steps on my local machine and everything works like a charm. So the nginx image is not the problem
Inside the container
On my VM, I connect to the nginx container and run the command : curl localhost:80 and got the answer. So nginx listen on port 80.
From another container
If I create a second container and run the command curl <nginx-ip>:80. I got the result. So nginx not listen only on localhost, but on all ip.
host network
When I run the container using Host Newtork --network host, everything work fine. But I don't want to do that
Try with another container
I try using this container: docker run -p 8000:8000 -it python:3.7-slim python3 -m http.server --bind 0.0.0.0. But same error.
My question is what is the problem with bridge network on Centos ?
I had similar problem with CentOS 7.1 and latest Docker 19.03.
Only way I was able to resolve this was to revert to Docker 18.03 (other versions might also work). After uninstalling current Docker I installed earlier version:
yum install docker-ce-18.03.1.ce-1.el7.centos
After this curl localhost:<port> started to work ok with the nginx.
I faced the same problem with 3000 and 80 port, add your ports to the firewal records like that:
firewall-cmd --permanent --zone=trusted --change-interface=docker0
firewall-cmd --permanent --zone=trusted --add-port=80/tcp
firewall-cmd --permanent --zone=trusted --add-port=90/tcp
firewall-cmd --reload
also check if you have iptables - disable it
systemctl disable iptables.service
I am trying to set up HiveMQ on my Amazon EC2 instance (ubuntu/images/hvm-ssd/ubuntu-xenial-16.04-amd64-server-20170414) using this guide: http://www.hivemq.com/docs/hivemq/latest/#hivemqdocs_installation_for_specific_operating_systems
After installing I can succesfully run HiveMQ using:
Change directory to HiveMQ directory cd /opt/hivemq
Execute startup script ./bin/run.sh
HiveMQ will start running, and listening to port 1883 and I can connect and subscribe to the broker.
When I run HiveMQ as a systemctl service:
For Debian-based linux like Debian, Ubuntu, Raspbian using systemd systemctl enable hivemq
It starts as a service withoutany issues
However, when running netstat -an|grep 1883 it does not show any activity. HiveMQ do not seem to listen to any ports and I can not connect with my MQTT client. What could be the issue?
without any additional information my guess would be an issue with permissions.
chown -R hivemq:hivemq /opt/hivemq (changing the owner of the hivemq folder to the hivemq user)
will resolve this issue
I was struggling to get connected to the Docker API running on a RedHat 7.1 VM, the docker API is running on both a TCP port and a UNIX socket.
To configure this I set -H OPTIONS as follows:
OPTIONS='--selinux-enabled -H tcp://0.0.0.0:2375 -H unix:///var/run/docker.sock'
in the file:
/etc/sysconfig/docker
Running the docker client on the same box, it connected OK to the docker daemon via either communication path:
docker images
or
docker -H=tcp://127.0.0.1:2375 images
both work equally well.
I was unable to get any sense out of it from another box, I figured the first thing to do would be to prove I can connect to port 2375 from elsewhere. I was having no joy when I tried:
telnet 10.30.144.66 2375
I figured it must be a firewall problem but it took a while longer before I realised it was the firewall built into Linux.
To make 2375 accessable:
Use one of the following depending on your distro
sudo firewall-cmd --zone=public --add-port=2375/tcp --permanent
sudo firewall-cmd --reload
OR
sudo iptables -I INPUT 4 -p tcp -m state --state NEW -m tcp --dport 2375 -j ACCEPT
sudo /sbin/service iptables save
I was facing similar problem when my IntelliJ IDE was not able to connect docker engine API installed on RHEL.
It got resolved with following:
firewall-cmd --add-port=2376/tcp --permanent
firewall-cmd --reload
systemctl restart docker
I have a Linode server running Ubuntu 12.04 LTS and MongoDB instance (service is running and CAN connect locally) that I can't connect to from an outside source.
I have added these two rules to my IP tables, where < ip address > is the server I want to connect FROM (as outlined in this MongoDB reference):
iptables -A INPUT -s < ip-address > -p tcp --destination-port 27017 -m state --state NEW,ESTABLISHED -j ACCEPT
iptables -A OUTPUT -d < ip-address > -p tcp --source-port 27017 -m state --state ESTABLISHED -j ACCEPT
And I see the rule in my IP table allowing connections on 27017 to and from < ip address > however when I try to connect from , < ip address > to my mongo database using a command like this:
mongo databasedomain/databasename -u username -p password
I get this error:
2014-07-22T23:54:03.093+0000 warning: Failed to connect to databaseserverip:27017, reason: errno:111 Connection refused
2014-07-22T23:54:03.094+0000 Error: couldn't connect to server < ip address >:27017 (databaseserverip), connection attempt failed at src/mongo/shell/mongo.js:148
exception: connect failed
Any help is VERY APPRECIATED!!!! Thanks!!!
