Server not binding to port within docker swarm

Question

I have a one-machine swarm (i.e. one master node, that's it), which has the following docker-compose.yml file:

version: "3"
services:
  web:
    image: rbalicki/hellorocket:latest
    ports:
      - "8001:8000"
    depends_on:
      - "db"
    environment:
      - DATABASE_URL=postgres://docker:docker@db:5432/pw_back
    command: cargo run # this runs the server
  db:
    image: rbalicki/pg:latest

I run the following commands, per the tutorial:

docker-machine create --driver virtualbox myvm1
docker-machine ssh myvm1 "docker swarm init --advertise-addr 192.168.99.100:2377"
docker-machine scp docker-compose.yml myvm1:~
docker-machine ssh myvm1 "docker stack deploy -c docker-compose.yml hellorocketstack"

docker machine ls gives me an IP of tcp://192.168.99.100:2376.

The Dockerfile for the web process definitely exposes 8000, as well. Locally, when I run this server, it connects to port 8000 with no problems. However, within the vm, it doesn't receive any requests when I curl 192.168.99.100:8001 (likewise for 8000). This is true, even if I kill the vm and completely restart my machine.

However, if I install other services (e.g. visualizer, from the tutorial), they work just fine.

This is driving me crazy! How can I figure out what is going on?

Also, within the vm, I also cannot call curl localhost:8001 (which works for visualizer, at the remapped port). Any help is appreciated! Are there next steps I can take to debug this?

Edit: nc -zv 192.168.99.100 8001 also turns up nothing! (It works for visualizer)

Edit2: docker inspect CONTAINER shows:

     "Config": {
        "ExposedPorts": {
            "8001/tcp": {}
        },
     },
     "NetworkSettings": {
        "Ports": {
            "8001/tcp": null
        },
     }

Which is the same thing as the docker inspect command shows for the working example (modulo exposed port number)

What do the logs for the web container show? If you connect to the web container with a `docker exec` can you `curl http://localhost:8000`? — BMitch, Jul 29 '17 at 23:49
Stop the docker service and run `iptables -S` and post the rules. Check if `ufw` or `selinux` or `firewalld` is enabled on your VM. Some VMs by default has IPTables rules to allow 22 port only — Tarun Lalwani, Jul 30 '17 at 05:51
Ok, `iptables -S` on the vm gives me https://gist.github.com/rbalicki2/0642dfac22d0ce57616a8f4381664a27 . The root installation is debian, so I don't think it has an `selinux` firewall but /shrug. `firewall-cmd` and `ufw` are both not found. — Robert Balicki, Jul 30 '17 at 14:12
The network settings in the oracle VM are: Adapter 1, NAT, Cable Connected, Deny Promiscuous Mode, Port forwarding: SSH, localhost:49539 -> 22; Adapter 2: Host-only Adapter, Name: vboxnet0, Deny Promiscuous Mode; the port forwarding settings button is disabled — Robert Balicki, Jul 30 '17 at 14:15
Update: if I run the service (after removing the dependency on the db) by itself, in the VM, using `docker run -p 4000:8000 rbalicki/hellorocket:latest cargo run`, when I `curl localhost:4000` I get `curl: (7) Failed to connect to localhost port 4000: Connection refused` and no indication in the server logs that a connection was made. — Robert Balicki, Jul 30 '17 at 14:38
Update: If I run it in the VM as above, but specify `--network=host`, it works! This does not work when running it outside of the VM, whether in swarm mode or not. It does not appear to be accessible at the IP I would expect outside the VM, though — Robert Balicki, Jul 30 '17 at 14:53

score 1 · Accepted Answer · answered Jul 30 '17 at 17:19

Turns out that rocket was listening on localhost and not 0.0.0.0. Setting the environment variable ROCKET_ADDRESS=0.0.0.0 fixed things.

In the Docker tutorial example python server, changing 0.0.0.0 to localhost also broke things in exactly the same way.

What is the difference between 0.0.0.0, 127.0.0.1 and localhost?

Server not binding to port within docker swarm

1 Answers1