I can not ping a docker container

Question

I can not ping a docker container

Navigation

#1 by (4 votes)
#2 by (2 votes)

1

I'm running docker on windows 10; I have two containers configured on which I can not ping:

> docker inspect -f "{{.NetworkSettings.IPAddress}}" app_nginx
172.17.0.3

Al hacer ping, sale tiempo de espera agotado.
Al hacer ipconfig:

    Adaptador de Ethernet vEthernet (DockerNAT):

       Sufijo DNS específico para la conexión. . :
       Vínculo: dirección IPv6 local. . . : 
       Dirección IPv4. . . . . . . . . . . . . . : 10.0.75.1
       Máscara de subred . . . . . . . . . . . . : 255.255.255.0
       Puerta de enlace predeterminada . . . . . :

    Adaptador de LAN inalámbrica Conexión de área local* 10:

       Estado de los medios. . . . . . . . . . . : medios desconectados
       Sufijo DNS específico para la conexión. . :

    Adaptador de LAN inalámbrica Wi-Fi:

       Sufijo DNS específico para la conexión. . : xxxxxx
       Vínculo: dirección IPv6 local. . . : _::_:_:_:4f10%3
       Dirección IPv4. . . . . . . . . . . . . . : 192.168.0.15
       Máscara de subred . . . . . . . . . . . . : 255.255.255.0
       Puerta de enlace predeterminada . . . . . : 192.168.0.1

    Adaptador de túnel xxxxxxx:

       Estado de los medios. . . . . . . . . . . : medios desconectados
       Sufijo DNS específico para la conexión. . : xxxxxxx

    Adaptador de túnel yyyyyyy:

       Estado de los medios. . . . . . . . . . . : medios desconectados
       Sufijo DNS específico para la conexión. . :

Al revisar la informacion de bridge:
 docker network inspect bridge
[
    {
        "Name": "bridge",
        "Id": "734d974df1d9d113d2b7eb25564ea6933f02e07f199683f21c5bb7eb51b4421d",
        "Scope": "local",
        "Driver": "bridge",
        "EnableIPv6": false,
        "IPAM": {
            "Driver": "default",
            "Options": null,
            "Config": [
                {
                    "Subnet": "172.17.0.0/16",
                    "Gateway": "172.17.0.1"
                }
            ]
        },
        "Internal": false,
        "Containers": {
            "207c9c31bc0d75170010ecc9abb0ea0833529ceeff414775a4771b539d32751e": {
                "Name": "app_php",
                "EndpointID": "1a2876ce257f714b63e65bc134419839da94a5edb3802c5b3a06757857447e5f",
                "MacAddress": "02:42:ac:11:00:02",
                "IPv4Address": "172.17.0.2/16",
                "IPv6Address": ""
            },
            "ca51d37feb4d5b10946ee44f41432f41506b0cfb217e4e0ee820e69fd9260305": {
                "Name": "app_nginx",
                "EndpointID": "33be98be3d5234a821160ecc86ca7abce3ea764ad31b4a979d27d56abb8d0992",
                "MacAddress": "02:42:ac:11:00:03",
                "IPv4Address": "172.17.0.3/16",
                "IPv6Address": ""
            }
        },
        "Options": {
            "com.docker.network.bridge.default_bridge": "true",
            "com.docker.network.bridge.enable_icc": "true",
            "com.docker.network.bridge.enable_ip_masquerade": "true",
            "com.docker.network.bridge.host_binding_ipv4": "0.0.0.0",
            "com.docker.network.bridge.name": "docker0",
            "com.docker.network.driver.mtu": "1500"
        },
        "Labels": {}
    }
]

In summary I have the Getway bridge ip 172.17.0.1, the container that interests me 172.17.0.3 and if I check the ip in docker nat in windows it is 10.0.75.1

I tried redirecting everything from 172.17.0.x to 10.0.75.1, but it did not work for me.

route add 172.0.0.0/16 MASK 255.255.255.0 10.0.75.1 obtaining as a result when pinging. Waiting time exhausted.

I know that I can ultimately expose a port locally, however I would like to know why it is not possible to access it in this way. Thanks for your time.

windows docker

asked by jorge 17.01.2017 в 04:20

source

2 answers

Search and Delete duplicate MYSQL records Add a space between each character

score 4 · Answer 1

In my opinion, it does not make much sense to ping a contender. If you have hundreds of containers it's crazy to be finding out your internal ip to ping them.

