We Keep Coding

Connection to remote postgresql host running docker refused

I have an instance of postgresql running in a docker container.
I can connect to the database from the host that is running docker by:
docker exec -u root -it postgres bash
And then accessing the database from there by doing an su to user postgres.
If I use a client from a desktop pc / laptop to try and connect I get a connection refused:
psql -h 20.XXX.1XX.1XX -p 5432 -U <user>
psql: could not connect to server: Connection refused
Is the server running on host "20.XXX.1XX.1XX" and accepting
TCP/IP connections on port 5432?
I have edited the pg_hba.conf file in the docker instance and added the following:
host all all 0.0.0.0/0 md5
host all all ::/0 md5
If I run netstat, again within the container I get:
root#ee9dg39913cdc:/# netstat -na | grep 5432
tcp 0 0 0.0.0.0:5432 0.0.0.0:* LISTEN
tcp6 0 0 :::5432 :::* LISTEN
unix 2 [ ACC ] STREAM LISTENING 52651 /var/run/postgresql/.s.PGSQL.5432
And when I run it on the machine hosting the docker instance:
root#VM01:~# netstat -na | grep 5432
tcp 0 0 127.0.0.1:5432 0.0.0.0:* LISTEN
I do not have ufw running at all, so, no firewall issues. The host is an Azure VM and port 5432 is open to the internet.
postgresql.conf is set as:
listen_addresses = '*'
Given all of the above, can anyone help me understand why I cannot connect to the postgres instance over the internet using:
psql -h 20.XXX.1XX.1XX -p 5432 -U <user>
Thanks.

Running mongodb docker container managed by supervisor

In order to run multiple services inside one docker container (I know this is not how its intended) I chose an official docker image from here
and extended the Dockerfile by installing supervisor:
RUN apt-get update && \
apt-get install -y supervisor && \
apt-get clean
RUN mkdir -p /var/log/supervisor
COPY ./supervisord.conf /etc/supervisord.conf
EXPOSE 27017 9001
CMD ["/usr/bin/supervisord", "-c", "/etc/supervisord.conf"]
And the supervisord.conf file:
[supervisord]
nodaemon=true
[program:mongo]
user=root
command=/usr/bin/mongod --port 27017 --quiet --logpath /var/log/mongodb/mongod.log --logappend
process_name=%(program_name)s
autostart=true
user=root
startsecs=3
redirect_stderr=true
stdout_logfile=/var/log/mongod.log
I'm only posting the mongodb service for the sake of simplicity. With docker-compose I'm spinning up the mongodb docker-container managed by supervisor and another service that tries to connect to the database:
version: '3.7'
services:
mongodb:
restart: on-failure:2
image: mongodb
container_name: mongodb
ports:
- "27017:27017"
init: true
networks:
- mongonet
healthcheck:
test: "exit 0"
volumes:
- ./datadir:/var/lib/mongo
#
login-service:
restart: on-failure:2
container_name: login-service
image: login-service
depends_on:
- mongodb
ports:
- "8082:8082"
networks:
- mongonet
healthcheck:
test: "exit 0"
networks:
mongonet:
driver: bridge
This produces the following error:
com.mongodb.MongoSocketOpenException: Exception opening socket
at com.mongodb.internal.connection.SocketStream.open(SocketStream.java:70) ~[mongodb-driver-core-4.0.5.jar!/:na]
at com.mongodb.internal.connection.InternalStreamConnection.open(InternalStreamConnection.java:127) ~[mongodb-driver-core-4.0.5.jar!/:na]
at com.mongodb.internal.connection.DefaultServerMonitor$ServerMonitorRunnable.run(DefaultServerMonitor.java:117) ~[mongodb-driver-core-4.0.5.jar!/:na]
at java.lang.Thread.run(Thread.java:748) [na:1.8.0_212]
Caused by: java.net.ConnectException: Connection refused (Connection refused)
at java.net.PlainSocketImpl.socketConnect(Native Method) ~[na:1.8.0_212]
It seems like there is a network configuration i'm missing. I've tried changing bindIP in /etc/mongod.conf.orig but it seems like the mongodb service is not picking up this configuration after restart. The logs tell me that mongodb is waiting for a connection:
{"t":{"$date":"2020-12-17T10:07:37.020+00:00"},"s":"I", "c":"NETWORK", "id":23016, "ctx":"listener","msg":"Waiting for connections","attr":{"port":27017,"ssl":"off"}}
Is there some sort of parameter for the supervisor command im missing? Any help would be appreciated.

I found a solution and i wasn't too far off with the network configuration in supervisor. By adding --bind_ip 0.0.0.0 to the supervisor command i was able to bind all IPv4 and IPv6 addresses as stated here. There is also a parameter --bind_ip_all which helped me accomplish the same goal. Se here is my final supervisor configuration:
[supervisord]
nodaemon=true
[program:mongo]
command=/usr/bin/mongod --bind_ip_all
autorestart=true
stderr_logfile=/dev/stdout
stderr_logfile_maxbytes = 0
stdout_logfile=/dev/stdout
stdout_logfile_maxbytes = 0
Alternative:
Also if you don't need to build the image yourself there is an even better solution:
The Dockerfile:
FROM mongo:bionic
RUN apt-get update && \
apt-get install -y supervisor && \
apt-get clean
RUN mkdir -p /var/log/supervisor
COPY ./supervisord.conf /etc/supervisord.conf
EXPOSE 27017 9001
CMD ["/usr/bin/supervisord", "-c", "/etc/supervisord.conf"]
... and the supervisord.conf file:
[supervisord]
nodaemon=true
[program:mongo]
command=/usr/local/bin/docker-entrypoint.sh mongod
autorestart=true
stderr_logfile=/dev/stdout
stderr_logfile_maxbytes = 0
stdout_logfile=/dev/stdout
stdout_logfile_maxbytes = 0

Unable to consume or produce to a remote Kafka broker

I have setup a simple droplet on Digital Ocean and am running a single Kafka and Zookeeper node which is started using a docker-compose file.
I am running into an issue with consuming or producing to the Kafka broker from outside of the Digital Ocean droplet.
This is what my docker-compose looks like,
version: '3.4'
services:
zookeeper:
image: confluentinc/cp-zookeeper:latest
environment:
ZOOKEEPER_CLIENT_PORT: 2181
ZOOKEEPER_TICK_TIME: 2000
volumes:
- /root/data/zookeeper/etc:/etc/zookeeper
- /root/data/zookeeper/data:/var/lib/zookeeper/data
container_name: "zookeeper"
network_mode: "host"
kafka:
image: confluentinc/cp-kafka:latest
depends_on:
- zookeeper
environment:
KAFKA_BROKER_ID: 1
KAFKA_ZOOKEEPER_CONNECT: PUBLIC_DIGITIAL_OCEAN_IP:2181
KAFKA_ADVERTISED_LISTENERS:PLAINTEXT://PUBLIC_DIGITIAL_OCEAN_IP:9093
KAFKA_LISTENER: PUBLIC_DIGITIAL_OCEAN_IP:9093
KAFKA_OFFSETS_TOPIC_REPLICATION_FACTOR: 1
KAFKA_LOG4J_LOGGERS: "kafka.controller=WARN"
KAFKA_LOG4J_ROOT_LOGLEVEL: WARN
KAFKA_TOOLS_LOG4J_LOGLEVEL: ERROR
volumes:
- /root/data/kafka/etc:/etc/kafka
- /root/data/kafka/data:/var/lib/kafka/data
container_name: "kafka"
network_mode: "host"
I have tried different combinations with setting KAFKA_ADVERTISED_LISTENERS to use localhost, 0.0.0.0 and I am not having any success.
I can consume and produce if I enter the kafka container and use the CLI.
From what I have read, digital ocean does not have any firewall rules so the the ports are being exposed.
snippet from running netstat within the droplet
> netstat -tulpn | grep :2181
> tcp6 0 0 :::2181 :::* LISTEN 10522/java
> netstat -tulpn | grep :9093
> tcp6 0 0 :::9093 :::* LISTEN 13093/java
Any help is greatly appreciated!

The issue was my firewall rules on the droplet. running the commands;
sudo ufw allow 2181 && sudo ufw allow 9092 resolved my issue.

Can't connect to mongodb in the docker container

I've build a docker container running a mongodb-instance, that should be exposed to the host.
However, when i want to connect from the host into the mongodb-container, the connection will be denied.
This is my Dockerfile:
FROM mongo:latest
RUN mkdir -p /var/lib/mongodb && \
touch /var/lib/mongodb/.keep && \
chown -R mongodb:mongodb /var/lib/mongodb
ADD mongodb.conf /etc/mongodb.conf
VOLUME [ "/var/lib/mongodb" ]
EXPOSE 27017
USER mongodb
WORKDIR /var/lib/mongodb
ENTRYPOINT ["/usr/bin/mongod", "--config", "/etc/mongodb.conf"]
CMD ["--quiet"]
/etc/mongodb.conf:
And this is the config-file for MongoDB, where i bind the IP 0.0.0.0 explicitly as found here on SO, that 127.0.0.1 could be the root cause of my issue (but it isn't)
systemLog:
destination: file
path: /var/log/mongodb/mongo.log
logAppend: true
storage:
dbPath: /var/lib/mongodb
net:
bindIp: 0.0.0.0
The docker container is running, but a connection from the host is not possible:
host$ docker run -p 27017:27017 -d --name mongodb-test mongodb-image
host$ docker ps
$ docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
6ec958034a6f mongodb-image "/usr/bin/mongod --co" 4 seconds ago Up 3 seconds 0.0.0.0:27017->27017/tcp mongodb-test
Find the IP-Address:
host$ docker inspect 6ec958034a6f |grep IPA
"SecondaryIPAddresses": null,
"IPAddress": "172.17.0.2",
"IPAMConfig": null,
"IPAddress": "172.17.0.2",
Try to connect:
host$ mongo 172.17.0.2:27017
MongoDB shell version v3.4.0
connecting to: mongodb://172.17.0.2:27017
2016-12-16T15:53:40.318+0100 W NETWORK [main] Failed to connect to 172.17.0.2:27017 after 5000 milliseconds, giving up.
2016-12-16T15:53:40.318+0100 E QUERY [main] Error: couldn't connect to server 172.17.0.2:27017, connection attempt failed :
connect#src/mongo/shell/mongo.js:234:13
#(connect):1:6
exception: connect failed
When i ssh into the container, i can connect to mongo and list the test database successfully.

