Docker container can't reach the host's Postgresql database - postgresql

I have a Docker container with Redmine. I run it and it works, except the fact that it doesn't connect to the host's database.
I've searched for all similar questions, and tried what was suggested everytime, but it doesn't work.
Here is how I run the container:
docker run -d --name redmine-4.2.5 -e REDMINE_DB_POSTGRES=172.17.0.1 -e REDMINE_DB_PORT=5432 -e REDMINE_DB_USERNAME=redmine -e REDMINE_DB_PASSWORD=XXX -e REDMINE_DB_DATABASE=redmine -e REDMINE_NO_DB_MIGRATE=1 --add-host=database:172.17.0.1 redmine
When I enter the container and try to connect manually I have this:
root#86a42eae3adf:/usr/src/redmine# psql -U redmine -h database
psql: error: could not connect to server: Connection refused
Is the server running on host "database" (172.17.0.1) and accepting
TCP/IP connections on port 5432?
When I check the open ports, I have this:
root#86a42eae3adf:/usr/src/redmine# nmap 172.17.0.1
Starting Nmap 7.80 ( https://nmap.org ) at 2022-04-02 16:33 UTC
Nmap scan report for database (172.17.0.1)
Host is up (0.000024s latency).
Not shown: 996 closed ports
PORT STATE SERVICE
22/tcp open ssh
80/tcp open http
111/tcp open rpcbind
8080/tcp open http-proxy
MAC Address: XXXX (Unknown)
Nmap done: 1 IP address (1 host up) scanned in 0.25 seconds
So I checked the configuration on my host, and I have everything correct:
pg_hba.conf has this line:
host redmine redmine 172.17.0.0/16 trust
And postgresql.conf has this one:
listen_addresses = '*'
(I know I shouldn't put '*' but I'll limit to 172.17.0.2 when it will work for '*')
I restarted postgresql and reloaded the config, up to no avail.
I have no clue on how to investigate to see what I should modify to have my container be able to contact the host on port 5432. I'm open (on all ports) to any suggestion.
Thanks in advance.

Related

Cannot connect to remote server with no firewall and port open

I have set up Postgresql on a remote server, and for some reason I cannot connect to the 5432 port on the server even after opening up the port, deactivating firewall, etc.
I have checked that the database is listening to all addresses with
listen_addresses = '*':
postgresql.conf:
SHOW listen_addresses:
changed pg_hba.conf:
checked that port number 5432 is open and listening with
netstat -nlp | grep 5432
checked that firewall is inactive with sudo ufw status
and still I get Operation timed out error message after performing both
nc -v [ip_address] 5432
watch "nc -v [ip_address] 5432"
Can anyone tell me what I can do to enable connection to the remote server from external network?

Can't connect remotely to PostGIS docker

I've created a PostGIS docker container with the following code:
docker run --name=h4d -d -e POSTGRES_USER=h4d_user -e POSTGRES_PASS=password -e POSTGRES_DBNAME=gis -e ALLOW_IP_RANGE=0.0.0.0/0 -p 5432:5432 -v h4d_data:/var/lib/postgresql --restart=always kartoza/postgis:latest
I can connect to the docker from my localhost, but I can't from another terminal. The error message says "could not connect to server: Connextion timed out (0x0000274C/10060) Is the server running on host "" and accepting TCP/IP connections on port 5432?
I'm not sure if maybe I must edit some firewall settings or something else. I'm working on Windows 10
Maybe this will help ..
Go to the postgresql.conf and change the parameter of listen_addresses to the ip address you wish or just place * for all ips, e.g:
listen_addresses = '*'
In the pg_hba.conf file you also have to add which ips and users may access a certain database, e.g.
host my_db my_user 128.176.1.1 md5
In an Ubuntu machine these files are normally found at: /etc/postgresql/10/main

