Closed shaunc closed 9 years ago
sameersbn
commented
9 years ago @shaunc I believe you are cloning from your osx environment right. Can you check if the 8018 port has been opened on the docker host (the docker host VM) using sudo iptables -nL | grep 8018. If the port is closed (no output), then you need to open the port first.
If possible, try doing a clone from the docker host vm after replacing the 192.168.53.103:8018 part in the clone url with <container-ip>:22.
renrenfree
commented
9 years ago the same question. the error: [root@server ~]# ssh -v git@localhost:10022 OpenSSH_6.6.1, OpenSSL 1.0.1e-fips 11 Feb 2013 debug1: Reading configuration data /etc/ssh/ssh_config debug1: /etc/ssh/ssh_config line 56: Applying options for * ssh: Could not resolve hostname localhost:10022: Name or service not known
renrenfree
commented
9 years ago container-ip:22 is ok but docker host vm :10022 is not work .what is the error?
sameersbn
commented
9 years ago @renrenfree You probably need to open the 10022 port on the docker host vm.
shaunc
commented
9 years ago @sameersbn ... thanks ... hmm -- looks like there are no restrictions on the OUTPUT chain:
Boot2Docker version 1.7.0, build master : 7960f90 - Thu Jun 18 18:31:45 UTC 2015 Docker version 1.7.0, build 0baf609 docker@boot2docker:~$ sudo iptables -nL | grep 8018 docker@boot2docker:~$ sudo iptables -nL Chain INPUT (policy ACCEPT) target prot opt source destination
Chain FORWARD (policy ACCEPT)
target prot opt source destination
DOCKER all -- 0.0.0.0/0 0.0.0.0/0
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 ctstate RELATED,ESTABLISHED
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
Chain OUTPUT (policy ACCEPT) target prot opt source destination
Chain DOCKER (1 references)
target prot opt source destination
ACCEPT tcp -- 0.0.0.0/0 172.17.0.40 tcp dpt:22
ACCEPT tcp -- 0.0.0.0/0 172.17.0.40 tcp dpt:80
ACCEPT tcp -- 0.0.0.0/0 172.17.0.52 tcp dpt:80
sameersbn
commented
9 years ago please refer to https://github.com/docker/docker/issues/4007 you need to perform some port forwarding steps. I don't use boot2docker so I dont exactly know what commands you should/could execute.
edit: additional reading https://github.com/boot2docker/boot2docker/blob/master/doc/WORKAROUNDS.md
On Monday 06 July 2015 07:58 PM, Shaun Cutts wrote:
@sameersbn ... thanks ... hmm -- looks like there are no restrictions on the OUTPUT chain:
Boot2Docker version 1.7.0, build master : 7960f90 - Thu Jun 18 18:31:45 UTC 2015 Docker version 1.7.0, build 0baf609 docker@boot2docker:~$ sudo iptables -nL | grep 8018 docker@boot2docker:~$ sudo iptables -nL Chain INPUT (policy ACCEPT) target prot opt source destination
Chain FORWARD (policy ACCEPT) target prot opt source destination DOCKER all -- 0.0.0.0/0 0.0.0.0/0 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 ctstate RELATED,ESTABLISHED ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
Chain OUTPUT (policy ACCEPT) target prot opt source destination
Chain DOCKER (1 references) target prot opt source destination ACCEPT tcp -- 0.0.0.0/0 172.17.0.40 tcp dpt:22 ACCEPT tcp -- 0.0.0.0/0 172.17.0.40 tcp dpt:80 ACCEPT tcp -- 0.0.0.0/0 172.17.0.52 tcp dpt:80
Reply to this email directly or view it on GitHub: https://github.com/sameersbn/docker-gitlab/issues/363#issuecomment-118872733
Sameer Naik
w: http://www.damagehead.com e: sameer@damagehead.com
renrenfree
commented
9 years ago I opened 10022 . I used localhost but it's not work
renrenfree
commented
9 years ago I closed firewalld bug it's not work
sameersbn
commented
9 years ago can somebody with a similar setup and had to deal with this issue please help out here.
renrenfree
commented
9 years ago thank you @sameersbn . it's ok. i don't know how it's ok. but Just can
sameersbn
commented
9 years ago @shaunc @renrenfree if this is resolved for you, please close the issue.
ruuds
commented
9 years ago I had a similar issue today after upgrading from 7.11.4-1 to 7.13.2. GITLAB_SSH_PORT=10022 seems to be ignored after the upgrade; SSH did still run on port 22.
sameersbn
commented
9 years ago @ruuds the internal ssh server always runs on port 22. the GITLAB_SSH_PORT is only used to display the correct port number in the clone urls. So in the docker run if you have -p 10022:22 GITLAB_SSH_PORT=10022, the clone urls will look something like ssh://git@git.example.com:10022/namespace/repo.git.
blob42
commented
9 years ago @sameersbn @ruuds I upgraded from 7.10.0 to 7.13.2 and ssh is not working any more with port 10022. I explicitly open 10022 on the host firewall to make sure it was not the source problem.
What can I do to fix this ?
ruuds
commented
9 years ago @sp4ke That was exactly our problem. We had GITLAB_SSH_PORT=10022 configured, but mapped the container's port 10022 to port 22 on the docker host. This stopped to work after the upgrade. Removing the GITLAB_SSH_PORT solved our problem because we would run it on port 22 anyways.
blob42
commented
9 years ago @ruuds I also tried disabling the parameter with no luck.
Even after downgrading to 7.10.0 I still couldn't use ssh. After an hour or so digging I found out that the upgrade messed up the file premissions on the ssh folder of the data store. Fixing the the premissions fixed ssh access.
So I guess my issue was not related to yours, I can't risk to upgrade again since there's another issue blocking me.
sameersbn
commented
9 years ago @sp4ke the line https://github.com/sameersbn/docker-gitlab/blob/master/entrypoint.sh#L285 was added recently that updates the ownership of the ssh directly. However I cannot understand how it managed to bungle the permissions set on the key files. I have added additional line to make sure the key files have the right permissions.
Thanks for investigating this issue.
blob42
commented
9 years ago @sameersbn thanks you're welcome
sameersbn
commented
9 years ago closing this issue.. please reopen if you still face problems. thanks.
cjsio
commented
1 month ago Hi, I'm getting a very similar issue on my private GitLab server. I've verified with iptables that port 22 is open and fine. I configured a custom ssh port for general ssh, so that GitLab could run its ssh daemon on port 22 through the docker image without issue.
In my docker-compose.yml I have the following ports section defined:
ports:
- '80:80'
- '443:443'
- '22:22'
- '587:587'When I run ssh -v git@git.mydomain.com , I get a reasonable and instant response:
OpenSSH_[VersionInfo], OpenSSL [MoreVersionInfo] 2024
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Connecting to git.mydomain.com [ipv6address] port 22.But without the -v argument, it always times out after ~20 seconds:
ssh: connect to host git.mydomain.com port 22: Connection timed outI tried configuring the connection explicitly with a .ssh\config file, but it doesn't seem to affect the output other than the ssh command with -v also having this debug output line:
debug1: Reading configuration data /c/Users/<User>/.ssh/configWhat am I missing?
On a mac w/ yosemite, I am using latest master w/ docker-compose and following docker-compose.yml (below).
I have successfully started via docker-compose using this configuration, created a user, imported ssh key for user, and created a repo. I have configured git to push to this repo:
However, I get an ssh timeout when I try to push. I also get a timeout when I ssh to this address manually.
What should be my next steps to debug? Thanks!