Docker Community Forums

Share and learn in the Docker community.

Access dockerized services via the container's IP address?


(Derickbailey) #1

Hi,

I’m rather new to Docker, and am using the stable release of Docker for Mac on my laptop (mid-2012 MBPr, latest OSX 10.11.6).

I’m wondering if it’s possible to access the services provided by a dockerized app, via the IP address of the container?

For example, I can pull and run the nginx image no problem. I can run with the -p 80:80 settings and access http://localhost just fine, and i will see the nginx homepage.

But I don’t want port forwarding.

So I just do docker run -d --name nginx-test nginx to create my container.

Now, using docker inspect <name>, I can see that my nginx container is running on the bridged network, at 172.17.0.2

I want to access http://172.17.0.2 from my host machine (my Mac).

But every time I try to curl that IP or hit it via a web browser, I get nothing - no connection, no response, nothing.

I’ve spent days searching google, asking on twitter and various slack channels. Everyone keeps assuming i’m just trying to use port mapping with the -p option, and it’s really frustrating me. I don’t want port mapping / forwarding. I want to access the containerized app’s services by it’s IP address.

So, is it possible to use the 172.* IP address of a docker container from my host machine? If so, what am I doing wrong / missing?

Thanks!

  • Derck

(David Maze) #2

No. This is a well-known limitation of Docker for Mac.

(It’s not really good practice on Docker for Linux either. I like to think of my containers as packaged processes, not lightweight VMs. So if you start nginx on your host, what’s the IP address of that process?)


(Derickbailey) #3

wow - that’s a HUGE bummer :frowning:

what’s the point in packaging an app in a container, if i can’t access that app?

I have a rather large system (8+ running apps) that involve multiple web sites. i really wanted to get away from using port 3333, 3334, 3335, 3336, etc, as this causes problems with certain types of clients (podcast players, for example) that don’t support port numbers.

but i guess i’m stuck with using strange port numbers with other workarounds, for now (current workaround: nginx reverse proxy w/ host headers. ugh. too much configuration to deal with).

i hope this is fixed soon!


(Fredlackey) #4

I’m so confused… possibly.

When you say “access the services provided by a dockerized app”, are you referring to a web service? Something hosted behind Express or Apache? If so, then how would this differ from using an actual physical machine?

With hosting multiple web services on a single physical server (which is basically what is happening here), only one web service would be able to sit at the default HTTP/HTTPS ports. Everything else would need to be via a specific port OR using header redirection.

When deploying a web server or site in a farm there will usually be a need to use some type of redirection technology (Big IP, F5, Cisco Redirector, etc.) to move incoming requests to one of the servers / nodes in the farm. That being said, using something like NGINX in Docker would be playing the same role… redirecting to machines based on headers.

Sorry if I just clouded the issue. Just not sure what I’m missing.


(Derickbailey) #5

yes.

each docker container gets it’s own IP address. there is no conflict of port 80 or 443 or anything else, because App1 is on IP 172.17.0.2 and App2 is on 172.17.0.3 … so why shouldn’t I be able to access the web service via that IP address? (other than this being a limitation in Docker for Mac)


(Fredlackey) #6

Aaaand, here’s where the confusion sets in. :stuck_out_tongue:

On these containers, if you open port 80 and 443 (EXPOSE 80, -p 80:80, etc.), and if Express is listening on port 80, then you cannot get to the web app?


(Derickbailey) #7

So, Fred and I chatted for a while via other means. And it turns out my expectations of Docker were very, very wrong. Still trying to wrap my head around this being a virtualized (“containerized”) application… not a virtual machine like VMWare or Parallels.

I think I get it, now.


(Rdpravin1895) #8

is this not possible only in docker for mac? or there is no such facility in any of the docker versions(ubuntu and windows)?


(Mamunsardar) #9

I also tried the same thing “try to access docker container through container ip”. With docker Docker version 17.05.0-ce, build 89658be and linux host linux 4.10.0-32-generic #36~16.04.1-Ubuntu SMP, I did get success. Here is the output: https://paste.ofcode.org/BMj7eeaPSjzEuEEide7DHy. Then I tried on windows and but can’t get it working. Then I read this thread and realized that it’s not the “docker way”. So I went back to port mapping :expressionless:


How to create docker container's with in wifi network and access containers on remote host
(Ocie) #10

I would like to be able to do something like this myself. I am running a set of three services using docker-compose for development testing. Each service has a status page with links to the status pages of the other services. Except that these links are all constructed using the hostname/IP address of the service within Docker’s own network, so the browser of course can’t follow them and I have to type them in by hand.


(Vivekraj59) #11

Do check java path is set or not. Set the java home path and try again