Lionel, Can you start other containers that listen on port 80?
Like: docker run -d --net=host nginx And if it does start, what address is it bound to when you run netstat -tulpn ? > > I can start haproxy by itself on port 80. Don't know what's going on. This is > a server on DigitalOcean. I tried on a local vm and everything works fine. > > On 28 July 2016 at 12:25, Clayton Coleman <ccole...@redhat.com > <mailto:ccole...@redhat.com>> wrote: > From the host, can you start anything binding to 80? Is it just when running > from containers with host networking? The router runs with --net=host, so > it's possible this is a docker 1.11 bug (although I haven't heard anyone > report that yet). > > On Wed, Jul 27, 2016 at 7:12 PM, Lionel Orellana <lione...@gmail.com > <mailto:lione...@gmail.com>> wrote: > Even running cluster up as root the router can't bind to ports 80 and 443. > > On Wed, 27 Jul 2016 at 9:52 PM, Lionel Orellana <lione...@gmail.com > <mailto:lione...@gmail.com>> wrote: > Don't think so. > > $ sudo netstat -tulpn > Active Internet connections (only servers) > Proto Recv-Q Send-Q Local Address Foreign Address State > PID/Program name > tcp 0 0 104.236.65.18:53 <http://104.236.65.18:53/> > 0.0.0.0:* LISTEN 1268/openshift > tcp 0 0 0.0.0.0:8053 <http://0.0.0.0:8053/> 0.0.0.0:* > LISTEN 1268/openshift > tcp 0 0 0.0.0.0:22 <http://0.0.0.0:22/> 0.0.0.0:* > LISTEN 776/sshd > tcp 0 0 0.0.0.0:8443 <http://0.0.0.0:8443/> 0.0.0.0:* > LISTEN 1268/openshift > tcp6 0 0 :::4001 :::* LISTEN > 1268/openshift > tcp6 0 0 :::2376 :::* LISTEN > 595/docker > tcp6 0 0 :::10250 :::* LISTEN > 1268/openshift > tcp6 0 0 :::22 :::* LISTEN > 776/sshd > tcp6 0 0 :::7001 :::* LISTEN > 1268/openshift > udp 0 0 0.0.0.0:8053 <http://0.0.0.0:8053/> 0.0.0.0:* > 1268/openshift > udp 0 0 104.236.65.18:53 <http://104.236.65.18:53/> > 0.0.0.0:* 1268/openshift > > But the pod was unable to bind to those ports for some reason. > > $ oc logs -f pod/router-1-y5prn > I0727 11:45:41.395016 1 router.go:161] Router is including routes in > all namespaces > E0727 11:45:41.493170 1 ratelimiter.go:50] error reloading router: exit > status 1 > [ALERT] 208/114541 (30) : Starting frontend public: cannot bind socket > [0.0.0.0:80 <http://0.0.0.0/>] > [ALERT] 208/114541 (30) : Starting frontend public_ssl: cannot bind socket > [0.0.0.0:443 <http://0.0.0.0:443/>] > > > On 27 July 2016 at 21:21, Clayton Coleman <ccole...@redhat.com > <mailto:ccole...@redhat.com>> wrote: > Is anything already listening on port 80/443/1936 on your host? Did the > router pod get created successfully (oc get pods -n default)? > > > > On Jul 27, 2016, at 7:12 AM, Lionel Orellana <lione...@gmail.com > <mailto:lione...@gmail.com>> wrote: > >> My iptables has these rules. Is this normal? >> >> Chain KUBE-SERVICES (1 references) >> target prot opt source destination >> REJECT tcp -- 0.0.0.0/0 <http://0.0.0.0/0> 172.30.52.230 >> /* default/router:80-tcp has no endpoints */ tcp dpt:80 reject-with >> icmp-port-unreachable >> REJECT tcp -- 0.0.0.0/0 <http://0.0.0.0/0> 172.30.52.230 >> /* default/router:443-tcp has no endpoints */ tcp dpt:443 reject-with >> icmp-port-unreachable >> REJECT tcp -- 0.0.0.0/0 <http://0.0.0.0/0> 172.30.52.230 >> /* default/router:1936-tcp has no endpoints */ tcp dpt:1936 reject-with >> icmp-port-unreachable >> >> >> On 27 July 2016 at 16:08, Lionel Orellana <lione...@gmail.com >> <mailto:lione...@gmail.com>> wrote: >> Further info >> >> $ oc get endpoints --namespace=default --selector=router >> >> NAME ENDPOINTS AGE >> router <none> 1h >> >> Router has no endpoints? >> >> >> >> On Wed, 27 Jul 2016 at 3:22 PM, Lionel Orellana <lione...@gmail.com >> <mailto:lione...@gmail.com>> wrote: >> Forgot to mention >> >> Openshift v1.3.0-alpha.2 >> Docker 1.11.2 >> Ubuntu 15.10 >> >> On Wed, 27 Jul 2016 at 3:17 PM, Lionel Orellana <lione...@gmail.com >> <mailto:lione...@gmail.com>> wrote: >> Hi >> >> I'm trying the new cluster up command. It seems to run Ok and I can deploy >> an app (Jenkins, from the template) that also seems to start fine. But I >> can't hit it. When I go to the url shown in the route chrome says "site >> can't be reached". >> >> If I login to the host I can curl the aplication on the internal ip/port. >> >> Seems like a dns issue but I thought xip.io <http://xip.io/> was supposed to >> take care of that. >> >> Do I need to do anything to make my service accessible from outside? >> >> Thanks >> >> >> Lionel. >> >> >> _______________________________________________ >> users mailing list >> users@lists.openshift.redhat.com <mailto:users@lists.openshift.redhat.com> >> http://lists.openshift.redhat.com/openshiftmm/listinfo/users >> <http://lists.openshift.redhat.com/openshiftmm/listinfo/users> > > > _______________________________________________ > users mailing list > users@lists.openshift.redhat.com <mailto:users@lists.openshift.redhat.com> > http://lists.openshift.redhat.com/openshiftmm/listinfo/users > <http://lists.openshift.redhat.com/openshiftmm/listinfo/users> > >
_______________________________________________ users mailing list users@lists.openshift.redhat.com http://lists.openshift.redhat.com/openshiftmm/listinfo/users