For the purpose of this post, I am using Vagrant to launch NGINX (through Docker, but that is not important I don't think).
My Vagrant looks like the following:
VAGRANTFILE_API_VERSION = "2"
Vagrant.configure(VAGRANTFILE_API_VERSION) do |config|
#Assign Box and VM Properties
config.vm.box = "ubuntu/trusty64"
config.vm.provider "virtualbox" do |v|
v.memory = 1024
v.cpus = 2
end
# Network
config.vm.network "forwarded_port", guest:80, host: 80 #--> DOESN'T WORK localhost
config.vm.network "forwarded_port", guest:80, host:8391 #--> WORKS localhost:8391
# Provision
config.vm.provision :shell, inline: "sudo apt-get update"
config.vm.provision :docker
end
The goal is to be able to hist NGINX on localhost and not localhost:8391
I KNOW that NGINX is listening on 80 because of the mapping, and from running CURL within Vagrant.
You can use setcap to enable to use ports under 1024 for non-root users for specific binaries.
This only works under Linux and must be applied to the Vagrant box, to use Port 80 inside the box, and your host, to use Port 80 on your host.
You need the package libcap2-bin, e.g. with apt:
sudo apt-get install libcap2-bin
sudo setcap cap_net_bind_service=+ep /path/to/nginx-binary
Afterwards NGINX is allowed to use Port 80 inside the box as user vagrant. Now enable setup for Vagrant on your host.
sudo setcap cap_net_bind_service=+ep /path/to/vagrant-binary
In general you can't bind to ports 1024 or under on the host when using Vagrant, unless you run it as root. (As with other apps, it's obviously not recommended to run Vagrant as root.)
As an alternative, if you don't need to connect to "localhost" specifically you could try setting up a private network so your Vagrant box has a separate IP address. See http://docs.vagrantup.com/v2/networking/private_network.html for more info. That should let you connect to port 80 on that IP fine.
Related
I have a wordpress official container with a dock port 80 mapped to 32795 external... when I go to administration area of wordpress I get this error:
Important: HTTP Loopback Connections are not enabled on this server. If you need to contact your web host, tell them that when PHP tries to connect back to the site at the URL http://localhost:32795/wp-admin/admin-ajax.php and it gets the error cURL error 7: Failed to connect to localhost port 32795: Connection refused. There may be a problem with the server configuration (eg local DNS problems, mod_security, etc) preventing connections from working properly.
I think the problem is that the site inside the container tries to communicate with the 32795 port instead of 80, but it can not because this door is only seen from the outside of the container...
I created a script inside the site with phpinfo, and I checked the loopback connections are on...
There is a solution for this? I have docker un windows with kitematic
thanks
I had a similar problem running WordPress with Nginx on Docker Desktop for Windows. I needed to add an entry to the container's hosts file that directed my local.example.com domain to hit my ingress-nginx controller so that WordPress' loopback requests would work. Although my setup might be slightly different this might help you.
Open /Windows/System32/drivers/etc/hosts and copy the IP address that's next to host.docker.internal. Add an entry to the container's hosts file on startup that ties the domain to the hosts IP by doing one of the following. IP is what you copied from your machine's hosts file by host.docker.internal
Docker argument:
--add-host="local.example.com:IP"
Docker compose:
extra_hosts:
- "local.example.com:IP"
Kubernetes:
hostAliases:
- ip: "IP"
hostnames:
- "local.example.com"
Problem is inside the container the opened port is 80 and docker is exposing 32795 for external connections
Wordpress configuration is pointing to port 32795, you might expose port 80 by doing docker run -p 80:80 and change wordpress configuration to use port 80
If you can't use port :80 a little bit more complicated solution is to use iptables port forwarding internally
Example
➜ ~ docker run -d --cap-add=NET_ADMIN --cap-add=NET_RAW -p 5000:80 nginx
835b039cc92bd9f32b960181bf370d39869c88f5a757423966b467fe01ac219e
➜ ~ docker exec -it 835b039cc92bd9 bash
root#835b039cc92b:/# apt update -qqq ; apt install iptables -yqqq
root#835b039cc92b:/# iptables -t nat -A OUTPUT -o lo -p tcp --dport 5000 -j REDIRECT --to-
port 80
root#835b039cc92b:/# apt install telnet -yqqq
root#835b039cc92b:/# telnet localhost 5000
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
^]
telnet> quit
Connection closed.
root#835b039cc92b:/# exit
# from outside the container
➜ ~ telnet localhost 5000
Trying ::1...
Connected to localhost.
Escape character is '^]'.
^]
telnet> quit
Connection closed.
I have brought a VM using vagrant.In the config vagrant file, I have given
config.vm.network "forwarded_port", guest: 830, host: 8300.
I'm able to ssh in to the VM by
ssh -p 2223 vagrant#localhost
What if i want to spawn multiple VMs of same kind.How to configure the forwarding ports
You can use auto_correct parameter (see https://www.vagrantup.com/docs/networking/forwarded_ports.html); in case of port collision vagrant can assign another port
config.vm.network "forwarded_port", guest: 830, host: 8300, auto_correct: true
you can check vagrant port to displays information about guest port mappings. The command makes a warning about the value
The forwarded ports for the machine are listed below. Please note that
these values may differ from values configured in the Vagrantfile if
the provider supports automatic port collision detection and
resolution.
just use vagrant ssh to ssh-in into the VM, vagrant will know which port to use.
I am using vagrant with virtualbox as provider. Within my guest system I have nginx installed and configured.
nginx is serving some static files from a folder and exposing them on port 80. That works fine. If I call curl localhost within the guest machine I get the answer I was supposed to receive.
I have a very simple vagrantfile, which you can see below. I forward port 80 to port 8080, but from the host machine I cant access that page via localhost:8080.
