Login/Register
How to access host port from docker container [duplicate]
Asked Answered
Solved dockerdocker-container
A

17

748

I have a docker container running jenkins. As part of the build process, I need to access a web server that is run locally on the host machine. Is there a way the host web server (which can be configured to run on a port) can be exposed to the jenkins container?

I'm running docker natively on a Linux machine.

UPDATE:

In addition to @larsks answer below, to get the IP address of the Host IP from the host machine, I do the following:

ip addr show docker0 | grep -Po 'inet \K[\d.]+'
Acroter answered 9/7, 2015 at 18:1 Comment(8)
Using a comment since this is a terrible answer, but I believe you can generally access it on 172.17.1.78 -- unless this is a boot2docker setup.Candicandia
@Candicandia I tried that, and got this error still curl: (7) Failed to connect to 172.17.1.78 port 7000: No route to hostAcroter
You didn't specify; are you running boot2docker, or are you running Docker natively on Linux?Westleigh
@Westleigh sorry, I just updated the question - I am running it natively on Linux.Acroter
Now for Docker Desktop in Win 10(with Linux container) host.docker.internal also works, I just have to prepend http:// before it for my Java config files for the URL. Hope it helps someone.Ir
Likely inside the container you don't have ip. If it's an ubuntu-based container you can do apt-get install iproute2.Anthropogenesis
I think if a question has 17 answers and 650 upvotes, it probably shouldn't have been closed.Tress
I found a clean solution using socat and explained it in this blog post.Emlin
W
394

When running Docker natively on Linux, you can access host services using the IP address of the docker0 interface. From inside the container, this will be your default route.

For example, on my system:

$ ip addr show docker0
7: docker0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default 
    link/ether 00:00:00:00:00:00 brd ff:ff:ff:ff:ff:ff
    inet 172.17.0.1/16 brd 172.17.255.255 scope global docker0
       valid_lft forever preferred_lft forever
    inet6 fe80::f4d2:49ff:fedd:28a0/64 scope link 
       valid_lft forever preferred_lft forever

And inside a container:

# ip route show
default via 172.17.0.1 dev eth0 
172.17.0.0/16 dev eth0  src 172.17.0.4

It's fairly easy to extract this IP address using a simple shell script:

#!/bin/sh

hostip=$(ip route show | awk '/default/ {print $3}')
echo $hostip

You may need to modify the iptables rules on your host to permit connections from Docker containers. Something like this will do the trick:

# iptables -A INPUT -i docker0 -j ACCEPT

This would permit access to any ports on the host from Docker containers. Note that:

  • iptables rules are ordered, and this rule may or may not do the right thing depending on what other rules come before it.

  • you will only be able to access host services that are either (a) listening on INADDR_ANY (aka 0.0.0.0) or that are explicitly listening on the docker0 interface.

If you are using Docker on MacOS or Windows 18.03+, you can connect to the magic hostname host.docker.internal.

Lastly, under Linux you can run your container in the host network namespace by setting --net=host; in this case localhost on your host is the same as localhost inside the container, so containerized service will act like non-containerized services and will be accessible without any additional configuration.

