Docker Community Forums

Share and learn in the Docker community.

Connecting to docker containers from other host

opensource
docker

(Abhaykumarsomani) #1

Hi,

I am new to docker as well as I don’t have much knowledge regarding networking. Now, here is the scenario, I am in a private network and have 2 machines ( 165.98.163.96 and 165.98.163.129). I have my docker engine running on 163.96 . I created a new container that runs LDAP using docker run and the container gets the ip 172.17.0.2.
My command :
docker run -i -t -p 50389:389 -p 50636:636 myLDAPapplication /bin/bash

Now I want to connect to this container from 163.129, so that I can perform ldap operations from this host instead of 163.96. I have exposed port 389 and 636 in my dockerfile and mapped these ports to 50389 and 50636 respectively as you can see in the command. But still I am unable to connect to the container from 163.129.
However from inside the container, I am able to ping 163.129 machine.

Can anyone please help me in setting up this kind of setup??


(David Maze) #2

Once you actually start the server, other systems should be able to see it on 165.98.163.96 ports 50389 and 50636.

Does your host OS have a restrictive firewalling policy (e.g., CentOS/RHEL)? You might need to open those two ports in the firewall.

Is the other host, 165.98.163.129, actually on the same network (a /24 or larger)? Can you connect to other services, like an sshd, running on the host?


(Abhaykumarsomani) #3

@dmaze Thanks
I guess I did something wrong previously because it is listening to that port 50389 on 163.96 now. But now I am contacting to 163.96. Is there any way, where I can directly contact the container 172.17.0.2, instead of contacting 163.96 through ports, because, I would require to set up multiple containers and remembering port nos for all containers will be a bit of confusing and cumbersome.


(Richardpayne) #4

@abhaykumarsomani you can use the “–net=host” option on the run command. This will connect the container to the host’s network (the 165.98.0.0 network) instead of the Docker bridge (the 172.17.0.0 network).

The container will then receive a 165.98.x.x address instead of 172.17.0.2 and you’ll be able to connect to it directly on ports 389 and 636. You can also lose the -p switches from the docker run command.


(Abhaykumarsomani) #5

But in this case also, my problem would be same…if I setup multiple containers, everyone will listen on host(164.99.163.96) only. I am looking for a way to differentiate these containers.


(Richardpayne) #6

No, putting the containers on the host network would result in each container being directly accessible with its own 165.98.x.x address.