I've successfully created (using ubuntu VB) a docker image
What would be the best approach to let others from my local network run that image using ssh? I've been searching for quite some time and couldn't find anything that'd help.
I believe I have to map to a port somehow using the dockerfile and forward that port from my VM to my actual OS, but I don't know exactly how to do it or if it that's how is supposed to be done.
Any tips at all would be great help
TL;DR: Created a docker image using an ubuntu VB and I want others from my local network to be able to use it using ssh
Ok, made it work, here is how I did it:
Run the image
Use docker port [containerID] 80, to see the port of the running computer
Port forward that port from VirtualBox
settings
Set inbound / outbound rules for that specific port from windows firewall settings
Related
I have been running a media cluster for sometime without any issues. I have everything networked into two different docker networks... the first network just bridges the docker instance to the local machine, the second network is a docker VPN container that I use for the other media services (an earlier version of what I am working on can be found here: https://github.com/Xander-Rudolph/MediaDocker)
The strangest thing happened today though. I ran the docker update for windows and now docker spools up without any errors or issues, however none of the services work outside of the machine running docker. Usually I have a poke through for a couple of the services in my router (namely wordpress/joomla which is on the bridge) and they work outside of my local network, but none of them are working anymore. I was able to confirm its not the DNS A record because I'm able to use the RDP ports I have mapped for my router, and when I test on another machine in the same network, it can't access the services via the internal IP (but it can RDP).
Anyone have any idea what could have changed to break this? I've already updated all my docker images and even rebuilt my VPN container (before I realized its a networking issue). What are some steps I can do to try to troubleshoot what is going wrong in docker to prevent access outside of localhost?
Update
I've been able to rule out the docker update as the root cause... I upgraded docker on my laptop (which was previously running the same version as my desktop) and its not having the same issue... this configuration must be localized to this desktop... No idea what the issue is... Will try a linux VM on the desktop instead of docker for windows...
Update 2
After a lot of screwing around in both a VM and in WSL, I'm still only able to access the docker services from localhost but not a different machine on my network or via the IP on the host machine (perhaps something similar to this: Can't access localhost via IP address). RDP does work so the computer is accessible but the services are not.
I'm not sure if this is a result of a docker networking config or a windows network config (I'm using WSL with docker installed on ubuntu 20.08) but I'm not seeing anything stick out. I'm going to remove the tag for docker windows but this is definitely an issue with networking and I suspect it has something to do with the fact that the containers are running behind a VPN... although I don't know why I would be able to access them on localhost but not the IP on another VM...
When I run
netstat -a -o
on WSL I can see the established ports on localhost... EX:
tcp 0 0 localhost:7878 localhost:37520 ESTABLISHED
but when I look on the host machine (for wsl) I don't see the connection. I tried to use netsh to create a firewall rule to see if that would help:
netsh advfirewall firewall add rule name="TCP Port 7878" dir=in localport=7878 protocol=TCP action=allow
but it didn't have any effect.
Any suggestions for ways to trace the network to see where/how its failing/getting blocked would be extremely helpful.
Your question: "...What are some steps I can do to try to troubleshoot what is going wrong in docker to prevent access outside of localhost?..."
Troubleshooting help for you, first do you have multiple networking adapters (Ethernet, Wi-Fi, etc.) present on the host. First ensure, the priority of these adapters needs to be configured in correct order so the Windows networking stack can correctly choose gateway routes.
Now, to fix this set your primary internet-connected networking adapter to have the lowest InterfaceMetric value, use can use these Powershell commands from an elevated console:
Get-NetIPInterface -AddressFamily IPv4 | Sort-Object -Property InterfaceMetric -Descending
Please ensure that the host's primary internet-connected network adapter has the lowest InterfaceMetric value.
// Use this command to make the change for e.g. lets say your
// primary adapter InterfaceAlias is 'Wi-Fi'
Set-NetIPInterface -InterfaceAlias 'Wi-Fi' -InterfaceMetric 3
Now step two, if your host's primary network adapter is bridged because you have an External virtual switch setup in Hyper-V, then you will set the external virtual switch to have the lowest InterfaceMetric value.
Lastly, confirm/verify your routing tables, when you run this, the last line should show the primary adapter's gateway address along with it's ifMetric value):
Get-NetRoute -AddressFamily IPv4
If you’re using Docker Toolbox then any port you publish with docker run -p will be published on the Toolbox VM’s private IP address.
docker-machine ip will tell you.
It is frequently
192.168.99.100
Taken from: https://forums.docker.com/t/cant-connect-to-container-on-localhost-with-port-mapping/52716/25
After several attempts using the references below, I was still not getting anywhere. The recommendation by #derple didn't get me anywhere (since I was in wsl) but the article he linked someone had said they switched to linux and uninstalled and reinstalled docker desktop... and for some stupid reason that works.
