❯ docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 49b69b9eaaf9 postgres:14 "docker-entrypoint.s…" 8 minutes ago Up 8 minutes 0.0.0.0:5432->5432/tcp pg14
but while I connect from WSL to that container without any issues:
----------------------------------------------------------------------------------------------------------------------------- PostgreSQL 14.5 (Debian 14.5-1.pgdg110+1) on x86_64-pc-linux-gnu, compiled by gcc (Debian 10.2.1-6) 10.2.1 20210110, 64-bit (1 row)
The windows command line (powershell) fails connecting to the same container with:
❯ $env:PGPASSWORD="postgres"; psql --host=localhost --username=postgres --command="SELECT version();" psql: error: FATAL: password authentication failed for user "postgres"
I am using Docker Desktop v4.11.1, Docker version 20.10.12, build 20.10.12-0ubuntu4 and Docker version 20.10.17, build 100c701 on Windows.
Does anybody have any idea what could be the issue?
Thank you.
Docker Desktop needs to forward ports from your Windows host to the virtual machine (WSL). I guess it will not do it on every interfaces on Windows and inside the VM as well. If you want to use “localhost”, try forwarding the port from 127.0.0.1 like:
docker run --name pg14 -e POSTGRES_PASSWORD=postgres --detach --publish 127.0.0.1:5432:5432 postgres:14
docker: Error response from daemon: Ports are not available: exposing port TCP 127.0.0.1:5432 -> 0.0.0.0:0: listen tcp 127.0.0.1:5432: bind: An attempt was made to access a socket in a way forbidden by its access permissions.
Okay, I tried it and the port forwardig works even without specifying the source IP address. If I use a specific source IP, that works too.
Your current error message says the port is not available, but when I use a port that is already used, it shows me “already used”. I don1t understand that “0.0.0.0:0” either.
Maybe I misundersood you. Where exactly do you execute docker run? In your PowerShell or in the WSL distribution?
Please, share the output of docker version and docker info running on on Windows and in the WSL distribution, because I don’t understand where you got the build version. I can’t find "build <version>-0ubuntu4 in my output as it was in yours:
I did it both ways: starting docker from PowerShell or starting it from WSL sh. Either way I can connect from WSL (sh) but can NOT from Windows (PowerShell). Windows keep complaining:
psql: error: FATAL: password authentication failed for user "postgres"
while WSL works fine.
Here is the docker output on Windows:
❯ docker version
Client:
Cloud integration: v1.0.28
Version: 20.10.17
API version: 1.41
Go version: go1.17.11
Git commit: 100c701
Built: Mon Jun 6 23:09:02 2022
OS/Arch: windows/amd64
Context: default
Experimental: true
Server: Docker Desktop 4.11.1 (84025)
Engine:
Version: 20.10.17
API version: 1.41 (minimum version 1.12)
Go version: go1.17.11
Git commit: a89b842
Built: Mon Jun 6 23:01:23 2022
OS/Arch: linux/amd64
Experimental: false
containerd:
Version: 1.6.6
GitCommit: 10c12954828e7c7c9b6e0ea9b0c02b01407d3ae1
runc:
Version: 1.1.2
GitCommit: v1.1.2-0-ga916309
docker-init:
Version: 0.19.0
GitCommit: de40ad0
❯ docker info
Client:
Context: default
Debug Mode: false
Plugins:
buildx: Docker Buildx (Docker Inc., v0.8.2)
compose: Docker Compose (Docker Inc., v2.7.0)
extension: Manages Docker extensions (Docker Inc., v0.2.8)
sbom: View the packaged-based Software Bill Of Materials (SBOM) for an image (Anchore Inc., 0.6.0)
scan: Docker Scan (Docker Inc., v0.17.0)
Server:
Containers: 3
Running: 3
Paused: 0
Stopped: 0
Images: 13
Server Version: 20.10.17
Storage Driver: overlay2
Backing Filesystem: extfs
Supports d_type: true
Native Overlay Diff: true
userxattr: false
Logging Driver: json-file