Westleigh answered 9/7, 2015 at 20:54 Comment(13)
Relevant link: adding entries to container's /etc/hostsTriumvirate
How about Docker for MAC? AFAIK there is no docker0 network avilable for "Docker for MAC ". In that case how can I connect to host from container?Alroi
This works - but if you're trying to connect to a service like redis, you need to add the ip address in the ip addr show docker0 command to the bind in redis.conf and restart redis.Zanazander
I have used hostname of my host instead of getting IP address (hostname command on host)Phocis
One scenario I found where this does not work as expected: Running Jenkins in a Docker container with /var/run/docker.sock mounted to create another container from a Jenkins job (which is a fairly common setup). The docker0 network adapter does not exist within the Jenkins container.Savona
if iptables -A INPUT -i docker0 -j ACCEPT didn't do the trick for you, that may mean there's another iptable rule that prevents access. As a workaround you may insert your new rule as the first one: "iptables -I INPUT -i docker0 -j ACCEPT" (not append -A changed for insert -I in the command). Got the hint from here opensource.com/article/18/10/iptables-tips-and-tricksArtema
Relevant firewall-cmd commands for CentOS: firewall-cmd --zone=internal --change-interface=docker_gwbridge && firewall-cmd --zone=internal --add-port=$MYPORT/tcpSweven
I found that both IP addresses, i.e. the address of docker0 on the host as well as the default gateway address in the container, can be used inside the container to reach the host. (In this answer they are the same, but on my setup they're not.) Is that expected? If so, it might be useful to edit to clarify that.Mathieu
Any ip address of the host can be used to contact services on the host. The idea behind using the address of the docker bridge is that it's the only address that is visible (as the default gateway) inside the container.Westleigh
Likely inside the container you don't have ip. If it's an ubuntu-based container you can do apt-get install iproute2.Anthropogenesis
host.docker.internal worked for me on MacJoinder
After installing commands "ip" "dig" "ping" etc into the container (service) for testing, I have found... Ping is always sucessful, but attempted to access the published ports of another service results in "No Route to Host". However turning off iptables, and this changes to "Could not resolve host" and using the IP directly for the connection works! So I reenabled the iptables and added the appropriate ACCEPT rules, but sill not having much luck. Work continues.Duodenum
@merito the new value to use is docker.for.mac.host.internal, would you mind updating your comment since it has so many upvotesStoush
W
955

For all platforms

Docker v 20.10 and above (since December 14th 2020)

Use your internal IP address or connect to the special DNS name host.docker.internal which will resolve to the internal IP address used by the host.

This is for development purpose and does not work in a production environment outside of Docker Desktop.

Linux caveats

To enable this in Docker on Linux, add --add-host=host.docker.internal:host-gateway to your docker command to enable the feature.

To enable this in Docker Compose on Linux, add the following lines to the container definition:

extra_hosts:
    - "host.docker.internal:host-gateway"

According to some users the special DNS name only works within the Docker's default bridge network, not within custom networks.

For older macOS and Windows versions of Docker

Docker v 18.03 and above (since March 21st 2018)

Use your internal IP address or connect to the special DNS name host.docker.internal which will resolve to the internal IP address used by the host.

Linux support pending https://github.com/docker/for-linux/issues/264

For older macOS versions of Docker

Docker for Mac v 17.12 to v 18.02

Same as above but use docker.for.mac.host.internal instead.

Docker for Mac v 17.06 to v 17.11

Same as above but use docker.for.mac.localhost instead.

Docker for Mac 17.05 and below

To access host machine from the docker container you must attach an IP alias to your network interface. You can bind whichever IP you want, just make sure you're not using it to anything else.

sudo ifconfig lo0 alias 123.123.123.123/24

Then make sure that you server is listening to the IP mentioned above or 0.0.0.0. If it's listening on localhost 127.0.0.1 it will not accept the connection.

Then just point your docker container to this IP and you can access the host machine!

To test you can run something like curl -X GET 123.123.123.123:3000 inside the container.

The alias will reset on every reboot so create a start-up script if necessary.

Solution and more documentation here: https://docs.docker.com/desktop/networking/#use-cases-and-workarounds-for-all-platforms