Docker Rundeck + local Postgres

I'm trying to run a docker image of rundeck, using PostGres for the database.
The issue I'm having is mapping my local postgres installation to the docker rundeck image. The postgres port runs on 5432, and have confirmed using netstat that the port is open and listening. The port for rundeck needs to run on 4440.
I have tried the following command:
docker run -p 127.0.0.1:4440:4440 -e RUNDECK_DATABASE_URL=jdbc:postgresql://localhost/rundeck -e RUNDECK_DATABASE_DRIVER=org.postgresql.Driver -e RUNDECK_DATABASE_USERNAME=xxx -e RUNDECK_DATABASE_PASSWORD=xxx --name test-rundeck -t rundeck/rundeck:3.0.19
But it fails with an error: Connection to 127.0.0.1:5432 refused. Check that the hostname and port are correct and that the postmaster is accepting TCP/IP
I'm guessing it's because the internal 5432 port isnt mapped to the docker container port 5432?
I tried mapping the ports with -p 127.0.0.1:5432:5432 but that fails with the error:
Error starting userland proxy: listen tcp 127.0.0.1:5432: bind: address already in use
At this point I might just resort to running both PostGres and Rundeck as docker images, but I would rather like to resolve this problem.
Any ideas on how to map a local PostGres to a docker ran Rundeck?
Found the answer.
Had to edit the pg_hba.conf file to allow the docker0 ip address through.
host all all 172.23.0.0/16 md5

Docker - Tomcat and PostgreSQL containers in same host - No Route to host

I have containerized a web application running on Tomcat and started the container using the command,
docker run -d -p 8080:8080 tveuser/tve-repository:tve-services
I am also running a PostgreSQL container on the same host using the following command:
docker run -d -p 80:80 -p 5432:5432 tveuser/tve-repository:tve-postgresql
i verified that the PostgreSQL is running by using phpPgAdmin but could not get tomcat to connect to it. 'docker ps' also tells me that both the containers are up and running.
I connect the web application with the database through tomcat context.xml which has an entry like
<Parameter name="abc.connection.url" value="jdbc:postgresql://1.2.3.4:5432/dbname" />
where 1.2.3.4 is the docker host Ip in which the container is running.But i get the following error when i run the tomcat container:
org.postgresql.util.PSQLException: The connection attempt failed.
at org.postgresql.core.v3.ConnectionFactoryImpl.openConnectionImpl(ConnectionFactoryImpl.java:225)
at org.postgresql.core.ConnectionFactory.openConnection(ConnectionFactory.java:64)
at org.postgresql.jdbc2.AbstractJdbc2Connection.<init>(AbstractJdbc2Connection.java:136)
...............
Caused by: java.net.NoRouteToHostException: No route to host
at java.net.PlainSocketImpl.socketConnect(Native Method)
at java.net.AbstractPlainSocketImpl.doConnect(AbstractPlainSocketImpl.java:339)
at java.net.AbstractPlainSocketImpl.connectToAddress(AbstractPlainSocketImpl.java:200)
at java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:182)
Any help appreciated.
TL;DR : check the firewall on your host
You need to connect to your host's IP address on the port that you've exposed for postgres on your postgres container, not to the IP address of the docker container.
E.g.,
<Parameter name="abc.connection.url" value="jdbc:postgresql://192.168.x.x:5432/dbname" />
You'll also need to configure postgres inside your postgres docker container to listen for connections from somewhere other than 127.0.0.1, which is the default.
E.g., in pg_hba.conf:
host all all 0.0.0.0/0 md5
This tells postgres to accept incoming connections from any IP address (you'll probably want to lock this down to something like 192.168.0.0/16.
You'll also need to change the value of listen_addresses in postgres.conf:
listen_addresses = '*' # what IP address(es) to listen on;
Once you've made these configuration changes, you can check to see if postgres is listening to all requests from all IPs inside your docker container:
netstat -tunlp
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:5432 0.0.0.0:* LISTEN 816/postgres
tcp6 0 0 :::5432 :::* LISTEN 816/postgres
And then from your host, make sure you can telnet into port 5432:
telnet 192.168.x.x 5432
Trying 192.168.x.x...
Connected to 192.168.x.x.
Escape character is '^]'.
As Chris McKinnel points out, forwarding ports to the host doesn't work like that. I wanted to give you a second solution as an alternative to his: Links.
https://docs.docker.com/userguide/dockerlinks/
So you could do something like:
docker run -d -P --name tomcat --link postgres:postgres apache/tomcat apachectl start
... which, assuming your PostgreSQL container was named "postgres", would allow you to connect directly from the Tomcat container.
Note that this only works if both containers are on the same machine, but it sounds like they are.

psql cant connect to PostgreSQL server (postmaster) on IP and port 5432?

