I'm using docker desktop for windows and I could ping to a container from the host machine by it's IP on Docker version 1.x.
Now it doesn't work anymore on Docker version 20.x.
I guess somewhat change for network isolation policy but not sure.
Is there any solution to access my containers by it's IP address again?
Related
If I run Docker locally and I bind the containers' ports, I usually connect with them through localhost and not through the dynamically created IP address. I might start a MySQL container, bound with 3306:3306 and can then connect with it to localhost:3306.
If I am using a virtual machine in Windows to run Docker in (e.g. with VirtualBox), the VM has its own interface (e.g. VirtualBox Host-Only Network) which might have an IP address of 192.168.50.1. I can now connect to a MySQL container via 192.168.50.1:3306.
Using a different interface/network for my containers is useful during development because I free up my localhost ports for other things and many browsers treat localhost differently than it does other addresses.
However, Docker Desktop also has advantages over a VM:
Not having to manage the VM
Testcontainers out-of-the-box
Docker Desktop is nice
Should it not be possible to get Docker to bind to ports on a virtual interface instead of localhost, e.g. by creating a Windows virtual switch or even by using the existing VirtualBox network? And is it possible to do this for Docker Desktop (on Windows) for all containers by default?
This answer indicates there's an --ip option available when starting the Docker daemon, but:
Which IP address do I use here? The gateway is the only IP address that I have configured for a virtual switch.
What is the equivalent for Docker Desktop?
When using docker desktop, we would connect to the host machine from the container using the URL 'host.docker.internal'.
however container is not able to connect to the host machine (i.e my machine) when I am using nerdctl instead of docker.
I installed Rancher desktop to use nerdctl
ipconfig getifaddr en0
The above command will give the IP address of your wireless connection. Note, this will only work for MacOS. This IP can then be written to the /etc/hosts of your container against host.docker.internal as they share the same network. This can help the container communicate to the host machine by using host.dock.internal . Although, an elegant solution is expected from RancherDesktop (or its already available in the newer versions).
From lima docs.
The loopback addresses of the host is 192.168.5.2 and is accessible
from the guest as host.lima.internal.
So instead of host.docker.internal, provide 192.168.5.2
I have tested this with nerdctl distributed via Rancher and it works!
reference: https://github.com/lima-vm/lima/blob/master/docs/network.md
I have win 10 as an operating system, I have installed virtualbox where ubuntu is installed and docker with its containers is installed in ubuntu.
I set the virtualbox network in bridge, and in DHCP I assigned an IP that I can easily reach from the win 10 chrome browser (outside of virtualbox). The problem is that I cannot access the docker container where a webserver runs in loalhost, I can access it without problems inside the virtualbox and externally I can access another webserver in the virtualbox but not the webserver docker! How could I solve it?
thanks for any replies!
It seems that I have solved, I describe here the simple solution that I have adopted.
the VM has an IP assigned in dhcp by the bridge network. (this setting has remained for a second webserver to work) In virtualbox settings I simply enabled a second NAT network from "network-settings" and in "advanced-port forwarding" I only added host port on 80 and guest port on 80, because docker run establishes its ip and its port reachable only on local host (in this case reachable only inside virtualbox).
I am using Docker desktop, I have a couple of docker containers running using docker-compose and port forwarding. I can access the containers from my mac using localhost. On the second container, I am exposing on different ports. I can see ip addresses are associated to both containers by using docker inspect, but I cannot access using the ip address.
I would like access the container from my local mac by
dns domain
ip address
Any help appreciated.
Thanks
You cannot directly connect to the container-private IP addresses on MacOS. You also can't connect to them using a VM-based Docker implementation like Docker Toolbox or Kubernetes' minikube, or from a different host. Looking up and using these IP addresses, or trying to manually set them, usually isn't a best practice.
Instead you can use the docker run -p option to publish a port from your container to the host. Programs running directly on the host can access the container using localhost as a host name and the published port number. This works on all platforms; on VM-based solutions use the VM's IP address instead of localhost; from a different host, use the Docker host's DNS name or IP address.
How can I use the DockerNAT virtual switch for an Hyper-V VM so it can 'talk' to other docker containers and enable internet access as in the MobyLinux VM?
Long story:
I want to install Univention on my Windows Server host via Hyper-V. On my host an nginx docker container is also running as a proxy. If someone calls univention.domain.com it should automatically redirect to my hyper-v Univention VM. This works when I set the network adapter of the Hyper-V machine to the DockerNAT and then give it the IP Address 10.0.75.100 as the Gateway address of the DockerNAT is 10.0.75.1 and the IP Address of the MobyLinux is 10.0.75.2. When I now ping 10.0.75.100 from my nginx container it works.
But as Univention needs an internet connection to install applications I'm not quite satisfied with this configuration as I am not able to connect to the internet when I use the DockerNAT network interface.
Then on the other hand I am able to ping from the nginx container (running as a linux container in the hyper-v VM of MobyLinux) f.e. 8.8.8.8. So the MobyLinux container created by Docker has to have internet access, right? Although it also uses the DockerNAT interface. But its set as an 'internal' virtual switch and the connection of my main NIC isn't marked as 'shared'.
p.s.: I am aware that there is a Univention docker image but Univention started to use docker for it's apps. So I can't run most of their apps in the app store, as docker container in docker container doesn't fit well (Univention can't enable docker due to network problems)
Windows Server 2019 17623
Docker 18.04.0-ce-rc2