I want to have a container that can access and run kubectl command on my host machine. Here is what I have:
I have installed Kubernetes and Minikube on my host machine.
I used this docker container: helm-kubectl link
This is the command I run my docker:
docker run -it -v ~/.kube:/root/.kube -v ~/.minikube:/Users/xxxx/.minikube dtzar/helm-kubectl
Inside the container, when I checked the cluster, I can see the context has loaded my minikube, However, I can't run another kubectl command due to the reason "The connection to the server 127.0.0.1:32768 was refused - did you specify the right host or port?".
bash-5.0# kubectl config get-contexts
CURRENT NAME CLUSTER AUTHINFO NAMESPACE
docker-desktop docker-desktop docker-desktop
docker-for-desktop docker-desktop docker-desktop
* minikube minikube minikube
bash-5.0# kubectl get all
The connection to the server 127.0.0.1:32768 was refused - did you specify the right host or port?
I have checked my Kubenetes config at ~/.kube and the port is 32768.
- cluster:
certificate-authority: /Users/xxx/.minikube/ca.crt
server: https://127.0.0.1:32768
name: minikube
I have tried port -p 32768 or --expose 32768 but no luck. So anyone can help this?
Thanks zerkms! It works with --network host
Related
I'm trying to use ClickHouse with docker on Mac OS. I use next command:
docker run -d -p 8123:8123 --rm --name some-clickhouse-server -v /my/config/path/config.xml:/etc/clickhouse-server/config.xml --ulimit nofile=262144:262144 yandex/clickhouse-server:latest
Container successfully started, but when I try to connect to it by http curl 'http://localhost:8123' I have an error:
Failed to connect to localhost port 8123: Connection refused
When I connect to Clickhouse from Clickhouse-client (also using docker image) everything is OK
I ran Clickhouse-server image in -it mode, installed curl, started server and tried to connect clickhouse-server from inside of container, it's OK too
Also I tried to modify config.xml (which was copied from docker image) settings for listen_host (::, 0.0.0.0, ::1, 127.0.0.1)
and for every setting I tried to connect by curl for localhost, 127.0.0.1, 0.0.0.0 - nothing of this solved my problem
Normally, docker desktop write these details of host and container to /etc/hosts, after adding the clickhouse-service as follows has resolved this issue.
127.0.0.1 localhost clickhouse-service
I used Docker Toolbox on Mac OS (in conjunction with VirtualBox). So, I've migrated to Docker Desktop and this has solved my problem
Mac running Docker Version 17.12.0-ce-mac55 (23011) here.
I have a very bizarre situation with Docker that I absolutely cannot explain!
I have a Dockerized web service that runs perfectly fine outside of Docker, running off of port 9200 (so: http://localhost:9200)
I can also run several other images locally (nginx, Oracle DB) and I can access them via localhost:80 and localhost:1521 respectively
When I run the container for my Dockerized service, I see (via docker logs <containerId>) the service startup without any errors whatsoever
Despite the fact that the container is running without any errors, I absolutely cannot connect to it from my Mac host via localhost:9200
The exact steps to reproduce are:
Clone this repo
Build the image via ./gradlew clean build && docker build -t locationservice .
Run the container via docker run -it -p 9200:9200 -d --net="host" --name locationservice locationservice
If you use docker ps to obtain the <containerId>, then you can keep hitting docker logs <containerId> until you see it has started up without errors
On my machine, when I try to curl against localhost:9200, I get "connection refused" errors (see below)
curl error is:
curl -X GET http://localhost:9200/bupo
curl: (7) Failed to connect to localhost port 9200: Connection refused
Some things I have ruled out:
localhost is absolutely resolveable from the host because we're running in host network mode and I have no problem connecting to nginx (port 80) and Oracle (port 1521) containers
The app is starting up and if you look at the logs you'll see it is starting up listening on 9200
Any ideas what the problem could be?!
Docker for Mac runs in a VM. --net=host refers to the Linux VM hosts network stack not OSX. There is no direct network path from OSX to the Docker VM other than mapped ports.
