I want to open port on docker container.
but not using docker run -p option.
because container have assigned independent IP address by bridge network.
so my system don't need port forwarding.
for example.
host OS has IP 172.30.1.2
container has IP 172.30.1.3
so I want to connect the container with 172.30.1.3:80 directly.
then, I tried something using iptables. but it is denied.
are there some way possible?
You can specify an IP endpoint when exposing ports. For example: -p 172.30.1.3:80:80
Check documentation here
Related
I have a docker container and a virtual machine(VM) on the same host(OpenSUSE). the docker has the IP like 172.18.0.2 and the host IP is something like 3.204.XX.XX and VM IP is also something like 3.204.xx.xx, I am able to ping the docker from the host and even the VM is pingable from the host and vice-versa but I am unable to ping the docker from the Virtual machine present on the same host. Is there a way to access the docker on the host from the VM present on the same host? please help.
it is not possible directly because docker creates its bridge "bridge0" all the traffic is been routed using nat, where as virtualbox also creates its own bridge/interface , because of which its not able to access. But you can access by exposing port.
above mention requirement is possible with consul service discovery and host n/w config modification
I have two containers say container1 and container2 running in same machine. I know i can communicate between both the container using link alias option. I have a scenario where i want to communicate between 2 containers using the IP address of the host machine. I have a property file in container1 where i need to provide the ip address of the container2 (Here i have to provide the ip address and not hostname of container). Everytime when i restart the container, the container ip gets changed. so is there any way to map the ip address of the host machine to link between container ?
Please check this doc which describes how to create docker network and assign IP address and range to docker container. In case of lack of time use commands below:
docker network create --subnet=192.168.0.0/16 docnet0
docker run --net docnet0 --ip 192.168.0.10 -it "your_docker_image" bash
I have the following situation. I have a service that listens to 127.0.0.1 on port 1234 (This cannot be changed for security reasons). On the same machine run a docker container. I need to somehow connect to the service on the host from within the container. Because the service only accepts requests from 127.0.0.1, i need somehow to link the port from the container to the host port but in reverse so when i connect from within the container to 127.0.0.1:1234 the service on the host will receive the data. Is this possible?
Thanks.
With the default bridged network, you won't be able to connect from the container to a service on the host listening on 127.0.0.1. But you can use --net=host when running a container to use the host network stack directly in the container. It removes some of the isolation, but then allows you to talk directly to 127.0.0.1 as the container and talk to services running on the host.
Question
How to bind Dockerized service on localhost:port ?
Answer
Use the -p as this: docker run -p 127.0.0.1:1234:1234 <other options> <image> <command>.
I'm using boot2docker and am running a docker container. I'd like for that docker container to be able to talk to my host who has an open port. I've tried hitting the host box, but its going through virtualbox so it seems there needs to be two levels of bridging here to get the ports to talk. Not sure how to do that, or even if its possible.
Actually you are right, there are 2 levels:
Host <-> boot2docker VM <-> docker container
so if you open a port while you run your container, the port can be accessed from boot2docker VM but not the host, unless you make a port forwarding.
and here are two solutions:
access using boot2docker VM's ip but not localhost
run boot2docker ip and you will see an ip address such as 192.168.59.103, then you can access your service through 192.168.59.103:port
make a port forwarding
open your VirtualBox application, select virtual machine namely boot2docker-vm, goto Settings->Network->Advanced->Port Forwarding. Then you can add your own port to forward, for example, i'd like to access my ssh port through localhost:10022, just simply add a new column with host port 10022 and guest port 22.
you can check this doc for more infos.
if you want access host port from container, here is a simple way, just expose your host ip to docker container's host, like docker run --add-host vmhost:192.168.59.3 <docker_image> <command>, note that 192.168.59.3 is the default virtualbox host only adapter IP. Then you can access vmhost as you want.
Also, you can manage your own network bridge to do this, and pipework may help you.
Is docker capable of exposing a port only to the host and not to the outside.
I need to put a docker running with a mongo database, and I wanted that it was only accessible from the host, but I need to link the host port 27017.
Is this possible, or do the only possible way is to change firewall definitions?
Sure, just bind it to localhost, like this:
docker run -p 127.0.0.1:27017:27017
Also: Your host can also talk to each container normally over its IP. Use docker inspect $ID to get a json dump (beside other stuff) containing the network IP.