FTP tool such as Filezilla for AWS Docker Container?

docker

(Ralf Lukner MD PhD) #1

I’m trying to connect Filezilla (Pro) or another UI-based FTP tool available for MacOS to the docker image on an AWS instance. When I inspect the docker image, it doesn’t seem to have a usable IP address (0.0.0.0) but perhaps I can give it an IP address somehow. Has anyone figured out how to do this … yes, I can copy files between the docker image and the filesystem of the instance, but I would like to have a more convenient way to do this, if possible.
Thank you,
–Ralf


(Ralf Lukner MD PhD) #2

Here is what Amazon AWS support told me. I’m a little bit reluctant to try this until I feel more comfortable with docker (see my related post at How to access the docker files remotely for Amazon AWS ubuntu instance ).

---------Begin-From-Amazon-Web-Services-Support-----------------------------
You can expose several ports when you run the container. So, you can expose the FTP port also, something like this.

docker run --name containername -p 3000:80 -p 3001:21 -d dockerimagename

In this example with the -p 3001:21 you are exposing your port 21 of the container to your port 3001 of the Server, so you can enter with filezilla with the ip of your server for host, and 3001 as port.

However, the image should listen on the FTP port 21.

To understand this in detail, I have launched a T2.medium instance with Ubuntu 16.04, same as the instance i-079b23966ac03e89f specification. I have then followed the docker official (third party to AWS ) document [1] to install the docker-CE on the instance. Once the docker is installed, I have checked it with running “hellow-world” image.

docker run hello-world

Hello from Docker!
This message shows that your installation appears to be working correctly.

I have then used a VSFTPD image [2] from the docker.io and ran the image using the below command.

docker run --rm -it -p 4321:21 -p 4559-4564:4559-4564 -e FTP_USER=ftp -e FTP_PASSWORD=ftp docker.io/panubo/vsftpd:latest

Unable to find image ‘panubo/vsftpd:latest’ locally
latest: Pulling from panubo/vsftpd
cc1a78bfd46b: Pull complete
4969c7710c67: Pull complete
0681e1174ea3: Pull complete
1f5211d4a055: Pull complete
e41a45b478d1: Pull complete
bb94a6782824: Pull complete
8029d0483fe9: Pull complete
Digest: sha256:a62cc1234d8f53acea21994982a104b6d5902b2ab0409ac6b34b81642464210a
Status: Downloaded newer image for panubo/vsftpd:latest
Running vsftpd

In this example, I have used the host port 4321 to forward it to the vsftp port 21 and other ports 4559-4564 to the respective port of the host. Please make sure that the host port do not conflict with any other service, otherwise the docker will not run correctly.

I have then verified the ports from the host and I could see that it is listening on the respective ports,

netstat -anltp

Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 1242/sshd
tcp 0 0 172.31.14.239:22 54.240.193.1:53983 ESTABLISHED 1483/sshd: ubuntu [
tcp 0 188 172.31.14.239:22 54.240.193.1:26659 ESTABLISHED 10625/sshd: ubuntu
tcp 0 0 172.31.14.239:22 54.240.193.1:31957 ESTABLISHED 6740/sshd: ubuntu [
tcp6 0 0 :::4321 :::* LISTEN 10548/docker-proxy
tcp6 0 0 :::4559 :::* LISTEN 10537/docker-proxy
tcp6 0 0 :::4303 :::* LISTEN 10026/docker-proxy
tcp6 0 0 :::4560 :::* LISTEN 10526/docker-proxy
tcp6 0 0 :::4561 :::* LISTEN 10515/docker-proxy
tcp6 0 0 :::4562 :::* LISTEN 10502/docker-proxy
tcp6 0 0 :::4563 :::* LISTEN 10490/docker-proxy
tcp6 0 0 :::4564 :::* LISTEN 10464/docker-proxy

To verify this , I connected to the port 4321 from the local instance.

telnet localhost 4321

Trying 127.0.0.1…
Connected to localhost.
Escape character is ‘^]’.
220 (vsFTPd 3.0.3)
^]
telnet> quit
Connection closed.

Then added the port 4321 to the security group of my instance and tried to access it from my laptop.

$ telnet 13.239.113.36 4321
Trying 13.239.113.36…
Connected to 13.239.113.36.
Escape character is ‘^]’.
220 (vsFTPd 3.0.3)

I have also found some external third party blogs on this [3]. There is also a documentation on how to assign the IP address to the images [4] [5].

While AWS premium support engineers can assist you with any AWS infrastructure/service related queries or help accessing your instance, configuring and installing the docker (third party software) is generally beyond the scope of AWS premium support and I have limited knowledge and experience on this. However I tried my best to assist you on this issue. I would also recommend you to look at the AWS ECS service [6], by using ECS you have several advantages over the local docker running on an instance [7].

I hope the above information would be helpful. If you have any further queries, please let me know and I will do my best to help you.

[1] https://docs.docker.com/install/linux/docker-ce/ubuntu/
[2] https://hub.docker.com/r/panubo/vsftpd/
[3] https://www.reddit.com/r/docker/comments/7w7xz3/how_to_make_docker_volume_accessible_via_ftp/
[4] https://stackoverflow.com/questions/27937185/assign-static-ip-to-docker-container
[5] https://docs.docker.com/network/bridge/
[6] https://aws.amazon.com/ecs/
[7] https://aws.amazon.com/ecs/features/

Best regards,

Sijo K.
Amazon Web Services
---------End-From-Amazon-Web-Services-Support-----------------------------


(Stephen Waite) #3

if you can put the files at a reachable url, found it easier to copy files into the container as in below running from the sudo bash prompt,
OE_INSTANCE=$(docker ps | grep _openemr | cut -f 1 -d " ")

and then

docker exec -it OE_INSTANCE sh -c 'curl -L https://raw.githubusercontent.com/openemr/openemr/v5_0_1/admin.php > /var/www/localhost/htdocs/openemr/admin.php'

more examples