The problem is that when uploading docker image of service to the Amazon container registry, the docker image does not run after adding it as a Task.
See (https://aws.amazon.com/getting-started/tutorials/deploy-docker-containers/)
Step1: Push to AWS Container service private image registry
docker push 734122228327.dkr.ecr.us-east-2.amazonaws.com/joethecoder2:latest
## Step2: SSH into running Docker instance
ssh -i "containerservice.pem" ec2-user#ec2-18-217-248-112.us-east-2.compute.amazonaws.com
The authenticity of host 'ec2-18-217-248-112.us-east-2.compute.amazonaws.com (18.217.248.112)' can't be established.
ECDSA key fingerprint is SHA256:wCeAUed36nKeQjEbSDsYjzq8Z5mpNY4pbcahw2mSozs.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'ec2-18-217-248-112.us-east-2.compute.amazonaws.com,18.217.248.112' (ECDSA) to the list of known hosts.
| __| __|
| ( _ \ Amazon ECS-Optimized Amazon Linux AMI 2017.09.d
____|_|____/
For documentation visit, http://aws.amazon.com/documentation/ecs
Docker ps running instances
[ec2-user#ip-10-0-0-102 ~]$ docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
c90a2116f3ab amazon/amazon-ecs-agent:latest "/agent" About an hour ago Up About an hour ecs-agent
[ec2-user#ip-10-0-0-102 ~]$ docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
c90a2116f3ab amazon/amazon-ecs-agent:latest "/agent" About an hour ago Up About an hour ecs-agent
Results: Do not show that joethecoder2 image is running. WHY?
[ec2-user#ip-10-0-0-102 ~]$ docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
amazon/amazon-ecs-agent latest 2d99efccdfef 3 weeks ago 26.8MB
amazon/amazon-ecs-pause 0.1.0 c846030090b6 3 weeks ago 964kB
[ec2-user#ip-10-0-0-102 ~]$
Problem conclusion:
The docker image that was uploaded using Push was not included in the running container service, when adding the Task was done like the example instructions for how to deploy docker containers. (I configured the Task in step 2, and 3, and then setup the cluster in Step 4) See (https://aws.amazon.com/getting-started/tutorials/deploy-docker-containers/)
Test Data
However, when I try to curl the service it does not connect:
curl ec2-18-217-248-112.us-east-2.compute.amazonaws.com:8080
curl: (7) Failed to connect to ec2-18-217-248-112.us-east-2.compute.amazonaws.com port 8080: Connection refused
Further inspection:
Further inspection shows, that the docker service that should be running for joethecoder2 is not running in the docker instance that should be running on the container service node ec2-18-217-248-112.us-east-2.compute.amazonaws.com
Run Task had to be clicked, after setting up the Cluster, to associate the Task with a Cluster. Once the Task is running, port 8080 opens up successfully for the task. Host and Container were both mapped to port 8080
Related
I have uploaded my docker image to the AWS EC2 instance. Now I have update my code and modify it, I have created a new docker image with a new tag and upload it to the same docker image repository and want to upload a new docker image to the same ec2 instance.
i connect AWS with ssh client and write this line
docker run --restart=always -p 8000:8000 myDockerImageRepositary:myTag
it gives me an error
Error response from daemon: driver failed programming external connectivity on endpoint dreamy_engelbart (0be73435f9a848ead131e0e15160ce9cb7333fa84565291d027e6a9d6467c476): Bind for 0.0.0.0:8000 failed: port is already allocated.
I think the error is because my previous docker image is running on port 8000 but I have to update that docker image with the new one and don't know how to do that.
Thank you
Run sudo netstat -nltpu to confirm what application is running on that port. If it is docker then it means you probably didn't kill the previous docker container that was running on that port. If you don't have any other containers running, you can just stop all containers using this docker stop $(docker ps -a -q)
If you have other containers running, you can run docker ps to get details of the container running on that port, then run docker stop CONTAINER_ID to stop the container.
I'm new to devops. I want to install Jenkins in AWS EC2 with docker.
I have installed the Jenkins by this command:
docker run -p 8080:8080 -p 50000:50000 -d -v jenkins_home:/var/jenkins_home jenkins/jenkins:lts
On AWS security group, I have enabled port 8080 and 50000. I also enabled port 22 for SSH, 27017 for Mongo and 3000 for Node.