I already disabled the firewall in the guest machine without any success.
Vagrant.configure("2") do |config|
# VirtualBox Settings: Give it a little bit more memory
config.vm.provider :virtualbox do |vb|
vb.customize ["modifyvm", :id, "--memory", "768"]
end
# Base Image: CentOS 7.0 x86_64
config.vm.box = "jayunit100/centos7"
# Use Vagrant's default insecure key (~/.vagrant.d/insecure_private_key)
config.ssh.insert_key = false
# Add port forwarding for node-inspector
config.vm.network :forwarded_port, guest: 80, host: 8080 # node-inspector
# Map project directory
config.vm.synced_folder ".", "/server/"
# Provisioning Shell Script
config.vm.provision :shell, :path => "vagrant-setup/base.sh"
end
If I call curl -v 'http://localhost:8080' from the host system I get told that the connection got refused. Any idea what I could do?
I had to disable my firewall on the host machine with iptables -F
I have Vagrant in use for one box profile. Now I want to use Vagrant for another box (b2), but it says that bioiq's instance is consuming the forwarded port 2222 (which it is).
Now, if I configure b2 with the below, Vagrant still tries to use 2222.
Vagrant.configure("2") do |config|
config.vm.box = 'precise32'
config.vm.box_url = 'http://files.vagrantup.com/precise32.box'
config.vm.network :forwarded_port, guest: 22, host: 2323
# Neither of these fix my problem
# config.vm.network :private_network, type: :dhcp
# config.vm.network :private_network, ip: "10.0.0.200"
end
I've tried various ways from other SO questions to set the :forwarded_port (see here and here). I also tried this Google Group post, to no avail. I keep getting this message.
Vagrant cannot forward the specified ports on this VM, since they
would collide with some other application that is already listening
on these ports. The forwarded port to 2222 is already in use
on the host machine.
To fix this, modify your current projects Vagrantfile to use another
port. Example, where '1234' would be replaced by a unique host port:
config.vm.network :forwarded_port, guest: 22, host: 1234
Sometimes, Vagrant will attempt to auto-correct this for you. In this
case, Vagrant was unable to. This is usually because the guest machine
is in a state which doesn't allow modifying port forwarding.
I don't know why Vagrant consistently ignores my directives. The posted configuration doesn't work. Has anyone overcome this?
In case of ssh port, Vagrant solves port collisions by itself:
==> ubuntu64: Fixed port collision for 22 => 2222. Now on port 2200.
However, you still can create unavoidable collision by:
Creating first vagrant env (it will get port 2222 for ssh)
Suspend that env (vagrant suspend)
Create second vagrant env (it will again get port 2222, since it is now unused)
Try bringing first environment up again by vagrant up
You will get the error message you are getting now.
The solution is to use vagrant reload, to let vagrant discard virtual machine state (which means it will shut it down the hard way - so be careful if you have any unsaved work there) and start the environment again, solving any ssh port collisions on the way by itself.
I've just run into a problem on current versions of Mac OSX (10.9.4) and VirtualBox (4.3.14) where the default ssh port 2222 is both unused and unbound by vagrant up. It was causing the sanity check ssh connection to timeout indefinitely.
This isn't the exact same problem, but an explicit forward resolved it:
config.vm.network :forwarded_port, guest: 22, host: 2201, id: "ssh", auto_correct: true
This suggestion comes from a comment on the Vagrant GitHub issue 1740.
It's not clear whether the port forwarded to 22 is being detected or if the ID is used, but it's working for me.
My computer is Windows 10, and I solved this problem by disabling the 8080 port. because it is said that "the forwarded port 8080 is already in use on the host machine."
So I edit the Vagrantfile and comment the port 8080.
I have installed Vagrant in my Window XP, and in my Vagrantfile I have:
Vagrant::Config.run do |config|
# Setup the box
config.vm.box = "lucid32"
config.vm.forward_port 80, 8080
config.vm.network :hostonly, "192.168.10.200"
end
But I see no sign of my vagrant box when I type "http://192.168.10.200:8080" in browser.
IP address of the virtual box is correct, because from within the vbox, I have:
vagrant#lucid32:~$ ifconfig
....
eth1 Link encap:Ethernet HWaddr 08:00:27:79:c5:4b
inet addr:192.168.10.200 Bcast:192.168.10.255 Mask:255.255.255.0
There seem to be no firewall problem because if I type
vagrant#lucid32:~$ curl 'http://google.com'
it works fine.
I have read Vagrant's port forwarding not working
and tried:
vagrant#lucid32:~$ curl 'http://localhost:80'
curl: (7) couldn't connect to host
and also
vagrant#lucid32:~$ curl 'http://localhost:8080'
curl: (7) couldn't connect to host
So, looks like port forward is not working...
If you know what I can do so I can access my vbox from host browser, can you help me?
Thanks in advance
If you just started a Vagrant box with this Vagrantfile, there is nothing more than an empty Ubuntu Lucid, which does not run any service yet. So there is nothing served on port 80, this is why there is nothing to see either from inside the box on port 80 or the host machine on 8080.
For you Vagrant machine to provide some services (such as a web server on port 80), you have to do some provisioning. You can do it manually or using Chef or Puppet which are hooked into Vagrant's up process.
I had a similar problem. Sometimes using port forwarding for ports below 2000 is a problem. What worked for me is choosing ports that are above 2000. So my vagrantfile now looks like:
config.vm.network :forwarded_port, host: 4500, guest: 9000
Typing localhost:4500 on my host machine now just works fine. It seems like you are on an older version of vagrant than mine, so you can edit your vagrant file to something like
config.vm.forward_port 9000, 4500
Now typing localhost:4500 on your host machine should work fine.
Good luck,