docker容器中的JetBrains / Teamtools“无法侦听地址0.0.0.0和端口443”
[英]JetBrains/Teamtools in docker container “Could not listen on address 0.0.0.0 and port 443”
问题描述
Problem 
问题
I'm trying to set up JetBrains Hub, Youtrack, Upsource and Teamcity in a docker container and configure each to be available on their own IP (macvlan) at the default ports 80 redirected to 443 and 443 for HTTPS (so the port numbers do not show up in the browser). 我正在尝试在Docker容器中设置JetBrains Hub,Youtrack,Upsource和Teamcity并将它们配置为在默认IP 80上可用自己的IP(macvlan)重定向到HTTPS的默认端口80和443(因此端口号不会显示在浏览器中)。
However if I do that I get: 但是,如果我这样做,我会得到:
Could not listen on address 0.0.0.0 and port 443
Leaving the teamtools on their default ports 8080 and 8443 works or giving them ports over 2000 seems to work as well. 将teamtools保留在其默认端口8080和8443上,或者为它们提供2000以上的端口似乎也可以。
I checked with fuser 443/tcp and netstat -tulpn but there is nothing running on port 80 or 443. (had to install the packages for those in the container) 我用fuser 443/tcp和netstat -tulpn进行了检查,但是端口80或443上没有任何运行。 (必须在容器中安装那些软件包)
I tried setting the listening address to the NICs IP or 172.0.0.1 but this is refused as well: 我尝试将侦听地址设置为NIC IP或172.0.0.1,但这也被拒绝:
root@teamtools [ /opt/teamtools ]# docker run --rm -it \
-v /opt/hub/data:/opt/hub/data \
-v /opt/hub/conf:/opt/hub/conf \
-v /opt/hub/logs:/opt/hub/logs \
-v /opt/hub/backups:/opt/hub/backups \
jetbrains/hub:2018.2.9840 \
configure --listen-address=192.168.1.211
* Configuring JetBrains Hub 2018.2
* Setting property 'listen-address' to '192.168.1.211' from arguments
[APP-WRAPPER] Failed to configure Hub: java.util.concurrent.ExecutionException: com.jetbrains.bundle.exceptions.BadConfigurationException: Could not listen on address {192.168.1.211} . Please specify another listen address in property listen-address
Question: 题:
- Why can I not set ports 80 and 443? 为什么不能设置端口80和443?
- Why does it work for ports over 2000? 为什么它适用于2000以上的端口?
- How can I make this work without a reverse proxy? 没有逆向代理,如何使这项工作有效? (reverse-proxy comes with a whole bunch of other issues, that I'm trying to avoid with this setup) (反向代理还带来了很多其他问题,我试图通过此设置避免这些问题)
Setup 设定
ESXi 6.7 Host
- vSwitch0 (Allow promiscuous mode: Yes)
- port group: VM Netork (Allow promiscuous mode: No)
- other VMs
- port group: Promiscuous Ports (Allow promiscuous mode: Yes)
- Teamtools VM (Photon OS 2.0, IP: 192.168.1.210)
- firewall based on: https://unrouted.io/2017/08/15/docker-firewall/
- docker/docker-compose
- hub (IP: 192.168.1.211:80/443)
- youtrack (IP: 192.168.1.212:80/443)
- upsource (IP: 192.168.1.213:80/443)
- teamcity-server (IP: 192.168.1.214:80/443)
- teamcity_db (MariaDB 10.3) (IP: 192.168.1.215:3306)
docker-compose.yml docker-compose.yml
version: '2'
networks:
macnet:
driver: macvlan
driver_opts:
parent: eth0
ipam:
config:
- subnet: 192.168.1.0/24
gateway: 192.168.1.1
services:
hub:
# set a custom container name so no more than one container can be created from this config
container_name: hub
image: "jetbrains/hub:2018.2.9840"
restart: unless-stopped
volumes:
- /opt/hub/data:/opt/hub/data
- /opt/hub/conf:/opt/hub/conf
- /opt/hub/logs:/opt/hub/logs
- /opt/hub/backups:/opt/hub/backups
- /opt/teamtools:/opt/teamtools
expose:
- "80"
- "443"
- "8080"
- "8443"
networks:
macnet:
ipv4_address: 192.168.1.211
domainname: office.mydomain.com
hostname: hub
environment:
- "JAVA_OPTS=-J-Djavax.net.ssl.trustStore=/opt/teamtools/certs/keyStore.p12 -J-Djavax.net.ssl.trustStorePassword=xxxxxxxxxxxxxx"
...
1 个解决方案
解决方案1
2 已采纳 2018-08-03 15:18:11
Upsource is running by user jetbrans, which is non-root. 上游是由非root用户jetbrans运行的。 https://www.w3.org/Daemon/User/Installation/PrivilegedPorts.html https://www.w3.org/Daemon/User/Installation/PrivilegedPorts.html
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.