I just migrated to using Docker for Mac, from previously using Docker Toolbox with virtualbox for OSX.
I used to get the machine IP address with $(docker-machine ip default).
Is there a reliable way to get the Hyperkit IP address?
Thanks!
In opposition to Docker toolbox, Docker for Windows and Docker for Mac are designed to give you the feeling that Docker is running directly on your OS, so they use lightweight virtual machines running under lightweight hypervisors (instead of VirtualBox) handled directly by the docker executable.
Hence you won't see them with docker-machine and you won't see another IP address than localhost.
Docker for Windows relies on the HyperV hypervisor which allows a network connection to tcp://localhost:2375.
Docker for Mac relies on the xhyve hypervisor, the way it's implemented only provides a connection through the socket unix:///var/run/docker.sock.
Workaround
To provide a TCP connection for Docker for Mac:
Install socat. With brew:
brew install socat
Run this socat command to forward TCP requests to the socket
socat TCP-LISTEN:2375,reuseaddr,fork,bind=localhost UNIX-CONNECT:/var/run/docker.sock
Map what you want on tcp://localhost:2375
Up to you to run the socat command on startup, if necessary.
This was for instance useful to me to associate the Webstorm nodeJS debugger to a nodeJS container (since at the time of writing, docker debugging is supported by Webstorm docker integration plugin, but not through unix sockets).
Documentation on Docker for Mac limitations
https://docs.docker.com/docker-for-mac/networking/#/known-limitations-use-cases-and-workarounds
There is no docker0 bridge on macOS
Because of the way networking is implemented in Docker for Mac, you cannot see a docker0 interface in macOS. This interface is actually within HyperKit.
You could use docker image for socat which starts every time you start 'docker for mac'
docker run -d --restart=always -p 2376:2375 -v
/var/run/docker.sock:/var/run/docker.sock bobrik/socat
TCP4-LISTEN:2375,fork,reuseaddr UNIX-CONNECT:/var/run/docker.sock
Find your docker API ip address:
ifconfig | grep 'inet 192'| awk '{ print $2}'
There's no need for working with the xhyve VM's IP address directly like you would with docker-machine. All port mappings are directly mapped to localhost.
$ docker run -d -p 8080:80 nginx:latest
$ curl localhost:8080
Also see the official documentation:
When you run a container with the -p argument, for example: $ docker run -p 80:80 -d nginx Docker for Mac will make the container port available at localhost.
My current solution is to create the containers using Docker Machine (A linux VM which is available under another IP address) and route all the traffic of the containers to the docker machine VM.
sudo route -n add -net 172.18.0.0/16 192.168.99.100
You can get the network range of your docker containers using docker inspect and the IP address of your docker machine VM using docker-machine ip
Another workaround is to use sudo ifconfig lo0 alias 172.17.0.1 so you can still use the same static IP address (if your Linux-based colleagues or bash scripts insist on using that).
Related
I am using Docker Quickstart Terminal to run a docker container. The container should work on port 8088 of localhost:
docker run -it --name myContainer -p 8088:8088
However, when I go to localhost:8088 or 127.0.0.1:8088 I can't find any process running.
This works on OSX.
Why is this not working on Windows?
I'm assuming you're using VirtualBox, since that's what is integrated with the Quickstart terminal.
The reason it doesn't work is that Windows isn't running your (Linux) containers natively, it's running them in a separate Linux-based VM. This VM is available under a different ip address than your "physical" machine, usually printed when you start the quickstart terminal:
This is the ip address you need to use in order to connect to published container ports.
One possibility is the kind of VM you are using : HyperV (Docker For Windows) or VirtualBox (Docker Toolbox).
If it is the later (which seems probable since you are using the Docker Quickstart Terminal), you need to port forward 8088 in order for your PC (localhost) to see it.
See "How do I configure docker compose to expose ports correctly?" as an example when using VirtualBox.
If localhost does not work, a docker-machine ip will show you the ip of the VM being executed.
I've installed the Docker for Mac beta which allows you to use docker commands directly. I want to try to run rethinkdb through docker, so I've followed the instructions of the rethinkdb docker container docs and done the following:
docker run --name some-rethink -v "$PWD:/data" -d rethinkdb
This works, and I can see the container with docker ps and start shell with docker exec -it /bin/bash
However, I can't connect to the admin panel on my Mac directly with their suggestion
$BROWSER "http://$(docker inspect --format \
'{{ .NetworkSettings.IPAddress }}' some-rethink):8080"
This essentially amounts to google-chrome http://172.17.0.2:8080/, but this doesn't work. I asked around and was told
You can't use the docker private ip address space to access the ports
You have to forward them to the mac
However, I'm not sure how to do this as I don't have any port forwarding tools I'm familiar with such as ssh on the container itself. Using the suggested port forwarding command in the rethinkdb container docs ssh -fNTL ... but with localhost instead of remote does not work.
How can I connect to the rethinkdb admin panel through http with the docker beta on a Mac?
Try forwarding the container port using the -p flag in the docker run command, e.g.:
docker run -p 8080:8080 --name some-rethink -v "$PWD:/data" -d rethinkdb
and then it should be accessible on localhost,
google-chrome http://127.0.0.1:8080/
Relevant docker run docs: https://docs.docker.com/engine/reference/run/#/expose-incoming-ports
I'm running docker on top on vagrant and would like to debug application remotely using pycharm running on windows (which runs vagrant). Of course the docker host is then on vagrant - not the same machine pycharm is running on.