Waggish answered 21/4, 2017 at 11:36 Comment(15)
I've successfully tested this. No need to turn off the firewallPedropedrotti
docker.for.mac.localhost works nicely - except when using Chrome for browser testing (it disallows *.localhost referring to the host machine rather than the immediate container, as per: github.com/docker/for-mac/issues/1837). I found 192.168.65.1 worked instead.Thorn
changed to host.docker.internal docs.docker.com/docker-for-mac/networking/…Butchery
Is host.docker.internal supposed to work also on Ubuntu? After having run docker run -it ubuntu:trusty bash the command root@40a5887b060d:/# ping host.docker.internal gives me ping: unknown host host.docker.internalCrimmer
@SimonForsberg It's supposed to, but apparently it only works on Windows and macOS at the moment. There's an open ticket here github.com/docker/for-linux/issues/264Waggish
Recommend use host.docker.internal in the docker container and config 127.0.0.1 host.docker.internal in hosts file.Compound
I would second @junlin's comment here to add an entry to your host system's /etc/hosts file – 127.0.0.1 host.docker.internal – after I added this missing entry (and on macOS at least restarted mDNSResponder with sudo killall -HUP mDNSResponder to reload the changed hosts file), I was able to successfully connect to services running on my host machine from within Docker, where other approaches had not worked!Aspinwall
host.docker.internal work perfect for me! in my case the WSL change the IP on every reboot :/Midshipman
I also needed to open up the port that I wanted to access on the host using the ubuntu firewall. Trying to figure out how to minimally open up this port since I don't want the whole world to have access to it...Foetation
This is the only way that worked for me on WSL with Docker for Windows.Magnifico
Love you... saved my @ss.Slander
"does not work in a production environment outside of Docker Desktop." Surely this is incorrect? It does actually work without Docker Desktop.Oidea
Is this host.docker.internal solution for production or not? If not , what should be used instead?Kirovograd
@Kirovograd you would never connect to the host. You would instead do whatever you need the host to accomplish on another container and connect to that.Waggish
@janneAnnala Your solution worked like a charm—thanks! For those leveraging the UFW firewall with custom networks instead of the default bridge, don't forget to include the necessary allow rules. This ensures that the Docker container subnet can communicate with the host on your specified port.Guadiana
W
394

When running Docker natively on Linux, you can access host services using the IP address of the docker0 interface. From inside the container, this will be your default route.

For example, on my system:

$ ip addr show docker0
7: docker0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default 
    link/ether 00:00:00:00:00:00 brd ff:ff:ff:ff:ff:ff
    inet 172.17.0.1/16 brd 172.17.255.255 scope global docker0
       valid_lft forever preferred_lft forever
    inet6 fe80::f4d2:49ff:fedd:28a0/64 scope link 
       valid_lft forever preferred_lft forever

And inside a container:

# ip route show
default via 172.17.0.1 dev eth0 
172.17.0.0/16 dev eth0  src 172.17.0.4

It's fairly easy to extract this IP address using a simple shell script:

#!/bin/sh

hostip=$(ip route show | awk '/default/ {print $3}')
echo $hostip

You may need to modify the iptables rules on your host to permit connections from Docker containers. Something like this will do the trick:

# iptables -A INPUT -i docker0 -j ACCEPT

This would permit access to any ports on the host from Docker containers. Note that:

  • iptables rules are ordered, and this rule may or may not do the right thing depending on what other rules come before it.

  • you will only be able to access host services that are either (a) listening on INADDR_ANY (aka 0.0.0.0) or that are explicitly listening on the docker0 interface.

If you are using Docker on MacOS or Windows 18.03+, you can connect to the magic hostname host.docker.internal.

Lastly, under Linux you can run your container in the host network namespace by setting --net=host; in this case localhost on your host is the same as localhost inside the container, so containerized service will act like non-containerized services and will be accessible without any additional configuration.

