0

I have a container running a Java web service with jetty. I would like to connect to the Docker host process, ie tcp://dockerhost:2376, to build and publish images to the local registry on demand.

I can connect to the host from the container but for some annoying reason, I can't seem to connect to the docker host process... Could this be down to some internal firewall rules? The strange thing is I can connect to other docker services, ie on other machines, but NOT the one running the container.

EDIT - just to be clear

  • my docker daemon runs on 192.168.22.150, port 2376
  • I can do curl -X GET http://192.168.22.150:2376 from any machine (VM) on that net and I get the usual message
  • I can do curl -X GET http://192.168.22.150 from my docker container and that works fine (I have a process listening on 80)
  • I can do curl -X GET http://192.168.22.XXX:2376 on another machine running a docker daemon from my container
  • If I do curl -X GET http://192.168.22.150:2376 from my container, it hangs Feels like it's a firewall issue?
Thomas
  • 1,967
  • 2
  • 15
  • 22
  • Opening network access to the Docker socket is a major security hole: anyone who can reach it can trivially root the host. Have you looked at questions like [Access Docker socket within container](https://stackoverflow.com/q/22135897/10008173), which has both the standard recipe for using the host's Docker socket and appropriate security warnings? – David Maze Jul 07 '20 at 19:53
  • Thanks. I don't want to expose the socket, I want to access it via its IP address. – Thomas Jul 07 '20 at 21:24
  • It won't have an IP address in a typical setup. – David Maze Jul 07 '20 at 22:43
  • Try this guide: https://estl.tech/accessing-docker-from-a-kubernetes-pod-68996709c04b You'll want to mount the host's docker socket (not an IP) into the container and ensure you have permission to open/write to it. – jbielick Jul 08 '20 at 02:33
  • OK, forget about it, it was the firewall running on my daemon machine that wasn't letting the traffic through... argg. – Thomas Jul 08 '20 at 07:08

1 Answers1

0

I was down to a firewall issue... the IP address of the container wasn't allowed through for the 2376 port, I added it and it worked. Sorry for the trouble and thanks for the help.

Thomas
  • 1,967
  • 2
  • 15
  • 22