Docker Community Forums

Share and learn in the Docker community.

Cant access MongoDB from another container


(Jlseminara) #1

Hello people, I’m kinda new in docker so I beg your indulgence in case my question is obvious.

I created two containers, the first based on plain ubuntu image and the second in plain mongodb image (both the oficial version)

These are de commands I use to launch the containers

docker run -it --entrypoint /bin/bash --hostname MONGODB --name=MONGODB --net=bridge --expose=27017 mongo

docker run -it -p 8080:8080 --entrypoint /bin/bash --hostname APP1 --name=APP1 --link=MONGODB --net=bridge ubuntu

The thing is I can ping the mongodb container from the APP container, but cannot access the mongodb either from an app in Node nor from the mongdb command-line client.
I’d very much appreciate any hint you could give me since I’ve already tryed a lot of things (I’d rather avoid using docker-compose )

The idea is to connect both containers directly whitout exporting the mongodb port to the host ( I mean, I dont want to use the -p parameter for the mongodb container)

Thanks in advance


(Sam) #2

well, that overrides what the mongo container was going to do, so mongo never started

see https://hub.docker.com/_/mongo/ , How to use this image


(Jlseminara) #3

Yes I know that parameter overrides it, but inside bash I start the mongo server myself
I’ll read the documentation you suggested nonetheless. Thankx


(Sam) #4

ok, you didn’t say u started mongod…

the mongo image says (use docker inspect mongo)

"Entrypoint": [
                "docker-entrypoint.sh"
            ],
            "Cmd": [
                "mongod"
            ],

that means at container startup it should run

docker-entrypoint.sh mongod

(Sam) #5

and this doc is vague

connect to it from an application
$ docker run --name some-app --link some-mongo:mongo -d application-that-uses-mongo

should say

connect to it from an application
$ docker run --name some-app --link some-mongo:mongo -d docker_image_with_application-that-uses-mongo

(Jlseminara) #6

yeap, this is how most users run the containers, but I was trying to do it my way (the hardway I know) just to study docker, and understand why my way cannot connect to mongo.
( I’m just insufferable, thanks for your help)


(Sam) #7

no… you are ok linking, and doing it yourself… but you didn’t add that info to the question…

so, after YOU start mongod, is it running, can u query it from that container? (one step at a time)


(Jlseminara) #8

that’s correct, i can hit mongo with any kind of query from inside the container, but I cannot even connet from another container ( and as I said, I can ping from one container to another )


(Sam) #9

ok, and from inside the app container, how are you attempting to connect to the mongo port? if you do

docker inspect APP1

from the host
what are the port mappings?

when you link, the port becomes ‘local’ there is NO ‘remoteness’ to it.
so the db server
port would be localhost:27017


(Jlseminara) #10

I’m trying to connect with mongo command-line client ( just “mongo MONGODB”, also tried with mongo container’s IP, and also with localhost)

I tryied connecting with a Node, app (also tried with the container’s IP and localhost):
MongoClient.connect(“mongodb://MONGODB:27017/test”, function(err, db) {
if(!err) {
console.log(“We are connected”);
}
else
{
console.log( err );
}
});

Here is the Network section of the container info:

“NetworkSettings”: {
“Bridge”: “”,
“SandboxID”: “fcf310a0c727ab63cc760a4e95bb8e945aa5c6e9c918e877829ad4c6f8685091”,
“HairpinMode”: false,
“LinkLocalIPv6Address”: “”,
“LinkLocalIPv6PrefixLen”: 0,
“Ports”: {
“8080/tcp”: [
{
“HostIp”: “0.0.0.0”,
“HostPort”: “8080”
}
]
},
“SandboxKey”: “/var/run/docker/netns/fcf310a0c727”,
“SecondaryIPAddresses”: null,
“SecondaryIPv6Addresses”: null,
“EndpointID”: “e25db9975ad9b73f8a3a4ac6cdd9a5d240430c459a6fde9b9ec380374dc6834c”,
“Gateway”: “172.17.0.1”,
“GlobalIPv6Address”: “”,
“GlobalIPv6PrefixLen”: 0,
“IPAddress”: “172.17.0.3”,
“IPPrefixLen”: 16,
“IPv6Gateway”: “”,
“MacAddress”: “02:42:ac:11:00:03”,
“Networks”: {
“bridge”: {
“IPAMConfig”: null,
“Links”: [
“MONGODB”
],
“Aliases”: null,
“NetworkID”: “be3837bedabdd7052580357e6822680c155efeb39384f9713f927672f4faf012”,
“EndpointID”: “e25db9975ad9b73f8a3a4ac6cdd9a5d240430c459a6fde9b9ec380374dc6834c”,
“Gateway”: “172.17.0.1”,
“IPAddress”: “172.17.0.3”,
“IPPrefixLen”: 16,
“IPv6Gateway”: “”,
“GlobalIPv6Address”: “”,
“GlobalIPv6PrefixLen”: 0,
“MacAddress”: “02:42:ac:11:00:03”,
“DriverOpts”: null
}


