Can not access web service, port is open, service is running
I was running docker containers in my droplet and that was working fine with port mapping and such through docker. However, there is a very nasty memory leak with Docker and JVMs (and perhaps not just JVMs) that cause my docker containers to crash in short order. So I am now trying to just run my java service on the droplet OS itself outside of Docker. I am able to start it up no problem, just like I do on my dev box. It starts on port 8090. I try an external port check site and it says 8090 is open on my droplet IP.
When I make a request using <ip>:8090 it just hangs until it finally times out and says it could not get a response. When I try other ports, like port 80, it immediately fails.
I added an iptables entry and now my iptables -S looks like below. I am unclear if the -A INPUT line below the -N DOCKER-ISOLATION some how screws this up, and I dont know much about iptables so not sure if there is something else I need to do to get the service listening on the port to accept a request. I did confirm with netstat -ulntp that it is listening on 8090 as well. At this point I am not sure what could be up. I suspect it may have something to do with the Docker mappings taking over all ports and then nothing listening inside of Docker. If that is the case, what to do to map 8090 to my java service running on the droplet?
-P INPUT ACCEPT
-P FORWARD ACCEPT
-P OUTPUT ACCEPT
-A INPUT -p tcp -m tcp –dport 8090 -j ACCEPT
-A FORWARD -j DOCKER-ISOLATION
-A FORWARD -o docker0 -j DOCKER
-A FORWARD -o docker0 -m conntrack –ctstate RELATED,ESTABLISHED -j ACCEPT
-A FORWARD -i docker0 ! -o docker0 -j ACCEPT
-A FORWARD -i docker0 -o docker0 -j ACCEPT
-A DOCKER -d 172.17.0.2/32 ! -i docker0 -o docker0 -p tcp -m tcp –dport 5432 -j ACCEPT
-A DOCKER-ISOLATION -j RETURN
These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.×