ManageIQ docker container cannot not be connected

2019-07-21 06:21发布

问题:

I try to test manageiq monitoring to hawkular. I made manageiq docker container with the following commands

docker pull manageiq/manageiq:euwe-1
docker run --privileged -d -p 8443:443 manageiq/manageiq:euwe-1

I can see the container be generated and run. However I can not connect to ManageIQ with my web browser with this url https://127.0.0.1:8443 . In log files of manageiq docker container inside show the error like below,

[ssl:warn] [pid 815] AH01909: RSA certificate configured for 172.17.0.2:443 does NOT include an ID which matches the server name
[ssl:warn] [pid 815] AH01909: RSA certificate configured for 172.17.0.2:443 does NOT include an ID which matches the server name
[proxy:error] [pid 816] (111)Connection refused: AH00957: HTTP: attempt to connect to 0.0.0.0:3000 (0.0.0.0) failed
[proxy:error] [pid 816] AH00959: ap_proxy_connect_backend disabling worker for (0.0.0.0) for 60s
[proxy_http:error] [pid 816] [client 172.17.0.1:39140] AH01114: HTTP: failed to make connection to backend: 0.0.0.0
[proxy:error] [pid 819] (111)Connection refused: AH00957: HTTP: attempt to connect to 0.0.0.0:3000 (0.0.0.0) failed
[proxy:error] [pid 819] AH00959: ap_proxy_connect_backend disabling worker for (0.0.0.0) for 60s
[proxy_http:error] [pid 819] [client 172.17.0.1:39146] AH01114: HTTP: failed to make connection to backend: 0.0.0.0, referer: https://localhost:8443/

回答1:

I solved it. The reason is the https connection is not set on the docker container. This is the process,

  1. enter the container

docker exec -ti CONTAINER_ID bash –l

2.on the container, find server.crt and server.key files

[root@17a6a6bd8743 vmdb]# find / -name server.crt

/opt/manageiq/manageiq-ui-service/node_modules/browser-sync/lib/server/certs/server.crt

[root@17a6a6bd8743 vmdb]# find / -name server.key

/opt/manageiq/manageiq-ui-service/node_modules/browser-sync/lib/server/certs/server.key

  1. Then edit /etc/httpd/conf.d/ssl.conf file like below

[root@17a6a6bd8743 vmdb]# vi /etc/httpd/conf.d/ssl.conf

ServerName localhost:8443 #specify the server name

SSLProtocol -All +TLSv1 +TLSv1.1 +TLSv1.2 # type ssl protocol

SSLCertificateFile /opt/manageiq/manageiq-ui-service/node_modules/browser-sync/lib/server/certs/server.crt # type the location folder of server.crt

SSLCertificateKeyFile /opt/manageiq/manageiq-ui-service/node_modules/browser-sync/lib/server/certs/server.key # type the location folder of server.key

  1. set httpd allow the https

[root@17a6a6bd8743 vmdb]# systemctl restart httpd

[root@17a6a6bd8743 vmdb]# yum install firewalld -y

[root@17a6a6bd8743 vmdb]# systemctl start firewalld

[root@17a6a6bd8743 vmdb]# systemctl enable firewalld

[root@17a6a6bd8743 vmdb]# firewall-cmd --add-service=https --permanent

success

[root@17a6a6bd8743 vmdb]# firewall-cmd --reload

success

OK! the configuration is set perfectly. Connect https://localhost:8443 and enjoy!!



回答2:

I was informed that modifying the docker container inside configuration was not appropriate and have to configure the docker network outside the docker container. So this is my resolution.

  1. Windows 10 : This site is written in korean. I hope you find and read english site. ^_^

https://support.microsoft.com/ko-kr/help/3151631/rc4-cipher-is-no-longer-supported-in-internet-explorer-11-or-microsoft-edge

  1. CentOS 7 , Firefox web browser,

"Environment Configuration" => "Security" => "Exception List" Button => Add "https://localhost:8443/" URL

And finally check this issue with reference site