Can't Connect to Azure Container Instance .net Core MVC Linux Container

Question

I'm pretty new to Docker and Azure as a whole so please bear with me..

FOR STARTERS

I have a Linux container based Docker Image which I am able to run and connect to successfully locally.

Here is the dockerfile I've put together

#Use microsoft's sdk image for build
FROM mcr.microsoft.com/dotnet/core/sdk:3.1-buster AS build
WORKDIR /app 

#1. copy csproj and restore as distinct layers
COPY *.sln .
COPY Client.Web/*.csproj ./Client.Web/
COPY DataOneDecoder/*.csproj ./DataOneDecoder/
COPY DealershipTenant/*.csproj ./DealershipTenant/
COPY Portal.Web/*.csproj ./Portal.Web/ 
COPY Multitenancy/*.csproj ./Multitenancy/ 
COPY Shared/*.csproj ./Shared/
COPY AdfSerialization/*.csproj ./AdfSerialization/

#2. dotnet-restore
RUN dotnet restore 

#3. copy everything else and build app
COPY Client.Web/. ./Client.Web/
COPY DataOneDecoder/. ./DataOneDecoder/
COPY DealershipTenant/. ./DealershipTenant/ 
COPY Portal.Web/. ./Portal.Web/
COPY Multitenancy/.  ./Multitenancy/
COPY Shared/. ./Shared/
COPY AdfSerialization/. ./AdfSerialization/

#4. Install nodejs and npm
RUN curl -sL https://deb.nodesource.com/setup_10.x | bash -
RUN apt-get install -y nodejs
RUN echo "NODE Version: " && node --version
RUN echo "NPM Version: " && npm --version


#5. Navigate to Portal.Web and install npm dependencies
WORKDIR /app/Portal.Web
RUN npm install

#6. Build and publish solution
WORKDIR /app/
RUN dotnet publish -c Release -o out 

#7. Copy built application to runtime image, expose port 5000, and define entrypoint
FROM mcr.microsoft.com/dotnet/core/aspnet:3.1-buster-slim AS runtime
COPY --from=build /app/out ./
EXPOSE 5000
ENV ASPNETCORE_URLS http://*:5000
ENTRYPOINT ["dotnet", "Portal.Web.dll"]

Locally, I am able to open the application on port 80 mapped to port 5000 (Exposed in the dockerfile) using the following commands

docker build  -t exampleApp  . --no-cache  
docker run -d -p 80:5000 --name exampleContainer exampleApp

Now over in Azure land, I've set up a gitlab pipeline which builds and deploys the container to my Azure Container Registry.

From there I'm using the CLI to deploy the container to a Container Group and ultimately as a Container Instance

az container create \
    --name dstestacg \
    --resource-group $RES_GROUP \
    --image $ACR_LOGIN_SERVER/portal_web_test:38b63ff933ea5a04b9ed7906ee01db33afb9abb6 \
    --registry-login-server $ACR_LOGIN_SERVER \
    --registry-username $(az keyvault secret show --vault-name $AKV_NAME -n $ACR_NAME-pull-usr --query value -o tsv) \
    --registry-password $(az keyvault secret show --vault-name $AKV_NAME -n $ACR_NAME-pull-pwd --query value -o tsv) \
    --restart-policy Never \
    --ip-address Public \
    --cpu 2 \
    --memory 3.5 \
    --ports 80 \
    --environment-variables 'ASPNETCORE_URLS'='http://*:5000' \
    --command-line "tail -f /dev/null"

It appears the application is running (I'm seeing resource usage spike, moreso than I experienced when the app wasn't running) but I cannot connect on the public ip with port 80. I end up with an "ERR_CONNECTION_RESET" error in the browser

I'm a little unclear on how this is being hosted on a non-windows machine. I believe it's with Kestrel, which I'm assuming my local Linux container of this was using. I'm unsure why I'm able access the container on port 80 locally but not as an Azure Container Instance.

Any assistance would be greatly appreciated, and if you need any more details please ask.

Thanks!

Updated Docker file and Azure CLI command after discussion about port mapping

#Use microsoft's sdk image for build
FROM mcr.microsoft.com/dotnet/core/sdk:3.1-buster AS build
WORKDIR /app 

#1. copy csproj and restore as distinct layers
COPY *.sln .
COPY Client.Web/*.csproj ./Client.Web/
COPY DataOneDecoder/*.csproj ./DataOneDecoder/
COPY DealershipTenant/*.csproj ./DealershipTenant/
COPY Portal.Web/*.csproj ./Portal.Web/ 
COPY Multitenancy/*.csproj ./Multitenancy/ 
COPY Shared/*.csproj ./Shared/
COPY AdfSerialization/*.csproj ./AdfSerialization/

#2. dotnet-restore
RUN dotnet restore 

#3. copy everything else and build app
COPY Client.Web/. ./Client.Web/
COPY DataOneDecoder/. ./DataOneDecoder/
COPY DealershipTenant/. ./DealershipTenant/ 
COPY Portal.Web/. ./Portal.Web/
COPY Multitenancy/.  ./Multitenancy/
COPY Shared/. ./Shared/
COPY AdfSerialization/. ./AdfSerialization/

#4. Install nodejs and npm
RUN curl -sL https://deb.nodesource.com/setup_10.x | bash -
RUN apt-get install -y nodejs
RUN echo "NODE Version: " && node --version
RUN echo "NPM Version: " && npm --version


#5. Navigate to Portal.Web and install npm dependencies
WORKDIR /app/Portal.Web
RUN npm install

#6. Build and publish solution
WORKDIR /app/
RUN dotnet publish -c Release -o out 

#7. Copy built application to runtime image, expose port 5000, and define entrypoint
FROM mcr.microsoft.com/dotnet/core/aspnet:3.1-buster-slim AS runtime
COPY --from=build /app/out ./
EXPOSE 5000/tcp
ENV ASPNETCORE_URLS=http://*:5000
ENV ASPNETCORE_ENVIRONMENT=Development
ENTRYPOINT ["dotnet", "Portal.Web.dll"]

az container create \
    --name idkman \
    --resource-group $RES_GROUP \
    --image $ACR_LOGIN_SERVER/portal_web_test:deb5e784f1a7f9904f50a97b93ff42380b85158c \
    --registry-login-server $ACR_LOGIN_SERVER \
    --registry-username $(az keyvault secret show --vault-name $AKV_NAME -n $ACR_NAME-pull-usr --query value -o tsv) \
    --registry-password $(az keyvault secret show --vault-name $AKV_NAME -n $ACR_NAME-pull-pwd --query value -o tsv) \
    --restart-policy Never \
    --ip-address Public \
    --cpu 2 \
    --memory 3.5 \
    --ports 5000 \
    --environment-variables 'PORT'='5000'

score 0 · Answer 1 · answered Apr 13 '21 at 06:24

0

ACI does not support the port mapping, so you only can expose the port that you exposed in the Dockerfile directly, here the port should be 5000. And then you can access the ACI like http://publicIP:5000.

answered Apr 13 '21 at 06:24

Charles Xu

29,862
2
22
39

Oh wow I've been down a rabbit hole, hopefully that resolves the issue. Just trying to host our application as a Linux container in Azure as a proof of concept. Giving this a try now – Brandon Jerz Apr 13 '21 at 06:59
Still getting ERR_CONNECTION_RESET unfortunately I'm exposing port 5000 in my dockerfile and using port 5000 for the azure container instance. Is there any good way to tell if the application is running? I've tried curling localhost:5000 from the bash shell in azure but I'm just getting connection refused – Brandon Jerz Apr 13 '21 at 07:10
@BrandonJerz What command do you use to create the ACI? Can you share it? – Charles Xu Apr 13 '21 at 07:13
the command I use to deploy to ACI is in the post. I use the Azure CLI's az container create option. Basically since your comment I've changed the --ports property to 5000 (which should be the default for kestral, and maps properly on my local machine running linux) containers) – Brandon Jerz Apr 13 '21 at 07:29
@BrandonJerz The image is the same one you run locally and works well? And do you access the ACI with the url `http://publicIP:5000`? – Charles Xu Apr 13 '21 at 07:34
Yes to both. it's an identical image I pushed to the ACR to what is working locally for me in linux containers and I'm accessing via the public IP provided by azure at port 5000. Interestingly enough when I try to curl from the bash terminal for my container in azure I'm getting connection refused curl http://localhost:5000 curl: (7) Failed to connect to localhost port 5000: Connection refused – Brandon Jerz Apr 13 '21 at 07:40
@BrandonJerz What does your application do in the container? Do you check if the application runs well? It seems the application does not run so that there is nothing listen to the port 5000 inside the container. – Charles Xu Apr 13 '21 at 07:46
Locally the application runs well in the Linux container (I'm on a windows machine), I'm trying to find a way to tell how it's running in ACI but I can't access it. I'll see if I can add logging since I'm not getting anything now. – Brandon Jerz Apr 13 '21 at 07:48
@BrandonJerz OK, I know the reason, you try to delete the parameter `--command-line` in the CLI command. This overwrites the CMD option in your Dockerfile – Charles Xu Apr 13 '21 at 07:59
I removed the --command-line property but am still seeing the connection reset. I've added my updated dockerfile and Azure CLI commands in the post – Brandon Jerz Apr 13 '21 at 08:14
Also, mapping 5000:5000 locally works fine – Brandon Jerz Apr 13 '21 at 08:16
@BrandonJerz Really? Do you connect into the container and access the application with `curl loclahost:5000`? If the image is no problem, don't use the `--command-line`, the ACI should works like in your local machine. – Charles Xu Apr 13 '21 at 08:21
yeah, I'm connecting to the container through Azure's "Connect" functionality using bin\bash. When I try to curl localhost:5000 I'm just getting curl: (7) Failed to connect to localhost port 5000: Connection refused – Brandon Jerz Apr 13 '21 at 08:28
@BrandonJerz Can you share the image? If you don't mind, I can help you test the image. – Charles Xu Apr 13 '21 at 08:30
@BrandonJerz I can't create the image without your application code. So what is the situation now? – Charles Xu Apr 13 '21 at 08:46
@BrandonJerz Any updates on this question? Do you solve the problem? – Charles Xu Apr 23 '21 at 08:29

Can't Connect to Azure Container Instance .net Core MVC Linux Container

1 Answers1