These are my exact steps I took to fix it:
Uninstall docker desktop
Install WSL and docker inside an ubuntu18.04 instance in wsl
Test docker in wsl with localhost (worked only on localhost still)
Uninstall WSL using windows add/remove features
reinstall docker desktop
Oddly the get-netipinterface and get-netroute look exactly the same as they did before I did the uninstall and reinstall but things seem to be working now... I have no idea why the above worked...
Currently, I'm working on a project where we are using ROS, Bebop_autonomy, and OpenCV to control a Parrot Bebop2 autonomously. The machines we use in the workspace are running Ubuntu 14.04.5, and I can start a container using an image
I created with "docker run -it --network=host username/image". After configuring everything inside the container, the bebop_autonomy node is fine and can communicate on the Bebop's network perfectly. When you run ip addr in both the container and host machine, they show the same address, as you'd expect.
However, when trying to run it on my Windows machine, the ip is different than the host machine, and I'm never receiving any ACK packets when I try to communicate with the Bebop. I'm assuming this is because the packets aren't being sent to the right ip, or they aren't being forwarded correctly.
I have tried creating my own network and setting the ip manually with "docker network create" and passing it in to the run command as an argument, but I can't seem to get it to work at all. I've also tried creating different switches in the Hyper-V manager, but nothing I've read in the last few days has helped me figure this out.
I've got a good handle on how docker works, but most of the reference material I see is talking about a host that already runs linux. If I can't figure this out, it's almost useless for us to continue with docker in the first place.
Is there any way to configure Docker for Windows to work in the same way that Docker works on Linux when providing --network=host?
I ended up achieving what I wanted by creating a separate network in Hyper-V manager, setting that network to only use an external wifi-adapter, and running the container using that network. There has to be a better way though.
I'm new to Docker and I'm Running macOS Sierra. I have installed Docker and can get the open Kitematic on localhost I can see my containers without issue and can access the site on localhost - when I switch to VirutalBox, my containers are no longer in Kitematic and I can't figure out how to access them in my browser.
Could anyone give me some insight on what to do here?
Your intention for getting the IP of your host(192.*) is unclear to me.
You can achieve this by simply adding the net flag in your docker instruction '--net host'
For more details go here.
If your intention is to make your container available to everyone, then there is no need to do it. Everyone should be able to access your docker container by accessing your machine's ip followed by port number (http://192.168.x.x:xxxx)
I am playing with the (awesome) new Docker-for-mac. As I understand it, it runs seamlessly on my mac in an Alpine Linux 'behind the scenes'. Is there a way to ssh into this host so I can see the file system. I want to see the place that docker is storing volume data in /var/lib/docker/....
EDIT: to be clear, it is the host filesystem I want access to, not the containers that run on it. this is the Alpine host
thanks
Docker for Mac doesn't use regular tcp networking for ssh, but you can connect to the unix socket on your Mac by using:
screen ~/Library/Containers/com.docker.docker/Data/com.docker.driver.amd64-linux/tty
and login as root
This seems to be fairly undocumented so YMMV - it worked for me on Version 1.12.0-rc3-beta18 -- it might change in future versions.
It is really easy to mount directories into a docker container. How can I just as easily "mount a port into" a docker container?
Example:
I have a MySQL server running on my local machine. To connect to it from a docker container I can mount the mysql.sock socket file into the container. But let's say for some reason (like intending to run a MySQL slave instance) I cannot use mysql.sock to connect and need to use TCP.
How can I accomplish this most easily?
Things to consider:
I may be running Docker natively if I'm using Linux, but I may also be running it in a VM if I'm on Mac or Windows, through Docker Machine or Docker for Mac/Windows (Beta). The answer should handle both scenarios seamlessly, without me as the user having to decide which solution is right depending on my specific Docker setup.
Simply assigning the container to the host network is often not an option, so that's unfortunately not a proper solution.
Potential solution directions:
1) I understand that setting up proper local DNS and making the Docker container (network) talk to it might be a proper, robust solution. If there is such a DNS service that can be set up with 1, max 2 commands and then "just work", that might be something.
2) Essentially what's needed here is that something will listen on a port inside the container and like a sort of proxy route traffic between the TCP/IP participants. There's been discussion on this closed Docker GH issue that shows some ip route command-line magic, but that's a bit too much of a requirement for many people, myself included. But if there was something akin to this that was fully automated while understanding Docker and, again, possible to get up and running with 1-2 commands, that'd be an acceptable solution.
I think you can run your container with --net=host option. In this case container will bind to the host's network and will be able to access all the ports on your local machine.