Docker Community Forums

Share and learn in the Docker community.

Locahost only bind


(Adithep) #1

Expected behavior

samba

Actual behavior

Error response from daemon: driver failed programming external connectivity on endpoint samba (43a4e1ec467d6f584d5799e7ed3b333bd2bcabc17f0086ec0851024b018620bc): Error starting userland proxy: Bind for 0.0.0.0:445: unexpected error Unix.Unix_error(Unix.EACCES, “bind”, “”)
Error: failed to start containers: samba

Information

With the new docker for windows version(beta 20 build 5779), it binds to localhost only, but I dont think that is a good idea for windows because certain ports are blocked for example 445

Steps to reproduce the behavior

  1. docker run -it -p 139:139 -p 445:445 -d dperson/samba

(Nickdoikov) #2

i have no such errors with native win containers and docker .
In fact there is no way to select ip for port proxying in win docker.

$docker -H MY_SERVER_IP:2375 run -l proxied=true -d -p 139:80 -p 445:443 helloworld

$docker -H MY_SERVER_IP:2375 ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
cfc7263a3d65 helloworld “powershell” Less than a second ago Up 34 seconds 0.0.0.0:139->80/tcp, 0.0.0.0:445->443/tcp pensive_northcutt

docker -H MY_SERVER_IP:2375 info
Containers: 4
Images: 5
Server Version: 1.12.0-dev
Storage Driver: Windows filter storage driver
Windows:
Logging Driver: json-file
Kernel Version: 10.0 14300 (14300.1010.amd64fre.rs1_release_svc.160415-2143)
Operating System: Windows Server 2016 Datacenter Technical Preview 5
CPUs: 1


(Wiziah) #3

I was experiencing the same problem with docker-compose file. I am running 1.12-RC4-Beta20(Build 5579). I ran the same command @adithep to see if the same error would occur. I got the same result.

ERROR: for web driver failed programming external connectivity on endpoint dockercon16_web_1 (421b40b6788b70e2811c434086309bfbec33645e12200381d410585c989801fe): Error starting userland proxy: Bind for 0.0.0.0:80: unexpected error Unix.Unix_error(Unix.EACCES, “bind”, “”)


(Adithep) #4

Are you testing with beta 20?


(Gavin Jones) #5

Same issue, simpler case. Localhost bind used to be an experimental feature in Beta 18, now it’s default and looks like it can’t be turned off in the UI. This should be an optional feature, at least able to be disabled in UI. It’s absolutely not useful for me, I run multiple things on the local box and on docker VM that will clash. Alternatively, you could set this localhost binding/proxying up on a separate docker network somehow, and not make it default.

Expected behavior

With a port bound on the local machine, docker containers should still be able to run and bind to the DockerNAT network (10.0.75.2). They can bind to localhost on the VM, but shouldn’t bind to localhost on the “host” by default.

Actual behavior

`docker run -d -p 80:80 --name test-nginx nginx

docker: Error response from daemon: driver failed programming external connectivity on endpoint test-nginx (bb9932036017e6240fb29e6fb41362816850edc54d33c5eb6ea073632a8a245d): Error starting userland proxy: Bind for 0.0.0.0:80: unexpected error Unix.Unix_error(Unix.EACCES, “bind”, “”).
`

Information

Running Docker for Windows beta 20 build 5779.
Windows 10 Pro 1511

This version defaults to localhost binding. Same command was without issue on older beta 18.

Steps to reproduce the behavior

docker run -d -p 80:80 --name test-nginx nginx


(Willcode4food) #6

I am getting this error as well trying to run a container with nginx binding to localhost


(Michael Friis) #7

If you’re getting this error, it means that another process on your system is already using the host port that you’re trying to bind the container to. Either terminate that process or bind to a different port, eg. docker run -d -p 81:80 --name test-nginx nginx


(Afischer211) #8

Hello, I get sometimes errors on starting containers about already bounded ports. For me the running windows-service iphlpsvc was the reason (this is a standard windows-service for tunneling ip6 to ip4). Stopping this service releases the ports and docker starts the containers successfully.


(Keisei77) #9

Thanks for sharing this solution.


(Gavin Jones) #10

My problem here is that I don’t want to run it on a different port, I was happy with it running on same port bound to a different IP like it used to. This keeps things in line with how docker runs on a VM or baremetal machine. I can’t say I really see any advantage to binding the ports onto localhost, at all. What’s the reasoning behind adding this feature - which is quite different to the way it used to work, then making it default with no way of turning it off? In the meantime, I’ve gone back to using docker toolbox as the beta doesn’t work for me if I can’t turn off this localhost binding feature.


(Michael Friis) #11

Hi Gavin, sorry this is not working out for you.

One of the reasons for adopting the localhost approach is that Docker will work the same on all systems, Docker for Mac, Windows or running on Linux.

Michael


(Gavin Jones) #12

Hey, just wanted to chime in on this again and mention it’s still a problem for me, and hurts adoption of DfW as a dev tool internally as we run IIS and other on-host services for testing locally.
One alternative workaround would be e.g.:

docker run -d -p 10.0.75.1:80:80 --name test-nginx nginx

To bind to a specific IP address, where 10.0.75.1 is the (Windows) host IP address on the DockerNAT Hyper-V Network. This works fine with a comparable setup on Linux. However running this using DfW in Linux mode I get:

docker: Error response from daemon: driver failed programming external connectivity on endpoint test-nginx (f26f5413cb06e718e8c58236dff607fc72cafb5239dc3c5d1828107315eb8333): Error starting userland proxy: Bind for 10.0.75.1:80: unexpected error Permission denied

All I want to be able to do is bind an ingress container in DfW to a specific IP.
Will doing this ever be possible using DfW? It seems like something people would want for a dev setup.


(Gavin Jones) #13

@friism Ok, I’m now flabbergasted as I’ve finally managed to get this running. Typical that I spent hours before I wrote the previous post, then 30mins later I find a solution…

docker run -d -p 10.0.75.1:80:80 --name test-nginx nginx

Does seem to work, however was giving “Permission Denied” due to the port and IP being in use - I was sure it wasn’t but double checking showed it was, cleared this out and all was good. This was previously giving a different error, so threw me off.

For host dev, I’ve installed a loopback adapter (Microsoft KM-TEST Loopback Adapter) in Windows and I bind IIS and any other host stuff to that by default.


(Turbogus) #14

Fixed the issue for me. Thanks.


(Brunolm) #15

I’m having this permission denied error. However I don’t know what is using the IP. I removed all containers with

docker rm -f $(docker ps -aq)

What could I try to do?


(Brunolm) #16

Well, I closed Skype and also ran net stop http

I could start it now


(Simpleinseattle) #17

This helped. It turns out that there is a ‘World Wide Web Publishing Service’ or ‘Print Spooler’ that was running on port 80 in Windows 10 by default. I did the net stop http and I was able to bind nginx to port 80.


(John K) #18

+1 Thanks @powareverb - Same issue here: the IP and port was already in use on my machine. In my case I changed the port number.


(Qamerali123) #19

I was having same issue with docker container run --publish 80:80 --detach nginx
Changing port binding worked… thanks