1

I saw a lot of similar problem but not exactly like mine... I have a classic architecture,

A server with docker, a stack with Traefik to dispatch request, and few stack of nginx/apache and php. Let's say

  • website1.com
  • website2.com

The problem is that I can't cURL another website from inside a docker container.

Architecture

If I try to curl from server itself

curl -v website2.com
curl -v https://website2.com

I get a valid response

If I try to curl from website1 container

curl -v website2.com
curl -v https://website2.com

I can see

Trying XX.XX.XX.XX:443...

With my external IP (so the DNS should be OK) but I don't get any response so it end with a timeout message.

If I add 192.168.48.4 website2.com into my /etc/hosts and I try to cURL, I get a valid response but tell me if I'm wrong but in this case it access through local and not from outside of the server

By the way, I need to cURL from a "manager" website that get all domains from an API, so cURL should be dynamic and I can't really add all IP manually into a hosts file or whatever

I really want to access other containers from outside, like an external service

Do you have any suggestion ? Thank you guys

D. Schreier
  • 1,700
  • 1
  • 22
  • 34
  • If you do `ping website2.com` from the website1.com container, what IP address do you get? And does the ping work? – Hans Kilian Apr 19 '22 at 08:23
  • what happens if you do a ping in website1 Container of website2.com ? (If 'ping' command is available). What I mean is: website1 Container needs to look up website2.com on DNS somewhere. So, it needs to understand that DNS-requests go to Traefik. Does it understand that? What do you see when you do a 'docker network inspect' on the Host? Does Traefik Container act as the gateway? – BertC Apr 19 '22 at 08:24
  • I'd expect normal Docker networking to work here; see for example [How to communicate between Docker containers via "hostname"](https://stackoverflow.com/questions/30545023/how-to-communicate-between-docker-containers-via-hostname) (ignore its mention of the now-archaic Docker links feature) or [Networking in Compose](https://docs.docker.com/compose/networking/) in the Docker documentation. Can you [edit] the question to include a [mcve] demonstrating your setup? – David Maze Apr 19 '22 at 10:35
  • @HansKilian @BertC From the server itself or from the container, when I `ping website2.com` it ping the external IP, and it works. Actually when I use `curl -v https://website2.com` from the container it log `Trying XXX.XXX.XXX.XXX:443` (external IP) so the DNS should be OK because the IP is found, but I just don't get any response. @DavidMaze My problem is that I don't really want to talk straight to the container and the domain list is dynamic so I can't manually bind them – D. Schreier Apr 19 '22 at 13:35

1 Answers1

1

Thanks for comment and specifically to this topic https://community.traefik.io/t/curl-from-container-a-to-b-blocked/1040/14

In my case, the firewall (ufw) of my host was "blocking" my http/https requests, even if my domains were accessible

Thoses commands fix my problem

sudo ufw allow http
sudo ufw allow https
D. Schreier
  • 1,700
  • 1
  • 22
  • 34