Hi all,
I’m a docker newbie, this is my environment : CentOS Linux release 7.4.1708 (Core) + Docker version 18.03.1-ce, build 9ee9f40 .
My host eth0 network interface ip : 192.168.0.124
I create stack with 3 services : nginx, php-fpm, mariadb and make them running together. Here my configuration
docker-compose.yml
version: "3.3"
services:
php-fpm70:
image: php-fpm70
deploy:
replicas: 1
restart_policy:
condition: on-failure
configs:
# map www.conf from host to php-fpm container to change port from 9000 to 9003
- source: www.conf.1
target: /etc/opt/rh/rh-php70/php-fpm.d/www.conf
volumes:
- /opt/www:/opt/www
- /var/lib/mysql:/var/lib/mysql
ports:
- "9003:9003"
networks:
- webnet
web:
image: nginx
deploy:
replicas: 1
restart_policy:
condition: on-failure
volumes:
# websites source code
- /opt/www:/opt/www
# nginx virtual host config
- /opt/nginx/conf.d:/etc/nginx/conf.d
- /var/log/nginx:/var/log/nginx
- /var/lib/mysql:/var/lib/mysql
ports:
- "80:80"
- "443:443"
networks:
- webnet
mariadb:
image: mariadb
deploy:
replicas: 1
restart_policy:
condition: on-failure
environment:
MYSQL_ROOT_PASSWORD: ***
configs:
- source: my.cnf
target: /etc/my.cnf
volumes:
# mariadb datadir
- /var/lib/mysql:/var/lib/mysql
- /opt/mariadb/my.cnf.d:/etc/my.cnf.d
ports:
- "3306:3306"
networks:
- webnet
configs:
www.conf.1:
file: /opt/php-fpm70/www.conf
my.cnf:
file: /opt/mariadb/my.cnf
networks:
webnet:
/opt/nginx/conf.d/test.conf
server {
listen 80;
server_name test.mydomain.com;
access_log /var/log/nginx/test/access.log;
error_log /var/log/nginx/test/error.log;
root /opt/www/test/;
gzip on;
gzip_comp_level 9;
gzip_min_length 1000;
gzip_proxied off;
gzip_types text/plain text/css application/xml+html application/javascript image/jpeg image/x-icon image/gif image/png video/jpeg;
gzip_disable "MSIE [1-6]\.";
index index.html index.htm index.php;
location ~ \.php$ {
try_files $uri =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass php-fpm70:9003;
fastcgi_index index.php;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
}
}
/opt/mariadb/my.cnf
[mysqld]
datadir=/var/lib/mysql
socket=/var/lib/mysql/mysql.sock
symbolic-links=0
#bind-address = 192.168.0.124
[mysqld_safe]
log-error=/var/lib/mysql/mariadb.log
pid-file=/var/lib/mysql/mariadb.pid
!includedir /etc/my.cnf.d
/opt/www/test/abc.php
<?php
$servername = "mariadb";
$username = "root";
$password = "***";
// Create connection
$conn = new mysqli($servername, $username, $password);
// Check connection
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
echo "Connected successfully";
?>
docker stack deploy -c docker-compose.yml getstartedlab
docker service ls
ID NAME MODE REPLICAS IMAGE PORTS
ugibxe1c4o76 getstartedlab_mariadb replicated 1/1 mariadb:latest *:3306->3306/tcp
p489hfezvwlw getstartedlab_php-fpm70 replicated 1/1 php-fpm70:latest *:9003->9003/tcp
du2fpdpev154 getstartedlab_web replicated 1/1 nginx:latest *:80->80/tcp, *:443->443/tcp
I can access to test.mydomain.com → “Welcome to nginx” , test.mydomain.com/index.php → show phpinfo. But I cannot access to test.mydomain.com/abc.php → “Connected successfully"
netstat -tupln
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 998/sshd
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 1218/master
tcp6 0 0 :::9003 :::* LISTEN 1320/dockerd
tcp6 0 0 :::80 :::* LISTEN 1320/dockerd
tcp6 0 0 :::22 :::* LISTEN 998/sshd
tcp6 0 0 ::1:25 :::* LISTEN 1218/master
