Issue with docker install of ManageIQ


#1

I am new to running things on container. Trying to get ManageIQ docker install working. I was able to pull down the container and run it. But I cannot access it from web browser. I suspected some firewall issue but that doesnt seem to be the case. Can someone please assist? Here is what I see in iptables

$ iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
ACCEPT all – anywhere anywhere state RELATED,ESTABLISHED
ACCEPT icmp – anywhere anywhere
ACCEPT all – anywhere anywhere
ACCEPT tcp – anywhere anywhere state NEW tcp dpt:ssh
REJECT all – anywhere anywhere reject-with icmp-host-prohibited

Chain FORWARD (policy ACCEPT)
target prot opt source destination
DOCKER all – anywhere anywhere
ACCEPT all – anywhere anywhere ctstate RELATED,ESTABLISHED
ACCEPT all – anywhere anywhere
REJECT all – anywhere anywhere reject-with icmp-host-prohibited
ACCEPT all – anywhere anywhere

Chain OUTPUT (policy ACCEPT)
target prot opt source destination

Chain DOCKER (1 references)
target prot opt source destination
ACCEPT tcp – anywhere 172.17.0.1 tcp dpt:https
ACCEPT tcp – anywhere 172.17.0.1 tcp dpt:http
ACCEPT tcp – anywhere 172.17.0.2 tcp dpt:commplex-main

When I run nmap on the server where container is hosted.

$ nmap localhost

Starting Nmap 5.51 ( http://nmap.org ) at 2016-10-07 10:20 CDT
Nmap scan report for localhost (127.0.0.1)
Host is up (0.000013s latency).
Other addresses for localhost (not scanned): 127.0.0.1
Not shown: 993 closed ports
PORT STATE SERVICE
22/tcp open ssh
25/tcp open smtp
80/tcp open http
111/tcp open rpcbind
443/tcp open https
631/tcp open ipp
5000/tcp open upnp

Nmap done: 1 IP address (1 host up) scanned in 0.11 seconds

Nmap output when using IP on the local server

$ nmap

Starting Nmap 5.51 ( http://nmap.org ) at 2016-10-07 10:21 CDT
Nmap scan report for
Host is up (0.0000080s latency).
Not shown: 995 closed ports
PORT STATE SERVICE
22/tcp open ssh
80/tcp filtered http
111/tcp open rpcbind
443/tcp filtered https
5000/tcp filtered upnp

Nmap done: 1 IP address (1 host up) scanned in 1.27 seconds

When executed remotely ping works but nmap doesnt repond.


#2

@simaishi can you review this question from @kharel and forward to a SME if necessary.


#3

Hi Guys

Did you make any progress with this? I too am a recent convert to containers (i.e a noob) and struggling to log into the Manage IQ console.

From what i can tell, the docker image doesn’t appear to be starting correcting.
I’ve executed a bash console on the container - network is plumbed, but i can’t see anything listening on ports 80 / 443

Any thoughts on how to extract further logs?

Windows 10 Pro N (Version 1607, Build 14393.321)
Docker for Windows: Docker version 1.12.1, build 23cf638

Thanks in advance


#4

Adding more info

I’ve logged into the container and executed "appliance_console"
I noticed the ManageIQ server wasn’t started

When i tried to start it (option 9)
I get the following error

Starting ManageIQ Server…
Failed to get D-Bus connection: Operation not permitted

Press any key to continue

My current status

Welcome to the ManageIQ Virtual Appliance.

To modify the configuration, use a web browser to access the management page.

Hostname:                f8a502a4399e
IP Address:              172.17.0.3
Netmask:                 255.255.0.0
Gateway:                 172.17.0.1
Primary DNS:             192.168.65.1
Secondary DNS:           192.168.65.10
Search Order:            local
MAC Address:             02:42:ac:11:00:03
Timezone:                []
Local Database Server:   not initialized
ManageIQ Server:         not running
ManageIQ Database:       localhost
Database/Region:         vmdb_production / 0
External Auth:           not configured
ManageIQ Version:        master

Press any key to continue.

#5

It looks like your DB wasn’t initialized,
This is the reason the service didn’t come up.

I have never tried the container image on windows, there may be an issue there.
I would advise trying it on a Linux machine, please note that the version it was tested on is docker 1.10 & 1.9 on RHEL 7.x


#6

this appears to be an issue with the PostgreSQL data folder. with the windows version of docker the shared folder is owned by root which can’t be changed.
I found some online resources about this:
https://forums.docker.com/t/data-directory-var-lib-postgresql-data-pgdata-has-wrong-ownership/17963/24
https://forums.docker.com/t/permission-and-ownership-managment/23762

I followed the suggestions there to create a docker volume and started the image
docker volume create --name postgresql -d local docker run --privileged -v postgresql:/var/opt/rh/rh-postgresql95/lib/pgsql/data -d -p 8443:443 --name manageiq manageiq/manageiq

unfortunately this did not solve the issue completely, the database was not running and there was no database.yml config file. The following steps solved this for me:

  • systemctl start rh-postgresql95-postgresql.service
  • copied the config/database.pg.yml to config/database.yml
  • used the appliance_console to reset the database (option 3 > option 4)

after which the evmserver started automatically

tests performed:

  • I’ve stopped this container
  • started a new one
  • copied the v2_keys
  • skipped the reset part. (still needed to start PG and copy the database.yml)

Result: Data existed cross containers.

ps:
Autostart PG: systemctl enable rh-postgresql95-postgresql.service
(Docker for Windows, version 1.13.0)