Question 83769 in Docker Question posted in
The official documentation can be found here.

Cannot access Grafana (Docker image) using port 3000 from non-local server

I’m working on a Ubuntu server with Docker, in which I ran the Grafana Docker Image using the following commands (based on documentation: https://grafana.com/docs/grafana/latest/installation/docker):

docker volume create grafana-storage
docker run -d -p 3000:3000 --name=grafana -v grafana-storage:/var/lib/grafana grafana/grafana-oss

I can access to my Grafana instance successfully using localhost:3000, but the issue is that I cannot access from any external server x.x.x.x:3000. Not even locally unless I use localhost.

Nevertheless, I can access from an external server to x.x.x.x (port 80, which is being used by another process) from an external device.

I proceeded to check port configuration details:

netstat -an | grep "3000"

tcp        0      0 yy.yy.yy.yy:53596        yy.yy.yy.yy:3000        ESTABLISHED
tcp        0      0 yy.yy.yy.yy:53716        yy.yy.yy.yy:3000        ESTABLISHED
tcp        0      0 yy.yy.yy.yy:53700        yy.yy.yy.yy:3000        ESTABLISHED
tcp6       0      0 :::3000                 :::*                    LISTEN     
tcp6       0      0 ::1:3000                ::1:50602               ESTABLISHED
tcp6       0      0 ::1:50706               ::1:3000                ESTABLISHED
tcp6       0      0 ::1:3000                ::1:50706               ESTABLISHED
tcp6       0      0 ::1:50602               ::1:3000                ESTABLISHED

iptables -S | grep "3000"

-A INPUT -p tcp -m tcp --dport 3000 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 3000 -j ACCEPT
-A OUTPUT -p tcp -m tcp --sport 3000 -j ACCEPT
-A DOCKER -d yy.yy.yy.yy/32 ! -i docker0 -o docker0 -p tcp -m tcp --dport 3000 -j ACCEPT

iptables -L INPUT -nvx

Chain INPUT (policy ACCEPT 659 packets, 98721 bytes)
    pkts      bytes target     prot opt in     out     source               destination         
     136     8160 ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            tcp dpt:3000
       0        0 ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            tcp dpt:3000

And noted that firewall was inactive, then I enable it and put a rule:
sudo ufw enable
sudo ufw allow 3000/tcp comment 'grafana-port'
sudo ufw reload
sudo ufw status numbered

Status: active

     To                         Action      From
     --                         ------      ----
[ 1] 3000/tcp                   ALLOW IN    Anywhere                   # grafana-port
[ 2] 3000/tcp (v6)              ALLOW IN    Anywhere (v6)              # grafana-port

Applying this change did not make x.x.x.x:3000 work. However, port 80 is still working normally as I mentioned. Maybe I am missing something else.

More info: I tried using domain = x.x.x.x and serve_from_subpath = true in grafana.ini, defaults.ini and custom.ini files. It did not work.

Have you any advice or contribution in order to solve this issue? Thank you in advance!

Tags:

2

Answers


  1. Chosen as BEST ANSWER
    0

    Issue was solved letting the firewall inactive, and connecting to the server's router at tplinkwifi.net. There I put this router configuration on advanced > NAT forwarding > Port forwarding:

    Device IP Address: 192.168.x.x
External Port: 3000
Internal Port: 3000
Protocol: TCP

    Then restarted the docker container and got access from non-local server. Thank you for your suggestions.


  2. 0

    Have you tried the following?

    docker run -p x.x.x.x:3000:3000 ...
    Login or Signup to reply.
Please signup or login to give your own answer.

Back To Top
Search