I guess that pinging the container is to check if it is running correctly. For this it is better to use the tools that Docker gives you.

In my case if I want to see if a container is running I run sudo docker ps and it shows me a list with the open ports and where they are redirected, the time they take running ...

informatica@Bender:~/Desarrollo/blog/gitlab/blog$ sudo docker ps 

CONTAINER ID        IMAGE                   COMMAND                  CREATED             STATUS              PORTS                              NAMES
9b790cb8563d        asg1612/glpi            "/usr/bin/supervisord"   3 hours ago         Up 3 hours          0.0.0.0:8001->80/tcp               affectionate_murdock
788d335b1b2d        mariadb                 "docker-entrypoint..."   24 hours ago        Up 24 hours         3306/tcp                           mariadb-glpi
e8a143ac0733        minio/minio             "minio server /export"   24 hours ago        Up 24 hours         0.0.0.0:9000->9000/tcp             minio1
31f6e156c5ac        registry:2              "/entrypoint.sh /e..."   24 hours ago        Up 24 hours         0.0.0.0:5001->5000/tcp             sharp_williams
ef4e1d05d588        rancher/server:v1.6.0   "/usr/bin/entry --..."   11 days ago         Up 28 hours         3306/tcp, 0.0.0.0:8080->8080/tcp   sharp_haibt
8b89dc38fb29        mysql                   "docker-entrypoint..."   3 months ago        Up 28 hours         0.0.0.0:3306->3306/tcp             ranger-mysql
b7e8c47b42d9        registry:2              "/entrypoint.sh /e..."   3 months ago        Up 28 hours         0.0.0.0:5000->5000/tcp             registry

The container may be up but the application you are running is not working properly. For this I check it with the command sudo docker logs

informatica@Bender:~/Desarrollo/blog/gitlab/blog$ sudo docker logs 9b790cb8563d
/usr/lib/python2.7/dist-packages/supervisor/options.py:297: UserWarning: Supervisord is running as root and it is searching for its configuration file in default locations (including its current working directory); you probably want to specify a "-c" argument specifying an absolute path to a configuration file for improved security.
  'Supervisord is running as root and it is searching '
2017-06-13 09:00:13,877 CRIT Supervisor running as root (no user in config file)
2017-06-13 09:00:13,877 WARN Included extra file "/etc/supervisor/conf.d/supervisord.conf" during parsing
2017-06-13 09:00:13,884 INFO RPC interface 'supervisor' initialized
2017-06-13 09:00:13,885 CRIT Server 'unix_http_server' running without any HTTP authentication checking
2017-06-13 09:00:13,885 INFO supervisord started with pid 1
2017-06-13 09:00:14,886 INFO spawned: 'apache' with pid 8
2017-06-13 09:00:14,914 INFO exited: apache (exit status 0; not expected)
2017-06-13 09:00:15,916 INFO spawned: 'apache' with pid 18
2017-06-13 09:00:15,948 INFO exited: apache (exit status 0; not expected)
2017-06-13 09:00:16,949 INFO gave up: apache entered FATAL state, too many start retries too quickly

In case you need to investigate something else I get a shell inside the container. What allows me to chip and do more checks.

informatica@Bender:~/Desarrollo/blog/gitlab/blog$ sudo docker exec -ti 9b790cb8563d /bin/bash
root@9b790cb8563d:/var/local/www#

More information on the commands: - docker ps - docker logs

score 2 · Answer 2

It is not possible to ping any of the two containers in this way, this is because they are in a different network than your physical PC.

You can try creating a new network using the bridge controller and assigning yourself the configuration parameters so that Docker is responsible for establishing the IP within the range accepted by your local network:

  $ docker network create \
  --driver=bridge \
  --subnet=172.28.0.0/16 \
  --ip-range=172.28.5.0/24 \
  --gateway=172.28.5.254 \
  nombre_de_tu_red_docker

Do not forget to modify all the settings according to your network.

Then when executing the containers, or lifting them, make sure to link them to that network, for example:

$ docker run -d --net=nombre_de_tu_red_docker -it ubuntu:16.04 bash

Then you can scan the IPs assigned to your containers, and if they are in the same network of your PC, you should not have problems to ping from one side to another. If not, see how VirtualBox works, when creating a virtual machine and assigning it the bridge controller, it behaves like another node in your local network, and receives an IP and other configurations from your DHCP server (modem, router or hub).