6

I have a new Spring Boot application that I just finished and am trying to deploy it to Docker. Inside the container the application works fine. It uses ports 9000 for user facing requests and 9100 for administrative tasks like health checks. When I start a docker instance and try to access port 9000 I get the following error:

curl: (56) Recv failure: Connection reset by peer

After a lot of experimentation (via curl), I confirmed in with several different configurations that the application functions fine inside the container, but when I try to map ports to the host it doesn't connect. I've tried starting it with the following commands. None of them allow me to access the ports from the host.

docker run -P=true my-app
docker run -p 9000:9000 my-app

The workaround

The only approach that works is using the --net host option, but this doesn't allow me to run more than one container on that host.

docker run -d --net=host my-app

Experiments with ports and expose

I've used various versions of the Dockerfile exposing different ports such as 9000 and 9100 or just 9000. None of that helped. Here's my latest version:

FROM ubuntu
MAINTAINER redacted

RUN apt-get update
RUN apt-get install openjdk-7-jre-headless -y
RUN mkdir -p /opt/app

WORKDIR /opt/app

ADD ./target/oauth-authentication-1.0.0.jar /opt/app/service.jar
ADD config.properties /opt/app/config.properties

EXPOSE 9000
ENTRYPOINT java -Dext.properties.dir=/opt/app -jar /opt/app/service.jar

Hello World works

To make sure I can run a Spring Boot application, I tried Simplest-Spring-Boot-MVC-HelloWorld and it worked fine.

Netstat Results

I've used netstat to do port scans from the host and from the container:

From the host

root@my-docker-host:~# nmap 172.17.0.71 -p9000-9200

Starting Nmap 6.40 ( http://nmap.org ) at 2014-11-14 19:19 UTC Nmap
scan report for my-docker-host (172.17.0.71)
Host is up (0.0000090s latency).
Not shown: 200 closed ports
PORT     STATE SERVICE
9100/tcp open  jetdirect
MAC Address: F2:1A:ED:F4:07:7A (Unknown)

Nmap done: 1 IP address (1 host up) scanned in 1.48 seconds

From the container

root@80cf20c0c1fa:/opt/app# nmap 127.0.0.1 -p9000-9200

Starting Nmap 6.40 ( http://nmap.org ) at 2014-11-14 19:20 UTC
Nmap scan report for localhost (127.0.0.1)
Host is up (0.0000070s latency).
Not shown: 199 closed ports
PORT     STATE SERVICE
9000/tcp open  cslistener
9100/tcp open  jetdirect

Nmap done: 1 IP address (1 host up) scanned in 2.25 seconds

The container is using Ubuntu The hosts I've replicated this are Centos and Ubuntu.

This SO question seems similar but had very few details and no answers, so I thought I'd try to document my scenario a bit more.

Community
  • 1
  • 1
Trevor Allred
  • 888
  • 2
  • 13
  • 22
  • The only 'docker run' you showed doesn't do any port mapping. Could you show how you start the container, e.g. docker run -d -p 9000:9000 my-app? – seanmcl Nov 14 '14 at 20:46
  • Sorry for that. I've added in both options I've tried. None worked though. :( – Trevor Allred Nov 18 '14 at 00:38
  • 1
    UPDATE: I'm pretty sure this doesn't have anything to do with Docker. I've been able to reproduce this outside of docker and I'm getting strange results from the Java based application in Spring Boot. I'll provide more updates as I continue to troubleshoot this. At this point I think it has to do with Spring Boot's server.address property. – Trevor Allred Nov 18 '14 at 21:26
  • @TrevorAllred : I agree with you. As soon as I add server.address in my spring boot config, port is not reachable. – willome Mar 01 '17 at 14:35

2 Answers2

12

I had a similar problem, in which specifying a host IP address as '127.0.0.1' wouldn't properly forward the port to the host.

Setting the web server's IP to '0.0.0.0' fixes the problem

eg - for my Node app - the following doesn't work

app.listen(3000, '127.0.0.1')

Where as the following does work:

app.listen(3000, '0.0.0.0')

Which I guess means that docker, by default, is exposing 0.0.0.0:containerPort -> local port

Sam
  • 995
  • 9
  • 16
  • 2
    This was the problem for me as well. Hugo had a default bind to 127.0.0.1 while docker uses 0.0.0.0:ports. Thanks! – John Dec 07 '15 at 06:48
  • 1
    The answer was not very clear for me - so I want to clarify to anyone reading it - this is a great answer, simply inside your docker container, your application should listen on IP 0.0.0.0 instead of on 127.0.0.1 – SomethingSomething Apr 04 '17 at 15:21
  • This answer also helped me figure out why my socket.io java server had a similar problem. For me the fix was setting `Configuration config = new Configuration()` `config.setHostname("0.0.0.0")` `server = new SocketIOServer(config)` – Kira Resari May 13 '20 at 08:17
3

You should run with docker run -P to get the ports to map automatically to the same values to set in the Dockerfile.. Please see http://docs.docker.com/reference/run/#expose-incoming-ports

Andy
  • 35,844
  • 6
  • 43
  • 50
  • The `expose` line should be enough to get the port available on the container's 172.17 address; `-P` (or `-p`) is only necessary if you want it available on the *host's* address. – Bryan Nov 15 '14 at 17:33