I can see the Jenkins container when I run docker ps. However, when I run https://xxxx.us-east-2.compute.amazonaws.com:8080, there is not a Jenkins window popup for Jenkins setting and display error, ERR_SSL_PROTOCOL_ERROR.
Does someone know what's wrong here? Should I install Nginx as well? I didn't install it yet.
The error is due to the fact that you are using https:
https://xxxx.us-east-2.compute.amazonaws.com:8080
From your description it does not seem that you've setup any type of ssl connection to your instance. So you should connect using http only:
http://xxxx.us-east-2.compute.amazonaws.com:8080
But this is not good practice as you communicate using plain text. A common solution is to access your jenkins web-ui through ssh tunnel. This way the connection is encrypted and you don't have to exposed any jenkins port in your security groups.
I am unable to connect my docker worker to docker swam manager.
I have created multiple aws EC2 instances and have made one of them as a manager docker swarm init --listen-addr 0.0.0.0:2377 and trying to connect it via other EC2 instances docker swarm join 0.0.0.0:2377 as a worker, But it gives me an error.
"Error response from daemon: Timeout was reached before node joined`.
The attempt to join the swarm will continue in the background".
I need my docker swarm manager to list docker node ls all the nodes including manager and workers.
To resolve this problem I needed to expose respective ports from both Docker Worker and Docker Manager instances.
I discovered some information while resolving this question,
TCP Port 2377 is a Default port used for communication so add custom tcp rule for port 2377 in security group of aws EC2.
TCP port 2376 for secure Docker client communication. This port is required for Docker Machine to work. Docker Machine is used to orchestrate Docker hosts.
TCP port 2377 This port is used for communication between the nodes of a Docker Swarm or cluster. It only needs to be opened on manager nodes.
TCP and UDP port 7946 for communication among nodes (container network discovery).
UDP port 4789 for overlay network traffic (container ingress networking).
Kindly Note: Aside from those ports, port 22 (for SSH traffic) and any other ports needed for specific services to run on the cluster have to be open.
You need to use the real ip address in the docker swarm join command.
The "0.0.0.0" is not a real ip-address, it's an alias for "all (local) ip-addresses", it's not something you can connect to.
1.run the command in the master node:
docker swarm join-token worker
2.and than run the command obtained from above step
example:
root#ubuntu:~# docker swarm join-token worker
To add a worker to this swarm, run the following command:
docker swarm join --token SWMTKN-1-0akniaryx9xg8mmb08rbd42kwntigfkyk33vt7ac0wrehn58mk-5voo7jfl3kl40yl4cmvf16lgt 10.0.10.4:2377
root#ubuntu:~#
run on worker node:
docker swarm join --token SWMTKN-1-0akniaryx9xg8mmb08rbd42kwntigfkyk33vt7ac0wrehn58mk-5voo7jfl3kl40yl4cmvf16lgt 10.0.10.4:2377
I created a web server with apache and php in AWS. Then I created a docker with the AMI from web server.
tar -c -C /mnt/ . | docker import - MY-IMAGE-NAME
The image was created:
docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
workshop latest 6de90688f964 About a minute ago 1.14GB
I ran the docker exposing the port 80
docker run -tid -p 80:80 6de90688f964 /bin/bash
But I cant load the web. I used the public IP from the docker server. When I used curl I obtained
root#ip-10-10-0-10:/home/ubuntu# curl 18.206.153.112
curl: (7) Failed to connect to 18.206.153.112 port 80: Connection refused
Could you help me?
You need to adjust the security policy for this AWS Instance to allow TCP
inbound traffic on port 80 (EC2 Dashboard --> Security Groups).
Something like this:
I am unable to connect to nexus from my docker host.
Steps:
I installed docker on AWS linux and created an image.
I then launched an instance based out of the image.
I log on to the instance ( docker host) and docker is running
I try a wget on the host to get a file from nexus and I get the following
Error:
Resolving nexus.XXXX.com (nexus.XXXX.com)... yyy.yy.yy.yy
Connecting to nexus.XXXX.com (nexus.XXXX.com)|yyy.yy.yy.yy|:80... failed: No route to host.