Cgroup Driver: cgroupfs
Cgroup Version: 1
Plugins:
Volume: local
Network: bridge host ipvlan macvlan null overlay
Log: awslogs fluentd gcplogs gelf journald json-file local logentries splunk syslog
Swarm: inactive
Runtimes: io.containerd.runc.v2 io.containerd.runtime.v1.linux runc
Default Runtime: runc
Init Binary: docker-init
containerd version: 10c12954828e7c7c9b6e0ea9b0c02b01407d3ae1
runc version: v1.1.2-0-ga916309
init version: de40ad0
Security Options:
seccomp
Profile: default
Kernel Version: 5.10.102.1-microsoft-standard-WSL2
Operating System: Docker Desktop
OSType: linux
Architecture: x86_64
CPUs: 16
Total Memory: 24.83GiB
Name: docker-desktop
ID: B2XQ:X3E2:32IS:726C:4Q3E:D5NO:KDVX:PB6I:AOWW:6DHZ:XCN2:UP3Z
Docker Root Dir: /var/lib/docker
Debug Mode: false
HTTP Proxy: http.docker.internal:3128
HTTPS Proxy: http.docker.internal:3128
No Proxy: hubproxy.docker.internal
Registry: https://index.docker.io/v1/
Labels:
Experimental: false
Insecure Registries:
hubproxy.docker.internal:5000
127.0.0.0/8
Live Restore Enabled: false
WARNING: No blkio throttle.read_bps_device support
WARNING: No blkio throttle.write_bps_device support
WARNING: No blkio throttle.read_iops_device support
WARNING: No blkio throttle.write_iops_device support
and here it is from WSL:
❯ docker version
Client:
Version: 20.10.12
API version: 1.41
Go version: go1.17.3
Git commit: 20.10.12-0ubuntu4
Built: Mon Mar 7 17:10:06 2022
OS/Arch: linux/amd64
Context: default
Experimental: true
Server: Docker Desktop
Engine:
Version: 20.10.17
API version: 1.41 (minimum version 1.12)
Go version: go1.17.11
Git commit: a89b842
Built: Mon Jun 6 23:01:23 2022
OS/Arch: linux/amd64
Experimental: false
containerd:
Version: 1.6.6
GitCommit: 10c12954828e7c7c9b6e0ea9b0c02b01407d3ae1
runc:
Version: 1.1.2
GitCommit: v1.1.2-0-ga916309
docker-init:
Version: 0.19.0
GitCommit: de40ad0
❯ docker info
Client:
Context: default
Debug Mode: false
Plugins:
buildx: Docker Buildx (Docker Inc., v0.8.2)
compose: Docker Compose (Docker Inc., v2.7.0)
extension: Manages Docker extensions (Docker Inc., v0.2.8)
sbom: View the packaged-based Software Bill Of Materials (SBOM) for an image (Anchore Inc., 0.6.0)
scan: Docker Scan (Docker Inc., v0.17.0)
Server:
Containers: 3
Running: 3
Paused: 0
Stopped: 0
Images: 13
Server Version: 20.10.17
Storage Driver: overlay2
Backing Filesystem: extfs
Supports d_type: true
Native Overlay Diff: true
userxattr: false
Logging Driver: json-file
Cgroup Driver: cgroupfs
Cgroup Version: 1
Plugins:
Volume: local
Network: bridge host ipvlan macvlan null overlay
Log: awslogs fluentd gcplogs gelf journald json-file local logentries splunk syslog
Swarm: inactive
Runtimes: io.containerd.runtime.v1.linux runc io.containerd.runc.v2
Default Runtime: runc
Init Binary: docker-init
containerd version: 10c12954828e7c7c9b6e0ea9b0c02b01407d3ae1
runc version: v1.1.2-0-ga916309
init version: de40ad0
Security Options:
seccomp
Profile: default
Kernel Version: 5.10.102.1-microsoft-standard-WSL2
Operating System: Docker Desktop
OSType: linux
Architecture: x86_64
CPUs: 16
Total Memory: 24.83GiB
Name: docker-desktop
ID: B2XQ:X3E2:32IS:726C:4Q3E:D5NO:KDVX:PB6I:AOWW:6DHZ:XCN2:UP3Z
Docker Root Dir: /var/lib/docker
Debug Mode: false
HTTP Proxy: http.docker.internal:3128
HTTPS Proxy: http.docker.internal:3128
No Proxy: hubproxy.docker.internal
Username: bprager
Registry: https://index.docker.io/v1/
Labels:
Experimental: false
Insecure Registries:
hubproxy.docker.internal:5000
127.0.0.0/8
Live Restore Enabled: false
WARNING: No blkio throttle.read_bps_device support
WARNING: No blkio throttle.write_bps_device support
WARNING: No blkio throttle.read_iops_device support
WARNING: No blkio throttle.write_iops_device support
