When I start up a container I can ping to hosts outside our company, and curl to get web pages, but I can’t ping to any host inside our 10.x.x.x private network. Which presents problems when trying to load code from our company host which has a ip address in the private range.
Is this doable from a Mac or do I have to run a VirtualBox linux instance and get access from containers in that?
You probably need to specify your company’s intranet DNS server’s IP address via the --dns option when starting the container:
docker run --dns aa.bb.cc.dd ...
I think you can also add the DNS server in Docker Desktop’s preferences, so you won’t have to do it on every docker run. In the Advanced settings, add the DNS in daemon.json, if I recall. Sorry, it’s been a long time since I’ve configured that, and I’m not at my work computer at the moment.
Hi jmmen1. The problem wasn’t that it couldn’t find the ip address from the name, it could get the ip perfectly ok. The problem was that it wouldn’t route through to anything on the 10.x private subnet. But…
After days of trying different options I just uninstalled Docker Desktop and zapped all config files, and reinstalled and it worked perfectly. So now the problem is fixed, but without a clear idea of why I had the problem in the first place.
Just spent several hours poking around with this trying to figure out what on earth had happened. It turns out it’s pretty simple. Amazingly a docker network can use the same subnet as your LAN or an overlapping one. I guess docker daemon running in a VM doesn’t know what subnet to avoid.
So if this happens to you then the very first thing to do is type:
docker network prune
If that doesn’t help then you will need to find the network manually and figure out how to remove it:
philip@Philips-MBP ~ % docker network ls
NETWORK ID NAME DRIVER SCOPE
f617e47f76bb bridge bridge local
6b3052841d3f host host local
3141c1aa54d4 none null local
philip@Philips-MBP ~ % docker inspect f617e47f76bb | grep Subnet
"Subnet": "172.17.0.0/16",
At this point it’s likely you have active containers on that subnet so you may need to tear them down first.