Westleigh answered 9/7, 2015 at 20:54 Comment(13)
Relevant link: adding entries to container's /etc/hostsTriumvirate
How about Docker for MAC? AFAIK there is no docker0 network avilable for "Docker for MAC ". In that case how can I connect to host from container?Alroi
This works - but if you're trying to connect to a service like redis, you need to add the ip address in the ip addr show docker0 command to the bind in redis.conf and restart redis.Zanazander
I have used hostname of my host instead of getting IP address (hostname command on host)Phocis
One scenario I found where this does not work as expected: Running Jenkins in a Docker container with /var/run/docker.sock mounted to create another container from a Jenkins job (which is a fairly common setup). The docker0 network adapter does not exist within the Jenkins container.Savona
if iptables -A INPUT -i docker0 -j ACCEPT didn't do the trick for you, that may mean there's another iptable rule that prevents access. As a workaround you may insert your new rule as the first one: "iptables -I INPUT -i docker0 -j ACCEPT" (not append -A changed for insert -I in the command). Got the hint from here opensource.com/article/18/10/iptables-tips-and-tricksArtema
Relevant firewall-cmd commands for CentOS: firewall-cmd --zone=internal --change-interface=docker_gwbridge && firewall-cmd --zone=internal --add-port=$MYPORT/tcpSweven
I found that both IP addresses, i.e. the address of docker0 on the host as well as the default gateway address in the container, can be used inside the container to reach the host. (In this answer they are the same, but on my setup they're not.) Is that expected? If so, it might be useful to edit to clarify that.Mathieu
Any ip address of the host can be used to contact services on the host. The idea behind using the address of the docker bridge is that it's the only address that is visible (as the default gateway) inside the container.Westleigh
Likely inside the container you don't have ip. If it's an ubuntu-based container you can do apt-get install iproute2.Anthropogenesis
host.docker.internal worked for me on MacJoinder
After installing commands "ip" "dig" "ping" etc into the container (service) for testing, I have found... Ping is always sucessful, but attempted to access the published ports of another service results in "No Route to Host". However turning off iptables, and this changes to "Could not resolve host" and using the IP directly for the connection works! So I reenabled the iptables and added the appropriate ACCEPT rules, but sill not having much luck. Work continues.Duodenum
@merito the new value to use is docker.for.mac.host.internal, would you mind updating your comment since it has so many upvotesStoush
U
193

Use --net="host" in your docker run command, then localhost in your docker container will point to your docker host.

Unintentional answered 15/2, 2018 at 12:8 Comment(8)
Won't work for those using Dpcker for Windows / Docker for Mac as far as I understand due to the fact that containers run in the virtualized environments: Hyper-V (Windows) / xhyve (Mac)Expeditious
THIS! This is the answer!Vivisectionist
Just for the record: within Docker Componse, network_mode: "host"Synchronism
This isn't working for me on Docker for Mac version 19.03.1 on client and server. I wish it was working, but it's not.Showy
this works for me (Luckily I don't need to cave away the Linux system in which Docker is run e.g. Mac or Windows) however it would be of interest to me of how I could just share a single network port instead of the whole network between main system and the container system.Trant
Even if I am on mac, it works when you want communication between two dockers containers and as i transform all application to docker image it is enough for meTasker
This should be the accepted answer. Much simpler and safer than messing with iptablesBlackcock
If I understand correctly, this is not the answer, because it makes Docker use host networking: "network stack is not isolated from the Docker host (the container shares the host’s networking namespace)". Which may "work", but may not be what the OP needs or intends.Jasmin
I
164

The answer is...

Replace http://127.0.0.1 or http://localhost with http://host.docker.internal.

Why?

Source in the docs of Docker.

My google search brought me to here, and after digging in the comments I found it's a duplicate of From inside of a Docker container, how do I connect to the localhost of the machine?. I voted for closing this one as a duplicate, but since people (including myself!) often scroll down on the answers rather than reading the comments carefully, here is a short answer.

Instrumental answered 26/4, 2021 at 19:1 Comment(5)
This is a perfect solution unless you dont have to make changes locally in your code baseLuddite
Yup thats it. @DeekshithAnand , generally I'd advise structuring your code so that URLs and the like belong in environment variables (ie something like a .env file w/ appropriate loader). That way you can do stuff like this without comporomising production repeatabilityHirsch
This won't work automatically, but you need to provide the following run flag: --add-host=host.docker.internal:host-gatewayBubo
dial tcp: lookup host.docker.internal on 127.0.0.11:53: no such hostRumple
You have no idea how many hours I wasted on this just to find the concise answer, thank you.Badmouth
I
93

For linux systems, you can – starting from major version 20.04 of the docker engine – now also communicate with the host via host.docker.internal. This won't work automatically, but you need to provide the following run flag:

