ManageIQ docker 容器无法与 Web 浏览器连接
ManageIQ docker container cannot not be connected with web browser
我尝试测试 manageiq 对 hawkular 的监控。我使用以下命令制作了 manageiq docker 容器
docker pull manageiq/manageiq:euwe-1
docker run --privileged -d -p 8443:443 manageiq/manageiq:euwe-1
我可以看到容器已生成并且 运行。但是,我无法使用此 url https://127.0.0.1:8443 通过网络浏览器连接到 ManageIQ。在 manageiq docker 容器的日志文件中显示如下错误,
[ssl:warn] [pid 815] AH01909: RSA certificate configured for 172.17.0.2:443 does NOT include an ID which matches the server name
[ssl:warn] [pid 815] AH01909: RSA certificate configured for 172.17.0.2:443 does NOT include an ID which matches the server name
[proxy:error] [pid 816] (111)Connection refused: AH00957: HTTP: attempt to connect to 0.0.0.0:3000 (0.0.0.0) failed
[proxy:error] [pid 816] AH00959: ap_proxy_connect_backend disabling worker for (0.0.0.0) for 60s
[proxy_http:error] [pid 816] [client 172.17.0.1:39140] AH01114: HTTP: failed to make connection to backend: 0.0.0.0
[proxy:error] [pid 819] (111)Connection refused: AH00957: HTTP: attempt to connect to 0.0.0.0:3000 (0.0.0.0) failed
[proxy:error] [pid 819] AH00959: ap_proxy_connect_backend disabling worker for (0.0.0.0) for 60s
[proxy_http:error] [pid 819] [client 172.17.0.1:39146] AH01114: HTTP: failed to make connection to backend: 0.0.0.0, referer: https://localhost:8443/
我解决了。原因是 docker 容器上没有设置 https 连接。这是过程,
- 进入容器
docker exec -ti CONTAINER_ID bash –l
2.on容器,找到server.crt和server.key文件
[root@17a6a6bd8743 vmdb]# find / -name server.crt
/opt/manageiq/manageiq-ui-service/node_modules/browser-sync/lib/server/certs/server.crt
[root@17a6a6bd8743 vmdb]# find / -name server.key
/opt/manageiq/manageiq-ui-service/node_modules/browser-sync/lib/server/certs/server.key
- 然后编辑 /etc/httpd/conf.d/ssl.conf 文件,如下所示
[root@17a6a6bd8743 vmdb]# vi /etc/httpd/conf.d/ssl.conf
ServerName localhost:8443 #specify the server name
SSLProtocol -All +TLSv1 +TLSv1.1 +TLSv1.2 # type ssl protocol
SSLCertificateFile /opt/manageiq/manageiq-ui-service/node_modules/browser-sync/lib/server/certs/server.crt # type the location folder of server.crt
SSLCertificateKeyFile /opt/manageiq/manageiq-ui-service/node_modules/browser-sync/lib/server/certs/server.key # type the location folder of server.key
- 设置 httpd 允许 https
[root@17a6a6bd8743 vmdb]# systemctl restart httpd
[root@17a6a6bd8743 vmdb]# yum install firewalld -y
[root@17a6a6bd8743 vmdb]# systemctl start firewalld
[root@17a6a6bd8743 vmdb]# systemctl enable firewalld
[root@17a6a6bd8743 vmdb]# firewall-cmd --add-service=https --permanent
success
[root@17a6a6bd8743 vmdb]# firewall-cmd --reload
success
好的!配置设置完美。连接 https://localhost:8443
享受吧!!