(Sam) #11

ok, I used the doc in the link i sent…
my host is Ubuntu 14.04

start the some-mongo container (no -it)

i did

docker exec some-mongo apt-get install net-tools

then

docker exec some-mongo netstat -a 

to prove listening on all ip addresses at port 27017

then started a client container, (using ubuntu as base), (with -it)

then

apt-get install mongodb

then

mongo --host some-mongo:$MONGO_PORT_27017_TCP_PORT

and got

MongoDB shell version: 2.4.9
connecting to: some-mongo:27017/test
Welcome to the MongoDB shell.
For interactive help, type "help".
For more comprehensive documentation, see
	http://docs.mongodb.org/
Questions? Try the support group
	http://groups.google.com/group/mongodb-user
Server has startup warnings: 
2018-01-08T19:43:13.616+0000 I STORAGE  [initandlisten] 
2018-01-08T19:43:13.616+0000 I STORAGE  [initandlisten] ** WARNING: Using the XFS filesystem is strongly recommended with the WiredTiger storage engine
2018-01-08T19:43:13.616+0000 I STORAGE  [initandlisten] **          See http://dochub.mongodb.org/core/prodnotes-filesystem
2018-01-08T19:43:14.814+0000 I CONTROL  [initandlisten] 
2018-01-08T19:43:14.814+0000 I CONTROL  [initandlisten] ** WARNING: Access control is not enabled for the database.
2018-01-08T19:43:14.814+0000 I CONTROL  [initandlisten] **          Read and write access to data and configuration is unrestricted.
2018-01-08T19:43:14.814+0000 I CONTROL  [initandlisten] 
2018-01-08T19:43:14.815+0000 I CONTROL  [initandlisten] 
2018-01-08T19:43:14.815+0000 I CONTROL  [initandlisten] ** WARNING: /sys/kernel/mm/transparent_hugepage/enabled is 'always'.
2018-01-08T19:43:14.815+0000 I CONTROL  [initandlisten] **        We suggest setting it to 'never'
2018-01-08T19:43:14.815+0000 I CONTROL  [initandlisten] 
2018-01-08T19:43:14.815+0000 I CONTROL  [initandlisten] ** WARNING: /sys/kernel/mm/transparent_hugepage/defrag is 'always'.
2018-01-08T19:43:14.815+0000 I CONTROL  [initandlisten] **        We suggest setting it to 'never'
2018-01-08T19:43:14.815+0000 I CONTROL  [initandlisten] 

and I can connect from the host to some-mongo

mongo --host 172.17.0.4:27017
MongoDB shell version: 2.4.9
connecting to: 172.17.0.4:27017/test
Welcome to the MongoDB shell.

(Jlseminara) #12

Ok, got it. I’ll try to give my methods a twist towards your way.

Thanks for all your help, you’ve been very kind

Regards


(Sam) #13

all it means is that the mongo server is probably ONLY Listening for the locahost inside the container…

I think the default config options are

net:
   bindIp: 127.0.0.1
   port: 27017

and the default for the image is

mongod --bind_ip_all

from the mongodb doc

--bind_ip <ip address>
Default: localhost

NOTE

Starting in MongoDB 3.6, mongod bind to localhost (127.0.0.1) by default. See Default Bind to Localhost.

The IP addresses and/or full Unix domain socket paths on which mongod should listen for client connections. You may attach mongod to any interface. To bind to multiple addresses, enter a list of comma-separated values.

EXAMPLE

localhost,/tmp/mongod.sock

WARNING

Before you bind to other ip addresses, consider enabling access control and other security measures listed in Security Checklist to prevent unauthorized access.

To bind to all IPv4 addresses, enter 0.0.0.0.

To bind to all IPv4 and IPv6 addresses, enter 0.0.0.0,:: or alternatively, use the net.bindIpAll setting.

NOTE

--bind_ip and --bind_ip_all are mutually exclusive. That is, you can specify one or the other, but not both.

--bind_ip_all <boolean>
Default: False

New in version 3.6.

If true, the mongod instance binds to all ip addresses. When attaching mongod to a publicly accessible interface, ensure that you have implemented proper authentication and firewall restrictions to protect the integrity of your database.

WARNING

Before you bind to other ip addresses, consider enabling access control and other security measures listed in Security Checklist to prevent unauthorized access.

Alternatively, you can set the --bind_ip option to 0.0.0.0,:: to bind to all IP addresses.

NOTE

**--bind_ip and --bind_ip_all are mutually exclusive.** That is, you can specify one or the other, but not both.

(Jlseminara) #14

sdetweil, as you said, the “- -bind_ip_all” parameter did the trick. (by the way I had “bindIp: 0.0.0.0” in /etc/mongo.conf, instead of 127.0.0.1 I mean)

Thanks again for all your help.

:clap::clap::clap:


(Sam) #15

thanks for the feedback. will help others I am sure…