在Azure上安装Discourse无法连接

支持 安装
1

I created a new Ubuntu 14.04 VM on Microsoft Azure and installed Discourse using the guide here: discourse/docs/INSTALL-cloud.md at main · discourse/discourse · GitHub

The entire installation went perfectly, but the instance is not reachable publicly. I have the A record configured to the public IP given by Azure. I also tried using the IP address directly.

I suspect this has something to do with the Docker IP and the Eth0 IP address, but not sure how to solve it.

# ifconfig
docker0   Link encap:Ethernet  HWaddr 02:42:4c:29:e0:92  
          inet addr:172.17.0.1  Bcast:0.0.0.0  Mask:255.255.0.0
          inet6 addr: fe80::42:4cff:fe29:e092/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:6144 errors:0 dropped:0 overruns:0 frame:0
          TX packets:21683 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:414603 (414.6 KB)  TX bytes:30771613 (30.7 MB)

eth0      Link encap:Ethernet  HWaddr 00:0d:3a:00:15:21  
          inet addr:10.0.0.4  Bcast:10.0.0.255  Mask:255.255.255.0
          inet6 addr: fe80::20d:3aff:fe00:1521/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:1079091 errors:0 dropped:0 overruns:0 frame:0
          TX packets:634212 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:1254465906 (1.2 GB)  TX bytes:318586926 (318.5 MB)

lo        Link encap:Local Loopback  
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:65536  Metric:1
          RX packets:7245 errors:0 dropped:0 overruns:0 frame:0
          TX packets:7245 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:986455 (986.4 KB)  TX bytes:986455 (986.4 KB)

vethcb56e42 Link encap:Ethernet  HWaddr 6a:43:07:bb:63:3f  
          inet6 addr: fe80::6843:7ff:febb:633f/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:2717 errors:0 dropped:0 overruns:0 frame:0
          TX packets:2896 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:225111 (225.1 KB)  TX bytes:3277314 (3.2 MB)

So essentially I have 3 IPs: the public IP, the eth0 IP on the VPN, and then the docker instance IP. I’m guessing I need to somehow route the public IP:80 port to the docker IP?

Please help. Thank you.

1 个赞
2

Currently we do not officially support Discourse installation on Microsoft Azure. We recommend using DigitalOcean.

Supporting Discourse installation on Microsoft Azure is on my to-do list and I plan to make a how-to guide for same by the end of January 2016.

3

Provided Docker installed correctly, I am unclear why the current guide would not work…

4

Crazy cloud shenanigans likely get in the way – there’s probably some equivalent of AWS’ security groups, or perhaps the networking stack needs an extra kick in the pants.

3 个赞
5

So I sort of found the problem, but not the cure. As expected it has to do with the port forwarding/mapping/routing issue.

Azure VMs are part of a resource group with a common virtual public IP and a VPN/subnet for individual machines. Then there is a Network Security Group, with which one has to define some NAT rules.

I did setup forwarding for the Docker ports, but to no avail. Now trying to diagnose using Docker documentation. Jeff is right, once Docker works correctly, Discourse will work too.

The Azure classic VM should be better because they allow mapping of specific endpoints (ports). Will try installing in one of those.

Will post my updates. For better or for worse, I’m stuck with Azure at the moment.

5 个赞
6

Ok. So I discarded the instance of Ubuntu and created a new Ubuntu VM of the classic type. Then I chose a fixed Instance IP address. Then I created two endpoints for TCP/80 and TCP/443 to forward from the public to private network. Also I installed Docker from the instructions for Ubuntu and not the script directly.

I’m not sure which of these steps helped, but now Discourse works on Azure!

Thank you all!

9 个赞
7

Hi there!

Resetting my discourse installation on azure, I cannot reach it anymore!

It was working before, but by now, it doesn’t! I map the public ports to the vm and inside the vm to the docker installation. It all worked before.

Any idea where to start over? Where to check, what is up and running? Docker is running (according to pgrep).

Any help appreciated!
Bernd

8

I finally switched to digital ocean, where it works out of the box. The VM classic type seems not to be available anymore at Azure? Tried to setup an instance without success…

Regards,
Bernd

9

很抱歉再次顶起这个话题,但它仍然相关。从 Discourse 的角度来看,一切安装都很顺利,看起来都没问题,但端口 80 和 443 却无法从公网访问。

更新基本安装 确实可以在 Azure 上的 Ubuntu Server 上开箱即用。

这是我第二次尝试时所做的不同之处:

  1. 在创建虚拟机并运行 discourse-setup 后,我没有中断该过程,因此所有步骤都一次性完成。

    第一次时,我意识到没有交换空间(swap),尽管 discourse-setup 脚本会在缺失时自动设置,但我还是退出了 shell 去检查一些情况。随后,一些安装提示与 基本指南 中的不同,于是我再次退出了。

    + 让我困惑的是 Let’s Encrypt 部分,它要求输入一个邮箱地址以接收相关通知,我当时误以为需要手动配置 HTTPS。实际上,该脚本会为 Discourse 实例自动配置 Let’s Encrypt 的 SSL 证书。
    + 另一个问题是 SMTP 用户名和密码部分;我仍不确定是否可以直接留空,但我只是填入了管理员邮箱地址及其密码。

  2. 手动设置交换空间,参考了 这篇 meta.discourse 帖子

    我不认为这与问题有关,但提一下以防万一。第二次操作时,我按照第一次的方式完成了所有步骤,除了:(1) 手动设置交换空间,以及 (2) 让 discourse-setup uninterrupted 运行。

    第一个实例或许还有救,但 Discourse 的架构对我来说仍然神秘,我不确定如何重启 HTTP/HTTPS 端点。对比 netstat -tulpn 的输出可以清楚地看到,在第一个实例中,所有相关服务似乎都在运行并监听正确的端口(例如 PostgreSQL 在 5432,Redis 在 6379 等),唯独缺少端口 80 和 443 的条目(这表明 nginx 未运行):

第一个(失败的)实例:

$ sudo -s

# docker ps
CONTAINER ID   IMAGE                 COMMAND        CREATED        STATUS        PORTS                                                                      NAMES
62396a99737c   local_discourse/app   "/sbin/boot"   14 hours ago   Up 14 hours   0.0.0.0:80->80/tcp, :::80->80/tcp, 0.0.0.0:443->443/tcp, :::443->443/tcp   app

# docker exec -it 62396a99737c bash

(docker)# netstat -tulpn
Active Internet connections (only servers)
Proto Local Address  Foreign Address State   PID/Program name
tcp   127.0.0.1:3000 0.0.0.0:*       LISTEN  -
tcp   0.0.0.0:5432   0.0.0.0:*       LISTEN  -
tcp   0.0.0.0:6379   0.0.0.0:*       LISTEN  -
tcp6  :::5432        :::*            LISTEN  -
tcp6  :::6379        :::*            LISTEN  -

第二个实例:

(docker)# netstat -tulpn
Active Internet connections (only servers)
Proto Local Address  Foreign Address  State   PID/Program name
tcp   0.0.0.0:6379   0.0.0.0:*        LISTEN  -
tcp   0.0.0.0:80     0.0.0.0:*        LISTEN  2359/nginx: master
tcp   127.0.0.1:3000 0.0.0.0:*        LISTEN  -
tcp   0.0.0.0:5432   0.0.0.0:*        LISTEN  -
tcp   0.0.0.0:443    0.0.0.0:*        LISTEN  2359/nginx: master
tcp6  :::6379        :::*             LISTEN  -
tcp6  :::5432        :::*             LISTEN  -

给未来的自己几点备注:

  1. 第一次操作时,我注意到缺少 80 和 443 的监听端口,但看到了 127.0.0.1:3000 套接字(我记得这是默认的 Rails 端口)。当时我还没意识到可能是 nginx 没有运行,出于某种原因,我仍然怀疑是 Docker 端口映射的问题,于是我使用 netcat 做了一个简单的转发:

    在 Docker 内部:nc -l -p 80 -c "nc 127.0.0.1 3000"
    在 VM 的 Docker 外部:nc -zv localhost 80curl localhost:80(这确认了 Docker 没有问题)

  2. 我还曾怀疑 Azure 入站端口规则 有问题,因为 nc -zv 一直返回 Connection refused,但后来意识到这只意味着 端口是开放的,但另一端没有程序在监听。(如果端口被阻止,nc 会一直挂起。)

1 个赞
10

如果你没有开放端口 80 和 443 以允许入站流量,discourse-setup 应该会失败。

啊,确实如此。关于电子邮件配置的一些问题在之前被修改过,但指南并未同步更新。我想大多数人都是直接阅读提示而非安装文档,所以其他人也没有抱怨。

你为什么会有这种想法?安装流程多年来一直自动配置 Let’s Encrypt。

我无法确定你是在说你的网站正在运行还是无法运行。

如果无法运行,很可能是因为你在 letsencrypt.org 上多次运行 discourse-setup,导致触发了速率限制。

2 个赞
11

这是让 install clouddiscourse-setup 保持一致的 PR:update INSTALL-cloud for discourse-setup by pfaffman · Pull Request #14065 · discourse/discourse · GitHub

2 个赞
12

此主题已在 3095 天后自动关闭。不再允许回复。