Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Error response from daemon: Ports are not available (80 for caddy service) during docker build #2735

Open
PurnenduMIshra129th opened this issue Dec 3, 2024 · 20 comments
Labels
bug Something isn't working unapproved Unapproved for Pull Request

Comments

@PurnenduMIshra129th
Copy link

Describe the bug
When u trying to build the docker sometimes it will give error like
error
so Now lets find out the reson why
findWhy
You can see the port is already used by some application
Find out which pid is using
GetPIDNOUsed
Now find the this pid belongs to which app or process
WhichApp
Now try to kill the app to free the port so that we can use in our docker image port
TryToKill
now u can see we can't kill some system software because its default port is used
To Reproduce
Steps to reproduce the behavior:

1.Run the command docker-compose -f docker-compose.dev.yaml up --build in windows
2. wait untill caddyservice to start u see this error if your system service use this port which is not killable

Expected behavior
The image container need to start without any error like port is already used

Actual behavior
The container is not start and forcefully stop so we will not able to use the docker services.

Screenshots
already provided see above for further clarification

Please read this if you are planning to apply for a Palisadoes Foundation internship

@PurnenduMIshra129th PurnenduMIshra129th added the bug Something isn't working label Dec 3, 2024
Copy link

github-actions bot commented Dec 3, 2024

Congratulations on making your first Issue! 🎊 If you haven't already, check out our Contributing Guidelines and Issue Reporting Guidelines to ensure that you are following our guidelines for contributing and making issues.

@github-actions github-actions bot added the unapproved Unapproved for Pull Request label Dec 3, 2024
@palisadoes
Copy link
Contributor

  1. Your examples in the images are for Port 80, not 8080
  2. What is the output of the lsof -i tcp:8080 command? That will give you the owner of the daemon using that 8080 port.

@PurnenduMIshra129th PurnenduMIshra129th changed the title Error response from daemon: Ports are not available (8080 for caddy service) during docker build Error response from daemon: Ports are not available (80 for caddy service) during docker build Dec 3, 2024
@PurnenduMIshra129th
Copy link
Author

PurnenduMIshra129th commented Dec 3, 2024

sorry my mistake changed this to port 80 .But In screenshots u can see all the ports i am checked for port 80. And no output for lsof -i tcp:8080 .

@PurnenduMIshra129th
Copy link
Author

plz assign . so that i can make change

@palisadoes
Copy link
Contributor

Why have you set it for port 80? It is a privileged port just like all ports < 1024. If you want the app to listen on port 80 you need to run apache or nginx as a reverse proxy to the port of the API

What is the output of lsof for port 80? That will indicate the cause of the issue. This looks like a configuration issue, not an operational one.

@PurnenduMIshra129th
Copy link
Author

But in docker configuration docker.compose.dev.yaml it is exposing its port to 80 but if port 80 already in use then the image port 80 will not mapped to host port.and this is equivalent command for lsof for windows get the PID who is using port 80 and then find the PID for actuall process .Screenshot see the first row means this
command - tasklist | findstr "4"
System 4 Services 0 524 K here the 4 is pid and system is system process it is user specific then it should show its name .
image
See this screenshot of taskmanager also
image

@palisadoes
Copy link
Contributor

  1. Docker should expose the app on the same default port as installing the app without docker. Isn't that port 5000?
  2. You should use a web proxy app to make the app available on port 80 or 443.

@PurnenduMIshra129th
Copy link
Author

PurnenduMIshra129th commented Dec 4, 2024

@palisadoes how it will expose the port 5000 if it is not there in docker.dev.yaml .So if we want to use this port 5000(actual for api i think 4000 port)we have to expose this port but in the current configuration it is not expose . And think like in the server .ts we are using 4000 port for handling http request and build the image and container is started and 4000 is open . But only it will work inside the docker container means for out side the docker means from our host it will not take any request.

And for this to solve caddy is used here i think which is used as reverse proxy here and its port is exposed in port 80 and 443 which is default port for http and https . means as the 4000 port is not exposed any request made through external tools will go through caddy services then it forward request to our talwa container api . so in this issue for the pc if port 80 is used then caddy service will not mapped to external as a result the container will not run . If u want any further clarification then i have to find again........it is taking too much time to understand!

@palisadoes
Copy link
Contributor

@chandel-aman Can you comment on this? There seems to be a misunderstanding related to MinIO / Caddy and docker.

@PurnenduMIshra129th I didn't realize that this was related to Caddy. Generally speaking port 80 can only be used by processes with root privileges. That's probably why it's failing with the access permissions error. This is a configuration error.

  1. Have you referenced the INSTALLATION.md file to ensure you have configured this correctly?
  2. Is the Caddy configuration included in the setup script? If not it needs to be.