Please read before replying it as duplicate (as it perhaps can happen). I am running my postmaster (postgres) server. See below for 'sudo netstat -anp|grep 5432' output?
tcp 0 0 127.0.0.1:5432 0.0.0.0:* LISTEN 29606/postmaster
unix 2 [ ACC ] STREAM LISTENING 1650581 29606/postmaster /var/run/postgresql/.s.PGSQL.5432
unix 2 [ ACC ] STREAM LISTENING 1650582 29606/postmaster /tmp/.s.PGSQL.5432
I am able to connect from localhost using
psql -h localhost (OR 127.0.0.1) -d <DB> -U user -W
But when I try to connect from other hosts using tcp, by specifying
psql -h ip_add_postmaster -d <DB> -U user -W
It throws:
psql: could not connect to server: Connection refused
Is the server running on host XXXXXX and accepting TCP/IP connections on port 5432?
What's wrong here?
pg_hba.conf
# TYPE DATABASE USER ADDRESS METHOD
# "local" is for Unix domain socket connections only
local all all peer
# IPv4 local connections:
host all all 127.0.0.1/32 md5
# IPv6 local connections:
host all all ::1/128 md5
In postgresql.conf,
listen_addresses = 'localhost, 127.0.0.1, ip_add_postmaster'
Note: ip_add_postmaster is same as my Elastic IP and not public DNS. If this information
matters.
What am I doing wrong here? Machine is hosted on Amazon EC2 and have open the port 5432.
As your netstat output indicates, it's listening at 127.0.0.1:5432 which is localhost. That is only connectable from localhost ;)
Set listen_addresses='*' in your config and it will work.
[edit]
Other things to check:
is the amazon firewall blocking anything?
is iptables blocking anything?
But first make sure the listening address is correct, your netstat output shows that it won't work like this.
listen_addresses='localhost, private_ip' fixed the issue. I was not able to start postmaster server on elastic IPs. Once postgres server started o localhost and private IPs, I was able to connect.
One other issue I have found was if you end up with two Postgres installations, the second one can choose non-default port (in my case it was 5433 i/o 5432). So checking the port in postgresql.conf might be a good idea.
I ran into this issue and tried all sorts of fixes I found across SO, and want to add a simple solution that worked for me after realizing it had to do with permissions in my case.
Simply, if you're running a psql server on Windows, you are initially restricted to the default postgres superuser for logging in, launching the server, and so on.
So, first try running from the command line:
psql -U postgres -h localhost -p 5432
and enter your password at the prompt. If you've managed to login and the server is up, then it was a permissions issues. From here, you can create a role for yourself that has login privileges to whatever database you are trying to run.
If the error persists, then consider checking postgresql.conf as mentioned above, to make sure default IP is set to * or localhost, and the port set to 5432 or whatever port you want as default.
I also ran into the same issue. On debugging, it was nothing related to the port, but due to some missing directories in the Postgres folder.
While updating Mac OS (from 10.13.1 -> 10.13.13), some folders in the directory /usr/local/var/postgres/ gets deleted. The fix was the adding the missing directories:
mkdir /usr/local/var/postgres/pg_tblspc
mkdir /usr/local/var/postgres/pg_twophase
mkdir /usr/local/var/postgres/pg_stat
mkdir /usr/local/var/postgres/pg_stat_tmp
mkdir /usr/local/var/postgres/pg_replslot
mkdir /usr/local/var/postgres/pg_snapshots
mkdir /usr/local/var/postgres/pg_logical/{snapshots,mappings}