ManageIQ docker 容器无法与 Web 浏览器连接

Question

我尝试测试对 hawkular 的 manageiq 监控。我使用以下命令制作了 manageiq docker 容器

docker pull manageiq/manageiq:euwe-1
docker run --privileged -d -p 8443:443 manageiq/manageiq:euwe-1

我可以看到容器已生成并运行。但是，我无法使用我的网络浏览器使用此 URL https://127.0.0.1:8443 连接到 ManageIQ。在 manageiq docker 容器的日志文件中显示如下错误，

[ssl:warn] [pid 815] AH01909: RSA certificate configured for 172.17.0.2:443 does NOT include an ID which matches the server name
[ssl:warn] [pid 815] AH01909: RSA certificate configured for 172.17.0.2:443 does NOT include an ID which matches the server name
[proxy:error] [pid 816] (111)Connection refused: AH00957: HTTP: attempt to connect to 0.0.0.0:3000 (0.0.0.0) failed
[proxy:error] [pid 816] AH00959: ap_proxy_connect_backend disabling worker for (0.0.0.0) for 60s
[proxy_http:error] [pid 816] [client 172.17.0.1:39140] AH01114: HTTP: failed to make connection to backend: 0.0.0.0
[proxy:error] [pid 819] (111)Connection refused: AH00957: HTTP: attempt to connect to 0.0.0.0:3000 (0.0.0.0) failed
[proxy:error] [pid 819] AH00959: ap_proxy_connect_backend disabling worker for (0.0.0.0) for 60s
[proxy_http:error] [pid 819] [client 172.17.0.1:39146] AH01114: HTTP: failed to make connection to backend: 0.0.0.0, referer: https://localhost:8443/

Answer 1

我解决了。原因是 docker 容器上没有设置 https 连接。这是过程，

1. 进入容器

docker exec -ti CONTAINER_ID bash –l

2.在容器上，找到server.crt和server.key文件

[root@17a6a6bd8743 vmdb]# find / -name server.crt

/opt/manageiq/manageiq-ui-service/node_modules/browser-sync/lib/server/certs/server.crt

[root@17a6a6bd8743 vmdb]# find / -name server.key

/opt/manageiq/manageiq-ui-service/node_modules/browser-sync/lib/server/certs/server.key

1. 然后像下面这样编辑 /etc/httpd/conf.d/ssl.conf 文件

[root@17a6a6bd8743 vmdb]# vi /etc/httpd/conf.d/ssl.conf

ServerName localhost:8443 #指定服务器名称

SSLProtocol -All +TLSv1 +TLSv1.1 +TLSv1.2 #类型ssl协议

SSLCertificateFile /opt/manageiq/manageiq-ui-service/node_modules/browser-sync/lib/server/certs/server.crt #输入server.crt的位置文件夹

SSLCertificateKeyFile /opt/manageiq/manageiq-ui-service/node_modules/browser-sync/lib/server/certs/server.key #输入server.key的位置文件夹

4. 设置httpd允许https

[root@17a6a6bd8743 vmdb]# systemctl restart httpd

[root@17a6a6bd8743 vmdb]# yum install firewalld -y

[root@17a6a6bd8743 vmdb]# systemctl start firewalld

[root@17a6a6bd8743 vmdb]# systemctl enable firewalld

[root@17a6a6bd8743 vmdb]# firewall-cmd --add-service=https --permanent

成功

[root@17a6a6bd8743 vmdb]# firewall-cmd --reload

成功

好的！配置设置完美。联系https://localhost:8443 并享受！

Answer 2

我被告知修改 docker 容器内部配置是不合适的，必须在 docker 容器外部配置 docker 网络。所以这是我的决心。

1. Windows 10 : 这个网站是用韩文写的。我希望你能找到并阅读英文网站。 ^_^

https://support.microsoft.com/ko-kr/help/3151631/rc4-cipher-is-no-longer-supported-in-internet-explorer-11-or-microsoft-edge

1. CentOS 7，火狐浏览器，

“环境配置”=>“安全”=>“例外列表”按钮 => 添加“https://localhost:8443/”网址

最后用reference site检查这个问题