Che Workspace Port Configuration #808
Comments
|
You can run services inside of the workspace that expose themselves on different ports other than that particular range. You can launch a jetty server on port 8082, for example, and then access that Jetty server directly on :8082. However, if you create a custom workspace with a Dockerfile and explicitly provide an EXPOSE in your workspace definition, then Docker maps that exposed port to an ephemeral port number (the big range you cited). So externally, Docker may give you port 40000 and then maps that to the internal port that was in the EXPOSE command. This is useful because Che is able to identify the services that are running on EXPOSE ports and then present those to the user in a more helpful way. The ephemeral port range cannot be altered. |
|
Thanks for the info @TylerJewell! I understand that I can run different services in my workspace on different ports. For my current scenario, I would like to use the ide through vpn. I am working with IT to open vpn firewall ports and they would like for me to provide them with a specific port or smaller range. I think based on what you explained I can use EXPOSE in order to do so. Where would I add that configuration in my workspace definition? Currently I have a spring/tomcat project in an ubuntu/java workspace and through the vpn the dashboard opens fine for me through 8080, but when I go to the IDE I have some websocket errors in the console trying to access the ephemeral port from the workspace. |
|
@Marcrazyness: You will need to make sure that you have the tripod of communications configured the right way. Che => Docker Daemon. Workspace => Che, and then Browser => Workspace. It sounds like you are having problems with the browser connecting to the workspace over VPN. Keep in mind that your browser is probably localhost and your Che server is behind a firewall, so the browser will need to know the right workspace IP address to get to it. We lay out the various configurations that you need to test here: |
|
When I am inside the firewall, I can access the dashboard and IDE without any issues on my laptop browser through my.domain.com:8080 using the cmd below. Through vpn the dashboard is accessible and works correctly, but when I open the IDE the workspace machine port isn't accessible and gives the following error (which I expected and was looking to set an available range or use EXPOSE through some che configuration if possible):
I am starting the che server using: |
|
You need to make sure this port range is open when you are accessing Che through VPN. This is an ephemeral port range that Che does not control or set in any way. We let Docker decide on the ports to map to those exposed in a container. |
|
Cool thanks for the info, I read some docker networking documentation https://docs.docker.com/v1.8/articles/networking/ and think I found my answer:
|
|
We do I am closing the issue as you seem to have found all the answers. Feel free to reopen if you face any other networking issues. |
ghost
closed this as 
Question: Hello, is there a way to configure the che workspace port range? I read through https://eclipse-che.readme.io/docs/usage-docker#ports, https://eclipse-che.readme.io/docs/networking#section-ports and it looks like the range is 32768-65535. Is there a way to configure in che.properties or in docker configuration?
Che install directory: /home/user/Documents/dev
Docker version: 1.10.3, build 20f81dd
Java version: 1.8.0_74
Environment details (AWS, VirtualBox, physical, etc.): physical desktop, Ubuntu 14.04, Chrome (latest)
How reproducible: Running che.
Steps to Reproduce:
Actual Results:
NA
Expected Results:
NA
The text was updated successfully, but these errors were encountered: