Trying to run a custom application container on a docker swarm node and unable to bind the port to the host IP address. It works fine in the --net=host mode. However I am unable to use host mode due to custom network requirements.
-Running the docker container in custom network mode as follows
docker run -p 14002:14002 -d --name=custom-app --net=59729515-custom-network --env-file config.env -i -t custom-app:2.2.2
-Received following error
listen tcp 172.31.140.26:14002: bind: cannot assign requested address
After reviewing docker swarm documentation and related posts here, I am thinking this IP address is the container IP address and in my scenario I may need to use the host IP address to bind while starting the container.
Any feedback on how to resolve this error would be much appreciated. Thanks!
Related
When I run: docker run --rm -it redis, The container receives ip: 172.18.0.2. Then from the host I connect to the container with the following command: redis-cli -h 172.18.0.2, and it connects normally, everything works, the keys are added. Why does this happen without port forwarding? Default docker network - bridge
docker run --rm -it redis will not expose the port. Try stop the redis container. Then run redis-cli -h 172.18.0.2 to check if another redis exists.
It is only possible because you're on native Linux, and the way Docker networking is implemented, it happens to be possible to directly connect to the container-private IP addresses from outside Docker.
This doesn't work in a wide variety of common situations (on MacOS or Windows hosts; if Docker is actually running in a VM; if you're making the call from a different host) and the IP address you get can change if the container is recreated. As such it's not usually a best practice to look up the container-private IP address. Use docker run -p to publish a port, and connect to that published port and the host's IP address.
It's because the redis docker file exposes the right port for the api which is 6379.
I am experimenting about Docker-networking, I had set up a scenario as below,
Installed docker in a host-X connected over a network (host-X IP: 60.0.0.28) and run a basic docker container of ubuntu-OS (Docker Container is connected to the default docker bridge network only i.e. 172.17.0.0/16 & 172.17.0.2 is container IP). Now trying to communicate that running container from another host-Y with in the same network (host-Y IP: 60.0.0.40) in which no docker is installed.
I had added basic route in host-Y like, "ip route add 172.17.0.0/16 via 60.0.0.28 dev ens3" .
From the container i am able to ping the Host-Y & in reverse case, i am only able to ping the docker gateway "172.17.0.1" from Host-Y but not able to reach the container.
There are a wide variety of situations where the Docker-internal IP addresses just aren't useful; calling from a different host is one of them. You should totally ignore those as an implementation detail.
If you take Docker out of the picture, and run the process directly on the host, this should be straightforward: from host Y, you can call the process on host X given its DNS name and the port the server is running on.
hostY$ curl http://hostX:12345/
If the process is actually running in a Docker container, you need to make sure you've started the container with a published port. This doesn't necessarily need to match the port the process is listening on.
hostX$ docker run -p 12345:12345 imagename
Once you've done this, the process can be reached via the host's DNS name or IP address, and the published port, the same way as with a non-container server.
In normal circumstances you should not need to think about the Docker-internal IP addresses; you do not need manual ip route-setup commands like you show, and you shouldn't docker inspect or docker run --ip to find or set this detail.
Let’s assume you want to start Dockerized nginx on host X.
You’d run:
docker run --detach -p 8080:80 nginx
Then you could access your nginx instance using http://60.0.0.28:8080.
Ive a simple webapp running on docker container which makes DB connection to couchbase.
My couchbase is currently running on a VM localhost. (not another container).
I tried issue a command
docker run --net=host -p 8081:8081 {**image-name-one**} // This connects without issue
Now, I need another instance of the same app but different port and for that I created a bridge network with ip - 192.168.0.1 then modified connection string to use network ip
docker network create -d bridge --subnet 192.168.0.0/24 --gateway 192.168.0.1 test
Now, I tried running 2nd container with below ports
docker run --net=test -p 8083:8081 {**2nd-image-name**} // This will never connect to the database
Any insight would be greatly helpful.
Im using Ubuntu 16.04.
I found a work around by adding the subnet to my firewall to allow connections to any ports.
Now, I can get my services connect to Couchbase.
I am trying from within a Docker container to acces/share a port (7497) on the host that is already running. I am trying to "talk" to a program on the host that has a socket port running on 7497. This is setup on a unix host.
How can i expose only that specefic port for two way operation from docker when the port is alredy active on the host? Is it possible?
I cant map the port with example -p 7497:7497, as then i get an error "bind: address already in use". This error is correct as the port is used by the program in the host.
The only way i manage to get acces is to use --network host --userns=host in the run command when starting the container, example:
nvidia-docker run -e HOME=/tmp -it --rm -v /home/kc/Deep_Learning:/projects --network host --userns=host tf_py3_gpu_science:1.4
But this way i am exposing all ports, why i am worried for some safety issues.
I'm trying to explicitly specify an IP address for my docker container in the following way:
sudo docker run -it -p 172.17.0.2:10000:10000 -p 9000:9000 -p 9090:9090 -v /home/eugene/dev/shared:/opt/shared -d eugene/dev_img_1.3
I'm getting the following error:
Error response from daemon: Cannot start container b2242e5da6e1b701ba4880f25fa8d465d5f008787b49898ad9e46eb26e417e48: port has already been allocated
I really do not care about port 10000. My goal is to have a specific container IP of my choosing, as well as to have ports 9000 and 9090 exposed to the host.
I have looked at some other questions, but did not see a clear syntax to do this
The -p argument is used to forward ports from the container to the host, not for assigning IPs.
There is no easy way to assign a fixed IP to a Docker container and I would strongly advise you not to try. Instead re-architect your system so that it isn't dependent on a fixed IP. If this really isn't possible, I think you can choose an IP by using the LXC execution driver and various flags, but I would strongly recommend against this.
You can assign a fixed ip using pipework, but it's not "the docker way". I would agree with Adrian. Re-design away from fixed IP's.
This can be done in different ways.
You can edit your system-wide Docker server settings (by editing DOCKER_OPTS in /etc/default/docker) and add the option --ip=IP_ADDRESS in Ubuntu and then restart your server. If you are using only 1 docker container and want to have dockers IP same as your host, start the docker container using --net=host flag to set the container to have the host machine IP address.
Other way is to have these options configured at server startup(by editing DOCKER_OPTS in /etc/default/docker):
--bip=CIDR — to supply a specific IP address and netmask for the "docker0" bridge, using standard notation like 192.168.1.8/23.
For example with --fixed-cidr=192.168.1.0/25, IPs for your containers will be chosen from the first half of 192.168.1.0/24 subnet. The "docker0" Ethernet bridge settings are used every time you create a new container. You are trying to bind a container's ports to a specific port using the -p flag , which will not help you in assigning a IP address to the container.
Another way to assign a IP address in any particular range(Example: 172.30.1.21/30). Stop the docker using stop docker , then use ip link and ip addr commands to set up the "bridge br0" and start docker using docker -d -b br0