Cant connect to https minio container from laravel container - laravel

I have a laravel application running which tries to upload files to a local minio server which runs on https on port 9001.
This happens on a server with a public domain name we shall call foo.bar.com.
In the host machine (outside my docker containers) if I do curl -k https://foo.bar.com:9001 or curl -k https://0.0.0.0:9001 it works, but if I try to run these commands inside my laravel container I get curl: (7) Failed to connect to 0.0.0.0 port 9001: Connection refused.
In the container I can do connect to my minio server by using the minio containers name since they are on the same network curl -k https://pan.api.minio:9001.
I wanted to use this but then running migrations in laravel fails with Error executing "PutObject" on "https://pan.api.minio:9001/pan-local/ab7d6e69-5e13-4582-8855-669dcb935591/OVVzTEZiOGhSR3J1MkVHSmlIa3VoSXNsTFdJVnNWWlNCb0U2dnlsWm13dmNGUjRvWlVIVVJRTWxqak1reVhMUm1hbmV0LTItMQ%3D%3D"; AWS HTTP error: cURL error 60: SSL: no alternative certificate subject name matches target host name 'pan.api.minio' (see https://curl.haxx.se/libcurl/c/libcurl-errors.html)
I just want to upload files to my minio server from within my laravel container, but why can't I connect to it by doing foo.bar.com:9001 like I can outside of my docker containers?

Related

AWS Lambda Connecting to Local Postgres in Docker

I'm attempting to connect to a local Postgres server running as a docker container from my Lambda function.
I'm using the sam local invoke call to do so.
For some reason, it seems that outgoing connection from SAM's docker container for the function is disabled.
I'm getting this error message:
"errorMessage": "(psycopg2.OperationalError) could not connect to server: Connection refused\n\tIs the server running on host \"localhost\" (127.0.0.1) and accepting\n\tTCP/IP connections on port 5432?\ncould not connect to server: Cannot assign requested address\n\tIs the server running on host \"localhost\" (::1) and accepting\n\tTCP/IP connections on port 5432?\n\n(Background on this error at: http://sqlalche.me/e/e3q8)",
Is there a way to enable a Lambda function call to a local docker database?
I have no issues running the connection code outside the Lambda function as standard Python code - so I'm sure my database is up, my code works, etc.
Try running the command with —docker-network TEXT per the AWS SAM CLI documentation.
I had a similar issue attempting to run sam local start-api with a local Docker Postgres database and was getting connection refused errors. I ran sam local start-api —docker-network host and it resolved the issue.
This is a good post which helped me to understand more about Docker networks.
Hope this helps you and any others looking at this.
I resolve this by replacing localhost with host.docker.internal.
For example if you use psycopg2
conn = psycopg2.connect(host="host.docker.internal",port=5432, ...)

Run laravel migration onto a remote host from a docker container

How to reliably run
php artisan migrate --env=staging
where .env.staging is setup with a remote hostname or ip in the DB_HOST field
OR
php artisan migrate --database=staging_db
where database.php has a staging_db with DB_HOST pointing to remote hostname or ip
Whenever I run it I receive this error:
[PDOException] SQLSTATE[08006] [7] could not connect to server: No
such file or directory Is the server running locally and accepting
connections on Unix domain socket
"/var/run/postgresql/.s.PGSQL.5432"?
Not sure whats causing it? most likely due to the container being on an internal network which doesnt recognize the remote hostname or IP. How do I solve this?

Why can't login to harbor server form client at plain HTTP case?

Installed harbor on a host. Using plain HTTP protocol.
The IP is 192.168.33.10.
I can login it from harbor server itself:
sudo docker login 192.168.33.10
And can access it from browser:
http://192.168.33.10
But can't login it from other client(Mac, installed docker use it). The error message is:
docker login 192.168.33.10
Username: user1
Password: (my_password)
Error response from daemon: Get https://192.168.33.10/v2/: dial tcp 192.168.33.10:443: getsockopt: connection refused
From Harbor documentation there has this notice:
https://github.com/vmware/harbor/blob/master/docs/installation_guide.md
IMPORTANT: The default installation of Harbor uses HTTP - as such, you will need to add the option --insecure-registry to your client's Docker daemon and restart the Docker service.
Both the harbor host and client host set /etc/docker/daemon.json:
{ "insecure-registries":["192.168.33.10"] }
and restarted docker. However, it not works.
If don't setup harbor under HTTPS protocol now, is there a way to access it from client correctly?
Solution
It's unnecessary to set /etc/docker/daemon.json on client. Mac has another way:
Apply and Restart

error during connect: ... http: server gave HTTP response to HTTPS client on any docker command with remote host

I'm trying to connect to remote docker host through ssh tunnel. I have forwarded the 2375 port and I'm trying to connect to it by specifying DOCKER_HOST.
$ DOCKER_API_VERSION=1.24 DOCKER_HOST=localhost:2375 docker ps
error during connect: Get https://localhost:2375/v1.24/containers/json: http: server gave HTTP response to HTTPS client
This have worked before, but I can't make it work again, because my docker client keep giving me back this error. I can't make it ignore the https/http stuff. The connection is OK, i can curl the endpoints just fine, its just that docker client is doing something and then preventing itself from connecting and I don't know how to make it ignore the https.
I have finally figured out why I was getting this error. I was positive DOCKER_TLS_VERIFY was not set, but it was. So if anyone get this error, make sure the env variable is undefined or that the value is empty.
using
$ DOCKER_API_VERSION=1.24 DOCKER_HOST=localhost:2375 DOCKER_TLS_VERIFY= docker ps
did work as expected.

How to access webserver running on localhost from a docker container on a network?

I have the following system configuration:
Docker container running on user defined network
docker-machine (with VirtualBox on OS:X forwarding port 9000 to 9000)
Local webserver running on http://localhost:9000
I do not know how to make a basic http request against this webserver, from within my docker container.
To test this I am using:
docker exec testcontainer curl --data "foobaz=foo" http://{hostname}:9000/
where I have tried, for hostnames:
'localhost'
'127.0.0.1'
'192.168.99.100' (docker-machine IP)
Each time I receive errors or timeouts. When I run the curl command locally (not in docker and on my host OS:X machine) I am able to successfully post the http request.
I cannot disconnect the docker container from my user-defined network. I also cannot add my webserver to that network, as it is not running in a container. Also, I know it is trivial to connect the other way (curl to a webserver running in a docker container) but this is not my use case.
How can I successfully route that http request from the docker container which is part of a user defined network to my localhost webserver?
You can do this with the actual IP address of your local computer.
So for example, if your en0 IP is 10.100.20.32 on your host OS, you can run:
docker exec testcontainer curl --data "foobaz=foo" http://10.100.20.32:9000/
which will successfully allow you to make the http requests.
Note that if you are doing this from a container on the host docker network, this is trivial, as you can directly access localhost or 0.0.0.0 without having to use the actual machine IP.
You might want to check what the IP address of the container is - you can find this out by running docker inspect.
However, if you want to access the server process running in your container using the docker machine IP, then you should "expose" port 9000 that your contained app is listening on (using Dockerfile) - in this way, you will still need to figure out which port the 9000 container port is mapped to (this shows when you list your containers via $ docker ps. You can also specify port binding option in command line when starting your container like this: $ docker run -p 9000:9000 <your-container>.

Resources