Docker Community Forums

Share and learn in the Docker community.

Expose multiple container hosted on a single host to internet

docker

(Ezspam) #1

Hi,
I’m just learning docker and playing around by hosting ghost on containers. Initially, I managed to get ghost up and running and was able to access successfully from a custom domain. Then i spun up another container for the same ghost application and bound it to a different port. I did this to try two different ghost themes . But I seem to have broken the system. I’m unable to access from an external domain. It works when i acess from the local host

Container 1 : ghost application - theme1 , IP Add : 192.x.x.20: 2500
Container 2: ghost application-theme 2 , IP Add: 192.x.x.20:3500

external ip 217.x.x.x

I presume something need to be done with networking but not sure how to proceed. Any help is appreciated.


(Sam) #2

what kind of docker host?

what are those ip addresses? the containers, the host? what is the ‘external’ address?


(Ezspam) #3

Here’s the output from docker info
pi@ud-kube-master:~ $ docker -D info Containers: 2
Running: 1
Paused: 0 Stopped: 1
Images: 2 Server Version: 18.02.0-ce
Storage Driver: overlay2
Backing Filesystem: extfs Supports d_type: true
Native Overlay Diff: true Logging Driver: json-file
Cgroup Driver: cgroupfs Plugins:
Volume: local Network: bridge host macvlan null overlay
Log: awslogs fluentd gcplogs gelf journald json-file logentries splunk syslog Swarm: inactive
Runtimes: runc
Default Runtime: runc Init Binary: docker-init
containerd version: 9b55aab90508bd389d7654c4baf173a981477d55
runc version: 9f9c96235cc97674e935002fc3d78361b696a69e
init version: 949e6fa
Security Options:
seccomp
Profile: default
Kernel Version: 4.9.59-v7+
Operating System: Raspbian GNU/Linux 9 (stretch)
OSType: linux
Architecture: armv7l
CPUs: 4
Total Memory: 875.8MiB
Name: ud-kube-master
ID: SIU5:XDOA:5NX2:2ZAR:BOFO:UZIL:KT6V:VF7B:HB27:5COJ:O6FO:PAGN
Docker Root Dir: /var/lib/docker
Debug Mode (client): true
Debug Mode (server): false
Registry: https://index.docker.io/v1/
Labels:
Experimental: false
Insecure Registries:
127.0.0.0/8
Live Restore Enabled: false

WARNING: No memory limit support
WARNING: No swap limit support
WARNING: No kernel memory limit support
WARNING: No oom kill disable support
WARNING: No cpu cfs quota support
WARNING: No cpu cfs period support


(Sam) #4

thanks… 1 container isn’t running…

ip addr on the host

docket inspect id for the 2 containers to get their ip addresses…


(Ezspam) #5

Thanks for your help. Here’s the output

pi@ud-kube-master:~ $ docker inspect -f ‘{{.NetworkSettings.IPAddress}}’ udblog-ghost-new
172.17.0.2


(Ezspam) #6

I have removed the other container. Right now I am only running one container. I also found that I can’t access the ghost application . When I curl I get an error
I found that am getting this error after I restarted my container
pi@ud-kube-master:~ $ curl http://localhost:3500 curl: (56) Recv failure: Connection reset by peer
pi@ud-kube-master:~ $


(Ezspam) #7

Btw…I tried to remove to troubleshoot where I was going.now after the restart I can’t access the ghost application landing page. I could access the application if I remove and run again. I get the curl error whenever I restart the container


(Sam) #8

i think the entrypoint command gets rerun on restart, so it might take some different parms,


(Ezspam) #9

Here’s the link to the docker file

The entry point is a script .not sure how to troubleshoot
ENTRYPOINT [“docker-entrypoint.sh”]


(Ezspam) #10

I managed to isolate the issue but not able to resolve it.
It works when i run either of the commands

docker exec -it curl http:localhost:3500

it also works when i use the ip of the container and port number

curl http://172.17.02:3500

But i doesn’t work when curl using localhost:3500 . I found a similar issue outlined here