--add-host=host.docker.internal:host-gateway

See

Ileana answered 25/4, 2020 at 10:56 Comment(10)
do you know when this version will be available ?Woods
@Woods according to this kanban board github.com/moby/moby/projects/9, they seem to have a dozen issues in progress, and a handful still TODO.Ileana
For earlier Linux Docker versions we can easily work around it in a similar manner using --add-host host.docker.internal:$(ip addr show docker0 | grep -Po 'inet \K[\d.]+')Cynosure
Major version of what?Tears
I am referring to the major version of the docker engine, cf. docs.docker.com/engine/release-notesIleana
is host-gatewaya keyword or does it have to be the explicit gateway of the host? hmByelorussian
I received an error with host-gateway, using the magic IP works: --add-host=host.docker.internal:172.17.0.1Aliquot
Docker Engine 20.10 was just released and with it, host-gateway should finally be available.Langill
Will this work via docker-compose's extra_hosts?Scarify
@SzczepanHołyszewski Just tried it and YES.Chrysotile
W
53

Solution with docker-compose: For accessing to host-based service, you can use network_mode parameter https://docs.docker.com/compose/compose-file/#network_mode

version: '3'
services:
  jenkins:
    network_mode: host

EDIT 2020-04-27: recommended for use only in local development environment.

EDIT 2021-09-21: IHaveHandedInMyResignation wrote it does not work for Mac and Windows. Option is supported only for Linux

Watt answered 14/6, 2018 at 21:11 Comment(4)
Then how to access jenkins? Seems the port forwarding is not working if use host network modeVisconti
it's a very risky solution and not at all recommended. we should NOT open our host network to containers unless explicitly neededRenae
Please edit this answer. It does not work for Mac and Windows. Option is supported only for LinuxDactylic
how about windows mannReviel
T
29

I created a docker container for doing exactly that https://github.com/qoomon/docker-host

You can then simply use container name dns to access host system e.g. curl http://dockerhost:9200

Trehala answered 6/8, 2018 at 8:36 Comment(3)
That's a clever solution. Are you aware of anything using this with a lot of traffic? There might be overhead to proxying all the traffic through this container.Reading
Yes it works quite nice barely no overhead at all because it just works over loopback-deviceTrehala
Super clean solution, Thanks!Unconquerable
F
26

Currently the easiest way to do this on Mac and Windows is using host host.docker.internal, that resolves to host machine's IP address. Unfortunately it does not work on linux yet (as of April 2018).

Furious answered 20/4, 2018 at 19:47 Comment(2)
This solution worked with Docker version 19.03.1. Many other solutions given here do not work. This is documented at docs.docker.com/docker-for-mac/networking/…Showy
this is great. ping host.docker.internal revealed the host machine's ip and I was able to connect to it. thank you!Contredanse
R
17

I've explored the various solution and I find this the least hacky solution:

  1. Define a static IP address for the bridge gateway IP.
  2. Add the gateway IP as an extra entry in the extra_hosts directive.

The only downside is if you have multiple networks or projects doing this, you have to ensure that their IP address range do not conflict.

Here is a Docker Compose example:

version: '2.3'

services:
  redis:
    image: "redis"
    extra_hosts:
      - "dockerhost:172.20.0.1"

networks:
  default:
    ipam:
      driver: default
      config:
      - subnet: 172.20.0.0/16
        gateway: 172.20.0.1

You can then access ports on the host from inside the container using the hostname "dockerhost".

Reading answered 6/9, 2018 at 14:9 Comment(0)
P
16

We found that a simpler solution to all this networking junk is to just use the domain socket for the service. If you're trying to connect to the host anyway, just mount the socket as a volume, and you're on your way. For postgresql, this was as simple as:

docker run -v /var/run/postgresql:/var/run/postgresql

Then we just set up our database connection to use the socket instead of network. Literally that easy.

Pesticide answered 7/5, 2019 at 17:19 Comment(1)
FYI, we ran into a big issue with this: Docker for Mac doesn't support sockets as mounted volumes. This went swimmingly until a Mac person tried it. :(Pesticide
L
15

For docker-compose using bridge networking to create a private network between containers, the accepted solution using docker0 doesn't work because the egress interface from the containers is not docker0, but instead, it's a randomly generated interface id, such as:

$ ifconfig

br-02d7f5ba5a51: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 192.168.32.1  netmask 255.255.240.0  broadcast 192.168.47.255

Unfortunately that random id is not predictable and will change each time compose has to recreate the network (e.g. on a host reboot). My solution to this is to create the private network in a known subnet and configure iptables to accept that range:

Compose file snippet:

version: "3.7"

services:
  mongodb:
    image: mongo:4.2.2
    networks:
    - mynet
    # rest of service config and other services removed for clarity

networks:
  mynet:
    name: mynet
    ipam:
      driver: default
      config:
      - subnet: "192.168.32.0/20"

You can change the subnet if your environment requires it. I arbitrarily selected 192.168.32.0/20 by using docker network inspect to see what was being created by default.

