I currently have a Linux Debian VM set up through Google Cloud Platform. I have docker installed and would like to start running application containers within it.
I'm following the documentation under Docker's website Found Here under
"Running a web application in Docker" I download the image and run it with no issue. I then run $sudo docker ps and get the port which is 0.0.0.0:32768->5000/tcp
I then try to browse to the website at http://"MyExternalVMIP":32768 but the applications doesn't come up. Am I missing something?
First, test to see if your service works at all. To do this, from the VM itself, run:
wget http://localhost:32768
or
curl http://localhost:32768
If that works, that means the service is operating properly, so let's move further with the debugging.
There may be two firewalls that are blocking external access to your docker process:
the VM's OS firewall
Google Compute Engine firewall
You can see if you're affected by the first issue by accessing the URL from the VM itself and from another VM on the same GCE network (use the VM name in the URL, not the external IP):
wget http://[vm-name]:32768
To fix the first issue, you would have to either open up the single port (recommended):
iptables -I INPUT -p tcp -s 0.0.0.0/0 --dport 32768 -j ACCEPT
or disable firewall entirely, e.g., by stopping iptables (not recommended).
If, after fixing this, you can access the URL from another host on the same GCE network, but still can't access it from outside of Google Compute Engine, you're affected by the second issue. To fix it, you will need to open the port in the GCE firewall; this can also be done via the web UI in the Developers Console.
Create an entry in your local ssh config file as below with specific local forward port. In my case its an example of yarn's IP, which I want to access in browser.
Host hadoop
HostName <External-IP>
User <Local-machine-username>
IdentityFile ~/.ssh/<private-key-for-above-user>
LocalForward 8089 <Internal-IP>:8088
Related
Trying to connect to my django website (from the browser) that's stored on the GCP virtual machine.
Everything works fine if I'm accessing it internally using internal IP or localhost.
However, I can't access website with external IP.
No logs in django that would say someone trying to access if I'm trying with external IP.
I have http, https traffic enabled on instance.
Firewall rule to allow port 80:
Here is Test-Net results.
Searched the web for answers but nothing looks wrong in my settings..
Any ideas would be appreciated.
UPDATE:
Do not create or change egress rules unless you know exactly what they do. They are not necessary for ingress rules (VPC Firewalls automatically allow return traffic):
I've changed all firewall rules back how they were so now only port 80 is allowed.
You have an ingress rule for the target http-server. Is that target flag set on the VM instance?
What is the output from sudo lsof -i -P -n | grep LISTEN? Your Django server must be listening on 0.0.0.0.0 instead of localhost.
I have 0.0.0.0 with port 80 at django terminal.
I use windows 2016 server so don't know the powershell function that would display what you asked for.
Here is netstat listening ports for django.
I have a python application hosted by a node.js frontend. I am running that on a linux vm on Google Cloud virtual machine (GCP).
node appname runserver 8080 command starts local server within VM but I am wondering what would be step by step process to access it via a DNS from outside world.
Or if there is better approach to host python ML applications behind a web interface, then please suggest.
You need to use forever for this.
Forever will move the node process to the background and service will keep running in the background even if you log out of the server. And In order to access from outside point a DNS domain to this IP address of the machine and then Proxy Pass the request on port 80 to the port your service is running on.
Then you will be able to access it via domain name.
Look for ProxyPass directive in the Http server. That would work for you. :D
I have a flask application using bokeh that is running in a Docker container, and it works when I use it on local machines.
However, when I deploy it to a GCP instance, even though I can reach the server, I have some AjaxDataSource() objects which are failing to connect.
Some details,
All the machines, local and gcp vm are running Ubuntu 18.04
The flask app is started like this,
app.run(host="0.0.0.0", port=6600, debug=False)
The Ajax route looks like this,
http://127.0.0.1:6600/land/tmidemo/data_rate?name=ResultBaseKeysV1
The GCP firewall rules look like,
Name Type Targets Filters Protocols / ports Action Priority Network
tmiserver-egress Egress Apply to all IP ranges: 0.0.0.0/0 tcp:6600 udp:6600 Allow 1000 default
tmiserver-ingress Ingress Apply to all IP ranges: 0.0.0.0/0 tcp:6600 udp:6600 Allow 1000 default
The docker container is run like this,
docker run --net tminet --hostname=TEST -p 6600:6600 -v $(pwd):/app/public --name myserver --rm myserver
I am not using a Bokeh server. The AjaxDataSource() calls point back to the flask application, not another (bokeh) server
There is a lot that works,
able to use the GCP external ip address and reach the server
going from web page to web page works, so flask routing is working
Whats NOT working is that Ajax() call which uses 127.0.0.1, although this DOES work when I run the container on a local machine.
