I thought it might be something to do with SSH GatewayPorts, so I tried enabling GatewayPorts but that didn't change anything. That makes me think that the SSH tunnel is OK and that the problem is on the server forwarding to the docker container, which is why the title of this is a generic question about opening a tunnel from client -> server -> docker container. It's notable that the error is the connection is lost, because run without the SSH tunnel open, the same command fails with Connection refused. by binding ssh to the docker0 bridge) instead of exposing your docker containers in your host environment (as suggested in the accepted answer). Connect to LoadBalancer services minikube tunnel Connect to LoadBalancer services Synopsis tunnel creates a route to services deployed with type LoadBalancer and sets their Ingress to their ClusterIP. SocketException The transport's socket appears to have lost its connection to the nREPL server In your case, a quick and cleaner solution would be to make your ssh tunnel 'available' to your docker containers (e.g. no errors/warnings from running: ssh -N -T -L *:8081:localhost:8081 makes me think that I have the correct SSH tunnel, except that whenever I try to connect to the running repl server, it immediately fails, like so: $ lein repl :connect 8081 For example I use it to create a SSH tunnel from a GCP Kubernetes cluster into an on prem bastion host in order to talk to an on prem MySQL database it SSHs onto the internal LAN and connects me to the internal on prem MySQL server. We create one local tunnel whose ingress is on localhost:8080 and whose egress is at web-server:80.We create a second local tunnel whose ingress is at localhost:8443 and whose egress is at web-server:443.Both tunnels pass through bastion-host. Proto Recv-Q Send-Q Local Address Foreign Address StateĪnd it seems like I can open a SSH tunnel for port 8081 e.g. I can see that my docker container has port 8081 mapped: $ sudo docker port container-id 8081Īnd, on the server hosting the docker container, I can see that port 8081 is listening: $ netstat -anl | sed -n '2p /8081/p' Overview Tags Docker SSH Tunnel This Docker creates a simple SSH tunnel over a server. So, in order to connect to the nrepl server, it's gotta go local -> some.host -> docker-container -> nrepl. EIC Endpoint eliminates the cost and operational overhead of maintaining bastions. As this is a cumbersome approach, an easy but insecure solution exists, which is recommended in many tutorials or posts on StackOverflow. In many cases this is not possible without building a new Docker image which includes the client. Usage First you should create a config file in your local directory. Using SSH tunnels within Docker containers would require installing an SSH client and mounting keys. In this case this container might behave like a proxy to outer space inside your Docker network. It is very useful when your container needs to access to an external protected resource. Using bastion hosts involves operational overhead of patching, managing and auditing, as well as additional cost. Overview Tags Docker SSH Tunnel This Docker creates a simple SSH tunnel over a server. However, my current setup is that "server" is run in a Docker container, which maps port 8081. Previously, customers had to create bastion hosts to tunnel SSH / RDP connections to instances with private IP addresses.
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |