SSH Setup on Docker Container - macos

I have installed the ssh-server using
sudo apt-get install openssh-server on my ubuntu:latest Docker container running on Mac OSX Yosemite. I got the IP address of the container using boot2docker ip. Using the Network Utility I can verify that port 22 is open on that IP. However, I cannot ssh into that container's filesystem. I did not explicity specify that port 22 should be exported when starting the container with docker start -i CONTAINER_NAME. The command ssh -v localhost succeeds on the terminal of the container but when I try to do it from my Mac's terminal, it says:
Connection closed by x.x.x.x
I am copying the contents of sshd_config here:
http://collabedit.com/a76d6

With boot2docker ip you get the IP of Boot2Docker VM, not the IP of your ssh container. To connect from your Mac's terminal you should expose the port 22 of your container, and then you can connect using the Boot2Docker VM IP from your Mac session. I.E.:
docker run -d -p 2222:22 CONTAINER_NAME and then connect through ssh using BOOT2DOCKER_IP and 2222 port.

Related

default docker-machine ip [duplicate]

I just migrated to using Docker for Mac, from previously using Docker Toolbox with virtualbox for OSX.
I used to get the machine IP address with $(docker-machine ip default).
Is there a reliable way to get the Hyperkit IP address?
Thanks!
In opposition to Docker toolbox, Docker for Windows and Docker for Mac are designed to give you the feeling that Docker is running directly on your OS, so they use lightweight virtual machines running under lightweight hypervisors (instead of VirtualBox) handled directly by the docker executable.
Hence you won't see them with docker-machine and you won't see another IP address than localhost.
Docker for Windows relies on the HyperV hypervisor which allows a network connection to tcp://localhost:2375.
Docker for Mac relies on the xhyve hypervisor, the way it's implemented only provides a connection through the socket unix:///var/run/docker.sock.
Workaround
To provide a TCP connection for Docker for Mac:
Install socat. With brew:
brew install socat
Run this socat command to forward TCP requests to the socket
socat TCP-LISTEN:2375,reuseaddr,fork,bind=localhost UNIX-CONNECT:/var/run/docker.sock
Map what you want on tcp://localhost:2375
Up to you to run the socat command on startup, if necessary.
This was for instance useful to me to associate the Webstorm nodeJS debugger to a nodeJS container (since at the time of writing, docker debugging is supported by Webstorm docker integration plugin, but not through unix sockets).
Documentation on Docker for Mac limitations
https://docs.docker.com/docker-for-mac/networking/#/known-limitations-use-cases-and-workarounds
There is no docker0 bridge on macOS
Because of the way networking is implemented in Docker for Mac, you cannot see a docker0 interface in macOS. This interface is actually within HyperKit.
You could use docker image for socat which starts every time you start 'docker for mac'
docker run -d --restart=always -p 2376:2375 -v
/var/run/docker.sock:/var/run/docker.sock bobrik/socat
TCP4-LISTEN:2375,fork,reuseaddr UNIX-CONNECT:/var/run/docker.sock
Find your docker API ip address:
ifconfig | grep 'inet 192'| awk '{ print $2}'
There's no need for working with the xhyve VM's IP address directly like you would with docker-machine. All port mappings are directly mapped to localhost.
$ docker run -d -p 8080:80 nginx:latest
$ curl localhost:8080
Also see the official documentation:
When you run a container with the -p argument, for example: $ docker run -p 80:80 -d nginx Docker for Mac will make the container port available at localhost.
My current solution is to create the containers using Docker Machine (A linux VM which is available under another IP address) and route all the traffic of the containers to the docker machine VM.
sudo route -n add -net 172.18.0.0/16 192.168.99.100
You can get the network range of your docker containers using docker inspect and the IP address of your docker machine VM using docker-machine ip
Another workaround is to use sudo ifconfig lo0 alias 172.17.0.1 so you can still use the same static IP address (if your Linux-based colleagues or bash scripts insist on using that).

Connecting PostgreSQL installed in docker inside Hyper-V Ubuntu from Windows 10 PgAdmin

I need help in connecting PostgreSQL which is installed in Docker inside HyperV ubuntu 18.4 from Windows 10 PgAdmin. So far I tried the following
Step 1: Install Postgres in Docker (Ubuntu running on Hyper-V)
sudo docker run -p 5432:5432 --name pg_test -e POSTGRES_PASSWORD=admin -d postgres
Step 2: Create a database
docker exec -it pg_test bash
psql -U postgres
create database mytestdb
Step 3: Get the ip address
sudo docker inspect pg_test | grep IPAddress
//returned with 172.17.0.2
Step 4: pg_hba.conf
host all all 0.0.0.0/0 md5
Step 5: When I try to connect from Windows PgAdmin 4, I get this below error -
Note: I have also tried using UBUNTU VM IP address, but no luck
Your's is a case where you are trying to connect to postgres from another subnet, i.e windows subnet to hyper visor subnet if you are not using bridged protocol.
So case 1:
If this is on NAT\HOST and not on bridge then you need to make sure you are able to ping the ubuntu server from windows server.
next is make sure that port is open from ubuntu's end. How do you check that, do a telnet on the port number from windows cmd prompt.
telnet 192.168.0.10 5432
if you are bridged and you can ping ping the server as well, checked that port is opened which is telnet works. You need to make sure that in the postgres.conf file
"listen address" is to "*". which is all.
Again from OS level in ubuntu run the command systemctl stop firewalld to stop firewall and then try to connect. IF this works then you need to open the port in the firewall using this command:
firewall-cmd --permanent --add-port 5432/tcp
I can see from you docker image that 5432 is already opened. This is more of port mapping and firewalld stuff.
You may want to check that pg_hba.conf is not restricted to local. It should not be the case for docker image but you never know.
See: https://www.postgresql.org/docs/9.1/auth-pg-hba-conf.html
Also, there is a typo: POSTGRES_PASSWOR=admin is missing D, it should be POSTGRES_PASSWORD=admin.
You don't need container IP. Since you have mapped container port to host machine (Ubuntu) anyone outsider just needs the Ubuntu machine IP, and on Ubuntu itself you can use localhost.

How to access web page served by nginx web server running in docker container

We are trying to use docker to run nginx but for some reason I'm unable to access the nginx web server running inside the docker container.
We have booted a Docker Container using the following Dockerfile: https://github.com/dwyl/learn-docker/blob/53cca71042482ca70e03033c66d969b475c61ac2/Dockerfile
(Its a basic hello world using nginx running on port 8888)
To run the container we used:
docker run -it ubuntu bash
we determined the Container's IP address using the docker inspect command:
docker inspect --format '{{ .NetworkSettings.IPAddress }}' a9404c168b21
which is: 172.17.0.11
when I try to visit the container's IP address and the nginx port in a browser http://172.17.0.11:8888/ we get ERR_CONNECTION_TIMED_OUT
or using curl:
curl 172.17.0.11:8888
curl: (7) Failed to connect to 172.17.0.11 port 8888: Connection refused
To attempt to solve this we googled extensively but suspect we might be asking the "wrong" questions...
You shouldn't be trying to hit the IP address of the container, you should be using the IP address of the host machine.
What you are missing is the mapping of the port of the host machine to the port of the container running the nginx server.
Assuming that you want to use port 8888 on the host machine, you need a parameter such as this to map the ports:
docker run ... -p 8888:8888 ...
Then you should be able to access you server at http://<HOST_MACHINE_IP>:8888
EDIT: There is another gotcha if you are running on a Mac. To use Docker on a Mac it's common to use boot2docker but boot2docker adds in another layer. You need determine the IP address of the boot2docker container and use that instead of localhost to access nginx.
$ boot2docker ip
The VM's Host only interface IP address is: <X.X.X.X>
$ wget http://<X.X.X.X>:8888
...
Connecting to <X.X.X.X>:8888... connected.
HTTP request sent, awaiting response... 200 OK
Reference: https://viget.com/extend/how-to-use-docker-on-os-x-the-missing-guide
EDIT: ... or with docker-machine the equivalent command would be docker-machine ip <machine-name> where <machine-name> is likely to be "default".
You may need to check if your container is running:
docker ps ( you should have an active container)
If no container is active:
docker run -p 80:80 -it /bin/bash
you will then be on your image terminal
start nginx - sudo service nginx start
ctrl p + ctrl q to quit docker without exiting the container
if you are on mac and using boot2docker you cannot use localhost to check your running nginx
so use boot2docker ip
browse using the boot2docker ip

