search

moby / libnetwork

networking for containers
Apache License 2.0
2.16k stars 880 forks source link

Chrome and Postman cannot connect to container through localhost but curl can #2252

Open Dauto98 opened 6 years ago

Dauto98 commented 6 years ago

Description When I launch a container and want to connect to the app inside it, e.g. connect to elastic kibana container through http://localhost:5601, the request run indefinitely and return took too long to respond after a long time. The same problem happens in postman, but curl and any cmd like ping, nc work perfectly fine. This problem also happens to elasticsearch and kong API gateway container in my lap, so I think this is not related specifically to the application inside the container

Steps to reproduce the issue

  1. Create docker-compose.yml

    
version: "3.7"
services:
elasticsearch:
image: docker.elastic.co/elasticsearch/elasticsearch:6.3.2
deploy:
  restart_policy:
    condition: on-failure
  placement:
    constraints:
      - node.role == manager
ports:
  - "9200:9200"
  - "9300:9300"
networks:
  - elasticStack
volumes:
  - type: volume
    source: elasticsearch
    target: /usr/share/elasticsearch/data/
    volume:
      nocopy: true
environment:
  discovery.type: "single-node"
  TAKE_FILE_OWNERSHIP: "true"

kibana:
image: docker.elastic.co/kibana/kibana:6.3.2
deploy:
  restart_policy:
    condition: on-failure
ports:
  - "5601:5601"
networks:
  - elasticStack
environment:
  ELASTICSEARCH_URL: "http://elasticsearch:9200"

networks: elasticStack:

volumes: elasticsearch:

2. deploy the stack
3. when kibana is up, connect to `http://localhost:5601`
- In chrome and postman, the connection run indefinitely, or return `... took too long to respond`
- Run `curl --url http://localhost:5601`, return 200 response from kibana
- Use `http://localhost:9200` to connect to elasticsearch also has the same problem
- If I replace localhost with 127.0.0.1 `(http://127.0.0.1:5601)`, then everything works well (chrome got 200 response)
- If I run `docker exec -it <container name> bash` and try `curl http://localhost:5601` inside container, I also get 200 response
- If I take Peers.IP from `docker network inspect elasticstack_elasticStack`, which is 192.168.31.116 in my case, it also hangs indefinitely like localhost

**Expected result**
Able to connect to container through localhost

**Additional information**
- OS: Ubuntu 16.04 LTS
- Docker version 18.06.0-ce, build 0ffa825

- Output from `docker network inspect elasticstack_elasticStack`

[ { "Name": "elasticstack_elasticStack", "Id": "yis9p0u0x8gl1e93bwik32ykh", "Created": "2018-08-16T14:49:09.459047334+07:00", "Scope": "swarm", "Driver": "overlay", "EnableIPv6": false, "IPAM": { "Driver": "default", "Options": null, "Config": [ { "Subnet": "10.0.1.0/24", "Gateway": "10.0.1.1" } ] }, "Internal": false, "Attachable": false, "Ingress": false, "ConfigFrom": { "Network": "" }, "ConfigOnly": false, "Containers": { "64e7b78a3fc280281b9b50ddcc68ae6b785cfeacd94025b4ffaeea9751092522": { "Name": "elasticstack_elasticsearch.1.kahec8xp1nedu8n48dzs6yukj", "EndpointID": "d1992b17c761458dbd81e574bfc14935e919cd453d9e2bfce45e32ef80aebcb1", "MacAddress": "02:42:0a:00:01:04", "IPv4Address": "10.0.1.4/24", "IPv6Address": "" }, "ff821df8aafd170675f9f9803b9057fba0268b7df7b738571dc814907a3f10a4": { "Name": "elasticstack_kibana.1.ulje0alsjxqmt7im6efjskw4j", "EndpointID": "4c030be76c392f7901fcd4ccf1413be04a952da513266aec98a076e143711d35", "MacAddress": "02:42:0a:00:01:06", "IPv4Address": "10.0.1.6/24", "IPv6Address": "" }, "lb-elasticstack_elasticStack": { "Name": "elasticstack_elasticStack-endpoint", "EndpointID": "b029c9ec53ca88a189a789101e6ae31c2b222fc8d23711f5ceb62a2e6f886112", "MacAddress": "02:42:0a:00:01:02", "IPv4Address": "10.0.1.2/24", "IPv6Address": "" } }, "Options": { "com.docker.network.driver.overlay.vxlanid_list": "4098" }, "Labels": { "com.docker.stack.namespace": "elasticstack" }, "Peers": [ { "Name": "6b3933df975f", "IP": "192.168.31.116" } ] } ]

- My current server is openresty (openresty/1.13.6.2) but using apache (Apache/2.4.18) get the same problem
- My `/user/local/openresty/nginx/conf/nginx.conf` file:

user nobody;

worker_processes 1;

error_log logs/error.log;

error_log logs/error.log notice;

error_log logs/error.log info;

pid logs/nginx.pid;

events { worker_connections 1024; }

http { include mime.types; default_type application/octet-stream;

#log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
#                  '$status $body_bytes_sent "$http_referer" '
#                  '"$http_user_agent" "$http_x_forwarded_for"';

#access_log  logs/access.log  main;

sendfile        on;
#tcp_nopush     on;

#keepalive_timeout  0;
keepalive_timeout  65;