tcp6 0 0 :::443 :::* LISTEN 1320/dockerd
tcp6 0 0 :::2377 :::* LISTEN 1320/dockerd
tcp6 0 0 :::3306 :::* LISTEN 1320/dockerd
tcp6 0 0 :::7946 :::* LISTEN 1320/dockerd
udp 0 0 0.0.0.0:4789 0.0.0.0:* -
udp6 0 0 :::7946 :::* 1320/dockerd
ps aux | grep nginx
root 26446 0.0 0.0 36824 3304 ? Ss 12:02 0:00 nginx: master process nginx -g daemon off;
101 26562 0.0 0.0 37276 2220 ? S 12:02 0:00 nginx: worker process
ps aux | grep php-fpm
root 26263 0.0 0.1 298928 18308 ? Ss 12:02 0:00 php-fpm: master process (/etc/opt/rh/rh-php70/php-fpm.conf)
apache 26366 0.0 0.0 301004 10796 ? S 12:02 0:00 php-fpm: pool www
apache 26367 0.0 0.0 298928 9304 ? S 12:02 0:00 php-fpm: pool www
apache 26368 0.0 0.0 298928 9308 ? S 12:02 0:00 php-fpm: pool www
apache 26369 0.0 0.0 298928 9304 ? S 12:02 0:00 php-fpm: pool www
apache 26370 0.0 0.0 298928 9308 ? S 12:02 0:00 php-fpm: pool www
ps aux | grep mysql
polkitd 26046 0.0 0.6 1989536 106020 ? Ssl 12:02 0:05 mysqld
docker service inspect getstartedlab_web
[
{
"ID": "2v9cdy0k2v36vepjwtl14lced",
"Version": {
"Index": 3701
},
"CreatedAt": "2018-07-05T05:02:16.470349059Z",
"UpdatedAt": "2018-07-05T05:02:16.494103979Z",
"Spec": {
"Name": "getstartedlab_web",
"Labels": {
"com.docker.stack.image": "nginx",
"com.docker.stack.namespace": "getstartedlab"
},
"TaskTemplate": {
"ContainerSpec": {
"Image": "nginx:latest@sha256:2cf71a9320ea65566c0738e87400407aaffd8dd11a411ceb2f2b585ad513469e",
"Labels": {
"com.docker.stack.namespace": "getstartedlab"
},
"Privileges": {
"CredentialSpec": null,
"SELinuxContext": null
},
"Mounts": [
{
"Type": "bind",
"Source": "/opt/www",
"Target": "/opt/www"
},
{
"Type": "bind",
"Source": "/opt/nginx/conf.d",
"Target": "/etc/nginx/conf.d"
},
{
"Type": "bind",
"Source": "/var/log/nginx",
"Target": "/var/log/nginx"
},
{
"Type": "bind",
"Source": "/var/lib/mysql",
"Target": "/var/lib/mysql"
}
],
"StopGracePeriod": 10000000000,
"DNSConfig": {},
"Isolation": "default"
},
"Resources": {},
"RestartPolicy": {
"Condition": "on-failure",
"Delay": 5000000000,
"MaxAttempts": 0
},
"Placement": {
"Platforms": [
{
"Architecture": "amd64",
"OS": "linux"
},
{
"OS": "linux"
},
{
"Architecture": "arm64",
"OS": "linux"
},
{
"Architecture": "386",
"OS": "linux"
},
{
"Architecture": "ppc64le",
"OS": "linux"
},
{
"Architecture": "s390x",
"OS": "linux"
}
]
},
"Networks": [
{
"Target": "yzrbcgwqfjk2scbuirvqczdqs",
"Aliases": [
"web"
]
}
],
"ForceUpdate": 0,
"Runtime": "container"
},
"Mode": {
"Replicated": {
"Replicas": 1
}
},
"UpdateConfig": {
"Parallelism": 1,
"FailureAction": "pause",
"Monitor": 5000000000,
"MaxFailureRatio": 0,
"Order": "stop-first"
},
"RollbackConfig": {
"Parallelism": 1,
"FailureAction": "pause",
"Monitor": 5000000000,
"MaxFailureRatio": 0,
"Order": "stop-first"
},
"EndpointSpec": {
"Mode": "vip",
"Ports": [
{
"Protocol": "tcp",
"TargetPort": 80,
"PublishedPort": 80,
"PublishMode": "ingress"
},
{
"Protocol": "tcp",
"TargetPort": 443,
"PublishedPort": 443,
"PublishMode": "ingress"
}
]
}
},
"Endpoint": {
"Spec": {
"Mode": "vip",
"Ports": [
{
"Protocol": "tcp",
"TargetPort": 80,
"PublishedPort": 80,
"PublishMode": "ingress"
},
{
"Protocol": "tcp",
"TargetPort": 443,
"PublishedPort": 443,
"PublishMode": "ingress"
}
]
},
"Ports": [
{
"Protocol": "tcp",
"TargetPort": 80,
"PublishedPort": 80,
"PublishMode": "ingress"
},
{
"Protocol": "tcp",
"TargetPort": 443,
"PublishedPort": 443,
"PublishMode": "ingress"
}