I have to specify the certificates folder and docker machine executable as a local files / directories. Does this mean I cannot debug applications using pycharm in this setup?
Of course I could ssh directly into the docker container but then I have no features pycharm gives me.
pycharm cannot remote debug because cannot connect with code in docker in vagrant
you need bridge port from docker with vagrant before this.
you need find vagrant ip and docker ip (by default, vagrant ip: 10.0.2.2, you can see when run vagrant ssh)
second determine port for debug( exam 21000)
use commant code in terminal
vagrant ssh
sudo iptables -t nat -A PREROUTING -p tcp --dport 21000 -j DNAT --to-destination 10.0.2.2:21000
sudo iptables -t nat -A POSTROUTING -j MASQUERADE
set code for python file:
change 172.19.0.1 with your docker ip (in vagrant)
import pydevd
pydevd.settrace('172.19.0.1', port=21000, suspend=False)
set on breakpoint on code and try to debug
It is possible however not recommended, it has the potential to introduce a number of problem spots longer term and brings a increased security risk.
as per the docker documentation ...
If you are okay with the security risk and if docker toolbox using boot2docker is not an option for your situation, then you will need to ensure:
Docker client/server versions are identical
Port forwarding on your local vagrant box is setup
Add the TCP binding for the docker server, either as a replacement to the default unix socket binding and/or in addition.
Here is what I have tried:
My goal: running the prosody XMPP server inside a container, accessed by my (as-yet uncontainerized) local development environment.
I installed the prosody XMPP server - this is what I am trying to use as a container for local development.
It comes dockerized here:
https://github.com/lloydwatkin/prosody-docker
I ran, as per documentation:
docker run -d prosody/prosody --name prosody -p 5222:5222
I checked prosody was running with docker exec -t -i /bin/bash
docker ps shows that the container is running, forward to 5222.
But, on my Mac local shell, telnetting to my boot2docker ip on port 5222 cannot connect.
I have tried this https://github.com/boot2docker/boot2docker/blob/master/doc/WORKAROUNDS.md
but I cannot get that to work.
To add to my confusion, the latest docker.com documentation states port forwarding should work, under Container Port Redirection:
https://docs.docker.com/installation/mac/
There was an error in the docker container documentation for prosody. The correct order of params are:
docker run -d --name prosody -p 5222:5222 prosody/prosody
There's no error handling so it was really difficult to identity.
Try running this command in Terminal to forward communication from your local machine's ports 5200 through 5299 to the VirtualBox's ports:
for i in {5200..5299}; do VBoxManage modifyvm "boot2docker-vm" --natpf1 "tcp-port$i,tcp,,$i,,$i”; VBoxManage modifyvm "boot2docker-vm" --natpf1 "udp-port$i,udp,,$i,,$i";done
Docker (www.docker.io) looks terrific. However, after installing VirtualBox, Vagrant
... and finally Docker on a Mac, I'm finding it's not possible to access the service running in the Docker container from another computer (or from a terminal session on the Mac). The service I'm trying to access is Redis.
The problem appears to be that there's no route to the IP address assigned to the Docker container. In this case the container's IP is 172.16.42.2 while the Mac's IP is 196.168.0.3.
A couple notes:
It IS possible to access it - but only from within the VirtualBox session. This can be done using redis-cli -h 172.16.42.2 -p 6379.
I have added "config.vm.network :bridged" to the VagrantFile in an attempt to get the, but that didn't solve the problem.
The VM generated by vagrant is indeed isolated, in order to access it from your host, you can allocate a private network to it.
Instead of doing config.vm.network :bridged, try config.vm.network :private_network, ip: "192.168.50.4", It should do the trick
However, this will only allow you to access the VM itself, not the containers.
In order to do so, when running the container, you can add the -p option
ex: docker run -d -p 8989 base nc -lkp 8989
This will run a netcat listening on 8989 within a container and expose the port publicly. As it is also run with -d, the container will be in detached mode and the only output will be the container's ID
In order to expose the port, Docker do a simple NAT. In order to know the real port, you can
do docker port <ID of the container> 8989
Netcat will be available from the mac at 192.168.50.4:<result>
I just wrote a tutorial of how to use a host-only network and TCP routing to make this pretty easy. This way you don't have to map every specific port.
http://ispyker.blogspot.com/2014/04/accessing-docker-container-private.html
Important points ...
1) Add host-only network to Virtual Box
2) Tell the boot2docker VM to have an adapter on the host-only network
3) Add an IP for the new boot2docker VM host-only networking adapter
4) Route all Mac OS X traffic for the docker container subnet to that boot2docker VM host-only networking IP
Actual steps are on the blog with output so you can compare to what you see as you follow them.
I have installed tomcat from my Dockerfile and forwarded that to 6060 using vagrant`s port forwarding. These are the steps worked for me:
vagrant provision
vagrant up
vagrant ssh
box_name$ docker run -i -t -p 8080:8080 bsb_tomcat6 /bin/bash
Able to see tomcat up & running on localhost:6060, as I have done port forwarding to 6060 in my Vagrantfile
you also can define PRIVATE_NETWORK and FORWARD_DOCKER_PORTS environment variables to access your services that are running in docker containers:
$ vagrant halt
$ export PRIVATE_NETWORK=192.168.50.4
$ export FORWARD_DOCKER_PORTS=1
$ vagrant up
In my case i can access postgres from Mac using
$ telnet 192.168.50.4 49154
to find out actual application port you can use
$ sudo docker port 1854499c6547 5432
0.0.0.0:49154