Is is possible to do 'bridge' a X11 forward connection from a Docker to a Windows host by using the SSH connection?
On the Windows side I have Vagrant, VirtualBox and XMing installed. On the VirtualBox there is a CoreOS, serving the Docker images. What does work is adressing the display directly to the Windows machine by using the IP exposed by Vagrant (10.0.2.2):
docker run -e DISPLAY=10.0.2.2:0.0 someimage firefox
But this does not use the SSH tunnel, so it will only work in a local environment where the windows machine is reachable from the Docker container. From my understanding I would need to forward the display from within the Docker container to its outside, the CoreOS host and from there over to the SSH X11 entry-point.
In your docker image, expose the port for ssh and make sure x11 is enabled in the sshd of the image. Then you can ssh into that via x11 enabled client.
In order to ssh in from a remote machine, you need to add firewall permission for the port to which your Docker's port is mapped.
Bottom line: enable x11 in sshd of whatever your docker image is running on.
start docker with ssh port mapped to some port.
You're done here if only accessing from local Windows machine, else add firewall exception for the port to which you mapped docker's ssh daemon.
Related
I have a Windows 10 Home machine (local machine) where I have installed Docker Toolbox that runs docker inside a VM. IP (192.168.0.6)
Also, there is another Windows 10 Pro machine (remote machine) that has Docker Desktop installed. IP (192.168.0.13). In the Docker Desktop setting, I have enabled "Expose daemon on tcp://localhost:2375 without TLS". At this point, I do not care about the TLS part since both the machines are on the local network. In the firewall setting, I have accepted inbound connections from port 2375.
Now I would like to run docker-compose from a local machine that connects and runs docker on the remote machine. To test connection, the command used on local machine is
docker -H tcp://192.168.0.13:2375 version
The response is
Cannot connect to the Docker daemon at tcp://192.168.0.13:2375. Is the docker daemon running?
I see that it calls https://192.168.0.13:2375/v1.40/info and not http://192.168.0.13:2375.
And in my remote machine, if I enter http://localhost:2375/v1.40/info I get a response but there is no response when I run by providing IP like http://192.168.0.13:2375/v1.40/info
I assume your docker daemon is only listening on localhost or 127.0.0.1.
You try to connect from another machine which connects to your machine with you internal network ip 192.168.0.13.
This means you need to configure your docker daemon to listen to:
192.168.0.13 = only network internal
tcp://192.168.0.13:2375
0.0.0.0 = all ip addresses
tcp://0.0.0.0:2375
In Windows you need to create a Docker-Daemon config file in:
C:\ProgramData\docker\config\daemon.json
with following content:
{
"hosts": ["tcp://0.0.0.0:2376"] # IP Address for container host
}
You can probably define a Subnet but i am not sure about this.
This is because the VM network interface is only binded to your localhost.
Try forwarding the port. From powershell or command prompt with admin privileges:
netsh interface portproxy add v4tov4 listenport=2375 listenaddress=192.168.0.13 connectaddress=127.0.0.1 connectport=2375
I was doing some devops and writing a script to turn my current host/nginx server/nginx setup into a host/docker/nginx server/docker/nginx set up so I can keep directories and etc the same between them.
The problem is that any ports I expose on a docker container are only accessible on the host and not from any other machines on the host network.
When typing 192.168.0.2 from a machine such as 192.168.0.3 it just says took too long to respond, but typing 192.168.0.2 from 192.168.0.2 will bring up the welcome to nginx page?! The interesting part is I did a wireshark analysis on en0 on port 80 and there are actually some packets coming through
See pastebins of packet inspections:
LAN to docker: https://pastebin.com/4qR2d1GV
Host to docker: https://pastebin.com/Wbng9nDB
I've tried using docker run -p 80:80 nginx/nginx and docker run -p 192.168.0.2:80:80 nginx/nginx and docker run -p 127.0.0.1:80:80 nginx/nginx but this doesn't seem to fix anything.
Should see welcome to nginx when connecting from 192.168.0.3 to 192.168.0.2.
this is in my dev environment which is an osx 10.13.5 system.
when I push this to my ubuntu 16.04 server it works just fine with the containerized nginx accessible from the www and when I run ngnix on my host without docker I can connect from external machines on the network too
Your description is a bit confusing the 127.0.0.1 within the port line will bind it to localhost only - you won't be able to access the docker from another machine. Remove the IP address and you should be able to access the docker from outside localhost.
I try to access a MS SQL Server from within a Docker container.
The problem is, it is only reachable via an SSH tunnel that I can establish on my host machine. I use a local forward for port 1433, that will automatically be established once I connect to the server.
Using SquirrelSQL for example, I can access the Server via 127.0.0.1:1433 with no problem.
But from within my docker container I am unable to do so.
I already tried to run the docker container with --expose 1433 -p 127.0.0.1:1433:1433 but that didn't work out.
Host is running Ubuntu 16.04, the Docker Container is running on some sort of Debian.
How to access or connect to a process running on docker on host A from a remote host B
consider a Host A with ip 192.168.0.3 which is running a application on docker on port 3999 .
If i want to access that application from remote machine with IP 192.168.0.4 in same subnet.
To be precise i am running Kafka producer on the server and i am trying to receive using Kafka-console-Consumer.
Use --net=host to run your container and it'll use the host's network stack, then you can connect to the application running inside container like it's running on host directly.
Port mapping, use option -p to map the port inside your container to a port of your host. e.g. docker run -d -p <container port>:<host port> <image>, then you can connect to <host>:<host port> to connect your application inside container
Docker's built-in multi-host network. In early releases the network driver is isolated from docker's core, you have to use 3rd party tools like flannel or weave for multi-host connection, but from release 1.9, it has been merged into docker. You can follow it's guide to set it up.
Hope this is helpful :-)
First you need to bind docker container's port to the Host A:
docker run -d -p 3999:3999 kafka-producer
Then you need to access Host A from Host B using IP:Port
192.168.0.3:3999
I'm new to docker and I try to find out how and if it's possible to attach the docker client to a host with a docker engine. My docker-engine runs on centOS in a virtual machine. Now I try to install a docker-client on my laptop to connect the client to the VM with the docker engine. Is there any possibility to do that?
Thanks for your answers!
you can use DOCKER_HOST environment variable and set it to the remote machine IP and port.
something like this -
export DOCKER_HOST="tcp://192.168.99.100:2376"
type docker-machine env to see if the environment is set correctly
yes, this is possible. you need to set the environment variables in the docker client to specify which host to connect to:
DOCKER_HOST=tcp://192.168.99.100:2376
DOCKER_TLS_VERIFY=1
DOCKER_CERT_PATH=<path to certificates>
(2375 is the insecure port and 2376 uses TLS). in order to use the secure connection, you need to have the certificates on the client machine.
this is assuming the docker daemon on the host machine has been set up to listen on a tcp socket (instead of named pipe)