[英]Unable to connect to Docker container: Connection Refused
I have a war file deployed as Docker
container on linux ec2
. 我在linux ec2
上将一个war文件部署为Docker
容器。 But when I try to hit the http://ec2-elastic-ip:8080/AppName
, I don't get any response. 但是,当我尝试点击http://ec2-elastic-ip:8080/AppName
,没有任何反应。
I have all the security group
inbound rules set up for both http
and https
. 我为http
和https
设置了所有security group
入站规则。 So that's not a problem. 所以这不是问题。
Debugging 调试
I tried debugging by ssh-ing
the linux instance. 我尝试通过ssh-ing
linux实例进行调试。 Tried command curl localhost:8080
, this is the response: 尝试使用命令curl localhost:8080
,这是响应:
curl: (7) Failed to connect to localhost port 8080: Connection refused
Tried with 127.0.0.1:8080
but the same response. 尝试使用127.0.0.1:8080
但响应相同。
Next thing I did was to list the Docker container: docker ps
. 我要做的下一件事是列出Docker容器: docker ps
。 I get: 我得到:
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
<ID> <ecr>.amazonaws.com/<my>-registry:2019-05-16.12-17-02 "catalina.sh run" 24 minutes ago Up 24 minutes 0.0.0.0:32772->8080/tcp ecs-app-24-name
Now, I connected to this container using docker exec -it <name> /bin/bash
and tried checking tomcat logs which clearly shows that my application war is there and tomcat has started. 现在,我使用docker exec -it <name> /bin/bash
连接到该容器,并尝试检查tomcat日志,这清楚地表明我的应用程序大战已经开始,并且tomcat已经开始。
I ever tried checking the docker-machine ip default
but this gave me error: 我曾经尝试检查docker-machine ip default
但这给了我错误:
Docker machine "default" does not exist. Use "docker-machine ls" to list machines. Use "docker-machine create" to add a new one.
Now am stuck. 现在卡住了。 Not able to debug further. 无法进一步调试。 The result am expecting is to access the app through the url above. 期望的结果是通过上面的URL访问应用程序。
What to do? 该怎么办? Is it something am doing wrong? 发生问题了吗?
Also, to mention, the entire infrastructure is managed through terraform
. 另外,整个基础架构都是通过terraform
管理的。 I first create the base image,copy the war to webapps using DockerFile
, push the registry image and finally do a terraform apply
to apply any changes. 我首先创建基础映像,使用DockerFile
将战争复制到DockerFile
,推送注册表映像,最后进行terraform apply
以应用所有更改。
Currently your app is working on a random host port ie 32772
, see the docker ps
output .You must be able to access you app on http://ec2-ip:32772
once you allow port 32772
in security groups. 当前,您的应用程序在随机主机端口(即32772
,请参阅32772
docker ps
输出。一旦在安全组中允许端口32772
,您就必须能够在http://ec2-ip:32772
上访问您的应用程序。
In order to make it work on host port 8080, you need to bind/expose the host port during docker run - 为了使其能够在主机端口8080上运行,您需要在docker run期间绑定/暴露主机端口-
$ docker run -p 8080:8080 ......
If you are on ECS, ideally you should use an ALB & TG with your service. 如果您使用的是ECS,则理想情况下,应在服务中使用ALB和TG。
However, if you are not using ALB etc then you can try giving a static hostPort in TD "hostPort": 8080
(I haven't tried this). 但是,如果您没有使用ALB等,则可以尝试在TD "hostPort": 8080
提供一个静态hostPort(我没有尝试过)。 If it works fine, you will need to make sure to change the deployment strategy as "minimum healthy percentage = 0" else you might face port conflict issues. 如果运行良好,则需要确保将部署策略更改为“最低健康百分比= 0”,否则可能会遇到端口冲突问题。
Make sure that apache is listening on all IP addresses inside the docker container, not just localhost. 确保apache正在监听docker容器内的所有IP地址,而不仅仅是本地主机。 The IP should be like 0.0.0.0. IP应该像0.0.0.0。
If any service is running inside docker and is listening to only localhost, it can only be accessed inside that container, not from the host. 如果任何服务正在docker内部运行并且仅侦听localhost,则只能在该容器内部访问该服务,而不能从主机访问该服务。
You can also try to start apache with port 8080 and bind docker 8080 port with host 8080 port 您也可以尝试使用端口8080启动apache并将docker 8080端口与主机8080端口绑定
docker run apache -p 8080:8080
If the application needs a network port you must EXPOSE it in the docker file. 如果应用程序需要网络端口,则必须在docker文件中将其暴露 。
EXPOSE <port> [<port>/<protocol>...]
In case you need that port to be mapped to a specific port on the network, you must define that when you spin up the new container. 如果需要将该端口映射到网络上的特定端口,则必须在启动新容器时定义该端口。
docker run -p 8080:8080/tcp my_app
If you use run each image separately you must bind the port every time. 如果使用分别运行每个映像,则必须每次都绑定端口。 If you don't want to do this every time you can use docker-compose and add the ports directive in it. 如果您不想每次都执行此操作,则可以使用docker-compose并在其中添加ports指令。
ports:
- "8080:8080/tcp"
Supposing you added expose in the dockerfile, he full docker-compose.yml would look like this: 假设您在dockerfile中添加了暴露,则完整的docker-compose.yml如下所示:
version: '1'
services:
web:
build:
ports:
- "8080:8080"
my_app:
image: my_app
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.