(Ezspam) #11

Also, this is entry point script that’s being run

#!/bin/bash
set -e

# allow the container to be started with `--user`
if [[ "$*" == node*current/index.js* ]] && [ "$(id -u)" = '0' ]; then
	chown -R node "$GHOST_CONTENT"
	exec gosu node "$BASH_SOURCE" "$@"
fi

if [[ "$*" == node*current/index.js* ]]; then
	baseDir="$GHOST_INSTALL/content.orig"
	for src in "$baseDir"/*/ "$baseDir"/themes/*; do
		src="${src%/}"
		target="$GHOST_CONTENT/${src#$baseDir/}"
		mkdir -p "$(dirname "$target")"
		if [ ! -e "$target" ]; then
			tar -cC "$(dirname "$src")" "$(basename "$src")" | tar -xC "$(dirname "$target")"
		fi
	done

	knex-migrator-migrate --init --mgpath "$GHOST_INSTALL/current"
fi

exec "$@

(Sam) #12

but that is executing curl INSIDE the container… not on the docker host.
localhost INSIDE the container is INSIDE the container… (ie 172.17.0.2)… NOT the docker host IP address


(Ezspam) #13

Yes…thats right. Its working inside the container and not on the docker host.


(Sam) #14

but the BOUND port is on the HOST

-p 3500:80
means 3500 port on HOST will send traffic to container port 80

this is how you can have multiple instances of the identical container running on the same host…
the same container port number is mapped to a different host port for each container instance

the code in the container DOES NOT KNOW the port is mapped.


(Ezspam) #15

I get that. But I am still lost on how to resolve this. This happens only when I restart the container


(Sam) #16

try not using localhost… but the containers internal IP address… but then you would use the container applications listening port (usually 80 for web applications), not the host port number


(Sam) #17

i am not sure we are talking about the same thing…

docker run -d -name fred -p 2500:80 foo
docker run -d -name mark -p 3500:80 foo

the from the docker host, you can access the application in fred with
localhost:2500 OR hosts-ip_address:2500, OR (container_ip address:80, 172.17.0.2 usually)
you can ALSO connect to container fred from another machine on a network accessible to the docker HOST with
docker_host_ip_address:2500
but NEVER with the containers IP address…

same applies to container mary, only using host port 3500

INSIDE the container you can access the application using localhost:80, or the containers IP address:80, 172.17.0.2:80
but NOT the port number of the mapping to the host


(Ezspam) #18

hmm…if I use the container ip I wil not be able to access it from the internet. Sorry, I’m still a novice user here. I was able to access the site using the localhost:3500 when I spin up the container. It stops working only after I restart the container . During restart some parameter is changing thats creating this issue but not sure what it is. From the stackoverflow link I see a similar issue but looks like something has to be done with nodejs .


(Ezspam) #19

Sorry, it was my bad. I didn’t explain clearly.

I created a container using the following command
docker run -d -p 3500:2368 --restart unless-stopped -v /var/lib/ghost/content --name blog-ghost --volumes-from ghost-data arm32v7/ghost:latest

Once the container is up and running , I could access the container from the host as you had pointed out
docker_host_ip_address:3500

Until this step everything works fine. If I restart , then am unable to use the docker_host_ip_address:portnumber to access the blog. I am getting an error.

Here’s the log output and error

INFO [2018-02-21 11:56:59] “GET /” 200 1094ms
INFO [2018-02-21 11:59:25] “GET /” 200 313ms
INFO [2018-02-21 12:12:43] “GET /” 200 319ms
INFO [2018-02-21 12:56:19] “GET /” 200 254ms
INFO [2018-02-21 14:44:20] “GET /” 200 242ms
[2018-02-21 14:46:02] WARN Ghost has shut down
[2018-02-21 14:46:02] WARN Your blog is now offline
[2018-02-21 14:46:10] INFO Finished database migration!
[2018-02-21 14:46:21] INFO Ghost is running in production…
[2018-02-21 14:46:21] INFO Your blog is now available on http://localhost:3500/
[2018-02-21 14:46:21] INFO Ctrl+C to shut down
[2018-02-21 14:46:21] INFO Ghost boot 10.607s
INFO [2018-02-21 15:48:58] “GET /” 200 1113ms
INFO [2018-02-21 15:51:01] “GET /” 200 347ms
INFO [2018-02-21 15:52:23] “GET /” 200 286ms
INFO [2018-02-21 15:58:06] “GET /” 200 245ms
INFO [2018-02-21 17:10:41] “GET /” 200 259ms
pi@kube-master:~ $ curl http://localhost:3500
curl: (56) Recv failure: Connection reset by peer

I