Mapped ports (docker run -p Y:N) in Docker for Mac are a little special, in addition to the user space proxy that runs on the Docker host normally, Docker for Mac also launches a user space proxy on OSX to listen on the same port and forward connections into the VM. The OSX process isn't started when using --net=host (and the Linux one isn't either of course).
→ docker run --name nc --rm --net=host -dp 9200:9200 busybox nc -lk -p 9201 -e echo hey
→ docker inspect nc --format '{{ json .NetworkSettings.Ports }}'
{}
→ sudo lsof -Pni | grep 9200
→
Then without --net=host
→ docker run --name nc --rm -dp 9200:9200 busybox nc -lk -p 9201 -e echo hey
→ docker inspect nc --format '{{ json .NetworkSettings.Ports }}'
{"9200/tcp":[{"HostIp":"0.0.0.0","HostPort":"9200"}]}
→ sudo lsof -Pni | grep 9200
vpnkit 42658 matt 28u IPv4 0x57f79853269b81bf 0t0 TCP *:9200 (LISTEN)
vpnkit 42658 matt 29u IPv6 0x57f798532765ca9f 0t0 TCP [::1]:9200 (LISTEN)
If your app requires --net=host then I would use Vagrant/Virtualbox to spin up a VM with a "Host Only" adapter. This means there is a direct network path that you can access from OSX on the VM. Here's the Vagrantfile I use.
Docker for Mac does not support host network mode very well: https://github.com/docker/for-mac/issues/1031
So at this moment the solution is to use default bridge mode.
I installed minikube as instructed here https://github.com/kubernetes/minikube/releases
and started with with a simple minikube start command.
But the next step, which is as simple as kubectl get pods --all-namespaces fails with
Unable to connect to the server: dial tcp 192.168.99.100:8443: i/o timeout
What did I miss?
I ran into the same issue using my Mac and basically I uninstalled both minikube and Kubectl and installed it as follows:
Installed Minikube.
curl -Lo minikube https://storage.googleapis.com/minikube/releases/v0.8.0/minikube-darwin-amd64 && chmod +x minikube && sudo mv minikube /usr/local/bin/
Installed Kubectl.
curl -Lo kubectl http://storage.googleapis.com/kubernetes-release/release/v1.3.0/bin/darwin/amd64/kubectl && chmod +x kubectl && sudo mv kubectl /usr/local/bin/
Start a cluster, run the command:
minikube start
Minikube will also create a “minikube” context, and set it to default in kubectl. To switch back to this context later, run this command:
kubectl config use-context minikube
Now to get the list of all pods run the command:
kubectl get pods --all-namespaces
Now you should be able to get the list of pods. Also make sure that you don't have a firewall within your network that blocks the connections.
I faced a similar issue on win7 when changed work environment, as you said it is working fine at home but not working at office, high chance it caused by firewall policy, cannot pass TLS verification.
Instead of waste time on troubleshoot(sometimes nothing to do if you cannot turn off firewall), if you just want to test local minikube cluster, would suggest to disable TLS verification.
This is what I have done:
# How to disable minikube TLS verification
## disable TLS verification
$ VBoxManage controlvm minikube natpf1 k8s-apiserver,tcp,127.0.0.1,8443,,8443
$ VBoxManage controlvm minikube natpf1 k8s-dashboard,tcp,127.0.0.1,30000,,30000
$ kubectl config set-cluster minikube-vpn --server=https://127.0.0.1:8443 --insecure-skip-tls-verify
$ kubectl config set-context minikube-vpn --cluster=minikube-vpn --user=minikube
$ kubectl config use-context minikube-vpn
## test kubectl
$ kubectl get pods
## enable local docker client
$ VBoxManage controlvm minikube natpf1 k8s-docker,tcp,127.0.0.1,2374,,2376
$ eval $(minikube docker-env)
$ unset DOCKER_TLS_VERIFY
$ export DOCKER_HOST="tcp://127.0.0.1:2374"
$ alias docker='docker --tls'
## test local docker client
$ docker ps
## test minikube dashboard
curl http://127.0.0.1:30000
Also I make a small script for this for your reference.
