6

I have an ASP.NET Core application that is hosted in the Docker cloud (cloud provider is Azure). The application uses Hangfire to run recurring jobs in the background, and one of the jobs needs to request data from an external REST API. I noticed that any attempt at outbound communication fails, and I would like to know, how I can enable it.

The deployment consists of some other containers, whereby linked containers (services) can communicate with no problem. There is no special network configuration; the default "bridge" mode is used. Do I need to configure something in the container´s image, or do I need to make changes to the network settings... I have no clue.

Pavel_K
  • 10,748
  • 13
  • 73
  • 186
Matze
  • 5,100
  • 6
  • 46
  • 69
  • if you app is accessible externally,i dont see a reason why the restapi fails(IMHO)..what is the exact error message – TheGameiswar Nov 22 '17 at 07:30
  • @TheGameiswar It´s not my own REST API that cannot be reached, connections via exposed ports work as expected. Outbound requests of the dockerized app to services on the internet do fail... – Matze Nov 22 '17 at 07:34
  • I was just stupid (-; the `Hangfire` job component was implemented in an asynchronous manner, and had a bug that caused a crash while waiting for the response (the underlying `HttpClient` got disposed of while in use). After I fixed that issue, the outbound communication worked as expected... – Matze Nov 27 '17 at 10:08

2 Answers2

2

There is no special network configuration; the default "bridge" mode is used.

According to your description, it seems you are using a VM and run docker on it. If you want to access this docker from Internet, we should map docker port to local port, for example:

docker run -d -p 80:80 my_image service nginx start

After we map port 80 to this VM, we should add inbound rules to Azure network security group(NSG), we can follow this article to add it.

Also we should add port 80 to OS filewall inbound rules.

Update:

Sorry for misunderstand.

Here is my test, I install docker on Azure VM(Ubuntu 16), then create a centos docker, like this:

root@jasonvms:~# docker run -i -t centos bash
Unable to find image 'centos:latest' locally
latest: Pulling from library/centos
d9aaf4d82f24: Pull complete 
Digest: sha256:4565fe2dd7f4770e825d4bd9c761a81b26e49cc9e3c9631c58cfc3188be9505a
Status: Downloaded newer image for centos:latest
[root@75f92bf5b499 /]# ping www.google.com
PING www.google.com (172.217.3.100) 56(84) bytes of data.
64 bytes from lga34s18-in-f4.1e100.net (172.217.3.100): icmp_seq=1 ttl=47 time=7.93 ms
64 bytes from lga34s18-in-f4.1e100.net (172.217.3.100): icmp_seq=2 ttl=47 time=8.13 ms
64 bytes from lga34s18-in-f4.1e100.net (172.217.3.100): icmp_seq=3 ttl=47 time=8.15 ms
^C
--- www.google.com ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2001ms
rtt min/avg/max/mdev = 7.939/8.076/8.153/0.121 ms
[root@75f92bf5b499 /]# ping 8.8.8.8
PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data.
64 bytes from 8.8.8.8: icmp_seq=1 ttl=51 time=1.88 ms
64 bytes from 8.8.8.8: icmp_seq=2 ttl=51 time=1.89 ms
64 bytes from 8.8.8.8: icmp_seq=3 ttl=51 time=1.86 ms
c64 bytes from 8.8.8.8: icmp_seq=4 ttl=51 time=1.87 ms
64 bytes from 8.8.8.8: icmp_seq=5 ttl=51 time=1.78 ms
64 bytes from 8.8.8.8: icmp_seq=6 ttl=51 time=1.87 ms
^C
--- 8.8.8.8 ping statistics ---
6 packets transmitted, 6 received, 0% packet loss, time 5009ms
rtt min/avg/max/mdev = 1.783/1.861/1.894/0.061 ms
[root@75f92bf5b499 /]#

I find it can community with the internet, could you please show me more information about your issue?

Jason Ye
  • 13,710
  • 2
  • 16
  • 25
  • Does that work for you? please let me know if you need more help:) – Jason Ye Nov 27 '17 at 08:58
  • 1
    @jason-ye-msft Thanks, but your answer is related to inbound connections, which is not the problem here. Otherwise, it would have been very helpful... – Matze Nov 27 '17 at 10:02
0

if you are using standalone instance then make changes in network_security group of instance and allow outbound rules, if using ACS follow below link https://learn.microsoft.com/en-us/azure/container-service/dcos-swarm/container-service-enable-public-access

sanath meti
  • 5,179
  • 1
  • 21
  • 30