Access the port mapped by the docker container :curl: (56) Recv failure: Connection reset by peer

Question

• Use host and br to start two containers

docker run -d --name="nginx_host" --net="host" nginx

docker run -d --name nginx_br -p 8000:80 nginx

• View the container list

[root@docker_base ~]# docker ps
CONTAINER ID   IMAGE     COMMAND                  CREATED       STATUS       PORTS                  NAMES
2754b6f0d93e   nginx     "/docker-entrypoint.…"   2 hours ago   Up 2 hours   0.0.0.0:8000->80/tcp   nginx_br
cb73872caa94   nginx     "/docker-entrypoint.…"   2 hours ago   Up 2 hours                          nginx_host

• Show the problem

[root@docker_base ~]# curl localhost:8000
curl: (56) Recv failure: Connection reset by peer

[root@docker_base ~]# curl localhost:80
<!DOCTYPE html>
<html>
<head>

Why nginx_br can not be accessed?

========================

Some information

[root@docker_base ~]# systemctl status docker
● docker.service - Docker Application Container Engine
   Loaded: loaded (/usr/lib/systemd/system/docker.service; disabled; vendor preset: disabled)
   Active: active (running) since 二 2021-03-16 17:12:51 CST; 1h 49min ago
     Docs: https://docs.docker.com
 Main PID: 2278 (dockerd)
   CGroup: /system.slice/docker.service
           ├─2278 /usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock
           └─2975 /usr/bin/docker-proxy -proto tcp -host-ip 0.0.0.0 -host-port 8000 -container-ip 172.17.0.2 -container-port 80

3月 16 17:12:50 docker_base dockerd[2278]: time="2021-03-16T17:12:50.364215347+08:00" level=warning msg="[graphdriver] WARNING: the devicemapper storage-dr...e release"
3月 16 17:12:51 docker_base dockerd[2278]: time="2021-03-16T17:12:50.999168695+08:00" level=warning msg="Unable to find pids cgroup in mounts"
3月 16 17:12:51 docker_base dockerd[2278]: time="2021-03-16T17:12:51.000925360+08:00" level=info msg="Loading containers: start."
3月 16 17:12:51 docker_base dockerd[2278]: time="2021-03-16T17:12:51.298066663+08:00" level=info msg="Loading containers: done."
3月 16 17:12:51 docker_base dockerd[2278]: time="2021-03-16T17:12:51.754027070+08:00" level=info msg="Docker daemon" commit=363e9a8 graphdriver(s)=devicema...on=20.10.4
3月 16 17:12:51 docker_base dockerd[2278]: time="2021-03-16T17:12:51.754707862+08:00" level=info msg="Daemon has completed initialization"
3月 16 17:12:51 docker_base systemd[1]: Started Docker Application Container Engine.
3月 16 17:12:51 docker_base dockerd[2278]: time="2021-03-16T17:12:51.869090242+08:00" level=info msg="API listen on /var/run/docker.sock"
3月 16 17:19:45 docker_base dockerd[2278]: time="2021-03-16T17:19:45.903746502+08:00" level=info msg="ignoring event" container=3edc61d736b71ba79f5ed3b09fe...askDelete"
3月 16 18:51:45 docker_base dockerd[2278]: time="2021-03-16T18:51:45.978054059+08:00" level=info msg="ignoring event" container=c5959e50dfa8524bfefe60f8a01...askDelete"
Hint: Some lines were ellipsized, use -l to show in full.

[root@docker_base ~]# brctl show
bridge name bridge id       STP enabled interfaces
docker0     8000.000000000000   no      vetha8d3493

[root@docker_base ~]# systemctl status firewalld
● firewalld.service - firewalld - dynamic firewall daemon
   Loaded: loaded (/usr/lib/systemd/system/firewalld.service; disabled; vendor preset: enabled)
   Active: inactive (dead)

Here are some environment and network details

Answer 1

I could not solve it by restarting docker. but,I set docker0 to promiscuous mode.This problem is solved

ifconfig docker0 promisc