Docker Community Forums

Share and learn in the Docker community.

Docker connection refused between two containers


#1

Hey
I deployed two container in the same network (tried bridge and another that i created to test).
When creating the image of container n2 i exposed port 5000.
The thing is im trying to use n1 with nginx as a proxy redirect which is doing its job.
Although when redirecting to n2 it connection is denied.
Since im using the same network im redirecting to 0.0.0.0:5000.
When entering n1 to try to check if n2 has its port 5000 really open with nmap i find its filtered.

Anyone knows how to open or what the problem might be?


(Caldarolad) #2

Check to make sure they’re both on the same network. They probably aren’t, and you’ll probably have to create your own network and add them both to it in the docker run commands.

You can tell by doing a docker network ls, find which network you think they are on, and do a docker network inspect of that network, it’ll show you which containers are attached to that network.

I’m not sure how you’re trying to connect, but you will probably have better luck connecting via the container-name, and not the IP.


#3

Check to make sure they’re both on the same network. They probably aren’t

They are

{
        "Name": "test",
        "Id": "ecf3d90b067c958f67e0bf7becaff902247ed8c637138928d28bb2a79f0c6a44",
        "Created": "2019-01-29T19:47:48.045805396Z",
        "Scope": "local",
        "Driver": "bridge",
        "EnableIPv6": false,
        "IPAM": {
            "Driver": "default",
            "Options": {},
            "Config": [
                {
                    "Subnet": "172.18.0.0/16",
                    "Gateway": "172.18.0.1"
                }
            ]
        },
        "Internal": false,
        "Attachable": false,
        "Ingress": false,
        "ConfigFrom": {
            "Network": ""
        },
        "ConfigOnly": false,
        "Containers": {
            "954f6416daeb4073a6382c2d2ea510084bdf8418232b14fca11e962449ae1444": {
                "Name": "n1",
                "EndpointID": "444c2d5844b63498e58facc7ee43bac7bf0c4ceefaa9dc08ea9a2c272b9e50ce",
                "MacAddress": "02:42:ac:12:00:02",
                "IPv4Address": "172.18.0.2/16",
                "IPv6Address": ""
            },
            "c9716668c1ce042bae148f3ec17cc1e985559903f01735be0114c5097ab11271": {
                "Name": "n2",
                "EndpointID": "d1bed1cfac03388fd285adacff42aa4ac7a6ff18ea26b11822eb5c29f4b05140",
                "MacAddress": "02:42:ac:12:00:03",
                "IPv4Address": "172.18.0.3/16",
                "IPv6Address": ""
            }
        },
        "Options": {},
        "Labels": {}
    }

you’ll probably have to create your own network and add them both to it in the docker run commands.
You can tell by doing a docker network ls, find which network you think they are on, and do a docker network inspect of that network, it’ll show you which containers are attached to that network.

Just did it as stated above and it is not working

the conf file of the nginx is the follow
both 0.0.0.0:5000 and the 172.18.0.3 are refused when trying to connect

server{
  listen 80;
  location \ {
    proxy_pass "http:0.0.0.0:5000";
    proxy_set_header Host $host;
    proxy_redirect          off;
    proxy_set_header        X-NginX-Proxy true;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
  }
}

(Caldarolad) #4

I have zero experience with nginx so I can’t help you there. Try connecting to http://n2:5000 instead of 0.0.0.0


(Ove "Lime" Lindström) #5

You never ever use ip-numbers when working with docker containers. :smiley:

If you change the 0.0.0.0 in the nginx config to the name of the container (n1 or n2) it will work. Docker has an internal DNS that uses the container name as host.

Look at a previous reply I did a couple of days ago on a similar topic.


#6

I just changed to n2 after that i restarted nginx and im sure the conf is loaded as it shows with command nginx -T the following:

# configuration file /etc/nginx/conf.d/default.conf:`
    server{
      listen 80;
      location / {
    proxy_pass "http://n2:5000";
    proxy_set_header Host $host;
    proxy_redirect          off;
    proxy_set_header        X-NginX-Proxy true;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
      }
    }

But still not working.
Getting the following error

[error] 706#706: *13 connect() failed (111: Connection refused) while connecting to upstream, client: 172.18.0.1, server: , request: "GET / HTTP/1.1", upstream: "http://172.18.0.3:5000/", host: "172.17.0.1:8080"

2019/01/30 15:00:28 [error] 706#706: *13 connect() failed (111: Connection refused) while connecting to upstream, client: 172.18.0.1, server: , request: "GET /favicon.ico HTTP/1.1", upstream: "http://172.18.0.3:5000/favicon.ico", host: "172.17.0.1:8080", referrer: "http://172.17.0.1:8080/"

even though im using the name of the container, in the end it changes to the real ip

Tried using telnet to check if i could connect from the inside of the nginx container and failled

# telnet n2 5000
Trying 172.18.0.3...
telnet: Unable to connect to remote host: Connection refused

Tried nmap to check the port and its closed. Dont know why since i exposed it dockerfile


(Ove "Lime" Lindström) #7

Where are you running nmap and telnet from?? Inside the nginx-container or your localhost?

EXPOSE tells docker that this container should expose this port(s) WITHIN the defined network. Unless you are running the network=host, it should work. If you are running network=host, you will have a port collision. It will be like two different applications tries to start something on port 8080.

Using the -p in docker run or ports: in docker-compose.yml binds the internal port to a host port.

Take a good look at the example in the link I had in the last reply.

Then tell us exactly how you started the containers please.


#8

Where are you running nmap and telnet from?? Inside the nginx-container or your localhost?

Inside nginx container that is on the same network as the n2 container

Unless you are running the network=host, it should work. If you are running network=host, you will have a port collision. It will be like two different applications tries to start something on port 8080.

They are using the network i’ve created name test, not the host

Then tell us exactly how you started the containers please.

For the n1:

sudo docker run -it -d -p 8080:80 --network="test" --name n1 nginx

As for the n2:

sudo docker run -it -d --network="test" --name n2 n2

Also tried using in the command line for n2 the --expose flag even though its in the dockerfile to make sure its really exposed.
Also tried -p :5000 but this shouldnt matter since im trying to access from withing the network so exposing to the outside shouldnt be needed