Hello I am new to docker and am trying to setup docker on a centos 7 environment. I have installed docker using https://docs.docker.com/install/linux/docker-ce/centos/ and then tried to get a site running using this https://docs.docker.com/engine/examples/dotnetcore/#build-and-run-the-docker-image. I have tried to do wget on locahost and the docker ip on those ports to no avail.
This is what i have executed:
docker build -t aspnetapp .
docker run -it -d --name myapp aspnetapp
this is the docker file
FROM microsoft/dotnet:2.1-aspnetcore-runtime AS base
WORKDIR /app
EXPOSE 64928
EXPOSE 44340
FROM microsoft/dotnet:2.1-sdk AS build
COPY . /app
WORKDIR /app
RUN dotnet restore "TestDocker.csproj"
FROM build AS publish
RUN dotnet publish "TestDocker.csproj" -c Release -o /app
FROM base AS final
COPY --from=publish /app .
ENTRYPOINT ["dotnet", "TestDocker.dll"]
This builds and runs perfectly
[root@local testSite]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
b6044951aa7d aspnetapp "dotnet TestDocker.d…" 45 minutes ago Up 45 minutes 44340/tcp, 64928/tcp myapp
Firewall D:
[root@local testdocker]# firewall-cmd --list-all
public (active)
target: default
icmp-block-inversion: no
interfaces: enp9s0
sources:
services: ssh dhcpv6-client http https
ports: 44340/tcp 64928/tcp 443/tcp 80/tcp
protocols:
masquerade: no
forward-ports:
source-ports:
icmp-blocks:
rich rules:
I thought I would be able to access it straight from the browser but I have had no luck. Even if there are instructions for this somewhere could someone point me in that direction.
Could this be the issue
Dec 12 14:40:58 local.office firewalld[2591]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w2 -t nat -C POSTROUTING -p tcp -s 172.17.0.2 -d 172.17.0.2 --dport 64928 -j MASQUERADE' failed: iptables: No chain/target/match by that name.
Dec 12 14:40:58 local.office firewalld[2591]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w2 -t nat -C DOCKER -p tcp -d 0/0 --dport 80 -j DNAT --to-destination 172.17.0.2:64928 ! -i docker0' failed: iptables: No chain/target/match by that name.
Dec 12 14:42:36 local.office firewalld[2591]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w2 -t filter -C DOCKER ! -i docker0 -o docker0 -p tcp -d 172.17.0.2 --dport 64928 -j ACCEPT' failed: iptables: Bad rule (does a matching rule exist in that chain?).
Dec 12 14:42:36 local.office firewalld[2591]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w2 -t nat -C POSTROUTING -p tcp -s 172.17.0.2 -d 172.17.0.2 --dport 64928 -j MASQUERADE' failed: iptables: No chain/target/match by that name.
Dec 12 14:43:18 local.office firewalld[2591]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w2 -t nat -C DOCKER -p tcp -d 0/0 --dport 64928 -j DNAT --to-destination 172.17.0.2:64928 ! -i docker0' failed: iptables: No chain/target/match by that name.
Although FirewallD is the default firewall programme for CentOS 7, it is deactivated by default on a new CentOS 7 server. Therefore, let's activate it and add the required network ports. You may try to add the ports in your firewall application using below.
firewall-cmd --add-port=64928/tcp --permanent
firewall-cmd --add-port=44340/tcp --permanent
OR
You can check with your Docker firewall rules once as those are the rules set before the default firewall management tools on the OS.
iptables -L -v -n -t nat --line-numbers
You can check those using above command.