Configure iptables on the host to permit the private subnet as a source:

$ iptables -I INPUT 1 -s 192.168.32.0/20 -j ACCEPT

This is the simplest possible iptables rule. You may wish to add other restrictions, for example by destination port. Don't forget to persist your iptables rules when you're happy they're working.

This approach has the advantage of being repeatable and therefore automatable. I use ansible's template module to deploy my compose file with variable substitution and then use the iptables and shell modules to configure and persist the firewall rules, respectively.

Loyalist answered 1/1, 2020 at 16:37 Comment(4)
I saw multiple answers suggesting iptables -A INPUT -i docker0 -j ACCEPT, but that didn't help me, whereas the iptables -I INPUT 1 -s 192.168.32.0/20 -j ACCEPT suggested here solved my problem.Asseverate
That is the only proper thing that works.Sectorial
Maybe a better way on Ubuntu is sudo ufw allow from 192.168.32.0/20. That persists restarts.Sectorial
It doesn't help meBikaner
S
7

This is an old question and had many answers, but none of those fit well enough to my context. In my case, the containers are very lean and do not contain any of the networking tools necessary to extract the host's ip address from within the container.

Also, usin the --net="host" approach is a very rough approach that is not applicable when one wants to have well isolated network configuration with several containers.

So, my approach is to extract the hosts' address at the host's side, and then pass it to the container with --add-host parameter:

$ docker run --add-host=docker-host:`ip addr show docker0 | grep -Po 'inet \K[\d.]+'` image_name

or, save the host's IP address in an environment variable and use the variable later:

$ DOCKERIP=`ip addr show docker0 | grep -Po 'inet \K[\d.]+'`
$ docker run --add-host=docker-host:$DOCKERIP image_name

And then the docker-host is added to the container's hosts file, and you can use it in your database connection strings or API URLs.

Schober answered 24/3, 2020 at 17:59 Comment(1)
This also allows you to add a specific host, in case you are talking to Apache and you want to speak to a very specific host. --add-host local.acme.com:$DOCKERIPStopoff
A
5

For me (Windows 10, Docker Engine v19.03.8) it was a mix of https://mcmap.net/q/41134/-how-to-access-host-port-from-docker-container-duplicate and https://mcmap.net/q/41134/-how-to-access-host-port-from-docker-container-duplicate .

  1. change the host/ip to host.docker.internal
    e.g.: LOGGER_URL = "http://host.docker.internal:8085/log"
  2. set the network_mode to bridge (if you want to maintain the port forwarding; if not use host):
    version: '3.7' services: server: build: . ports: - "5000:5000" network_mode: bridge or alternatively: Use --net="bridge" if you are not using docker-compose (similar to https://mcmap.net/q/41134/-how-to-access-host-port-from-docker-container-duplicate)
    As pointed out in previous answers: This should only be used in a local development environment.
    For more information read: https://docs.docker.com/compose/compose-file/#network_mode and https://docs.docker.com/docker-for-windows/networking/#use-cases-and-workarounds
Appalachian answered 2/6, 2020 at 8:27 Comment(1)
host.docker.internal solved the issue for me. Allowed me to access a dev postgres from another container that did not have container access to the other container. DATABASE_URL=jdbc:postgresql://host.docker.internal:5432/mirthdbShelli
K
4

You can access the local webserver which is running in your host machine in two ways.

  1. Approach 1 with public IP

    Use host machine public IP address to access webserver in Jenkins docker container.

  2. Approach 2 with the host network

    Use "--net host" to add the Jenkins docker container on the host's network stack. Containers which are deployed on host's stack have entire access to the host interface. You can access local webserver in docker container with a private IP address of the host machine.

