Unable to access SQS service from docker container

vipul1231 · February 6, 2019, 9:41am

I have a java application deployed on docker container. My service access aws sqs as a requirement but while running service on container I am getting below exception:

nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name ‘queueProcessor’: Invocation of init method failed; nested exception is com.amazonaws.SdkClientException: Unable to execute HTTP request: sqs.ap-south-1.amazonaws.com

Looks like some firewall or iptables configuration is needed inside container in order to access outside resource. Please help

gforghetti · February 6, 2019, 1:49pm

There should be more information in the exception which details the problem such as timeout or some other error. Take a look and post the entire exception here.

vipul1231 · February 6, 2019, 1:54pm

Starting service…

. ____ _ __ _ _
/\ / ’ __ _ () __ __ _ \ \ \
( ( )__ | '_ | '| | ’ / ` | \ \ \
\/ )| |)| | | | | || (| | ) ) ) )
’ || .__|| ||| |_, | / / / /
=========||==============|/=////
:: Spring Boot :: (v1.3.1.RELEASE)

org.springframework.beans.factory.BeanCreationException: Error creating bean with name ‘’: Injection of autowired dependencies failed; nested exception is org.springframework.beans.factory.BeanCreationException: Could not autowire field: private com…queue.QueueProcessor com.queueProcessor; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name ‘queueProcessor’: Invocation of init method failed; nested exception is com.amazonaws.SdkClientException: Unable to execute HTTP request: sqs.ap-south-1.amazonaws.com

Above is complete stack trace. I am not able to do even CURL to external hosted service. ex. curl http://127.0.0.1:8084/health from container.

gforghetti · February 6, 2019, 1:59pm

Are you issuing this command from inside your container?
http://127.0.0.1:8084/health

vipul1231 · February 6, 2019, 2:03pm

Yes. I am firing this command from inside container to check connectivity.

gforghetti · February 6, 2019, 2:09pm

Ah, okay.

Bring up a linux command prompt inside your container and see if port 8084 is open and listening using netstat.

netstat -an | grep :8084

vipul1231 · February 6, 2019, 2:16pm

output of above command:

root@c87dd70e851b:/usr/dockerservice# netstat -an | grep :8084
bash: netstat: command not found

when i try to install basic command (vi, netstat, lsof etc) it’s not updating anything from outside. Seems like container not able connect anything from external world.

root@c87dd70e851b:/usr/dockerservice# apt-get update
Err http://security.debian.org jessie/updates InRelease

Err http://deb.debian.org jessie InRelease

gforghetti · February 6, 2019, 2:22pm

Yes, I’m not sure if it’s a firewall issue though.
Can you ping google.com? If not I’m thinking it’s a dns issue in the container or docker.

vipul1231 · February 6, 2019, 2:28pm

You are absolutely correct. No response from ping google.com

root@c87dd70e851b:/usr/dockerservice# ping google.com
ping: unknown host
root@c87dd70e851b:/usr/dockerservice#

gforghetti · February 6, 2019, 2:33pm

Okay, try this to see if the problem is just with your container, or all containers.

$ docker container run -it --rm alpine:latest ping www.google.com -c 5
PING www.google.com (74.125.196.99): 56 data bytes
64 bytes from 74.125.196.99: seq=0 ttl=37 time=12.198 ms
64 bytes from 74.125.196.99: seq=1 ttl=37 time=12.213 ms
64 bytes from 74.125.196.99: seq=2 ttl=37 time=12.127 ms
64 bytes from 74.125.196.99: seq=3 ttl=37 time=12.082 ms
64 bytes from 74.125.196.99: seq=4 ttl=37 time=12.024 ms

--- www.google.com ping statistics ---
5 packets transmitted, 5 packets received, 0% packet loss
round-trip min/avg/max = 12.024/12.128/12.213 ms

vipul1231 · February 6, 2019, 2:58pm

docker container run -it --rm alpine:latest ping www.google.com -c 5
ping: bad address ‘www.google.com’

gforghetti · February 6, 2019, 3:01pm

What platform did you install Docker on? (Docker for Linux, Docker for MacOS, Docker for Windows)?

vipul1231 · February 6, 2019, 3:07pm

Installed docker on Ubuntu 18.04.1 LTS

gforghetti · February 6, 2019, 3:20pm

What version of Docker? Run docker version and paste the output here.

vipul1231 · February 6, 2019, 3:47pm

fcvt18807@FCGRN-L0101:~/Postman$ docker version
Client:
Version: 18.09.1
API version: 1.39
Go version: go1.10.6
Git commit: 4c52b90
Built: Wed Jan 9 19:35:31 2019
OS/Arch: linux/amd64
Experimental: false

Server: Docker Engine - Community
Engine:
Version: 18.09.1
API version: 1.39 (minimum version 1.12)
Go version: go1.10.6
Git commit: 4c52b90
Built: Wed Jan 9 19:02:44 2019
OS/Arch: linux/amd64
Experimental: false

gforghetti · February 6, 2019, 3:52pm

Try running a docker container and specifying a dns server and see if this works.

docker container run -it --rm --dns=8.8.8.8 alpine:latest ping www.google.com -c 5

vipul1231 · February 6, 2019, 3:55pm

Same bad address

fcvt18807@FCGRN-L0101:~/Postman$ docker container run -it --rm --dns=59.144.144.100 alpine:latest ping www.google.com -c 5
ping: bad address ‘www.google.com’

gforghetti · February 6, 2019, 4:01pm

It appears that you have some sort of “network” issue, proxy issue, etc
I’m at a loss for what else could be wrong.

My setup, I too have Ubuntu 18.04.1 LTS and Docker CE 18.09.1

root@manager:~# awk 'match($1,/PRETTY_NAME/){split($0,n,"\"");print n[2]}' /etc/os-release
Ubuntu 18.04.1 LTS

root@manager:~# uname -a
Linux manager 4.15.0-29-generic #31-Ubuntu SMP Tue Jul 17 15:39:52 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux

root@manager:~# docker version
Client:
 Version:           18.09.1
 API version:       1.39
 Go version:        go1.10.6
 Git commit:        4c52b90
 Built:             Wed Jan  9 19:35:31 2019
 OS/Arch:           linux/amd64
 Experimental:      false

Server: Docker Engine - Community
 Engine:
  Version:          18.09.1
  API version:      1.39 (minimum version 1.12)
  Go version:       go1.10.6
  Git commit:       4c52b90
  Built:            Wed Jan  9 19:02:44 2019
  OS/Arch:          linux/amd64
  Experimental:     false

root@manager:~# dig www.google.com

; <<>> DiG 9.11.3-1ubuntu1.3-Ubuntu <<>> www.google.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 29764
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 65494
;; QUESTION SECTION:
;www.google.com.			IN	A

;; ANSWER SECTION:
www.google.com.		274	IN	A	172.217.0.132

;; Query time: 13 msec
;; SERVER: 127.0.0.53#53(127.0.0.53)
;; WHEN: Wed Feb 06 15:59:54 UTC 2019
;; MSG SIZE  rcvd: 59

vipul1231 · February 7, 2019, 1:23pm

Thanks Gary. I’ll do some more debugging around this issue. Will post the solution, if it works

vipul1231 · February 8, 2019, 8:22am

It started working using below command.

docker run --net=host -p 8083:8083 javatechy/dockboot
WARNING: Published ports are discarded when using host network mode

root@FCGRN-L0101:/usr/dockerservice# ping google.com
PING google.com (216.58.221.46): 56 data bytes
64 bytes from 216.58.221.46: icmp_seq=0 ttl=55 time=3.871 ms