I found it! It looks like it has something to do with my Windows firewall setting, I assume. When I forward the PostgreSQL port to 8080 it suddenly works:
I guess you installed Docker in that WSL distribution from the Ubuntu repository and not the official repository from Docker, and also enabled WSL integration. This is why it looked strange for me. That “0ubuntu4” suffix should not be there and the version should be “20.10.17” from everywhere. Doesn’t matter now, because psql works for you from WSL and the problem is with Windows, but you should use the repository from Docker’s official documentation when you install it on Linux and you don’t need to install it when you want to use Docker Desktop from WSL. WSL integration makes the Docker client available from the WSL distribution automatically.
I also misunderstood your problem, because I thought you had an issue with accessing the port, but the error message complained about wrong password.
On the other hand you wrote in your last post:
So I am confused. Or did you mean that you solved the other error message?
So I don’t really understand what happened, but ths is what I can recommend:
If you want to use Docker Desktop, don’t install the Docker client in the WSL distribution. If you have installed it, remove it.
If you need docker in the WSL distribution and not just the client
Follow the official documentation of Docker and install it from Docker’s own repository. If you installed Docker from snap, that is worse.
Use the client provided by Docker Desktop:
"/mnt/c/Program Files/Docker/Docker/resources/bin/docker" info
Make sure you don’t have an other container using the same port external port
Make sure you don’t have anything running on that port, for example an other postgres directly on the host, not in containers.
If you have problem with passwords, that could mean you are actually trying to connect to a different database.
now that I wrote my recommendation, I have an idea what happened. Maybe not exactly, but something similar.
You installed a Postgresql server on your host in the past, but forgot about that
You ran a container forwarding the same port from the host that was already used and somehow Docker did not complain about that. (I have theories, but it doesn’t matter at this point)
Then you tried to login from WSL, and it worked, because localhost is localhost inside the WSL and Windows forwarded WSLs localhost to the WSL distribution of Docker.
You tried to login from PowerShell and you just connected to the Postgresql server running on your Windows host.
Second Idea after writing the previous one, maybe more likely:
Your password didn’t work, because the fact that you use “localhost” to connect to postgres, doesn’t mean postgres will see you coming from localhost. Sou you will have two different IP address and it has a user allowed to connect from one, which is the IP address of WSL
This second idea can be tested easily if you have experience administrating Postgres. Connect to the database from WSL, where it worked, and checked the users and where they can connect from. If you don’t know how to do that, try to create a user that can connect from anywhere and use that just for testing. I could do it only in MySQL, so I can’t tell you how you should do it. I hope Google helps if you don’t know that either.
You were right with your assumption of another PostgreSQL instance running (I got my laptop pre-installed). I disabled that. I also made sure that port 5432 is explicitly allowed for in- and out-coming connections.
Now I can also connect from Windows (after some annoying reboots) and everything works fine.
Thanks again . I really appreciate your help. I am a happy camper again.