I am running a docker container of python server in my computer (MacOS Catalina, the container can connect MySQL and Redis from host computer, the server is running normally, but I can't visit server on host computer), in Linux environment, we need to disable the selinux, firewall and iptables, for example, edit /etc/selinux/config
and type as below
SELINUX=disabled
SELINUXTYPE=targeted
How to disable selinux/iptables in MacOS or how to visit docker server from the Host computer, I already tried to use host.docker.internal instead of 127.0.0.1, but it doesn't work, if I use host.docker.internal in MySQL or Redis config, also failed, I only can use the really IP such as 192.168.1.45 instead of host.docker.internal or 127.0.0.1
I installed the Jenkins through brew install jenkins-lts in macOS.
The macOS is running as VirtualBox VM instance on Windows Host.
On VirtualBox host Windows, I cannot access Jenkins through http://localhost:8080 or http://10.0.2.15:8080 from browser. (10.0.2.15 is my guest VM macOS's IP address)
What I've setup
Jenkins-lts service is started. macOS safari can access through http://localhost:8080
VirtualBox port forwarding is set, TCP/HOST: 0.0.0.0:8080 /GUEST: 10.0.2.15:8080
By the same port forwarding setup for SSH HOST: 0.0.0.0:22 /GUEST: 10.0.2.15:22, I can successfully connect to SSH.
By the default config file /usr/local/Cellar/jenkins-lts/2.x.x/homebrew.mxcl.jenkins-lts.plist. brew-installed Jenkins's default listening address is 127.0.0.1 instead of 0.0.0.0. This causes Jenkins's web server only listen request from localhost instead of any network adapter.
Steps
Edit config file, vi /usr/local/Cellar/jenkins-lts/2.x.x/homebrew.mxcl.jenkins-lts.plist
Find the row <string>--httpListenAddress=127.0.0.1</string> and change to <string>--httpListenAddress=0.0.0.0</string>
Restart Jenkins, brew services restart jenkins-lts
References
https://www.jenkins.io/doc/book/installing/, denoted httpListenAddress
https://medium.com/#vishnuteja/install-jenkins-as-a-service-on-macos-and-change-port-number-9aa097e5cfbf, denoted where brew-install Jenkins's config file.
I am running IBM Cloud Private using 5 VMs on my laptop. My home network subnet is 192.168.100 whereas the subnet used by all 5 VMs is 192.168.142. I am port forwarding 8443 from the VMware Workstation from host to the master node which is 192.168.142.103. My laptop IP is 192.168.100.201.
I was hoping that I should be able to access this Web UI from any other machine in my home network and I tried this URL from other machine:
https://192.168.100.201:8443
And, it directs properly to the guest VM as I see the url changes to :
https://192.168.100.201:8443/console/
But, after few seconds, I get the message that the site cannot be reached. I noticed that the url has changed from original host laptop address of 192.168.100.201 address to the Guest VM address 192.168.142.103 as shown:
https://192.168.142.103:8443/idauth/oidc/endpoint/OP/authorize?client_id=617a0480d5e506a5e797f852bea1df38&response_type=code&scope=openid%20email%20profile&redirect_uri=https://192.168.100.201:8443/auth/liberty/callback
This seems like that the redirection in the Web UI is not handled properly.
However, I installed kubectl for Windows on another machine and I did the port 8001 forward from 192.168.100.201 to the VM's master Guest 192.168.142.103 and added kubectl set config commands (from web UI Client Configure option) on my other laptop (192.168.100.202).
kubectl config set-cluster pot_icp_cluster.icp --server=https://192.168.100.201:8001 --insecure-skip-tls-verify=true
kubectl config set-context pot_icp_cluster.icp-context --cluster=pot_icp_cluster.icp
kubectl config set-credentials admin --token=<token>
kubectl config set-context pot_icp_cluster.icp-context --user=admin --namespace=default
kubectl config use-context pot_icp_cluster.icp-context
And, this works perfect as I am able to run kubectl commands from the other laptop (192.168.100.202) to the VMs running on another laptop (192.168.100.201) using port forwarding same way I did for the Web UI.
My question is: Is there something that I can do to get this redirection problem fixed in the Web UI?
I received a reply from an expert that liberty server that authenticates and verifies a login has only the master node's IP address registered with it as a callback URL during the installation. In the version of IBM Cloud Private 2.1.0.1, there is no direct way to register the new clients. However, this limitation is being fixed and starting next upgrade, we should be able to register new clients dynamically post install also.
So I'm using Docker Toolbox because I don't have Hyper-V on my machine since it's not Windows 10 pro. Everything seems to work fine, but when I try to go on my browser 0.0.0.0:80 it always returns me: This site can’t be reached
But when I run the command: docker container ps I get the following: 0.0.0.0:80->80/tcp meaning that this address should work. I searched across stackoverflow and github issues. Now I'm stuck.
Am I missing something?
Thanks,
Mark
EDIT:
Using docker-machine ip default returns me 192.168.99.100. I run that on port 80. I still get the same result except that the address becomes the container id: https://fd677edg12
I run that command on cmd to find my ipv4: cmd /k ipconfig /all. Put the result with the port and it returns the same thing: https://fd677edg12
Docker Toolbox doesn't get as many conveniences as Docker for Windows, but you're correct in using it since you're on Home edition.