Thanks for the help everyone!
Turns out that it was an iptable conflict. Two rules listing the port open (which resulted in a closed port).
However, one of the comments by aka and another by manu2013 were problems that I would have run into, if not for the conflict.
So! Always remember to edit the /etc/mongod.conf file and set your bind_ip = 0.0.0.0 in order to make connections externally.
Also, make sure that you don't have conflicting rules in your iptable for the port mongo wants (see link on mongodb's site to set up your iptables properly).
Try the following:
sudo rm /var/lib/mongodb/mongod.lock
sudo service mongodb restart
These commands fixed the issue for me,
sudo rm /var/lib/mongodb/mongod.lock
sudo mongod --repair
sudo service mongod start
sudo service mongod status
If you are behind proxy, use:-
export http_proxy="http://username:password#company.com:port/"
export https_proxy="http://username:password#company.com:port/"
Reference: https://stackoverflow.com/a/24410282/4359237
For Ubuntu Server 15.04 and 16.04 you need execute only this command
sudo apt-get install --reinstall mongodb
I Didn't have a /data/db directory. I created one and gave a chmod 777 permission and it worked for me
For me, changing the ownership of /var/lib/mongodb and /tmp/mongodb-27017.sock to mongodb was the way to go.
Just do:
sudo chown -R mongodb:mongodb /var/lib/mongodb
and then:
sudo chown mongodb:mongodb /tmp/mongodb-27017.sock
and then start or restart the mongodb server:
sudo systemctl start mongod
or
sudo systemctl restart mongod
and check the status
sudo systemctl status mongod
One other option is to just repair your database like so (note: db0 directory should be pre-created first):
mongod --dbpath /var/lib/mongodb/ --repairpath /var/lib/mongodb/db0
This is also an acceptable option in production environments...
I also had the same issue.Make a directory in dbpath.In my case there wasn't a directory in /data/db .So i created one.Now its working.Make sure to give permission to that directory.
In my case previous version was 3.2. I have upgraded to 3.6 but data files was not compatible to new version so I removed all data files as it was not usable for me and its works.
You can check logs using /var/log/mongodb
I follow this tutorial's instructions for installation
How to Install MongoDB on Ubuntu 16.04
I had the same mistake. Finally, I found out that I needed to set the port number
The default port number for the mongo command is 27017
But the default port number in mongo.conf is 29999
This done the trick for me
sudo service mongod restart
Even though the port is open, MongoDB is currently only listening on the local address 127.0.0.1. To allow remote connections, add your server’s publicly-routable IP address to the mongod.conf file.
Open the MongoDB configuration file in your editor:
sudo nano /etc/mongodb.conf
Add your server’s IP address to the bindIP value:
...
logappend=true
bind_ip = 127.0.0.1,your_server_ip
#port = 27017
...
Note that now everybody who has the username and password can login to your DB and you want to avoid this by restrict the connection only for specific IP's. This can be done using Firewall (read about UFW service at Google). But in short this should be something like this:
sudo ufw allow from YOUR_IP to any port 27017
I'm using the npm package express version 2.5.2 with node version .0.6.5. I appear to be running bash version 4.1.5 on Debian 4.4.5.
I'm trying to run my server in production mode but it still runs in development mode.
I run these commands in my bash shell:
$ export NODE_ENV=production
$ echo $NODE_ENV
production
$ sudo echo $NODE_ENV
production
$ sudo node bootstrap.js
I have this code inside bootstrap.js:
var bootstrap_app = module.exports = express.createServer();
//...
console.log(bootstrap_app.settings.env);
and here's what I see printed to standard out:
development
Is this a problem with my usage, or my system?
EDIT:
Thanks to ThiefMaster for his properly identifying that this issue stems from my running node as root. ThiefMaster suggested using iptables to forward from port 80 to an unprivileged port, but my system gives me an error. Moving this discussion to superuser.com or serverfault.com (link to follow)
Most environment variables are unset when using sudo for security reasons. So you cannot pass that environment variable to node without modifying your sudoers file to allow that variable to passt through.
However, you shouldn't run node as root anyway. So here's a good workaround:
If you just need it for port 80, run node on an unprivileged port and setup an iptables forward to map port 80 to that port:
iptables -A PREROUTING -d 1.2.3.4/32 -i eth0 -p tcp -m tcp --dport 80 -j DNAT --to-destination 2.3.4.5:1234
Replace 1.2.3.4 with your public IP, 2.3.4.5 with the IP node runs on (could be the public one or 127.0.0.1) and 1234 with the port node runs on.
With a sufficiently recent kernel that has capability support you could also grant the node executable the CAP_NET_BIND_SERVICE privilege using the following command as root:
setcap 'cap_net_bind_service=+ep' /usr/bin/node
Note that this will allow any user on your system to open privileged ports using node!
sudo NODE_ENV=production /usr/local/bin/node /usr/local/apps/test/app.js