Menu
With the advent of Docker 20.10, host-gateway is supposed to be available on Linux platforms (as detailed in this wonderful answer). As such, it should be possible to create a docker-compose script which is platform agnostic. (I myself am on Debian.)
Here are some links to some questions and answers that were helpful in getting me this far: here, here, and here (along with some of the other answers and comments)
I'm trying to create a script for running The Graph, which involves having ipfs and postgres running inside a Docker container, and connecting to an instance of a blockchain outside of Docker (on port 8545). Here is the script:
version: '3'
services:
graph-node:
extra_hosts:
- "host.docker.internal:host-gateway"
image: graphprotocol/graph-node
ports:
- '8000:8000'
- '8001:8001'
- '8020:8020'
- '8030:8030'
- '8040:8040'
depends_on:
- ipfs
- postgres
environment:
postgres_host: postgres
postgres_user: graph-node
postgres_pass: let-me-in
postgres_db: graph-node
ipfs: 'ipfs:5001'
ethereum: 'localhost:http://host.docker.internal:8545'
RUST_LOG: info
ipfs:
image: ipfs/go-ipfs:v0.4.23
ports:
- '5001:5001'
volumes:
- ./data/ipfs:/data/ipfs
postgres:
image: postgres
ports:
- '5432:5432'
command: ["postgres", "-cshared_preload_libraries=pg_stat_statements"]
environment:
POSTGRES_USER: graph-node
POSTGRES_PASSWORD: let-me-in
POSTGRES_DB: graph-node
volumes:
- ./data/postgres:/var/lib/postgresql/data
Docker starts just fine, and the instances of ipfs, postgres, and the graph-node all start up fine, but then the graph-node's RPC calls (to the blockchain) all fail with errors similar to the following:
WARN Trying again after eth_getBlockByNumber(0, false) RPC call failed (attempt #18) with result Err(Transport error: Error(Connect, Os { code: 111, kind: ConnectionRefused, message: "Connection refused" }))
Am I using extra-hosts wrong? What might I be able to do to make this script work both on my Linux machine, but also for Mac and Windows users?
Thanks!
896
Any ports exposed by the container will be exposed on the host, even if they’re not explicitly declared with the -p flag. The container’s default hostname will match the host’s, although this can be changed with the --hostname flag. The host network can be a security concern which breaks the isolation model of Docker containers.
One pitfall of this approach is you might not be able to connect to services which bind directly to localhost. You’ll need to make sure your services are listening for connections on your Docker bridge IP, as well as localhost and 127.0.0.1. Otherwise you’ll see connection refused or similar errors within your container.
Docker Desktop networking can work when attached to a VPN. To do this, Docker Desktop intercepts traffic from the containers and injects it into the host as if it originated from the Docker application. Docker Desktop makes whatever is running on port 80 in the container (in this case, nginx) available on port 80 of localhost.
There are three ways to deploy it on the remote host: 1 Manual deployment by copying project files, install docker-compose and running it#N#A common usage of Compose is to... 2 Using DOCKER_HOST environment variable to set up the target engine#N#Throughout this exercise we use the DOCKER_HOST... 3 Using docker contexts More ...
If the host system is Linux, it is possible that your host firewall rules are being applied to communication between your containers. You can check whether that is the case with sysctl, it would return 1 for the following settings:
$ sysctl net.bridge.bridge-nf-call-arptables
1
$ sysctl net.bridge.bridge-nf-call-iptables
1
$ sysctl net.bridge.bridge-nf-call-ip6tables
You can fix this behavior by setting these values to '0':
$ sudo sysctl net.bridge.bridge-nf-call-arptables=0
net.bridge.bridge-nf-call-arptables = 0
$ sudo sysctl net.bridge.bridge-nf-call-iptables=0
net.bridge.bridge-nf-call-iptables = 0
$ sudo sysctl net.bridge.bridge-nf-call-ip6tables=0
net.bridge.bridge-nf-call-ip6tables = 0
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
