setup correctly connection from container to Docker API
pisarevaa opened this issue · 6 comments
Could you please explain how to setup correctly connection from container to Docker API or host port 2375 in Linux machine.
- I have opened port 2375 to connect to Docker API in /lib/systemd/system/docker.service:
ExecStart=/usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock -H tcp://127.0.0.1:2375
- My docker-compose.yml is:
version: '3.7'
services:
web:
image: some_image
restart: unless-stopped
command: python manage.py runserver 0.0.0.0:80
volumes:
- ./:/usr/src/app/
ports:
- 80:80
depends_on:
- docker-host
networks:
- app-network
env_file:
- ./.env
docker-host:
image: qoomon/docker-host
cap_add: [ 'NET_ADMIN', 'NET_RAW' ]
restart: on-failure
networks:
- app-network
networks:
app-network:
driver: bridge
- After that I connect to container via
sudo docker exec -it web_1 bash
- Run command inside container
curl -X GET host.docker.internal:2375/containers/json
and get an errorcurl: (6) Could not resolve host: host.docker.internal
Where am I wrong?
I ended up with the following steps:
- Added unix socket to Docker API in /lib/systemd/system/docker.service:
ExecStart=/usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock -H tcp://127.0.0.1:2375 -H unix:///var/run/docker.sock
- Add volume /var/run/docker.sock to docker-compose.yml is:
version: '3.7'
services:
web:
image: some_image
restart: unless-stopped
command: python manage.py runserver 0.0.0.0:80
volumes:
- ./:/usr/src/app/
- /var/run/docker.sock:/var/run/docker.sock
ports:
- 80:80
depends_on:
- docker-host
networks:
- app-network
env_file:
- ./.env
docker-host:
image: qoomon/docker-host
cap_add: [ 'NET_ADMIN', 'NET_RAW' ]
restart: on-failure
networks:
- app-network
networks:
app-network:
driver: bridge
- Run command succesfully
curl -XGET --unix-socket /var/run/docker.sock localhost:2375/containers/json
Hi glad to hear you found a solution. However it will work if you connect to the right host curl -X GET <DOCKER_HOST_CONTAINER_NAME>:2375/containers/json
in you example it would be curl -X GET docker-host:2375/containers/json
I highly recommend not binding "docker.sock" into you application container cause you can gain root access to you docker host system from within your web application container.
Hi, I have tried curl -X GET docker-host:2375/containers/json
but got an error Failed to connect to docker-host port 2375: Connection timed out
what OS do you use?
On Linux systems
You have to bind your host applications to bridge network gateway in addition to localhost(127.0.0.1).
Use following docker command to get the bridge network gateway IP address
docker network inspect bridge --format='{{( index .IPAM.Config 0).Gateway}}'
You might need to configure your firewall of the host system to allow the docker-host container to communicate with the host on your relevant port, see #21.
maybe its because auf the bridge network configuration in your docker.compose file, can you give it a try without that network?