1. 首頁
  2. 問答
  3. 打開(Bluemix)容器到所有傳入連接

打開(Bluemix)容器到所有傳入連接

2017-01-18 15 views
0

2017年新年快樂!打開(Bluemix)容器到所有傳入連接

大家好!

我有一些問題,當我嘗試在BlueMix容器部署我泊塢窗圖像(其中cf ic run = docker run
我無法訪問通過web容器,即使圖像以及內部運行。 我ping通綁定的地址:

ping 169.46.18.91 
PING 169.46.18.91 (169.46.18.91): 56 data bytes 
64 bytes from 169.46.18.91: icmp_seq=0 ttl=48 time=124.247 ms 
64 bytes from 169.46.18.91: icmp_seq=1 ttl=48 time=122.701 ms

的圖像在本地,但現在的工作,我給它一個IP和託管它bluemix集裝箱服務,我報告,而圖像後cf ic -v run命令

設置問題

下面是命令的日誌:

cf ic -v run -p 3000 --name bootingtest 1ed1b527771b 

DEMANDE : [2017-01-18T10:32:31+01:00] 
POST /UAALoginServerWAR/oauth/token HTTP/1.1 
Host: login.ng.bluemix.net 
Accept: application/json 
Authorization: [DONNEES PRIVEES MASQUEES] 
Connection: close 
Content-Type: application/x-www-form-urlencoded 
User-Agent: go-cli 6.22.2+a95e24c/darwin 

grant_type=refresh_token&refresh_token=eyJhbGciOiJIUzI1NiJ9.eyJqdGkiOiIwNzJlYTFmNy00NGRlLTRmYmYtODUxOS1lNmU0NmU2MTk1Y2ItciIsInN1YiI6ImZkMWVmM2Q3LTI2OTQtNDQ4Ni1iNjY2LWRmNTVjY2M4MzVmOCIsInNjb3BlIjpbIm9wZW5pZCIsInVhYS51c2VyIiwiY2xvdWRfY29udHJvbGxlci5yZWFkIiwicGFzc3dvcmQud3JpdGUiLCJjbG91ZF9jb250cm9sbGVyLndyaXRlIl0sImlhdCI6MTQ4NDczMTE3MSwiZXhwIjoxNDg3MzIzMTcxLCJjaWQiOiJjZiIsImNsaWVudF9pZCI6ImNmIiwiaXNzIjoiaHR0cHM6Ly91YWEubmcuYmx1ZW1peC5uZXQvb2F1dGgvdG9rZW4iLCJ6aWQiOiJ1YWEiLCJncmFudF90eXBlIjoicGFzc3dvcmQiLCJ1c2VyX25hbWUiOiJlbW1hbnVlbC5zb2xvbUBmci5pYm0uY29tIiwib3JpZ2luIjoidWFhIiwidXNlcl9pZCI6ImZkMWVmM2Q3LTI2OTQtNDQ4Ni1iNjY2LWRmNTVjY2M4MzVmOCIsInJldl9zaWciOiI2MWNkZjM4MiIsImF1ZCI6WyJjZiIsIm9wZW5pZCIsInVhYSIsImNsb3VkX2NvbnRyb2xsZXIiLCJwYXNzd29yZCJdfQ._gxevCN9cCYX3Fw_FUEYvxFsRhHqfOT9KhjZFiHcNao&scope= 

REPONSE : [2017-01-18T10:32:32+01:00] 
HTTP/1.1 200 OK 
Connection: close 
Transfer-Encoding: chunked 
Cache-Control: no-cache, no-store, max-age=0, must-revalidate,no-store 
Content-Security-Policy: default-src 'self' www.ibm.com 'unsafe-inline'; 
Content-Type: application/json;charset=UTF-8 
Date: Wed, 18 Jan 2017 09:32:31 GMT 
Expires: 0 
Pragma: no-cache,no-cache 
Server: Apache-Coyote/1.1 
Strict-Transport-Security: max-age=2592000 ; includeSubDomains 
X-Backside-Transport: OK OK,OK OK 
X-Client-Ip: 91.151.65.169 
X-Content-Type-Options: nosniff 
X-Frame-Options: DENY 
X-Global-Transaction-Id: 1804077409 
X-Powered-By: Servlet/3.1 
X-Vcap-Request-Id: e683d47d-28aa-43c1-6356-d5818dfd86f1 
X-Xss-Protection: 1; mode=block 

6f6 
{"access_token":"[DONNEES PRIVEES MASQUEES]","token_type":"[DONNEES PRIVEES MASQUEES]","refresh_token":"[DONNEES PRIVEES MASQUEES]","expires_in":1209599,"scope":"cloud_controller.read password.write cloud_controller.write openid uaa.user","jti":"edcd9c51-4521-4f49-bf03-def030e81626"} 
0 


a9dc3ad4-1a34-4848-9b16-8d1410b79a06

那麼,有沒有一種方法來設置從「關閉」狀態轉變爲「等待傳入連接」狀態的連接,當我運行或建設圖片?

類似於選項cf ic (docker) run -p 3000 --accept_all imageid cmd(我沒有在--help菜單中看到它) 或者您在其他地方看到了錯誤?

我想過登錄到與docker exec -it ID /bin/bash容器,但我不知道bash命令接受所有傳入連接...(而且我認爲這是虛擬機的慶典不是容器本身)

謝謝你的回答,祝你有美好的一天!