Hope it is helpful for you.
You need to just restart minikube. Sometimes I have this problem when my computer has been off for a while. I don't think you need to reinstall anything.
First verify you are in the correct context
$ kubectl config current-context
minikube
Check Minikube status (status should show "Running", mine below showed "Saved")
$ minikube status
minikube: Saved
cluster:
kubectl:
Restart minikube
$ minikube start
Starting local Kubernetes v1.8.0 cluster...
Starting VM...
Getting VM IP address...
Moving files into cluster...
Setting up certs...
Connecting to cluster...
Setting up kubeconfig...
Starting cluster components...
Kubectl is now configured to use the cluster.
Verify it is running (This is what you should see)
$ minikube status
minikube: Running
cluster: Running
kubectl: Correctly Configured: pointing to minikube-vm at 192.168.99.100
I had this issue when connected to Cisco AnyConnect VPN. Once I disconnected, minikube ran fine. Discussion on github here: https://github.com/kubernetes/minikube/issues/4540
I'm using Docker Terminal on Windows running a container from my nginx image and when I access the docker-machine IP on my browser I get "CONNECTION_REFUSED".
This is command that I used to run the container
docker run -it -d -v /home/user/html:/usr/share/nginx/html -p 80:80 myimage
Check if your container is running (docker ps)
Log in your container to see if there is any error log (docker exec -it container_name /bin/bash)
Make sure you are using correct IP address (docker-machine ip container_name)
It's very important to check logs with docker logs <container name>
After that, you'll see if connection refused is due to a
Address visibility problem.
NginX configuration problem.
Port 80 is already being used.
...
We are trying to use docker to run nginx but for some reason I'm unable to access the nginx web server running inside the docker container.
We have booted a Docker Container using the following Dockerfile: https://github.com/dwyl/learn-docker/blob/53cca71042482ca70e03033c66d969b475c61ac2/Dockerfile
(Its a basic hello world using nginx running on port 8888)
To run the container we used:
docker run -it ubuntu bash
we determined the Container's IP address using the docker inspect command:
docker inspect --format '{{ .NetworkSettings.IPAddress }}' a9404c168b21
which is: 172.17.0.11
when I try to visit the container's IP address and the nginx port in a browser http://172.17.0.11:8888/ we get ERR_CONNECTION_TIMED_OUT
or using curl:
curl 172.17.0.11:8888
curl: (7) Failed to connect to 172.17.0.11 port 8888: Connection refused
To attempt to solve this we googled extensively but suspect we might be asking the "wrong" questions...
You shouldn't be trying to hit the IP address of the container, you should be using the IP address of the host machine.
What you are missing is the mapping of the port of the host machine to the port of the container running the nginx server.
Assuming that you want to use port 8888 on the host machine, you need a parameter such as this to map the ports:
docker run ... -p 8888:8888 ...
Then you should be able to access you server at http://<HOST_MACHINE_IP>:8888
EDIT: There is another gotcha if you are running on a Mac. To use Docker on a Mac it's common to use boot2docker but boot2docker adds in another layer. You need determine the IP address of the boot2docker container and use that instead of localhost to access nginx.
$ boot2docker ip
The VM's Host only interface IP address is: <X.X.X.X>
$ wget http://<X.X.X.X>:8888
...
Connecting to <X.X.X.X>:8888... connected.
HTTP request sent, awaiting response... 200 OK
Reference: https://viget.com/extend/how-to-use-docker-on-os-x-the-missing-guide
EDIT: ... or with docker-machine the equivalent command would be docker-machine ip <machine-name> where <machine-name> is likely to be "default".
You may need to check if your container is running:
docker ps ( you should have an active container)
If no container is active:
docker run -p 80:80 -it /bin/bash
you will then be on your image terminal
start nginx - sudo service nginx start
ctrl p + ctrl q to quit docker without exiting the container
if you are on mac and using boot2docker you cannot use localhost to check your running nginx
so use boot2docker ip
browse using the boot2docker ip