Use host.docker.internal with exposed port : host.docker.internal:27017

Using localhost instead of the ip, allows the connection.
Combine it with the exposed port: localhost:27017
I tested the solution as it was stated in the comments, and it works.

Using Docker to launch web app, can't connect to Postgresql DB?

I received the following error when trying to write session data using Tomcat's PersistentManager to a Postgres DB running on my local machine:
SEVERE: A SQL exception occurred org.postgresql.util.PSQLException: Connection to localhost:5432 refused. Check that the hostname and port are correct and that the postmaster is accepting TCP/IP connections.
The application itself runs in a docker container. For completeness sake, my current context.xml file is:
<?xml version='1.0' encoding='utf-8'?>
<Context>
<Manager className="org.apache.catalina.session.PersistentManager"
distributable="true" processExpiresFrequency="6" maxIdleBackup="0" debug="99" >
<Store className="org.apache.catalina.session.JDBCStore"
driverName="org.postgresql.Driver"
connectionURL="jdbc:postgresql://localhost/admin?stringtype=unspecified"
connectionName="admin" connectionPassword="admin"
sessionAppCol="app_name" sessionDataCol="session_data" sessionIdCol="session_id"
sessionLastAccessedCol="last_access" sessionMaxInactiveCol="max_inactive"
sessionTable="tomcat_sessions_tb" sessionValidCol="valid_session" />
</Manager>
</Context>
Pursuant to the suggestions here: Postgresql : Connection refused. Check that the hostname and port are correct and that the postmaster is accepting TCP/IP connections
I confirmed via a netstat -aln | grep LISTEN that Postgresql is running and listening on the correct ports:
tcp4 0 0 127.0.0.1.5432 *.* LISTEN
tcp6 0 0 ::1.5432 *.* LISTEN
and that my postgresql.conf (located in usr/local/var/postgres) has listen_addresses = localhost and port = 5432, which mirrors the host and port of my running server in Pgadmin3.
I suspect that the problem is that Docker runs in a VM, and thus the local information I have obtained may not be the whole story. Reading up on the available information online, it seems that I may require some sort of bridged networking.
However, I admit I am a novice in this area, and I'm unsure of how to set it up.

Why I can NOT connect to localhost:5432?
Cat your container's /etc/hosts
$ sudo docker exec -it [container] cat /etc/hosts
For docker networks is bridge by default, the localhost inside points to container itself(Docker default bridge network).
Then you don't have 5432 listening in your container:
$ sudo docker exec [container] nc -v -z localhost 5432
Solution 1. If you wanna hardcode the "localhost:5432" inside your config xml, the easiest way is creating your container with the option "--net=host":
$ sudo docker run --net=host -it ...
Solution 2. Change the localhost of your docker host ip inside the container
Get your docker host ip：
$ sudo docker inspect -f '{{ .NetworkSettings.Gateway }}'
192.168.5.1
Enter your container:
$ sudo docker exec -it [container] /bin/bash
Edit the file /etc/hosts to point the localhost to docker host ip:
$ sudo vim /etc/hosts
192.168.5.1 localhost
Solution 3. Modify your db config file to use an alias instead of localhost:
connectionURL="jdbc:postgresql://DB_ALIAS/admin?stringtype=unspecified"
Then add the DB_ALIAS to the container's hosts :
$ sudo docker run --add-host DB_ALIAS:192.168.5.1 -it [image] ...

If you are using docker-compose together with postgres image, than you can reuse service name as IP inside jdbc connection (here: app-db)
web:
build: ./web
ports:
- "8080:8080"
links:
- app-db
environment:
- MYAPP_JDBC_URL=jdbc:postgresql://app-db:5432/somedb
- MYAPP_JDBC_USER=someuser
- MYAPP_JDBC_PASS=pass
app-db:
image: postgres:9.6
environment:
- POSTGRES_USER=someuser
- POSTGRES_PASSWORD=pass
- POSTGRES_DB=somedb
expose:
- 5432
volumes_from:
- app-db-data
app-db-data:
image: cogniteev/echo
command: echo 'Data Container for PostgreSQL'
volumes:
- /opt/postgresdata/:/var/lib/postgresql/data

The best decision!
jdbc:postgresql://host.docker.internal:5432/somedb
Don't thank.

I had to expose port with -p 5432:5432:
docker run --name postgres -e POSTGRES_PASSWORD=secret -d -p 5432:5432 postgres

I was getting the same error but this simple solution works perfect for me.
sudo docker run -d --net="host" -it <IMAGE>
Now I can run my app https://x.x.x.x:pppp/../.. and everything works fine. I hope this helps