Failed to connect to github.com port 443: Connection refused, Failed to Bootstrap, Discourse Docker

Jonathan picture Jonathan · Jul 21, 2014 · Viewed 22.1k times · Source

Whilst running my ./launcher bootstrap app command from /var/docker on a local installation of Discourse, I get this error.

fatal: unable to access 'https://github.com/SamSaffron/pups.git/': Failed to connect to github.com port 443: Connection refused
FAILED TO BOOTSTRAP

The following is the contents of my containers/app.yml. I've been using this guide to try to get it up and running. I've heard of some people having issues with HTTP connections refused due to iptables -L containing some rules blocking the docker container from connecting to the internet. But it moments before just downloaded an image. So I don't understand.

##
## After making changes to this file, you MUST rebuild for any changes
## to take effect in your live Discourse instance:
## 
## /var/docker/launcher rebuild app
##

## this is the all-in-one, standalone Discourse Docker container template
templates:
  - "templates/cron.template.yml"
  - "templates/postgres.template.yml"
  - "templates/redis.template.yml"
  - "templates/sshd.template.yml"
  - "templates/web.template.yml"

## which TCP/IP ports should this container expose?
expose:
  - "127.0.0.1:20080:80"   # fwd host port 80   to container port 80 (http)
  - "2222:22" # fwd host port 2222 to container port 22 (ssh)

params:
  ## Which Git revision should this container use?
  version: HEAD

env:
  ## How many concurrent web requests are supported?
  ## With 2GB we recommend 3-4 workers, with 1GB only 2
  # UNICORN_WORKERS: 3
  ##
  ## List of comma delimited emails that will be made admin on signup
  DISCOURSE_DEVELOPER_EMAILS: <%= ENV['EMAIL_ADDRESS'] %>
  ##
  ## The domain name this Discourse instance will respond to
  DISCOURSE_HOSTNAME: 'localhost'
  ##
  ## The mailserver this Discourse instance will use
  DISCOURSE_SMTP_ADDRESS: smtp.gmail.com
  DISCOURSE_SMTP_PORT: 465
  DISCOURSE_SMTP_USER_NAME: <%= ENV['GMAIL_USERNAME'] %>
  DISCOURSE_SMTP_PASSWORD: <%= ENV['GMAIL_PASSWORD'] %>
  ##
  ## the origin pull CDN address for this Discourse instance
  # DISCOURSE_CDN_URL: //discourse-cdn.example.com

## These containers are stateless, all data is stored in /shared
volumes:
  - volume:
      host: /var/docker/shared/standalone
      guest: /shared

## The docker manager plugin allows you to one-click upgrade Discouse
## http://discourse.example.com/admin/docker
hooks:
  after_code:
    - exec:
        cd: $home/plugins
        cmd:
          - git clone https://github.com/discourse/docker_manager.git

## Remember, this is YAML syntax - you can only have one block with a name
run:
  - exec: echo "Beginning of custom commands"

  ## If you want to configure password login for root, uncomment and change:
  #- exec: apt-get -y install whois # for mkpasswd
  ## Use only one of the following lines:
  #- exec: /usr/sbin/usermod -p 'PASSWORD_HASH' root
  #- exec: /usr/sbin/usermod -p "$(mkpasswd -m sha-256 'RAW_PASSWORD')" root

  ## If you want to authorized additional users, uncomment and change:
  #- exec: ssh-import-id username
  #- exec: ssh-import-id anotherusername

  - exec: echo "End of custom commands"
  - exec: awk -F\# '{print $1;}' ~/.ssh/authorized_keys | awk 'BEGIN { print "Authorized SSH keys for this container:"; } NF>=2 {print $NF;}'

Answer

redlabo picture redlabo · Aug 4, 2014

Are you behind a proxy ? Have you checked your DNS settings ? This is what I had to do in order to make it run in /etc/default/docker:

DOCKER_OPTS="--dns 8.8.8.8 --dns 8.8.4.4 --dns x.x.x.x"

If you don't add your DNS (you can find it with nslookup), chance are that you can't resolve the name of GitHub. But as your attempt to connect does not return explicitly a name not resolved, I don't think you are concerned here. But strangely, I had to do it to make it work. For the rest I already mentioned what to do in an issue filled on GitHub: https://github.com/discourse/discourse_docker/issues/79

Edit: I corrected the point, there's no ln, it should read 'in'. As I said in my issue to GitHub, there's a lack of proxy consideration in code. But have you a proxy or a direct access to web ? I bet you have a proxy. If so, take my solution in the link I provided. Basically, if HTTP_PROXY is not added in the environment variables of the image of discourse, no command that relies on it will work (like in the gem command case).

Example:

DISCOURSE_SMTP_ADDRESS: smtp.mandrillapp.com                # (mandatory)
HTTP_PROXY: http://x.x.x.x:3128/ # my add
DISCOURSE_SMTP_PORT: 587                        # (optional)
DISCOURSE_SMTP_USER_NAME: '[email protected]'      # (optional)
DISCOURSE_SMTP_PASSWORD: Password               # (optional)

In addition, git has its own way of specifying proxy, so I add it in the script to make it run. Otherwise, git will be stuck and timeout will occcur when it will try to pull from repository (seems to be your case).

Replacement in launcher script of discourse:

run_command="$run_command git pull &&"

to

run_command="$run_command git config --global http.proxy http://x.x.x.x:3128/ && git pull &&"

And/Or (should work too, and in fact if I recall correctly I had to do both...)

/bin/bash -c "$run_command") \

to

/bin/bash -c "git config --global http.proxy http://x.x.x.x:3128/;$run_command") \

Clearer ? Concerning the dns, docker configure a lot of things in its configuration file. But to my surprise, the proxy configuration never seemed to be taken into account.Yet, the dns part was interesting as I got error of name resolution too, despite the public dns already configured. So I add the dns of my company, and magically it solved the problem. But I don't think this is your situation, I mentioned this just in case...