Exposing services on a multi container deployment

Hello,

I have finally deployed some services to a RPI4 and the services seem to be running fine. Now, I have tried to access the services using the device ip address and the port associated with the service but that does not seem to work.

I have looked at the docs and it seems like only one port (80) can be exposed publicly? Is that correct?

How can I access multiple services running on one device? Following is a couple of my services definitions.

  edgex-core-data:
    image: edgexfoundry/docker-core-data-go-arm64:1.2.0
    ports:
      - "127.0.0.1:48080:48080"
      - "127.0.0.1:5563:5563"
    container_name: edgex-core-data
    hostname: edgex-core-data
    networks:
      - edgex-network
    environment:
      <<: *common-variables
      Service_Host: edgex-core-data
      SecretStore_TokenFile: /tmp/edgex/secrets/edgex-core-data/secrets-token.json
    volumes:
      - tmp-secrets:/tmp/edgex/secrets
    depends_on:
      - edgex-core-consul
      - edgex-mongo
      - edgex-core-metadata
      - edgex-vault-worker

  edgex-core-command:
    image: edgexfoundry/docker-core-command-go-arm64:1.2.0
    ports:
      - "127.0.0.1:48082:48082"
    container_name: edgex-core-command
    hostname: edgex-core-command
    networks:
      - edgex-network
    environment:
      <<: *common-variables
      Service_Host: edgex-core-command
      SecretStore_TokenFile: /tmp/edgex/secrets/edgex-core-command/secrets-token.json
    volumes:
      - tmp-secrets:/tmp/edgex/secrets
    depends_on:
      - edgex-core-consul
      - edgex-mongo
      - edgex-core-metadata
      - edgex-vault-worker

I was expecting that I would be able to call my services from external clients. For example:

http://:48082/api/v1/ping

Please advise if this is possible.

Thanks,
Marcelo

Hi

We don’t support this right now. You can use a proxy service which can talk to other services on the same device - something similar to https://www.balena.io/docs/learn/develop/runtime/#multicontainer-applications

Can the default 80 port be changed to something else? For example 8443?

One more question, I need to run the following command on a container that is deployed on the device. How can I achieve this?

docker-compose run --rm --entrypoint /edgex/security-proxy-setup edgex-proxy --init=false --useradd=admin --group=admin

Thanks again,
Marcelo

Unfortunately currently its not possible to expose other ports to the internet via our device URLs, but that is something that is currently being worked on I believe. To do something like this today you would need to use something like HAproxy to map specific routes on port 80 to various different ports on your device. We do something like that in this project: https://github.com/balena-io-examples/multicontainer-getting-started

For setting up the compose options of that command I believe you would added them to your docker-compose.yml like so:

edgex-core-data:
    image: edgexfoundry/docker-core-data-go-arm64:1.2.0
    ports:
      - "127.0.0.1:48080:48080"
      - "127.0.0.1:5563:5563"
    container_name: edgex-core-data
    hostname: edgex-core-data
    user: admin
    group_add:
        - admin
    init: false
    entrypoint: /edgex/security-proxy-setup edgex-proxy
...

Thanks for the information and I will see if I can get around the port 80 issue. I think the proxy solution will work for me to route everything through one service but it will be really helpful to be able to choose something different that 80.

Also, for my second question I just want to be able to execute that command on an existing container that is already deployed on the device. Can I run that command from the host console or is any way to do it from the balena cli?

Thanks again,
Marcelo

Yeah, it will be very cool when we eventually allow configuring arbitrary ports.

On the second question, no unfortunately that is not something that is possible because there is no docker-compose on the OS at all, all the composition stuff is done on the cloud side and then the device supervisor gets told by the API how to run the containers and in what configuration.