@PurnenduMIshra129th
Copy link
Author

@palisadoes yes i preferred the installation.md properly and yes it is related to configuration means not a big problem just we have to add like if host port 80 is used then it should use other port which is free and caddy image container port should be same no change only we have to mapped it host other port .I didn't realize that this was related to Caddy(not a caddy problem only port are not available ) .Is the Caddy configuration included in the setup script? (yes script is there) .Generally speaking port 80 can only be used by processes with root privileges. (yes u are right but in this case as port is used by a system prcess so we can't kill it even if u manually try )

@PurnenduMIshra129th
Copy link
Author

@chandel-aman can u explain what i explained is it correct and give some clarification ?

@chandel-aman
Copy link
Contributor

@PurnenduMIshra129th I can see in your screenshot that a SYSTEM service is running on your port 80.

  1. Access the terminal as an administrator.
  2. Check which service is using port 80:
    netsh http show servicestate
  3. Stop the service using port 80 (most likely IIS or W3SVC):
    net stop <service_name>
    

After stopping the service, try running your Docker setup again.

@chandel-aman
Copy link
Contributor

@palisadoes yes i preferred the installation.md properly and yes it is related to configuration means not a big problem just we have to add like if host port 80 is used then it should use other port which is free and caddy image container port should be same no change only we have to mapped it host other port .I didn't realize that this was related to Caddy(not a caddy problem only port are not available ) .Is the Caddy configuration included in the setup script? (yes script is there) .Generally speaking port 80 can only be used by processes with root privileges. (yes u are right but in this case as port is used by a system prcess so we can't kill it even if u manually try )

The reason we want to keep ports 80/443 (instead of changing to other ports) is because Caddy is acting as a reverse proxy - it needs to intercept HTTP/HTTPS traffic to forward it to the API service and handle SSL certificates automatically.

@PurnenduMIshra129th
Copy link
Author

@chandel-aman i am not saying to to change the port 80 and 443 of caddy image container . Instead for host we can change the port so that can we get request on our defined then it will forward to port 80 or 443 of image .Now see we can not send any http request as it is a system process i just stopped .
Screenshot (17)
Screenshot (18)
Screenshot (19)
Screenshot (20)
Screenshot (21)
what will be wrong if we define port other than 80 and 443 in host .If the api request is handle by caddy in 80 and 443 inside the docker container . I think it not good to stop system processes

@chandel-aman
Copy link
Contributor

Any external request will be made through the host port, not the Docker port. Therefore, the issue arises with external requests. Here's why:

  1. External requests would need to explicitly include the non-standard ports.

  2. Instead of:

    https://api-demo.talawa.io
    

    We'd need something like:

    https://api-demo.talawa.io:[changed port]
    

    For example:

    https://api-demo.talawa.io:8080
    

    (We don't want to keep our URL like this.)

  3. Additionally, automatic HTTPS redirection might not work as expected in this setup.

While we could change the port in development, it would lead to inconsistencies with production configurations.
@palisadoes, would like your thoughts here.

@PurnenduMIshra129th
Copy link
Author

@chandel-aman i think when the app is hosted in server then its original code will be run not the docker image .And that's why there will be no change in port will be require . If the docker image will be run on server then we can define talwa-api port to 4000 we will exposed which is defalut port for talwa api .https://api-demo.talawa.io:[changed port] and for this every domain consist of ip address and port so this one is a internal working we don't have to define it externally

@chandel-aman
Copy link
Contributor

There seems to be a misunderstanding about how production deployment works. Let me clarify:

  1. For Production Server:

    • Whether we run the app directly or via Docker, we still need a reverse proxy (Caddy) to:
      • Handle HTTPS/SSL certificates
      • Route incoming traffic to our API
      • Add security headers
      • Manage redirections
  2. About Domain and Ports:

    • While domains resolve to IP addresses, the ports still matter
    • Standard HTTP/HTTPS traffic expects ports 80/443
    • Using non-standard ports would require users to explicitly specify them in URLs
  3. Container vs Direct Deployment:

    • Even if we deploy without Docker, the API on port 4000 still needs a reverse proxy
    • The reverse proxy (Caddy) must listen on ports 80/443 to handle incoming traffic properly
    • This is true regardless of whether we use Docker or direct deployment
  4. For example:

    Internet Request -> Port 80/443 -> Reverse Proxy -> API (Port 4000)
    

    This flow remains the same whether we use Docker or not.

@PurnenduMIshra129th
Copy link
Author

ok @chandel-aman i got it your point .In production which process does this api follow normally running code on server or image container is hosted. And in this problem how should i approch. Because if i disabled the service running on host of port 80 and 443 any http request will not be occur as i give screenshot above.

@PurnenduMIshra129th
Copy link
Author

@chandel-aman any suggestion?

@PurnenduMIshra129th
Copy link
Author

@palisadoes @chandel-aman read the article of stackOverflow as other people are also gets the same error for using this port and soultion their are suggest
https://stackoverflow.com/questions/65874912/docker-error-response-from-daemon-ports-are-not-available-listen-tcp-0-0-0-0

again i get the same issue as i try to run it with newer develop branch code.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
bug Something isn't working unapproved Unapproved for Pull Request
Projects
None yet
Development

No branches or pull requests

3 participants