So, as an utter novice, I’m attempting to Dockerize a Java webserver application, and I’ve gotten stuck on what must be something completely stupid. But even searching the forum archives, the only posts I’ve found that have symptoms similar to mine… have zero answers.
What I need to accomplish is to have this small Java webserver respond to HTTP queries from the host (and, later, from external systems networked to the host). The reason for the ProxyPass in my dockerfile (below) is that, in the final production installation, the host will be running multiple Docker containers that will be available over the LAN by http://HostIP:HostPort/ApplicationName/. My container has to slot into a pre-built server alongside many others, so I have no option to change the overall structure to make this easier – I have to play the cards I’ve been dealt. This seems like it should be an entirely straightforward process, but I’m obviously missing something basic somewhere.
I started with a Java application that functions perfectly inside of STS/Eclipse’s test&debug environment. I exported it as a .WAR file, then built it as a Docker image using the following dockerfile:
RUN apt-get update && apt-get install -y
&& touch /etc/apache2/mods-enabled/reverse.conf
&& echo “ProxyPass /firstapp/ ajp://localhost:8009/firstapp/” >> /etc/apache2/mods-enabled/reverse.conf
&& a2enmod proxy proxy_ajp proxy_http
&& service apache2 restart
COPY ./supervisord/supervisord.conf /etc/supervisor/conf.d/
COPY ./war /usr/local/tomcat/webapps/
And this supervisord.conf:
command=/bin/bash -c “source /etc/apache2/envvars && exec /usr/sbin/apache2 -D FOREGROUND”
The build yielded no error messages. Neither does the run, which I’ve performed under multiple -p combinations (more on that below).
I can’t yet find a way to see any of my Java app’s SLF4J logging output (that’s a different problem), but opening a Bash shell inside the container lets me see that ports 80, 8080, 8009, and 8005 are all listening (8080, and maybe 80, are the ones I should get responses from). A ‘ps’ shows me Apache, Tomcat, and Java all running. A curl localhost:8080/firstapp/ returns the web page I expect to see from my Java app. So I can confidently say that everything inside the container is working as expected.
However… on my Windows 7 host, netstat and nmap show none of http ports open, and attempting to point a browser to localhost gives me nothing but “refused connection.”
Now, I’ve tried using docker run -p with 80:80, 8888:80, 8080:8080, 80:8080, 8080:80 (plus more random combinations than I care to admit). For each combination, I try the host-side browser to localhost:port/firstapp/, but always get “connection refused.” I also try netstat and an nmap scan, and never see the host-side port open, regardless of what port number I’ve tried to use.
My full docker run syntax, for one particular port pair:
$ docker run -d -p 888:8080 --name firstapp firstapp:0.0.1
I’ve also tried using the container’s IP address (as shown by docker inspect), with the various port combinations, but that also fails the same as using localhost.
Regardless of my -p option, I never seem to get any port fowarding between the host and container. So my questions are:
- What am I doing wrong?
- With -p, should I see the Host port open and listening when I use netstat or nmap on the host? Or am I misunderstanding how this works?
- Should I be using the expose option in, instead? For what I’m doing, it doesn’t seem necessary, from what I’ve read of the Docker docs – the container already has ports 80 and 8080 open and listening, so exposing them would be redundant, wouldn’t it?