How to access Docker container through DockerNAT IP address on Windows 10?
Question
Overview
I am using a course to learn how to Dockerize my ASP.NET Core application. I have a networking issue with the token server I am trying to use in my configuration.
The ASP.NET Core Web application ( webmvc ) allows authorization through a token server ( tokenserver ).
docker-compose for the services
tokenserver
tokenserver:
build:
context: .\src\Services\TokenServiceApi
dockerfile: Dockerfile
image: shoes/token-service
environment:
- ASPNETCORE_ENVIRONMENT=ContainerDev
- MvcClient=http://localhost:5500
container_name: tokenserviceapi
ports:
- "5600:80"
networks:
- backend
- frontend
depends_on:
- mssqlserver
tokenserver knows about the webmvc url.
webmvc
webmvc:
build:
context: .\src\Web\WebMvc
dockerfile: Dockerfile
environment:
- ASPNETCORE_ENVIRONMENT=ContainerDev
- CatalogUrl=http://catalog
- IdentityUrl=http://10.0.75.1:5600
container_name: webfront
ports:
- "5500:80"
networks:
- frontend
depends_on:
- catalog
- tokenserver
Running the container confirms that webmvc will try to reach the identity server at http://10.0.75.1:5600 .
By running ipconfig in my Windows machine I confirm that DockerNAT is using 10.0.75.1 :
Ethernet adapter vEthernet (DockerNAT):
Connection-specific DNS Suffix . :
IPv4 Address. . . . . . . . . . . : 10.0.75.1
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . :
http://10.0.75.1:5600/ is not accessible when accessed from the host machine while http://localhost:5600 is accessible.
However, I have to rely on DockerNAT IP because webmvc must access the service from its own container where localhost:5600 does not make sense:
docker exec -it webfront bash
root@be382eb4608b:/app# curl -i -X GET http://10.0.75.1:5600
HTTP/1.1 404 Not Found
Date: Fri, 03 Jan 2020 08:55:48 GMT
Server: Kestrel
Content-Length: 0
root@be382eb4608b:/app# curl -i -X GET http://localhost:5600
curl: (7) Failed to connect to localhost port 5600: Connection refused
Token service container inspect (relevant parts)
"HostConfig": {
"Binds": [],
....
"NetworkMode": "shoesoncontainers_backend",
"PortBindings": {
"80/tcp": [
{
"HostIp": "",
"HostPort": "5600"
}
]
},
"NetworkSettings": {
"Bridge": "",
"SandboxID": "6637a47944251a4dc59205dc6e03670bc4b03f8bf38a7be0dc11b72adf6a3afa",
"HairpinMode": false,
"LinkLocalIPv6Address": "",
"LinkLocalIPv6PrefixLen": 0,
"Ports": {
"80/tcp": [
{
"HostIp": "0.0.0.0",
"HostPort": "5600"
}
]
},
"SandboxKey": "/var/run/docker/netns/6637a4794425",
"SecondaryIPAddresses": null,
"SecondaryIPv6Addresses": null,
"EndpointID": "",
"Gateway": "",
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": 0,
"IPAddress": "",
"IPPrefixLen": 0,
"IPv6Gateway": "",
"MacAddress": "",
"Networks": {
"shoesoncontainers_backend": {
"IPAMConfig": null,
"Links": null,
"Aliases": [
"tokenserver",
"d31d9b5f4ec7"
],
"NetworkID": "a50a9cee66e6a65a2bb90a7035bae4d9716ce6858a17d5b22e147dfa8e33d686",
"EndpointID": "405b1beb5e20636bdf0d019b36494fd85ece86cfbb8c2d57283d64cc20e5d760",
"Gateway": "172.28.0.1",
"IPAddress": "172.28.0.4",
"IPPrefixLen": 16,
"IPv6Gateway": "",
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": 0,
"MacAddress": "02:42:ac:1c:00:04",
"DriverOpts": null
},
"shoesoncontainers_frontend": {
"IPAMConfig": null,
"Links": null,
"Aliases": [
"tokenserver",
"d31d9b5f4ec7"
],
"NetworkID": "b7b3e8599cdae7027d0bc871858593f41fa9b938c13f906b4b29f8538f527ca0",
"EndpointID": "e702b29016b383b7d5872f8c55cad0f189d6f58f2631316cf0313f3df30331c0",
"Gateway": "172.29.0.1",
"IPAddress": "172.29.0.3",
"IPPrefixLen": 16,
"IPv6Gateway": "",
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": 0,
"MacAddress": "02:42:ac:1d:00:03",
"DriverOpts": null
}
}
}
I have also created an inbound rule for port 5600 in Windows Defender Firewall with Advanced Security.
Question: How to access Docker container through DockerNAT IP address on Windows 10?
2 answers
solution1
0 2020-01-03 09:41:33
I think you are looking for host.docker.internal . It's a special DNS name which allow you to connect from a container to a service on the host or a container exposed on the host.
The official documentation .
You can fine longer explanations here .
solution2
0 2020-01-03 13:13:17
I am not sure why it does not work as expected, but using the information provided here I was able to figure out how to make it work:
You can try add incoming rule in firewall:
Example:
protocol: any/tcp/udp/... program: any action: allow local port: any remote port: any local address: 10.0.75.1 remote address: 10.0.75.0/24
or you can try use address 10.0.75.2 instead of 10.0.75.1
For me the second solution worked.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.