Expected behavior After installing Docker for Mac installer I would want to see the ip address $ docker-machine ip 192.168.64.8 I would want to install dns server inside docker and use et in my host machine /etc/resolver/test. To do this I would need the ip address of: Docker for Mac to resolve all.test domains into the xhyve virtual machine. When the Docker Desktop application starts, it copies the /.docker/certs.d folder on your Mac to the /etc/docker/certs.d directory on Moby (the Docker Desktop xhyve virtual machine). You need to restart Docker Desktop after making any changes to the keychain or to the /.docker/certs.d directory in order for the changes to take effect.

Once in a while you may need your Docker host's IP address. Here's how to do it on Docker for Mac, Windows and Linux.

In Docker Tip #35 I wrote about connecting to your Docker host from inside of a container but a lot of things have changed since then. Here’s a more updated version.

Docker for Mac / Docker for Windows

As of Docker v18.03+ you can use the host.docker.internal hostname to connect to your Docker host.

This could come in handy if you wanted to connect to a database that’s running on your host but isn’t running inside of a container.

I often see this use case come up when people are beginning to move their stack over into using Docker. If that’s the case you would just use host.docker.internal as your DB connection host.

Docker for Linux

There’s a couple of ways to do this, but the easiest way would be to connect over the IP address listed in your docker0 network adapter.

If you ran ip a on your Docker host you might see something similar to this:

Using the above output as an example, you could connect to your Docker host from inside of a container by using this IP address: 172.17.0.1.

If you expect that IP address might change you could go the extra mile and do something like docker container run -e 'DOCKER_HOST=$(ip -4 addr show docker0 | grep -Po 'inet K[d.]+')' ..., this way every time you run your container, it’ll have the IP address available inside the container set to the DOCKER_HOST environment variable.

Let’s shed some light on a questions that readers often ask me in email or comments.

How do I get the IP address of a Docker container?

tl;dr

This is a tricky point, because the solution itself is short and simple, but in real life you don’t use the IP address of a Docker container unless you want to test or try something on an exceptional basis.

For the above reason, I think it’s useful to read the whole post, but in case you don’t have the time, here you have the one-liner to solve the issue.

With a specific example to check the IP of a container called boring_noyce on the default bridge network the command looks like this:

Let’s come back to the main point now; why and when you might want to use the IP address of a Docker container?

Why would you need the IP address of a Docker container?

When you work with Docker in real projects, you may work on various levels, namely:

  • the container level
  • with Docker Compose or
  • Swarm or another orchestrator

The idea behind containerization is that your containers are meant to be ephemeral by design. What does this mean?

The meaning of empheral is something short-lived, the Docker documentation explains it like this:

“By “ephemeral”, we mean that the container can be stopped and destroyed, then rebuilt and replaced with an absolute minimum set up and configuration.”

You can read about this in the Docker docs or in my in my Dockerfile best practices tutorial.

The real meaning of this is that your containers are just temporary workers that can be destroyed and recreated as you need them.

The mechanism to construct a complex application with containers that you can throw away and replace any time is built into Docker. You use user defined networks, Compose and Swarm configuration to drive your application stack.

Docker for mac machine ipad

On the abstract orchestration levels of Compose and Swarm, you don’t work with IP addresses directly. You rather work with your definition of the desired state of your entire stack.

This is why I said in the beginning that you are supposed to work with IP adrersses directly on an exceptional basis only; like tracking down a bug or testing out something new while you are building your configuration.

It’s important that you build your production system with the Compose file to be used with Compose or Swarm, or deployment descriptors for other orhestrators like Kubernetes rather than relying on container IPs.

Having said all this, let’s see how to get the IP address of a Docker container.

Understand your networks

The IP address of a container only makes sense in the context of the network your container is connected to.

Docker For Mac Machine Ip Addresses

When you start out with Docker, you probably use one of the default networks of Docker. These are the default networks:

These networks are created by the Docker engine when it starts up on the host machine.

The meaning of these networks is the following:

  • The bridge network is the default network; if you create a new container, it will be connected to the bridge network by default. The bridge network provides isolation from your host machine, thus your containers are isolated from the host network. The containers can refer each other by IP address on the bridge network. (They cannot however refer each other by container name.)
  • If you connect a container to the host network, then your container will share your host machine’s network. This is benefitial if you containerise a legacy system that is heavily dependent on the host IP. The host network configuration only works as expected on Linux systems, beacuase Docker uses a virtual machine under the hood on Mac and Windows, thus the host network in these cases refers to the VM rather than the real host itself. (I have not used a host network on a Windows machine with a Windows based container, so I cannot comment on that scenario.)
  • If you connect your container to the none network, this means that your contaienr is not connected to any network.

In order to create a good design for your application, you usually create user defined networks. You use these networks to isolate parts of your application architecture and you define contianers that serve as gateways between these networks. This implies that some of your containers are connected to one user defined network, while other containers are connected to two networks, or even more depending on your design.

Docker For Mac Machine Ip

Docker For Mac Machine Ipad

Docker For Mac Machine Ip

So it’s important to understand the network context of your application before going after the IP address.

You use the docker network commands or the Compose file to define your networks. Please refer to the Compose tutorial, the Swarm tutorial for more details, or get the book for an in-depth learning experience.

Please note that Swarm mode adds further networks to the list. If you create a service in Swarm mode, requests are routed to the right node and right container by the default overlay network. You can, of course create user defined overlay networks.

Get the IP address of your containers

Let’s create a few containers to experiment with. I created 3 Nginx containers running the below commands.

Now these containers are connected to the default bridge network. If you use use docker-compose to start containers from a Compose file, you can use the same methods that I desribe here.

Let’s examine the bridge network now.

As you can see the bridge network (I mean the network called bridge) has three containers connected now. If you want to casually see the IP address of the containers on a network, you can always inpect the network and see the IPs.

You can get the IP address of a single container inspecting the container itself and using GO templates to filter the results with the -f (filter) flag.

This one-liner may look elegant, but I think it’s impractical, because it’s too long and you need to enter the network name (bridge) in the middle manually.

You may think now that the one-liner is better, because you can use it in scripts. Please remember that you are not supposed to do that. If you need the IP address in production scripting, your should probably improve your network design.

Let’s add a user defined network to the picture and see what happens.

Now our container called boring_noyce is connected to mynet, too. Let’s inspect the container’s network settings.

We can try again to find out the IP address of this container on the various networks.

The main point I’m trying to make with this post is to learn the art of architecture design and spend time on your networks definition rather than hacking with IPs. Nevertheless you have the tools here to find out your container IPs.

Having said this, I think we can get a bit more funky with this command. We can, for example, list the IPs of all containers on the bridge network.

The same command on the user defined network gives only one IP, because only one of the containers is connected.

A note on Swarm mode

If you are in Swarm mode, you work with services directly. You are not supposed to touch containers. If you need to work with a container (on an exceptional basis) to check something, your best option is to ssh into one of the nodes in the Swarm and use docker container ls and the commands I showed you in this post.

Please enable JavaScript to view the comments powered by Disqus.