Dial tcp 172.20.0.2:443: connect: connection refused

hello world :wink:

i’m running gitlab (ce) and gitlab-runner, and unknown to me reason gitlab-runner over some time unable to reach to gitlab anymore even though both containers are in the same docker network:

root@dos:/opt/gitlab# docker-compose up -d
[+] Running 1/1
 ✔ Container gitlab-web-1  Started                                                                                                                                                                         0.1s
root@dos:/opt/gitlab# docker network inspect gitlab_default
[
    {
        "Name": "gitlab_default",
        "Id": "7b0961116f9e9de48df0a858950a71d9b9a784334e6cf18cd28cbf7a8e935b87",
        "Created": "2024-08-08T14:34:58.807259045Z",
        "Scope": "local",
        "Driver": "bridge",
        "EnableIPv6": false,
        "IPAM": {
            "Driver": "default",
            "Options": null,
            "Config": [
                {
                    "Subnet": "172.20.0.0/16",
                    "Gateway": "172.20.0.1"
                }
            ]
        },
        "Internal": false,
        "Attachable": false,
        "Ingress": false,
        "ConfigFrom": {
            "Network": ""
        },
        "ConfigOnly": false,
        "Containers": {
            "104a8624b064044395f9085666e2c7cb3c327f4fdfb686aa8485039c0ddb2947": {
                "Name": "gitlab-web-1",
                "EndpointID": "9f991c1f67df555d0ce5bc6b69405b7e490d8306a5b8a8d125a46a3a14b2491d",
                "MacAddress": "02:42:ac:14:00:02",
                "IPv4Address": "172.20.0.2/16",
                "IPv6Address": ""
            },
            "9660cec2dfa8350c31ab13d9457a200ee3a5a6dd35d7fc7ce6f1db9c26b8518b": {
                "Name": "gitlab-runner-gitlab-runner-1",
                "EndpointID": "eafb6f0108394b0dba8d292f47cdffac746fde053c506bc598848f6e10176465",
                "MacAddress": "02:42:ac:14:00:03",
                "IPv4Address": "172.20.0.3/16",
                "IPv6Address": ""
            }
        },
        "Options": {},
        "Labels": {
            "com.docker.compose.network": "default",
            "com.docker.compose.project": "gitlab",
            "com.docker.compose.version": "2.20.3"
        }
    }
]
root@dos:/opt/gitlab#

i even 3rd container (curl) and it also unable to reach out to gitlab

root@dos:/opt/gitlab# docker run -it --network gitlab_default curlimages/curl:latest curl -v https://gitlab.X.app/
* Host gitlab.X.app:443 was resolved.
* IPv6: (none)
* IPv4: 172.20.0.2
*   Trying 172.20.0.2:443...
* connect to 172.20.0.2 port 443 from 172.20.0.6 port 38278 failed: Connection refused
* Failed to connect to gitlab.X.app port 443 after 2 ms: Could not connect to server
* closing connection #0
curl: (7) Failed to connect to gitlab.X.app port 443 after 2 ms: Could not connect to server
root@dos:/opt/gitlab#

my environment:

root@dos:~# uname -a
Linux dos 6.1.0-23-cloud-amd64 #1 SMP PREEMPT_DYNAMIC Debian 6.1.99-1 (2024-07-15) x86_64 GNU/Linux
root@dos:~# cat /etc/debian_version
12.6
root@dos:~# docker --version
Docker version 27.1.1, build 6312585
root@dos:~#

Please advise)
Thanks in advance!


REF: WARNING: Checking for jobs... failed runner=-z4mfftsD status=couldn't execute POST against https://gitlab.X.app/api/v4/jobs/request: Post "https://gitlab.X.app/api/v4/jobs/request": dial tcp 172.20.0.2:443: connect: connection refused - General - GitLab Forum

What is that? A real domain pointing to your Docker network internal IP? Or did you set this up in local DNS?

yes it is real domain and it is pointing to real public IP address, i just masked it to maintain a bit of privacy) TLD is .app, my X is mask.

however if you’re referring to my attempt to reach out to gitlab’ api via curl, my 2c is in lue of me using gitlab_default network, docker uses internal network over public network, maybe order (preference).
why is it even matter for gitlab’ nginx?

i appreciate it you’re looking in my thread, thanks! :pray: