I have a server with two docker containers, each with their own PostgreSQL databases.
One container is mapped to port 32772 and the other to 32771. These two databases used to be acessible by remote uses, and worked perfectly simultaneously. Until we had a forced shutdown of the machine.
The previous admin set up a system so that docker would start on startup and so would the 32771's container. I manually restarted 32772 container using docker start. Now the weird shenanigans began.
Both can be reached by psql and nc when in the current machine, while only database 32771 can be reached from a remote machine.
Both containers use the official postgres image, and the only difference between them (besides database data) is that they are in different docker networks, so I'm at a lost for what is causing this change in behavior.
I looked in iptables and cannot spot any weird behavior. Both ports are marked as listening in ipv4 and ipv6. 32772's pga_conf.hba and postgresql.conf are properly configured. There is no failed connection attempt in the database log. Any idea what could cause that behavior?
Some logs:
iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain FORWARD (policy DROP)
target prot opt source destination
DOCKER-USER all -- anywhere anywhere
DOCKER-ISOLATION-STAGE-1 all -- anywhere anywhere
ACCEPT all -- anywhere anywhere ctstate RELATED,ESTABLISHED
DOCKER all -- anywhere anywhere
ACCEPT all -- anywhere anywhere
ACCEPT all -- anywhere anywhere
ACCEPT all -- anywhere anywhere ctstate RELATED,ESTABLISHED
DOCKER all -- anywhere anywhere
ACCEPT all -- anywhere anywhere
ACCEPT all -- anywhere anywhere
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
Chain DOCKER (2 references)
target prot opt source destination
ACCEPT tcp -- anywhere 172.18.0.2 tcp dpt:postgresql
ACCEPT tcp -- anywhere 172.18.0.3 tcp dpt:http
ACCEPT tcp -- anywhere 172.17.0.2 tcp dpt:7687
ACCEPT tcp -- anywhere 172.17.0.2 tcp dpt:7474
ACCEPT tcp -- anywhere 172.17.0.3 tcp dpt:postgresql
Chain DOCKER-ISOLATION-STAGE-1 (1 references)
target prot opt source destination
DOCKER-ISOLATION-STAGE-2 all -- anywhere anywhere
DOCKER-ISOLATION-STAGE-2 all -- anywhere anywhere
RETURN all -- anywhere anywhere
Chain DOCKER-ISOLATION-STAGE-2 (2 references)
target prot opt source destination
DROP all -- anywhere anywhere
DROP all -- anywhere anywhere
RETURN all -- anywhere anywhere
Chain DOCKER-USER (1 references)
target prot opt source destination
RETURN all -- anywhere anywhere
docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
3d001590ef69 postgis/postgis "docker-entrypoint.s…" 12 months ago Up 2 hours 0.0.0.0:32772->5432/tcp, :::32772->5432/tcp postgis
6273d983556f postgres "docker-entrypoint.s…" 20 months ago Up 2 months 0.0.0.0:32771->5432/tcp, :::32771->5432/tcp pg_container
3714a16b6263 dpage/pgadmin4 "/entrypoint.sh" 20 months ago Up 2 months 443/tcp, 0.0.0.0:5050->80/tcp, :::5050->80/tcp pgadmin4_container
docker network list
49a50a34254d bridge bridge local
db7b6beb29cd host host local
cc7bc4c85bbd none null local
36ae3773e28d pgadmin_default bridge local
