You are not logged in.

#1 2022-05-05 19:18:28

w98se
Member
Registered: 2022-05-05
Posts: 1

Docker container's port isn't accessible

Hi all,

I’ve got some ridiculous situation when can’t access my docker container over its mapped port. Running all like usual:

:: run container with simple python web app (hello world style app just to test connection)

~# docker run --rm -d -p 192.168.1.102:8080:5000 flask-app
b3407bde527cc4085e2ea794ceb59e1263121f0182e0e738d6fb74a10f4b361b

:: check it out

~# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
b3407bde527c flask-app “python -m flask run…” 9 seconds ago Up 8 seconds 192.168.1.102:8080->5000/tcp silly_morse

:: check that port is up on local IP

~# netstat -tulpn|grep 8080
tcp 0 0 192.168.1.102:8080 0.0.0.0:* LISTEN 5887/docker-proxy

:: check if port is accessible from host side (here we have problems...)

~# nc -zv 192.168.1.102 8080
192.168.1.102 8080 (http-alt): Connection timed out

~# curl -v http://192.168.1.102:8080

Rebuilt URL to: http://192.168.1.102:8080/
Trying 192.168.1.102…
TCP_NODELAY set
connect to 192.168.1.102 port 8080 failed: Connection timed out
Failed to connect to 192.168.1.102 port 8080: Connection timed out
Closing connection 0
curl: (7) Failed to connect to 192.168.1.102 port 8080: Connection timed out

:: firewall rules are good btw

~# iptables -S
-P INPUT ACCEPT
-P FORWARD ACCEPT
-P OUTPUT ACCEPT
-N DOCKER
-N DOCKER-ISOLATION
-N DOCKER-USER
-A FORWARD -j DOCKER-USER
-A FORWARD -j DOCKER-ISOLATION
-A FORWARD -o docker0 -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
-A FORWARD -o docker0 -j DOCKER
-A FORWARD -i docker0 ! -o docker0 -j ACCEPT
-A FORWARD -i docker0 -o docker0 -j ACCEPT
-A DOCKER -d 172.17.0.2/32 ! -i docker0 -o docker0 -p tcp -m tcp --dport 5000 -j ACCEPT
-A DOCKER-ISOLATION -j RETURN
-A DOCKER-USER -j RETURN

The same situation if use ‘any’ interface/IP (-p 0.0.0.0:8080:5000).

Current host OS is Arch 2018 (Linux 4.14.32-1-lts #1 SMP Sun Apr 1 11:41:45 CEST 2018 x86_64 GNU/Linux) and docker version is 18.03.0-ce build 0520e24302.
Also tried to replace existing binaries with the latest version according to official docker's doc here https://docs.docker.com/engine/install/ … s-on-linux - but no luck - new docker version behave in the same way. I have one more server with the same Arch version and docker pkg - and the same problem on it.

Looks like docker-proxy service is not working properly or not handling connections. Or it could be some local network/routing issue.
The container itself is healthy and accessible over http request if run curl cmd from another docker container.

Can’t find the root of the problem or even where to dig.
Would be really appreciate any suggestion!

Offline

Board footer

Powered by FluxBB