How to Ssh into docker container that is running inside Vagrant?

I am running a Vagrant VM under Windows 7 . The Vagrant VM is running a docker container. So the configuration is :
Windows7[Vagrant[Docker]]
I want to ssh from Windows into the Docker container.
The docker container is running sshd and I can successfully ssh from Vagrant VM to Docker container.
sudo docker ps
gives:
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
64b13daab5f2 ubuntu:12.04 "/bin/bash" 14 minutes ago Up 14 minutes 0.0.0.0:49153->22/tcp thirsty_morse
From the Vagrant VM:
ssh root#localhost -p 49153
works just fine. So Vagrant VM's port 49153 is forwarded to Docker container's port 22.
I've added
config.vm.network "forwarded_port", guest:49153, host:49155
to Vagrantfile so that localhost:49155 on Windows is forwarded to Vagrant VM:49153
This is where things break down. When I try to ssh from Windows to localhost:49155, I get:
ssh: connect to host localhost port 49155: Connection refused
So Windows:49155 -> Vagrant:49153 is not working. I thought that it may be a problem related to listening on a port on Vagrant VM's external ip so I've installed rinetd into Vagrant VM and I've done:
bindadress bindport connectaddress connectport
0.0.0.0 49153 127.0.0.1 49153
Still no luck. What am I missing here?
Ok, answering my own question. It works now. I think the most likely reason for the problem was that port 49153/55 and its neighbours is actually used by some windows services by default. I changed to mapping for ports in the Vagrant file to use 9090 for Windows and everything worked. No need to rinetd either. I've also done:
sudo docker run -v /vagrant:/opt/data -p 0.0.0.0:49153:22 -i -t ubuntu:12.04
Notice the 0.0.0.0: it may or may not be relevant but this configuration is working for me.

Cannot get boot2docker port forwarding to work on docker mac os X

Here is what I have tried:
My goal: running the prosody XMPP server inside a container, accessed by my (as-yet uncontainerized) local development environment.
I installed the prosody XMPP server - this is what I am trying to use as a container for local development.
It comes dockerized here:
https://github.com/lloydwatkin/prosody-docker
I ran, as per documentation:
docker run -d prosody/prosody --name prosody -p 5222:5222
I checked prosody was running with docker exec -t -i /bin/bash
docker ps shows that the container is running, forward to 5222.
But, on my Mac local shell, telnetting to my boot2docker ip on port 5222 cannot connect.
I have tried this https://github.com/boot2docker/boot2docker/blob/master/doc/WORKAROUNDS.md
but I cannot get that to work.
To add to my confusion, the latest docker.com documentation states port forwarding should work, under Container Port Redirection:
https://docs.docker.com/installation/mac/
There was an error in the docker container documentation for prosody. The correct order of params are:
docker run -d --name prosody -p 5222:5222 prosody/prosody
There's no error handling so it was really difficult to identity.
Try running this command in Terminal to forward communication from your local machine's ports 5200 through 5299 to the VirtualBox's ports:
for i in {5200..5299}; do VBoxManage modifyvm "boot2docker-vm" --natpf1 "tcp-port$i,tcp,,$i,,$i”; VBoxManage modifyvm "boot2docker-vm" --natpf1 "udp-port$i,udp,,$i,,$i";done

Resources