靈光

其他相關信息

Dockerfile

FROM ubuntu:14.04 
RUN apt-get update && apt-get -y install python2.7 
RUN apt-get -y install python-pip 
RUN pip install Flask 
RUN pip install ibmiotf 
RUN pip install requests 
RUN pip install flask-socketio 
RUN pip install cloudant 
ENV PORT=12345 
EXPOSE 12345 
ADD ./SIARA /opt/SIARA/ 
WORKDIR /opt/SIARA/ 
CMD sleep 80 && python testGUI.py

瓶服務器端口映射和運行:

if __name__ == '__main__': 
    # Bind to PORT if defined, otherwise default to 5000. 
    port = int(os.environ.get('PORT', 5000)) 
    socketio.run(app, host='0.0.0.0', port=port)

線索

當我用來測試我的形象我有這個警告消息在當地,他們並不負責任何崩潰的,但也許現在是雲上的這種類型的錯誤負責不成功的連接嘗試從網絡? (顯然)我的Python版本(2.7)需要更新(??) 但SSH不應僅在https://的情況下才是相關的連接?

cf ic logs -ft guiplay 

2017-01-19T09:17:38.870006264Z /usr/local/lib/python2.7/dist-packages/requests/packages/urllib3/util/ssl_.py:334: SNIMissingWarning: An HTTPS request has been made, but the SNI (Subject Name Indication) extension to TLS is not available on this platform. This may cause the server to present an incorrect TLS certificate, which can cause validation failures. You can upgrade to a newer version of Python to solve this. For more information, see https://urllib3.readthedocs.io/en/latest/advanced-usage.html#ssl-warnings 
32017-01-19T09:17:38.870062551Z SNIMissingWarning 
�2017-01-19T09:17:38.870081733Z /usr/local/lib/python2.7/dist-packages/requests/packages/urllib3/util/ssl_.py:132: InsecurePlatformWarning: A true SSLContext object is not available. This prevents urllib3 from configuring SSL appropriately and may cause certain SSL connections to fail. You can upgrade to a newer version of Python to solve this. For more information, see https://urllib3.readthedocs.io/en/latest/advanced-usage.html#ssl-warnings 
92017-01-19T09:17:38.870089026Z InsecurePlatformWarning 
�2017-01-19T09:17:39.145906849Z /usr/local/lib/python2.7/dist-packages/requests/packages/urllib3/util/ssl_.py:132: InsecurePlatformWarning: A true SSLContext object is not available. This prevents urllib3 from configuring SSL appropriately and may cause certain SSL connections to fail. You can upgrade to a newer version of Python to solve this. For more information, see https://urllib3.readthedocs.io/en/latest/advanced-usage.html#ssl-warnings 
92017-01-19T09:17:39.145950355Z InsecurePlatformWarning 
�2017-01-19T09:17:39.186165706Z WebSocket transport not available. Install eventlet or gevent and gevent-websocket for improved performance. 
Y2017-01-19T09:17:39.192990810Z * Running on http://0.0.0.0:5000/ (Press CTRL+C to quit)

來源

2017-01-18 Manu

回答

1

嗯 - 我看到你發佈的3000端口(在-p 3000在運行命令參數),但是默認端口是5000。在dockerfile,你切換是12345,所以這大概是什麼你實際上在那裏聽。猜測這就是你想打開所有端口的原因嗎?

Docker只公開您告訴它的端口 - 爲該默認值添加一個額外的-p 5000,或者根據該Dockerfile添加-p 12345,或者兩者都允許您在這些情況下連接到應用程序。或者,如果您只想通過Dockerfile發佈所有EXPOSED端口(在本例中爲12345),請使用-P參數。

更多信息:在雲中運行,還有額外的安全措施,只能通過您希望發佈的端口訪問您的容器。在一個空間內(在同一空間的其他容器中,或者在容器本身內部的其他容器中),您仍然應該能夠訪問這些端口。但是,從外部來看,只有您發佈的端口應該可以訪問。我沒有看到有效發佈*的方法(從安全的角度來看,這似乎是一個相當可疑的做法)

來源

2017-01-18 19:48:08

+0

謝謝你的回答N Fritze!我曾經在dockerfile,我的服務器和命令中暴露相同的端口,但它不起作用,但它可能是其他的錯誤,我保持聯繫! 非常好的教學答案^^再次感謝 – Manu

+0

我更新了這篇文章,因爲它看起來不是來自端口暴露(但我想你告訴我這樣做的正確方法,現在完成了:D) 我加入在本地可能是一個無關緊要的問題的線索,但這可能會在雲端造成麻煩,這對您來說看起來像是個問題嗎? (SSH警告) – Manu

+0

而且:即使有上面​​提到的問題,容器已經在bluemix上工作了一次,這就是爲什麼我很困惑,我一步一步解決問題,當我找到它們時,但是事實上,它已經非常麻煩了! – Manu

0

看起來像Bluemix單容器服務有點棘手,它很難從網絡到達我添加了一個「可伸縮」容器,要求提供所需的HTTP端口。

我想問題是這個http端口沒有暴露,但現在問題解決了我上面說的方式。

來源

2017-01-25 08:41:04 Manu

相關問題

 相關問題