Issue
I am trying to setup this project: https://github.com/ao-data/albiondata-docker
But my server does not allow me to connect to any hosts from my browser.
this is the Docker-Compose stripped down:
version: "3"
services:
sql:
depends_on:
- mysql
- nats
networks:
- albiondata
api:
ports:
- 8056:80
depends_on:
- mysql
networks:
- albiondata
gate:
ports:
- 4223:4223
depends_on:
- nats
- redis
networks:
- albiondata
deduper:
depends_on:
- nats
- redis
networks:
- albiondata
nats:
ports:
- 4222:4222
- 6222:6222
- 8222:8222
networks:
- albiondata
mysql:
ports:
- 3306:3306
networks:
- albiondata
mysql-backup:
depends_on:
- mysql
networks:
- albiondata
redis:
ports:
- 6379:6379
networks:
- albiondata
proxy:
ports:
- "80:80"
- "443:443"
- "81:81"
networks:
- albiondata
nginx:
ports:
- "80:80"
- "443:443"
- "81:81"
networks:
- albiondata
nginx:
ports:
- 8080:80
networks:
albiondata:
I am using ufw for configuration of iptables and i've also enabled forwarding described here https://docs.docker.com/network/bridge/ with the commands
sysctl net.ipv4.conf.all.forwarding=1
sudo iptables -P FORWARD ACCEPT
I have validated my ports with netstat (yes they are open to 0.0.0.0) and all containers are running with no error. I have also allowed all ports specified in the docker-compose specifically with ufw aswell.
But I cannot connect to port 8080 or 4223, the api bound to port 8056 is also not available. Disabling iptables (deleting all rules) fixes it and I can access all services.
My server is running on debian 11
Solution
When you work with ufw, and make change in firewall, you should restart docker daemon.
Both docker daemon and ufw work with iptable in background. When you make any change in ufw, it conflicts with docker daemon.
Restart it with: docker restart docker
Answered By - Mojtaba Ahadi Answer Checked By - Gilberto Lyons (WPSolving Admin)