NETWORK ID          NAME                      DRIVER              SCOPE
b3554ea51ca3        bridge                    bridge              local
2f0d6d6fdd88        host                      host                local
b9c2a4bc23b2        none                      null                local

Start a container with the host network Eg: docker run --net host -it ubuntu and run ifconfig to list all available network IP addresses which are reachable from docker container.

Eg: I started a nginx server in my local host machine and I am able to access the nginx website URLs from Ubuntu docker container.

docker run --net host -it ubuntu

$ docker ps
CONTAINER ID        IMAGE               COMMAND             CREATED             STATUS              PORTS               NAMES
a604f7af5e36        ubuntu              "/bin/bash"         22 seconds ago      Up 20 seconds                           ubuntu_server

Accessing the Nginx web server (running in local host machine) from Ubuntu docker container with private network IP address.

root@linuxkit-025000000001:/# curl 192.168.x.x -I
HTTP/1.1 200 OK
Server: nginx/1.15.10
Date: Tue, 09 Apr 2019 05:12:12 GMT
Content-Type: text/html
Content-Length: 612
Last-Modified: Tue, 26 Mar 2019 14:04:38 GMT
Connection: keep-alive
ETag: "5c9a3176-264"
Accept-Ranges: bytes
Kadner answered 9/4, 2019 at 5:47 Comment(0)
H
3

In almost 7 years the question was asked, it is either docker has changed, or no one tried this way. So I will include my own answer.

I have found all answers use complex methods. Today, I have needed this, and found 2 very simple ways:

  • use ipconfig or ifconfig on your host and make note of all IP addresses. At least two of them can be used by the container.

    • I have a fixed local network address on WiFi LAN Adapter: 192.168.1.101. This could be 10.0.1.101. the result will change depending on your router
    • I use WSL on windows, and it has its own vEthernet address: 172.19.192.1

  • use host.docker.internal. Most answers have this or another form of it depending on OS. The name suggests it is now globally used by docker.

A third option is to use WAN address of the machine, or in other words IP given by the service provider. However, this may not work if IP is not static, and requires routing and firewall settings.

PS: Although pretty identical to this question here, and I posted this answer there, I first found this post, so I post it here too as may forget my own answer.

Heteroplasty answered 26/1, 2022 at 21:23 Comment(0)
G
2

The simplest option that worked for me was, I used the IP address of my machine on the local network(assigned by the router)

You can find this using the ifconfig command

e.g

ifconfig

en0: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500
        options=400<CHANNEL_IO>
        ether f0:18:98:08:74:d4 
        inet 192.168.178.63 netmask 0xffffff00 broadcast 192.168.178.255
        media: autoselect
        status: active

and then used the inet address. This worked for me to connect any ports on my machine.

Gynaecocracy answered 22/4, 2021 at 15:41 Comment(0)
O
-4

When you have two docker images "already" created and you want to put two containers to communicate with one-another.

For that, you can conveniently run each container with its own --name and use the --link flag to enable communication between them. You do not get this during docker build though.

When you are in a scenario like myself, and it is your

docker build -t "centos7/someApp" someApp/

That breaks when you try to

curl http://172.17.0.1:localPort/fileIWouldLikeToDownload.tar.gz > dump.tar.gz

and you get stuck on "curl/wget" returning no "route to host".

The reason is security that is set in place by docker that by default is banning communication from a container towards the host or other containers running on your host. This was quite surprising to me, I must say, you would expect the echosystem of docker machines running on a local machine just flawlessly can access each other without too much hurdle.

The explanation for this is described in detail in the following documentation.

http://www.dedoimedo.com/computers/docker-networking.html

Two quick workarounds are given that help you get moving by lowering down the network security.

The simplest alternative is just to turn the firewall off - or allow all. This means running the necessary command, which could be systemctl stop firewalld, iptables -F or equivalent.

Orethaorferd answered 16/11, 2016 at 21:47 Comment(1)
Just as a note,--link is now deprecatedDelicate

© 2022 - 2024 — McMap. All rights reserved.