问题
I try to test manageiq monitoring to hawkular. I made manageiq docker container with the following commands
docker pull manageiq/manageiq:euwe-1
docker run --privileged -d -p 8443:443 manageiq/manageiq:euwe-1
I can see the container be generated and run. However I can not connect to ManageIQ with my web browser with this url https://127.0.0.1:8443 . In log files of manageiq docker container inside show the error like below,
[ssl:warn] [pid 815] AH01909: RSA certificate configured for 172.17.0.2:443 does NOT include an ID which matches the server name
[ssl:warn] [pid 815] AH01909: RSA certificate configured for 172.17.0.2:443 does NOT include an ID which matches the server name
[proxy:error] [pid 816] (111)Connection refused: AH00957: HTTP: attempt to connect to 0.0.0.0:3000 (0.0.0.0) failed
[proxy:error] [pid 816] AH00959: ap_proxy_connect_backend disabling worker for (0.0.0.0) for 60s
[proxy_http:error] [pid 816] [client 172.17.0.1:39140] AH01114: HTTP: failed to make connection to backend: 0.0.0.0
[proxy:error] [pid 819] (111)Connection refused: AH00957: HTTP: attempt to connect to 0.0.0.0:3000 (0.0.0.0) failed
[proxy:error] [pid 819] AH00959: ap_proxy_connect_backend disabling worker for (0.0.0.0) for 60s
[proxy_http:error] [pid 819] [client 172.17.0.1:39146] AH01114: HTTP: failed to make connection to backend: 0.0.0.0, referer: https://localhost:8443/
回答1:
I solved it. The reason is the https connection is not set on the docker container. This is the process,
- enter the container
docker exec -ti CONTAINER_ID bash –l
2.on the container, find server.crt and server.key files
[root@17a6a6bd8743 vmdb]# find / -name server.crt
/opt/manageiq/manageiq-ui-service/node_modules/browser-sync/lib/server/certs/server.crt
[root@17a6a6bd8743 vmdb]# find / -name server.key
/opt/manageiq/manageiq-ui-service/node_modules/browser-sync/lib/server/certs/server.key
- Then edit /etc/httpd/conf.d/ssl.conf file like below
[root@17a6a6bd8743 vmdb]# vi /etc/httpd/conf.d/ssl.conf
ServerName localhost:8443 #specify the server name
SSLProtocol -All +TLSv1 +TLSv1.1 +TLSv1.2 # type ssl protocol
SSLCertificateFile /opt/manageiq/manageiq-ui-service/node_modules/browser-sync/lib/server/certs/server.crt # type the location folder of server.crt
SSLCertificateKeyFile /opt/manageiq/manageiq-ui-service/node_modules/browser-sync/lib/server/certs/server.key # type the location folder of server.key
- set httpd allow the https
[root@17a6a6bd8743 vmdb]# systemctl restart httpd
[root@17a6a6bd8743 vmdb]# yum install firewalld -y
[root@17a6a6bd8743 vmdb]# systemctl start firewalld
[root@17a6a6bd8743 vmdb]# systemctl enable firewalld
[root@17a6a6bd8743 vmdb]# firewall-cmd --add-service=https --permanent
success
[root@17a6a6bd8743 vmdb]# firewall-cmd --reload
success
OK! the configuration is set perfectly. Connect https://localhost:8443 and enjoy!!
回答2:
I was informed that modifying the docker container inside configuration was not appropriate and have to configure the docker network outside the docker container. So this is my resolution.
- Windows 10 : This site is written in korean. I hope you find and read english site. ^_^
https://support.microsoft.com/ko-kr/help/3151631/rc4-cipher-is-no-longer-supported-in-internet-explorer-11-or-microsoft-edge
- CentOS 7 , Firefox web browser,
"Environment Configuration" => "Security" => "Exception List" Button => Add "https://localhost:8443/" URL
And finally check this issue with reference site
来源:https://stackoverflow.com/questions/41933290/manageiq-docker-container-cannot-not-be-connected-with-web-browser