The error I see in the inspect window is ERR_CONNECTION_REFUSED
The GCP instance hosts.conf DOES include a line for 127.0.0.1 localhost
I tried (from here) on the GCP VM instance, same result,
iptables -A INPUT -i docker0 -j ACCEPT
I also tried (from here) changing the Docker run network to --net="host" and the result is identical.
I also tried adding --add-host localhost:127.0.0.1 to the Docker run command, same result.
I think the problem is configuring the GCP to know how to route a request to 127.0.0.1, but I don't know where to check, configure this, beyond what I have already done.
I wasn't able to specifically resolve the issue I was having, but I tried a different approach to the URL for the AjaxDataSource() and it worked and I think a better approach...
I used Flask url_for() function to create a link to the route that the AjaxDataSource() needs and this worked. The resulting link looks something like,
/land/tmidemo/data_rate/ResultBaseKeysV1
ie, no http://127.0.0.1, and this seems to work in all cases, my dev environment and GCP.
I think I tried this a long time ago and it didn't work, because I use "flask" URLs all over the place, but for some reason I thought I needed "http://127.0.0.1" for the Ajax stuff. Its works now.... moving on!
I've managed to deploy a Django app inside a docker container on my personal Mac using localhost with Apache. For this, I use docker-compose with the build and up commands. I'm trying to run the same Django app on a CentOS server using a docker image generated on my local machine. Apache is also running on the server on port 90.
docker run -it -d --hostname xxx.xxx.xxx -p 9090:9090 --name test idOfImage
How can I access this container with Apache using the hostname and port number in the URL? Any help would be greatly appreciated. Thanks.
From other containers the best way to access this container is to attach both to the same network and use the container's --name as a DNS name and the internal port (the second port from the -p option, which isn't strictly required for this case); from outside a container or from other hosts use the host's IP address or DNS name and the published port (the first port from the -p option).
The docker run --hostname option isn't especially useful; the only time you'd want to specify it is if you have some magic licensed software that only ran if it had a particular hostname.
Avoid localhost in a Docker context, except for the very specific case where you know you're running a process on the host system outside a container and you're trying to access a container's published port or some other service running on the host. Don't use "localhost" as a generic term, it has a very specific context-dependent meaning (every process believes it's running "on localhost").
Background
So after about a year of having a GoDaddy cloud service, and super disappointed with it from the get-go. Once they announced that they would be discontinuing Cloud Server services, it was like a sign from the heavens.
I then created a Google Cloud account. One of the biggest reasons I got a Cloud Server to begin with was to have an eclipse Che instance, an IDE wherever you are! I love it, but despite the temporary partnership between Bitnami and GoDaddy, launching a Eclipse instance with them with such a mind-numbing task since their internal Factory build still required a ton of Docker configurations...
And though I can appreciate the fact that I did learn the ins-and-outs of configuring Dockers Network settings, which is not something to wince at... As soon as I got my Google Cloud account it was simply a 1 2 3 and go!
Question
Whilst I'm running an Eclipse chat instance, what is the proper way to port-forward a given work space to my local machine? The scenario is simple...
I created a Python stack of which I am using Django but when I run server, of course default being the local IP to the project, I have yet to find the easy and more than likely existing standard way to run the Django server and have the eclipse Che create the URL to the project. I'm ninety-nine percent sure that I'm going about this the wrong way given the fact that even some of the demo stack projects with Node or Python are plug-and-play.
PS: I am able to ssh into the workspace no issue, I'm just confused on how to port forward from remote to local as I've only really done it the other way around.. ssh -R ... or -L?
What you need is SSH Tunnel, which is -L. If you need to send a port from local to server that is called a Reverse SSH Tunnel, which is -R.
so simple command
ssh -L <localport>:127.0.0.1:<remoteport> <user>#<server>
Some extension to the other answer mentioning ssh tunneling...
If you run a docker-dev on a server (e.g. 192.168.1.123) not being your local machine in eclipse-che that provides some web service you want to access, then find out the IP address of the docker-dev, e.g. by opening a terminal in your eclipse che workspace and executing ip addr. There you will see some 172.17.x.x that is accessible only from the server. Assume the service in docker-dev is listening on port 12345, then you need the following ssh port forwarding from your local machine to access it:
ssh -L 8888:172.17.0.2:12345 192.168.1.123
While the ssh connection is open, you can access the web service with you browser by accessing http://127.0.0.1:8888/