In Toolbox, nothing will be localhost, and will be 192.168.99.100 by default, since it's running a Linux VM in VirtualBox.
So if you run docker run -p 80:80 nginx
(notice I had to publish a port for 192.168.99.100 to listen on that port)
Then going to http://192.168.99.100 should work.
I initially had a few issues with accessing my Applications at localhost:8080 while using DockerToolBox and OracleVM VirtualBox.
In VirtualBox:
Click the appropriate machine (probably the one labeled "default")
Settings
Network > Adapter 1 > Advanced > Port Forwarding
Click "+" to add a new Rule
Set Host Port 8080 & Guest Port 8080; be sure to leave Host IP and Guest IP empty
Run the command:
docker run -p 8080:8080 ${image_id}
I was following docker for windows tutorial in https://docs.docker.com/docker-for-windows/#set-up-tab-completion-in-powershell and got stuck in step #6 when test nginx in the web browser. Seems I faced a similar problem since I also use Windows Home and don't have Hyper-V. My workaround is quite simple:
check your docker IP default
$ docker-machine ip default
192.168.99.100
Go to Oracle Virtual Machine to set for port forwarding. Make sure the network setting is NAT, and add port forwarding.
Host IP: 127.0.0.1, Guest IP: 192.168.99.100, port all set to 80
like this
Try again to your browser and run http://localhost or http://127.0.0.1 (can add the port 80 also). It should run.
The thing is that the nginx IP is meant to be accessible within the docker Virtual Machine, so that we need that port forwading setting in order to access it directly in the host machine's browser
You can use localhost instead of '192.168.99.100' by following the instructions:
Step #01:
docker-machine ip default
You will see the default IP
Step #02:
docker-machine stop default
Step #03:
Open VirtualBox Manager (from the start programs in windows search for VirtualBox Manager)
Select your Docker Machine VirtualBox image (e.g.: default)
Open Settings -> Network -> Advanced -> Port Forwarding
Add your app name, the desired host port and your guest port
i.e, app name : nginx, host: 127.0.0.1, host port: 80, guest port: 80
Step #04:
Now you’re ready to start your Docker Machine by executing the following:
docker-machine start default
Then just start your Docker container and you will be able to access it via localhost.
Have a look here for details.
To map the ports expected to localhost instead of hitting the docker-machine IP directly, you can use the VirtualBox CLI.
If the docker-machine VM (here called default) is running, add and delete rules like this:
> VBoxManage.exe controlvm "default" natpf1 "nginx,tcp,,8888,,8888"
> VBoxManage.exe controlvm "default" natpf1 delete nginx
If the VM is not running, or you want to stop before altering it:
> docker-machine stop
> VBoxManage.exe modifyvm "default" --natpf1 "nginx,tcp,,8888,,8888"
> VBoxManage.exe modifyvm "default" --natpf1 delete "nginx"
> docker-machine start
Where the format of the port forwarding rule is [<name>],tcp|udp,[<hostip>],<hostport>,[<guestip>], <guestport>.
Note that in VirtualBox, you want to map to the host port of Docker map, not the internal container port. You're mapping host -> VM, then Docker maps VM -> container.
See the VirtualBox docs.
This is another easy way to avoid typing the ip 192.168.99.100.
Go to C:\Windows\System32\drivers\etc\hosts and add at the end of the file:
192.168.99.100 docker.awesome or any name of your liking.
Save the file (You need to have admin rights so make sure you right click on the file and run as administrator to be able to save it when you edit it).
Go to your chosen domain name, docker.awesome:8080 in this case and there you have it.
After lot of trials, I was able to get this bulletin board.
The docker run command I used - docker run -p 4680:8080 --name bb bulletinboard:1.0
Here, 4680 is localhost port number.
8080 is container port number, the port at which the container will be listening. This port number is mentioned in the EXPOSE command in the Dockerfile.
Then, go to web-browser and type 192.168.99.100:4680
Here, 192.168.99.100 is the docker machine IP address (use command -> docker-machine ip)
After this, your browser page should open to -
Hope this helps you all!!
I have Kubernetes running on a VM on my dev box. I want to view the Kubernetes dashboard from the VM host. When I run the following command:
kubectl proxy --address 0.0.0.0 --accept-hosts ^/.*
When I try to access the dashboard I get an unauthorized error.
What am I missing?
The --accept-hosts access control is for checking of the hostname, so it won't start with a / (slash). You need to do:
kubectl proxy --address 0.0.0.0 --accept-hosts '.*'
(Make sure you shell escape the .* as it may match files in the current directory!)
More information at: https://kubernetes.io/docs/user-guide/kubectl/kubectl_proxy/
In case someone stumbles upon this question and wants to restrict the access to the Host of the Guest VM.
I'm using VirtualBox, and I was able to allow access only from the Host machine by using localhost and using SSH tunnel to the Guest VM
In Guest VM
$ kubectl proxy --address='0.0.0.0' --port=8002 --accept-hosts='localhost'
In Host machine I've added a hostname reference to static IP of the master plane kubemaster
$ echo "192.168.224.23 kubemaster" >> /etc/hosts
$ ssh -N -L 8001:localhost:8002 kube#kubemaster
In Host, open your browser and navigate tohttp://localhost:8001/api/v1/namespaces/kubernetes-dashboard/services/https:kubernetes-dashboard:/proxy/#/namespace?namespace=default