I use docker-compose to run docker-compose run myname mycommand. That starts a Python web server on 0.0.0.0:8888. I can see the container running with: docker-compose ps. It’s here and it looks something like this (from an SSH session):
root@215a24ba17c2:~/buildhub2# docker-compose -f docker-compose.ci.yml ps
Name Command State Ports
---------------------------------------------------------------------------------------
buildhub2_autograph_1 /bin/sh -c /go/bin/autograph Up 8000/tcp
buildhub2_db_1 docker-entrypoint.sh postgres Up 5432/tcp
buildhub2_memcached_1 docker-entrypoint.sh memcached Up 11211/tcp
buildhub2_web_run_3 /bin/bash /app/bin/run.sh ... Up 0.0.0.0:8888->8888/tcp
elasticsearch /bin/bash bin/es-docker Up 9200/tcp, 9300/tcp
But I can’t curl localhost:8888 from the host. That’s what I want to do next to do some testing. From an SSH session:
root@215a24ba17c2:~/buildhub2# curl localhost:8888
curl: (7) Failed to connect to localhost port 8888: Connection refused
I tried 127.0.0.1:8888 and 0.0.0.0:8888 also.
My Dockerfile has EXPOSE 8888 in it and my docker-compose.yml has:
Usually the issue here is that you’ve not waited long enough for the container server to settle down. Try getting an SSH session after a failing build, and see if the container is still up. If it is, exec a shell on the container and see what processes are running inside it, to see if there is another issue.
I’ve probably solved it now since I posted my question. What I did instead, was using a second container in docker-compose that depends_on the Python web server. Now, from this other (new) container I can connect to the python web server on http://web:8888. The docker-compose looks something like this:
Now, inside that tests container I can successfully run curl web:8888.
I think there are some “quirks” about how networking works in Linux vs macOS. Or perhaps CircleCI vs. macOS. In my macOS host I was able to use curl localhost:8888.
This new solution feels more right but I wish I had more time to understanding docker networking in detail and to explain why the host can’t reach into a running container that exposes a port.
Yes, that makes sense - Docker Compose internally makes containers available using their services names as DNS names. However, that doesn’t explain why your port publishing does not work in your first-level (build) container. I wonder if you need nstat (with appropriate switches) to examine what ports are captured?
Hmm, also: since it is published to 0.0.0.0, try ifconfig in the build container to see what other interfaces are available. Perhaps it has bound to the LAN IP instead?