#gzip  on;

server {
    listen       80;
    server_name  localhost;

    #charset koi8-r;

    #access_log  logs/host.access.log  main;

    location / {
        root   html;
        index  index.html index.htm;
    }

    #error_page  404              /404.html;

    # redirect server error pages to the static page /50x.html
    #
    error_page   500 502 503 504  /50x.html;
    location = /50x.html {
        root   html;
    }

    # proxy the PHP scripts to Apache listening on 127.0.0.1:80
    #
    #location ~ \.php$ {
    #    proxy_pass   http://127.0.0.1;
    #}

    # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
    #
    #location ~ \.php$ {
    #    root           html;
    #    fastcgi_pass   127.0.0.1:9000;
    #    fastcgi_index  index.php;
    #    fastcgi_param  SCRIPT_FILENAME  /scripts$fastcgi_script_name;
    #    include        fastcgi_params;
    #}

    # deny access to .htaccess files, if Apache's document root
    # concurs with nginx's one
    #
    #location ~ /\.ht {
    #    deny  all;
    #}
}

# another virtual host using mix of IP-, name-, and port-based configuration
#
#server {
#    listen       8000;
#    listen       somename:8080;
#    server_name  somename  alias  another.alias;

#    location / {
#        root   html;
#        index  index.html index.htm;
#    }
#}

# HTTPS server
#
#server {
#    listen       443 ssl;
#    server_name  localhost;

#    ssl_certificate      cert.pem;
#    ssl_certificate_key  cert.key;

#    ssl_session_cache    shared:SSL:1m;
#    ssl_session_timeout  5m;

#    ssl_ciphers  HIGH:!aNULL:!MD5;
#    ssl_prefer_server_ciphers  on;

#    location / {
#        root   html;
#        index  index.html index.htm;
#    }
#}

}

- Not sure if this is relevant, but this is my `ifconfig`

br-88a383642630 Link encap:Ethernet HWaddr 02:42:a6:c6:f8:81
inet addr:172.18.0.1 Bcast:172.18.255.255 Mask:255.255.0.0 UP BROADCAST MULTICAST MTU:1500 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)

docker0 Link encap:Ethernet HWaddr 02:42:65:eb:3a:c3
inet addr:172.17.0.1 Bcast:172.17.255.255 Mask:255.255.0.0 UP BROADCAST MULTICAST MTU:1500 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)

docker_gwbridge Link encap:Ethernet HWaddr 02:42:e3:ec:c9:9f
inet addr:172.19.0.1 Bcast:172.19.255.255 Mask:255.255.0.0 inet6 addr: fe80::42:e3ff:feec:c99f/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:1959 errors:0 dropped:0 overruns:0 frame:0 TX packets:2974 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:9993126 (9.9 MB) TX bytes:431314 (431.3 KB)

enp5s0 Link encap:Ethernet HWaddr e8:9a:8f:f9:a1:05
UP BROADCAST MULTICAST MTU:1500 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)

lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:65536 Metric:1 RX packets:14199 errors:0 dropped:0 overruns:0 frame:0 TX packets:14199 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1 RX bytes:1074650 (1.0 MB) TX bytes:1074650 (1.0 MB)

veth742f1d5 Link encap:Ethernet HWaddr 7a:e5:56:a0:55:8b
inet6 addr: fe80::78e5:56ff:fea0:558b/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:1771 errors:0 dropped:0 overruns:0 frame:0 TX packets:3036 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:9982316 (9.9 MB) TX bytes:381352 (381.3 KB)

veth9c467b8 Link encap:Ethernet HWaddr 2e:a1:46:c2:01:02
inet6 addr: fe80::2ca1:46ff:fec2:102/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:14 errors:0 dropped:0 overruns:0 frame:0 TX packets:115 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:1706 (1.7 KB) TX bytes:22065 (22.0 KB)

vethc46d52c Link encap:Ethernet HWaddr aa:cb:1e:f5:aa:f6
inet6 addr: fe80::a8cb:1eff:fef5:aaf6/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:234 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:0 (0.0 B) TX bytes:31126 (31.1 KB)

vethdea5984 Link encap:Ethernet HWaddr 46:47:07:14:c7:dc
inet6 addr: fe80::4447:7ff:fe14:c7dc/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:266 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:0 (0.0 B) TX bytes:35118 (35.1 KB)

wlp6s0 Link encap:Ethernet HWaddr e4:d5:3d:46:35:cb
inet addr:192.168.2.106 Bcast:192.168.2.255 Mask:255.255.255.0 inet6 addr: fe80::ebde:46d:d03c:25e6/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:406495 errors:0 dropped:0 overruns:0 frame:261615 TX packets:169024 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:497079786 (497.0 MB) TX bytes:27443647 (27.4 MB) Interrupt:18 


The last interface, wlp6s0, once had inet addr: 192.168.31.116, same as elasticstack network Peers.IP, now it changed to 192.168.2.106
adnls commented 5 years ago

Hi! I had a similar issue on the same os as you. I was trying to run a scala/akka server packaged in a jar into a docker container.

I was doing something like : MyWebserver(port=8080, host="127.0.0.1").start()

It worked well locally but when i ran it into the container, i was unable to get a response from the mapped port.

What did the trick was replacing "127.0.0.1" by "0.0.0.0".

hope this helps!