],
"VirtualIPs": [
{
"NetworkID": "ktub04rx2lr2h3jrmcf40qf91",
"Addr": "10.255.1.140/16"
},
{
"NetworkID": "yzrbcgwqfjk2scbuirvqczdqs",
"Addr": "10.0.0.7/24"
}
]
}
}
]
docker service inspect getstartedlab_mariadb
[
{
"ID": "u0xoj5q2m9hoqkl1ygf1y0b5w",
"Version": {
"Index": 3732
},
"CreatedAt": "2018-07-05T07:04:50.246336862Z",
"UpdatedAt": "2018-07-05T07:04:50.260515986Z",
"Spec": {
"Name": "getstartedlab_mariadb",
"Labels": {
"com.docker.stack.image": "mariadb",
"com.docker.stack.namespace": "getstartedlab"
},
"TaskTemplate": {
"ContainerSpec": {
"Image": "mariadb:latest@sha256:f2085c2176ba6294cf73033b344a420faa2ddae1b97b6795c101552e86284ba3",
"Labels": {
"com.docker.stack.namespace": "getstartedlab"
},
"Env": [
"MYSQL_ROOT_PASSWORD=***"
],
"Privileges": {
"CredentialSpec": null,
"SELinuxContext": null
},
"Mounts": [
{
"Type": "bind",
"Source": "/var/lib/mysql",
"Target": "/var/lib/mysql"
},
{
"Type": "bind",
"Source": "/opt/mariadb/my.cnf.d",
"Target": "/etc/my.cnf.d"
}
],
"StopGracePeriod": 10000000000,
"DNSConfig": {},
"Configs": [
{
"File": {
"Name": "/etc/my.cnf",
"UID": "0",
"GID": "0",
"Mode": 292
},
"ConfigID": "okla3dba2a6jstqd909jtk6hg",
"ConfigName": "getstartedlab_my.cnf"
}
],
"Isolation": "default"
},
"Resources": {},
"RestartPolicy": {
"Condition": "on-failure",
"Delay": 5000000000,
"MaxAttempts": 0
},
"Placement": {
"Platforms": [
{
"Architecture": "amd64",
"OS": "linux"
}
]
},
"Networks": [
{
"Target": "6e8mpxsm9xi3mfnihny0nwiqr",
"Aliases": [
"mariadb"
]
}
],
"ForceUpdate": 0,
"Runtime": "container"
},
"Mode": {
"Replicated": {
"Replicas": 1
}
},
"UpdateConfig": {
"Parallelism": 1,
"FailureAction": "pause",
"Monitor": 5000000000,
"MaxFailureRatio": 0,
"Order": "stop-first"
},
"RollbackConfig": {
"Parallelism": 1,
"FailureAction": "pause",
"Monitor": 5000000000,
"MaxFailureRatio": 0,
"Order": "stop-first"
},
"EndpointSpec": {
"Mode": "vip",
"Ports": [
{
"Protocol": "tcp",
"TargetPort": 3306,
"PublishedPort": 3306,
"PublishMode": "ingress"
}
]
}
},
"Endpoint": {
"Spec": {
"Mode": "vip",
"Ports": [
{
"Protocol": "tcp",
"TargetPort": 3306,
"PublishedPort": 3306,
"PublishMode": "ingress"
}
]
},
"Ports": [
{
"Protocol": "tcp",
"TargetPort": 3306,
"PublishedPort": 3306,
"PublishMode": "ingress"
}
],
"VirtualIPs": [
{
"NetworkID": "ktub04rx2lr2h3jrmcf40qf91",
"Addr": "10.255.1.142/16"
},
{
"NetworkID": "6e8mpxsm9xi3mfnihny0nwiqr",
"Addr": "10.0.0.3/24"
}
]
}
}
]
From remote client I can telnet 192.168.0.124 port 80 or 3306. Now I have a fool question if I can make nginx and mariadb container use my host network interface eth0 192.168.0.124 for listening ?
If I add “bind-address = 192.168.0.124” into my.cnf , I cannot access to test.mydomain.com/abc.php → “bind-address = Warning: mysqli::__construct(): (HY000/2002): Connection refused in /opt/www/test/abc.php on line 7
Connection failed: Connection refused” , I cannot telnet 192.168.0.124 3306 from remote client anymore.
If I change listen “192.168.0.124:80;” in test.conf , stop and start stack again, nginx service cannot be started
docker service ls
ID NAME MODE REPLICAS IMAGE PORTS
qmi9t9p8d1gh getstartedlab_mariadb replicated 1/1 mariadb:latest *:3306->3306/tcp
6zjrc9px5yzx getstartedlab_php-fpm70 replicated 1/1 php-fpm70:latest *:9003->9003/tcp
b0l9e235850g getstartedlab_web replicated 0/1 nginx:latest *:80->80/tcp, *:443->443/tcp
Please give me some advice, thank you very much.