How to access a docker container running on MacOSX from another host?

Question

I'm trying to get started with docker and want to run the Ubiquiti video controller. I have installed Docker Toolbox and managed to get the container to run on my Yosemite host and can access it on the same mac by going to the IP returned by docker-machine ip default. But I want to access it on other machines on the network and eventually set up port forwarding on my home router so I can access it outside my home network.

As suggested in boot2docker issue 160, using the Virtualbox GUI I was able to add a bridged network adaptor, but after restarting the VM docker-machine can no longer connect with the VM. docker env default hangs for a long time but eventually returns some environment variables along with the message Maximum number of retries (60) exceeded. When I set up the shell with those variables and try to run docker ps I get the error: An error occurred trying to connect: Get https://10.0.2.15:2376/v1.20/containers/json: dial tcp 10.0.2.15:2376: network is unreachable.

I suspect that docker-machine has some assumptions about networking configuration in the VM and I'm mucking them up.

docker-machine ssh ifconfig -a returns the following:

docker0   Link encap:Ethernet  HWaddr 02:42:86:44:17:1E  
          inet addr:172.17.42.1  Bcast:0.0.0.0  Mask:255.255.0.0
          UP BROADCAST MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)

dummy0    Link encap:Ethernet  HWaddr 96:9F:AA:B8:BB:46  
          BROADCAST NOARP  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)

eth0      Link encap:Ethernet  HWaddr 08:00:27:37:2C:75  
          inet addr:192.168.1.142  Bcast:192.168.1.255  Mask:255.255.255.0
          inet6 addr: fe80::a00:27ff:fe37:2c75/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:2996 errors:0 dropped:0 overruns:0 frame:0
          TX packets:76 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:278781 (272.2 KiB)  TX bytes:6824 (6.6 KiB)
          Interrupt:17 Base address:0xd060 

eth1      Link encap:Ethernet  HWaddr 08:00:27:E8:38:7C  
          inet addr:10.0.2.15  Bcast:10.0.2.255  Mask:255.255.255.0
          inet6 addr: fe80::a00:27ff:fee8:387c/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:767 errors:0 dropped:0 overruns:0 frame:0
          TX packets:495 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:122291 (119.4 KiB)  TX bytes:116118 (113.3 KiB)

eth2      Link encap:Ethernet  HWaddr 08:00:27:A4:CF:12  
          inet addr:192.168.99.100  Bcast:192.168.99.255  Mask:255.255.255.0
          inet6 addr: fe80::a00:27ff:fea4:cf12/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:430 errors:0 dropped:0 overruns:0 frame:0
          TX packets:322 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:53351 (52.1 KiB)  TX bytes:24000 (23.4 KiB)

lo        Link encap:Local Loopback  
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:65536  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)

eth0 seems to be getting a reasonable DHCP address from my router.

I'm not sure whether this is the right approach or whether I'm barking up the wrong tree. If I can get the bridged network adaptor working on the VM, I don't know how to then convince my docker container to use it. I've tried searching high and low on the internet. I've found dozens of sites that explain how you need to access the container using the value of docker-machine ip default rather than localhost but nothing to explain how to access from a different host. Maybe I need to improve my googling skills.

Answer 1

OK, so I found a better way to do it than trying to use a bridging network adaptor. I found it in the boot2docker docs on port forwarding.

Just use VBoxManage modifyvm default --natpf1 "my_web,tcp,,8080,,80" or use the VirtualBox GUI to specify your port forwarding for the NAT adaptor.

Then, remove the -p option from your docker run command and use --net=host instead. That is instead of

docker run -d -p 8080:80 --name=web nginx

use

docker run -d --net=host --name=web nginx

And voila! Your web server is available at localhost:8080 on your host or YOURHOSTIP:8080 elsewhere on your LAN.

Note that using --net=host may mess up communication between containers on the VM, but since this is the only container I plan to run, it works great for me.

Answer 2

This working for me

• with stopped VM add a 3rd "bridge" network
• start the VM with docker-machine start machine-name
• regenerate certs with docker-machine regenerate-certs machine-name

check if ok with docker-machine ls