我被告知修改 docker 容器内部配置不合适,必须在 docker 容器外部配置 docker 网络。所以这就是我的决心。
- Windows 10 : 这个网站是用韩语写的。我希望你能找到并阅读英文网站。 ^_^
- CentOS 7、Firefox 网络浏览器,
"Environment Configuration" => "Security" => "Exception List" 按钮
=> 添加“https://localhost:8443/”URL
最后用 reference site
检查这个问题
我尝试测试 manageiq 对 hawkular 的监控。我使用以下命令制作了 manageiq docker 容器
docker pull manageiq/manageiq:euwe-1
docker run --privileged -d -p 8443:443 manageiq/manageiq:euwe-1
我可以看到容器已生成并且 运行。但是,我无法使用此 url https://127.0.0.1:8443 通过网络浏览器连接到 ManageIQ。在 manageiq docker 容器的日志文件中显示如下错误,
[ssl:warn] [pid 815] AH01909: RSA certificate configured for 172.17.0.2:443 does NOT include an ID which matches the server name
[ssl:warn] [pid 815] AH01909: RSA certificate configured for 172.17.0.2:443 does NOT include an ID which matches the server name
[proxy:error] [pid 816] (111)Connection refused: AH00957: HTTP: attempt to connect to 0.0.0.0:3000 (0.0.0.0) failed
[proxy:error] [pid 816] AH00959: ap_proxy_connect_backend disabling worker for (0.0.0.0) for 60s
[proxy_http:error] [pid 816] [client 172.17.0.1:39140] AH01114: HTTP: failed to make connection to backend: 0.0.0.0
[proxy:error] [pid 819] (111)Connection refused: AH00957: HTTP: attempt to connect to 0.0.0.0:3000 (0.0.0.0) failed
[proxy:error] [pid 819] AH00959: ap_proxy_connect_backend disabling worker for (0.0.0.0) for 60s
[proxy_http:error] [pid 819] [client 172.17.0.1:39146] AH01114: HTTP: failed to make connection to backend: 0.0.0.0, referer: https://localhost:8443/
我解决了。原因是 docker 容器上没有设置 https 连接。这是过程,
- 进入容器
docker exec -ti CONTAINER_ID bash –l
2.on容器,找到server.crt和server.key文件
[root@17a6a6bd8743 vmdb]# find / -name server.crt
/opt/manageiq/manageiq-ui-service/node_modules/browser-sync/lib/server/certs/server.crt
[root@17a6a6bd8743 vmdb]# find / -name server.key
/opt/manageiq/manageiq-ui-service/node_modules/browser-sync/lib/server/certs/server.key
- 然后编辑 /etc/httpd/conf.d/ssl.conf 文件,如下所示
[root@17a6a6bd8743 vmdb]# vi /etc/httpd/conf.d/ssl.conf
ServerName localhost:8443 #specify the server name
SSLProtocol -All +TLSv1 +TLSv1.1 +TLSv1.2 # type ssl protocol
SSLCertificateFile /opt/manageiq/manageiq-ui-service/node_modules/browser-sync/lib/server/certs/server.crt # type the location folder of server.crt
SSLCertificateKeyFile /opt/manageiq/manageiq-ui-service/node_modules/browser-sync/lib/server/certs/server.key # type the location folder of server.key
- 设置 httpd 允许 https
[root@17a6a6bd8743 vmdb]# systemctl restart httpd
[root@17a6a6bd8743 vmdb]# yum install firewalld -y
[root@17a6a6bd8743 vmdb]# systemctl start firewalld
[root@17a6a6bd8743 vmdb]# systemctl enable firewalld
[root@17a6a6bd8743 vmdb]# firewall-cmd --add-service=https --permanent
success
[root@17a6a6bd8743 vmdb]# firewall-cmd --reload
success
好的!配置设置完美。连接 https://localhost:8443 享受吧!!
我被告知修改 docker 容器内部配置不合适,必须在 docker 容器外部配置 docker 网络。所以这就是我的决心。
- Windows 10 : 这个网站是用韩语写的。我希望你能找到并阅读英文网站。 ^_^
- CentOS 7、Firefox 网络浏览器,
"Environment Configuration" => "Security" => "Exception List" 按钮 => 添加“https://localhost:8443/”URL
最后用 reference site
检查这个问题