If I run Docker locally and I bind the containers' ports, I usually connect with them through localhost and not through the dynamically created IP address. I might start a MySQL container, bound with 3306:3306 and can then connect with it to localhost:3306.
If I am using a virtual machine in Windows to run Docker in (e.g. with VirtualBox), the VM has its own interface (e.g. VirtualBox Host-Only Network) which might have an IP address of 192.168.50.1. I can now connect to a MySQL container via 192.168.50.1:3306.
Using a different interface/network for my containers is useful during development because I free up my localhost ports for other things and many browsers treat localhost differently than it does other addresses.
However, Docker Desktop also has advantages over a VM:
Not having to manage the VM
Testcontainers out-of-the-box
Docker Desktop is nice
Should it not be possible to get Docker to bind to ports on a virtual interface instead of localhost, e.g. by creating a Windows virtual switch or even by using the existing VirtualBox network? And is it possible to do this for Docker Desktop (on Windows) for all containers by default?
This answer indicates there's an --ip option available when starting the Docker daemon, but:
Which IP address do I use here? The gateway is the only IP address that I have configured for a virtual switch.
What is the equivalent for Docker Desktop?
Related
Context, I'm currently dockerizing an application in windows containers, the application
will connect to a Sql Server database from outside the container, normally working with linux containers I could use host driver, but since that is not available in windows containers. How could I connect to that database outside my windows container?
So, the answers provided before are all valid. I'd just add that while Host network is not available on Windows, you can still use the same concept - albeit a bit different.
The native network driver on Windows is Network Address Translation. With that driver, the container will get a private IP address and the ports from the container host can be mapped to the ports on the container, by use of the docker run -p 8080:80, for example.
That way, if you want to continue to use the option to call the localhost between the app container and the database container you can. You just need to specify the port: localhost:8080. Note that if the host is not using that port, you can even map it directly, such as: docker run -p 80:80. The caveat here is: The container host cannot be using the port already, and you can't map the same port to another container. So, if you need another instance, you can map to something like: docker run -p 81:80.
I blogged about this here: https://cda.ms/4nB
I understand that docker desktop creates a VM host for my containers to run.
When I run docker inspect {container_name}, I can see my container has an address of 172.x.x.x.
I use a subnet 172.16.0.0/13 for lab networking, and so I've found that any time I try to ping the container from my windows host, the traffic goes out my lab nic, as I would expect.
I'm aware I could add a route to send traffic to the virtual nic that is created to contact the VM host, but this would conflict with my custom subnet.
How can I make docker use IPs outside of my local subnet? I believe if I could get my containers to use 172.24.0.0/16, then I could add a custom route to funnel traffic from my windows host to the virtual docker host.
I am using Docker desktop, I have a couple of docker containers running using docker-compose and port forwarding. I can access the containers from my mac using localhost. On the second container, I am exposing on different ports. I can see ip addresses are associated to both containers by using docker inspect, but I cannot access using the ip address.
I would like access the container from my local mac by
dns domain
ip address
Any help appreciated.
Thanks
You cannot directly connect to the container-private IP addresses on MacOS. You also can't connect to them using a VM-based Docker implementation like Docker Toolbox or Kubernetes' minikube, or from a different host. Looking up and using these IP addresses, or trying to manually set them, usually isn't a best practice.
Instead you can use the docker run -p option to publish a port from your container to the host. Programs running directly on the host can access the container using localhost as a host name and the published port number. This works on all platforms; on VM-based solutions use the VM's IP address instead of localhost; from a different host, use the Docker host's DNS name or IP address.
How can I use the DockerNAT virtual switch for an Hyper-V VM so it can 'talk' to other docker containers and enable internet access as in the MobyLinux VM?
Long story:
I want to install Univention on my Windows Server host via Hyper-V. On my host an nginx docker container is also running as a proxy. If someone calls univention.domain.com it should automatically redirect to my hyper-v Univention VM. This works when I set the network adapter of the Hyper-V machine to the DockerNAT and then give it the IP Address 10.0.75.100 as the Gateway address of the DockerNAT is 10.0.75.1 and the IP Address of the MobyLinux is 10.0.75.2. When I now ping 10.0.75.100 from my nginx container it works.
But as Univention needs an internet connection to install applications I'm not quite satisfied with this configuration as I am not able to connect to the internet when I use the DockerNAT network interface.
Then on the other hand I am able to ping from the nginx container (running as a linux container in the hyper-v VM of MobyLinux) f.e. 8.8.8.8. So the MobyLinux container created by Docker has to have internet access, right? Although it also uses the DockerNAT interface. But its set as an 'internal' virtual switch and the connection of my main NIC isn't marked as 'shared'.
p.s.: I am aware that there is a Univention docker image but Univention started to use docker for it's apps. So I can't run most of their apps in the app store, as docker container in docker container doesn't fit well (Univention can't enable docker due to network problems)
Windows Server 2019 17623
Docker 18.04.0-ce-rc2
I want to export the complete ip connectivity (UDP and TCP) from a docker container with a Linux app (ie give it's own ip address (in the same subnet as the host), that can be accessed from the host and from other physical machines on the network).
What do I need to configure in Windows, what in docker, what inside the container?
(NB: I don NOT want to expose ports as part of the host).
I finally solved the problem (for me) by installing Ubuntu in Virtual Box and using the docker containers from there. Not the most elegant solution but working on first try.